Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Great Arcade Hits -- Adware / Malware Infection?


  • Please log in to reply
18 replies to this topic

#1 popppableepa

popppableepa

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 26 November 2013 - 01:17 AM

OS:  Win XP SP3

 

Application: Google Chrome [Have not seen occurrences in IE, in a few trials.  Have not tried Firefox, Opera, etc.]

 

Symptoms:  

(1) Pop-up Ad Windows when clicking on link to open new tab;

(2) Pop-up video ads in lower right corner of window when new tab opens;

(3) advertisement links overlaid on plain text in search results (visible as red double underlined text).  

 

All three types of symptoms carry the logo 'Powered by Great Arcade Hits'.

 

I checked the Control Panel, and found a program called Great Arcade Hits, which I uninstalled.  The symptoms persist.  Also did a Full Scan with Ad-Aware, resulting in quarantining several items, but the symptoms persist, so I'll assume they were unrelated.

 

Do I have an infection here?


Edited by popppableepa, 26 November 2013 - 01:21 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:02 AM

Posted 26 November 2013 - 11:56 AM

Hi, looks like a persistent adware

we need to see how it is after these.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#3 popppableepa

popppableepa
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 27 November 2013 - 12:51 AM

Thanks in advance for your help.  OK, here we go.

Contents of Result.txt  produced by MiniToolBox run follows:

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by A & M (administrator) on 27-11-2013 at 00:40:30
Running from "C:\Documents and Settings\A & M\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
 
There are 14594 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : DellSvc96YVW71
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Hybrid
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : home
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Connection-specific DNS Suffix  . : home
 
        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection
 
        Physical Address. . . . . . . . . : 00-13-20-5E-63-50
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.1.5
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.1.1
 
        DHCP Server . . . . . . . . . . . : 192.168.1.1
 
        DNS Servers . . . . . . . . . . . : 192.168.1.1
 
        Lease Obtained. . . . . . . . . . : Tuesday, November 26, 2013 9:42:54 PM
 
        Lease Expires . . . . . . . . . . : Wednesday, November 27, 2013 9:42:54 PM
 
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.1.1
 
Name:    google.com
Addresses:  74.125.226.238, 74.125.226.224, 74.125.226.226, 74.125.226.233
 74.125.226.229, 74.125.226.225, 74.125.226.231, 74.125.226.230, 74.125.226.232
 74.125.226.228, 74.125.226.227
 
 
 
Pinging google.com [173.194.43.33] with 32 bytes of data:
 
 
 
Reply from 173.194.43.33: bytes=32 time=12ms TTL=57
 
Reply from 173.194.43.33: bytes=32 time=13ms TTL=57
 
 
 
Ping statistics for 173.194.43.33:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 12ms, Maximum = 13ms, Average = 12ms
 
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1
 
Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=43ms TTL=52
 
Reply from 98.138.253.109: bytes=32 time=44ms TTL=52
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 43ms, Maximum = 44ms, Average = 43ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=48
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=48
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 20 5e 63 50 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.5  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      169.254.0.0      255.255.0.0      192.168.1.5     192.168.1.5  20
      192.168.1.0    255.255.255.0      192.168.1.5     192.168.1.5  20
      192.168.1.5  255.255.255.255        127.0.0.1       127.0.0.1  20
    192.168.1.255  255.255.255.255      192.168.1.5     192.168.1.5  20
        224.0.0.0        240.0.0.0      192.168.1.5     192.168.1.5  20
  255.255.255.255  255.255.255.255      192.168.1.5     192.168.1.5  1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (11/26/2013 01:31:46 AM) (Source: Chrome) (User: DELLSVC96YVW71)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.57;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\A & M\Local Settings\Application Data\Google\CrashReports\6baed5d6-53f0-4940-9974-5c15d6a39c75.dmp
 
Error: (11/26/2013 01:31:25 AM) (Source: Chrome) (User: DELLSVC96YVW71)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.57;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\A & M\Local Settings\Application Data\Google\CrashReports\4d8fdf37-6f41-4f93-b498-1ea05357555d.dmp
 
Error: (11/22/2013 00:58:39 PM) (Source: Application Error) (User: )
Description: Fault bucket 344264119.
The Wep key exchange did not result in a secure connection setup after 802.1x authentication.  The current setting has been marked as failed and the Wireless connection will be disconnected.
 
Error: (11/22/2013 00:58:34 PM) (Source: Application Error) (User: )
Description: Faulting application dlcqaiox.exe, version 3.238.0.0, faulting module dlcqgf.dll, version 6.0.8063.0, fault address 0x0004a841.
Processing media-specific event for [dlcqaiox.exe!ws!]
 
Error: (11/22/2013 09:49:53 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
 
Error: (11/22/2013 09:49:41 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
 
Error: (11/20/2013 11:35:30 AM) (Source: Chrome) (User: DELLSVC96YVW71)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.57;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\A & M\Local Settings\Application Data\Google\CrashReports\b3a1dd62-a905-4642-938a-e8135345a854.dmp
 
Error: (11/19/2013 11:07:29 AM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 pcdrcui.exe, P2 6.0.6361.48, P3 526eb05c, P4 libasapicsharp, P5 6.0.6361.48, P6 526eaf0d, P7 d6, P8 16, P9 clr20r30, P10 clr20r31.
 
Error: (11/19/2013 01:34:47 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
 
Error: (11/12/2013 01:37:48 AM) (Source: Lavasoft Ad-Aware Service) (User: )
Description: Only one instance of service process is allowed.
 
 
System errors:
=============
Error: (11/26/2013 09:49:23 AM) (Source: System Error) (User: )
Description: Error code 00000050, parameter1 e2bd901c, parameter2 00000000, parameter3 bf852ddb, parameter4 00000001.
 
Error: (11/26/2013 09:44:53 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Lbd
 
Error: (11/26/2013 09:44:53 AM) (Source: Service Control Manager) (User: )
Description: The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: 
%%2
 
Error: (11/25/2013 07:18:28 AM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverNEW-HOST-3NetBT_Tcpip_{947A03CF-E9F2-4C5
 
Error: (11/24/2013 07:21:01 PM) (Source: 0) (User: )
Description: \Device\LanmanDatagramReceiverNEW-HOST-3NetBT_Tcpip_{947A03CF-E9F2-4C5
 
Error: (11/24/2013 04:30:30 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Lbd
 
Error: (11/24/2013 04:30:30 PM) (Source: Service Control Manager) (User: )
Description: The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: 
%%2
 
Error: (11/24/2013 03:31:06 PM) (Source: Service Control Manager) (User: )
Description: The Garmin Core Update Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (11/24/2013 03:25:16 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Lbd
 
Error: (11/24/2013 03:25:16 PM) (Source: Service Control Manager) (User: )
Description: The SupportSoft Sprocket Service (dellsupportcenter) service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (11/26/2013 01:31:46 AM) (Source: Chrome)(User: DELLSVC96YVW71)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.57;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\A & M\Local Settings\Application Data\Google\CrashReports\6baed5d6-53f0-4940-9974-5c15d6a39c75.dmp
 
Error: (11/26/2013 01:31:25 AM) (Source: Chrome)(User: DELLSVC96YVW71)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.57;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\A & M\Local Settings\Application Data\Google\CrashReports\4d8fdf37-6f41-4f93-b498-1ea05357555d.dmp
 
Error: (11/22/2013 00:58:39 PM) (Source: Application Error)(User: )
Description: 344264119
 
Error: (11/22/2013 00:58:34 PM) (Source: Application Error)(User: )
Description: dlcqaiox.exe3.238.0.0dlcqgf.dll6.0.8063.00004a841
 
Error: (11/22/2013 09:49:53 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
 
Error: (11/22/2013 09:49:41 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
 
Error: (11/20/2013 11:35:30 AM) (Source: Chrome)(User: DELLSVC96YVW71)
Description: Chrome has encountered a fatal error.
ver=31.0.1650.57;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\A & M\Local Settings\Application Data\Google\CrashReports\b3a1dd62-a905-4642-938a-e8135345a854.dmp
 
Error: (11/19/2013 11:07:29 AM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3pcdrcui.exe6.0.6361.48526eb05clibasapicsharp6.0.6361.48526eaf0dd616system.applicationexceptionNIL
 
Error: (11/19/2013 01:34:47 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
 
Error: (11/12/2013 01:37:48 AM) (Source: Lavasoft Ad-Aware Service)(User: )
Description: Only one instance of service process is allowed.
 
 
=========================== Installed Programs ============================
 
ABBYY FineReader 6.0 Sprint (Version: 6.00.1735.41615)
Across Lite 2.0 (Version: 2.0)
Ad-Aware Antivirus (Version: 11.0.4555.0)
AdAwareInstaller (Version: 11.0.4555.0)
AdAwareUpdater (Version: 11.0.4555.0)
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.152)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Adobe Shockwave Player 11.5 (Version: 11.5.9.620)
AIM 6
AirPort (Version: 5.5.3.2)
Amazon MP3 Downloader 1.0.18 (Version: 1.0.18)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
AntimalwareEngine (Version: 2.6.0.0)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Uninstaller (Choose which Products to Remove)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ArcSoft PhotoStudio 5.5
Audible Download Manager (Version: 6.6.0.15)
Bank2QIF (Version: 2.1.1.7)
Big Fish Games Sudoku (remove only)
Bonjour (Version: 3.0.0.10)
Bonjour Print Services (Version: 2.0.2.0)
Camera Window DS (Version: 5.3.1)
Camera Window DVC (Version: 5.4.4)
Camera Window DVC (Version: 6.0)
Camera Window MC (Version: 6.0)
Canon Camera Access Library (Version: 8.0.0.21)
Canon Camera Support Core Library (Version: 7.3.0.4)
Canon Camera Window DC_DV 5 for ZoomBrowser EX (Version: 5.4.4)
Canon Camera Window DC_DV 6 for ZoomBrowser EX (Version: 6.0)
Canon Camera Window DSLR 5 for ZoomBrowser EX (Version: 5.3.1)
Canon Camera Window MC 6 for ZoomBrowser EX (Version: 6.0)
Canon IXY 200a, PowerShot S200, IXUS v2 WIA Driver
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.1.0.20)
Canon PhotoRecord (Version: 02.01.00069)
Canon RAW Image Task for ZoomBrowser EX (Version: 2.2)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.13)
Canon ZoomBrowser EX (E) (Version: 5.05.0000)
CIB pdf brewer (Version: 2.6.0044)
ClosetMaid v1.4.1
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Paint Shop Pro X (Version: 10.0)
Corel Photo Album 6 (Version: 6.33)
Coupon Printer for Windows (Version: 4.0)
Coupon Printer for Windows (Version: 5.0.0.1)
COWON Media Center - jetAudio Basic (Version: 7.5.2)
Creative MediaSource
Creative Memories StoryBook Creator (Version: 1.0)
Creative Prodikeys
Critical Update for Windows Media Player 11 (KB959772)
Dell Driver Download Manager (Version: 2.0.0.0)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell PC Fax
Dell Photo AIO Printer 966
Dell Picture Studio v3.0 (Version: 3.0.0)
Dell System Restore (Version: 2.00.0000)
DivX Content Uploader (Version: 1.2.1)
DivX Web Player (Version: 1.3.1)
doPDF 6.1  printer
EarthLink setup files (Version: 2005.1.47.0)
eFax Messenger (Version: 4.4.1.528)
Elevated Installer (Version: 2.3.16.0)
Express Rip
Fast Plans 11.1
File Writer output plugin for WinAMP 2 v1.17© (remove only)
Garmin BaseCamp (Version: 4.2.4)
Garmin Communicator Plugin (Version: 4.1.0)
Garmin Express (Version: 2.3.16.0)
Garmin Express Tray (Version: 2.3.16.0)
Garmin MapSource (Version: 6.16.3)
Garmin POI Loader (Version: 2.7.3)
Garmin USB Drivers (Version: 2.3.1.0)
Garmin WebUpdater (Version: 2.5.6)
Google Chrome (Version: 31.0.1650.57)
Google Earth (Version: 7.1.1.1888)
Google Notebook for Internet Explorer
Google Quick Search Box (Version: 1.2.1151.245)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.165)
Google Updater (Version: 2.4.2432.1652)
GoToAssist Corporate (Version: 10.4.0.896)
HTML Executable HTML Viewer Runtime (Version: 3.2.2.2)
IconSaver
Inspiration 8
Intel® 537EP V9x DF PCI Modem
Intel® Extreme Graphics 2 Driver (Version: 6.14.10.4396)
Intel® PRO Network Adapters and Drivers
Intel® PROSet for Wired Connections (Version: 8.00.5000)
Internet Explorer Default Page (Version: 1.00.03)
iPhone Configuration Utility (Version: 2.1.0.163)
iPhotoDraw 1.7 (Version: 1.7.0.0)
iPod for Windows 2005-03-23 (Version: 3.8.0)
iTunes (Version: 10.7.0.21)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
JavaFX 2.2.3 (Version: 2.2.3)
join.me (Version: 1.9.0.135)
KaraFun 1.16a
KODAK EASYSHARE Gallery Upload ActiveX Control
Learn2 Player (Uninstall Only)
Lexmark IP Setup Utility Uninstaller
Lexmark Software Uninstall
Macromedia Flash Player (Version: 7.0.19.0)
MelodyCan 3.6.5
Memeo Instant Backup (Version: 4.60.0.7955)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Location Finder (Version: 3.0)
Microsoft National Language Support Downlevel APIs
Microsoft Office 2000 Disc 2 (Version: 9.00.2720)
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Text-to-Speech Engine 4.0 (English)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries (Version: 1.0.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319)
MM Railway Screen Saver V3
MobileMe Control Panel (Version: 3.1.5.0)
Modem Event Monitor
Modem Helper (Version: 2.40)
Modem On Hold (Version: 1.12)
Move Networks Player for Internet Explorer
MovieEdit Task (Version: 2.1.0.20)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB954459) (Version: 6.20.1099.0)
MuseScore 1.1 MuseScore score typesetter (Version: 1.1.0)
Musicmatch® Jukebox (Version: 9.00.2028)
My Dell (Version: 3.4.6361.48)
My Way Search Assistant
My Way Search Assistant (Version: 1.0.256)
Norton Bootable Recovery Tool Wizard (Version: 3.5.0.23)
Norton Internet Security (Version: 20.4.0.40)
Opera 12.15 (Version: 12.15.1748)
PhotoStitch (Version: 3.1.13)
Picasa 3 (Version: 3.1)
Pixia
Pixia (Version: 3.3b)
PowerChute Personal Edition 3.0.0.1 (Version: 3.0.0.1)
PowerDVD 5.5
Print to Fax (Version: 1.00)
PrintMusic! 2004
Qualxserve Service Agreement (Version: 1.11.0000)
Quicken 2011 (Version: 20.1.8.6)
QuickTime (Version: 7.74.80.86)
RAW Image Task 2.2 (Version: 2.2)
Retrospect 6.5 (Version: 6.50.0000)
Rosetta Stone 2.1.5.1A (Version: 2.1.5.1)
Safari (Version: 5.34.57.2)
SAMSUNG CDMA Modem Driver Set
Seagate Dashboard (Version: 1.1.0.1554)
Seagate Manager Installer (Version: 2.01.0600)
Skype Click to Call (Version: 6.11.13348)
Skype™ 6.6 (Version: 6.6.106)
Sonic Audio module (Version: 2.0.0.1)
Sonic DLA (Version: 4.98)
Sonic MyDVD LE (Version: 6.1.1)
Sonic RecordNow Copy (Version: 2.0.0.1)
Sonic RecordNow Data (Version: 2.0.0.1)
Sonic Update Manager (Version: 3.0.0)
Sonos Controller (Version: 22.0.64240)
Sony ACID XPress 5.0a (Version: 5.0.152)
Sound Blaster Live! 24-bit
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
SpongeBob Squarepants Screen Saver
Spotify (Version: 0.9.1.57.ge7405149)
Spybot - Search & Destroy (Version: 1.6.0)
SureThing CD Labeler - Stomper Edition 32 bit
Symantec Technical Support Advanced Chat Controls (Version: 3.5.3)
Symantec Technical Support Web Controls (Version: 3.5.3)
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Viewpoint Media Player
Virtual Earth 3D (Beta) (Version: 1.1.703.22001)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ Runtime for Dragon NaturallySpeaking (Version: 10.00.000.038)
WavePad Uninstall
Weather Services
Webcam Zoom 2.0 (Version: 0.0806.1124.04)
WebFldrs XP (Version: 9.50.7523)
Winamp (Version: 5.623 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Winamp Toolbar (Version: 5.1.28.2)
Winamp Toolbar for Firefox (Version: 5.5.1.1)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 7 (Version: 20061027.150806)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinMerge 2.12.4 (Version: 2.12.4)
WinRAR archiver
WinZip (Version:  10.0  (6685))
Yahoo! Browser Services
Yahoo! Central
Yahoo! Install Manager
Yahoo! Internet Mail
Yahoo! Messenger
Yahoo! Messenger Explorer Bar
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 2045.98 MB
Available physical RAM: 885.28 MB
Total Pagefile: 3941.23 MB
Available Pagefile: 2105.38 MB
Total Virtual: 2047.88 MB
Available Virtual: 1963.31 MB
 
========================= Partitions: =====================================
 
2 Drive c: () (Fixed) (Total:70.64 GB) (Free:11.6 GB) NTFS
6 Drive g: (WD 320GB) (Fixed) (Total:298.09 GB) (Free:259.55 GB) NTFS
7 Drive h: (OLYMPUS DVR) (Removable) (Total:0.24 GB) (Free:0.01 GB) FAT
8 Drive i: (GoFlex 2TB) (Fixed) (Total:1863.01 GB) (Free:1728.21 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\DELLSVC96YVW71
 
A & M                    Administrator            boinc_master             
boinc_project            Guest                    HelpAssistant            
J                        Sonos                    SUPPORT_388945a0         
Z                        
 
 
**** End of log ****


#4 popppableepa

popppableepa
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 27 November 2013 - 01:04 AM

Item two: TDSS Killer report:

 

00:59:12.0550 0x08d4  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
01:01:51.0222 0x08d4  ============================================================
01:01:51.0222 0x08d4  Current date / time: 2013/11/27 01:01:51.0222
01:01:51.0222 0x08d4  SystemInfo:
01:01:51.0222 0x08d4  
01:01:51.0222 0x08d4  OS Version: 5.1.2600 ServicePack: 3.0
01:01:51.0222 0x08d4  Product type: Workstation
01:01:51.0222 0x08d4  ComputerName: DELLSVC96YVW71
01:01:51.0222 0x08d4  UserName: A & M
01:01:51.0222 0x08d4  Windows directory: C:\WINDOWS
01:01:51.0222 0x08d4  System windows directory: C:\WINDOWS
01:01:51.0222 0x08d4  Processor architecture: Intel x86
01:01:51.0222 0x08d4  Number of processors: 2
01:01:51.0222 0x08d4  Page size: 0x1000
01:01:51.0222 0x08d4  Boot type: Normal boot
01:01:51.0222 0x08d4  ============================================================
01:01:54.0331 0x08d4  KLMD registered as C:\WINDOWS\system32\drivers\55548594.sys
01:01:54.0738 0x08d4  System UUID: {9191F582-063D-A8DB-A1AF-2B0EA257EAB1}
01:01:56.0128 0x08d4  Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:01:56.0144 0x08d4  Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:01:56.0160 0x08d4  Drive \Device\Harddisk2\DR6 - Size: 0xFA00000 (0.24 Gb), SectorSize: 0x800, Cylinders: 0x7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:01:56.0175 0x08d4  Drive \Device\Harddisk3\DR7 - Size: 0x1D1C1115E00 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
01:01:56.0206 0x08d4  ============================================================
01:01:56.0206 0x08d4  \Device\Harddisk0\DR0:
01:01:56.0206 0x08d4  MBR partitions:
01:01:56.0206 0x08d4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x8D49C86
01:01:56.0206 0x08d4  \Device\Harddisk1\DR1:
01:01:56.0206 0x08d4  MBR partitions:
01:01:56.0206 0x08d4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D682
01:01:56.0206 0x08d4  \Device\Harddisk2\DR6:
01:01:56.0222 0x08d4  MBR partitions:
01:01:56.0222 0x08d4  \Device\Harddisk2\DR6\Partition1: MBR, Type 0x6, StartLBA 0x6B, BlocksNum 0x1F395
01:01:56.0222 0x08d4  \Device\Harddisk3\DR7:
01:01:56.0222 0x08d4  MBR partitions:
01:01:56.0222 0x08d4  \Device\Harddisk3\DR7\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07482
01:01:56.0222 0x08d4  ============================================================
01:01:56.0347 0x08d4  C: <-> \Device\Harddisk0\DR0\Partition1
01:01:56.0628 0x08d4  G: <-> \Device\Harddisk1\DR1\Partition1
01:01:56.0628 0x08d4  I: <-> \Device\Harddisk3\DR7\Partition1
01:01:56.0628 0x08d4  ============================================================
01:01:56.0628 0x08d4  Initialize success
01:01:56.0628 0x08d4  ============================================================
01:02:03.0316 0x17b0  ============================================================
01:02:03.0316 0x17b0  Scan started
01:02:03.0316 0x17b0  Mode: Manual; 
01:02:03.0316 0x17b0  ============================================================
01:02:03.0316 0x17b0  KSN ping started
01:02:17.0566 0x17b0  KSN ping finished: true
01:02:19.0769 0x17b0  ================ Scan system memory ========================
01:02:19.0769 0x17b0  System memory - ok
01:02:19.0769 0x17b0  ================ Scan services =============================
01:02:22.0378 0x17b0  Abiosdsk - ok
01:02:22.0425 0x17b0  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
01:02:22.0503 0x17b0  abp480n5 - ok
01:02:22.0785 0x17b0  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:02:22.0800 0x17b0  ACPI - ok
01:02:22.0831 0x17b0  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
01:02:22.0831 0x17b0  ACPIEC - ok
01:02:22.0925 0x17b0  [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:02:22.0941 0x17b0  AdobeFlashPlayerUpdateSvc - ok
01:02:22.0988 0x17b0  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
01:02:22.0988 0x17b0  adpu160m - ok
01:02:23.0035 0x17b0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
01:02:23.0050 0x17b0  aec - ok
01:02:23.0097 0x17b0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
01:02:23.0128 0x17b0  AFD - ok
01:02:23.0160 0x17b0  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
01:02:23.0160 0x17b0  agp440 - ok
01:02:23.0206 0x17b0  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
01:02:23.0222 0x17b0  agpCPQ - ok
01:02:23.0238 0x17b0  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
01:02:23.0238 0x17b0  Aha154x - ok
01:02:23.0300 0x17b0  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
01:02:23.0300 0x17b0  aic78u2 - ok
01:02:23.0331 0x17b0  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
01:02:23.0331 0x17b0  aic78xx - ok
01:02:23.0363 0x17b0  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
01:02:23.0363 0x17b0  Alerter - ok
01:02:23.0378 0x17b0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
01:02:23.0394 0x17b0  ALG - ok
01:02:23.0425 0x17b0  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
01:02:23.0441 0x17b0  AliIde - ok
01:02:23.0472 0x17b0  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
01:02:23.0472 0x17b0  alim1541 - ok
01:02:23.0519 0x17b0  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
01:02:23.0519 0x17b0  amdagp - ok
01:02:23.0535 0x17b0  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
01:02:23.0535 0x17b0  amsint - ok
01:02:23.0675 0x17b0  [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS         C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
01:02:23.0675 0x17b0  AOL ACS - ok
01:02:23.0753 0x17b0  [ 437A8FD32C54B9B072663127DF6F4A26, 2272213841A3E03396D19BC0D295B5A157928B91370AA66F9F5AD31F38C8A584 ] APC Data Service C:\Program Files\APC\PowerChute Personal Edition\dataserv.exe
01:02:23.0753 0x17b0  APC Data Service - ok
01:02:23.0816 0x17b0  [ 05111648D41351D1F0EBA05C9165B3DA, 793D664B192CB848D0348FE4CE871F8368225BCF6A2EDADE492410E6B521EFBB ] APC UPS Service C:\Program Files\APC\PowerChute Personal Edition\mainserv.exe
01:02:23.0831 0x17b0  APC UPS Service - ok
01:02:23.0894 0x17b0  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:02:23.0894 0x17b0  Apple Mobile Device - ok
01:02:23.0941 0x17b0  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
01:02:23.0941 0x17b0  AppMgmt - ok
01:02:23.0988 0x17b0  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
01:02:23.0988 0x17b0  asc - ok
01:02:24.0003 0x17b0  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
01:02:24.0003 0x17b0  asc3350p - ok
01:02:24.0019 0x17b0  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
01:02:24.0019 0x17b0  asc3550 - ok
01:02:24.0144 0x17b0  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
01:02:24.0222 0x17b0  aspnet_state - ok
01:02:24.0253 0x17b0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:02:24.0253 0x17b0  AsyncMac - ok
01:02:24.0300 0x17b0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
01:02:24.0300 0x17b0  atapi - ok
01:02:24.0316 0x17b0  Atdisk - ok
01:02:24.0347 0x17b0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:02:24.0363 0x17b0  Atmarpc - ok
01:02:24.0378 0x17b0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
01:02:24.0394 0x17b0  AudioSrv - ok
01:02:24.0441 0x17b0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
01:02:24.0441 0x17b0  audstub - ok
01:02:24.0519 0x17b0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
01:02:24.0519 0x17b0  Beep - ok
01:02:24.0800 0x17b0  [ 22C49DE7297AE80F27F2E4A00F3D7C94, 158E14C8E5FE9EB6AD20AD6EADB9048984C41C96D17701B39EC740C8B6AFB96B ] BHDrvx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\BASHDefs\20131114.001\BHDrvx86.sys
01:02:24.0910 0x17b0  BHDrvx86 - ok
01:02:24.0972 0x17b0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
01:02:25.0144 0x17b0  BITS - ok
01:02:25.0222 0x17b0  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:02:25.0222 0x17b0  Bonjour Service - ok
01:02:25.0253 0x17b0  [ 34F2F5B6A6D28B8FB872DFD57C5323AC, 1D49D71A44A8899F6FAB9D790124AE29DF236794E65510DA086D74BD8F205872 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
01:02:25.0269 0x17b0  Brother XP spl Service - ok
01:02:25.0300 0x17b0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
01:02:25.0300 0x17b0  Browser - ok
01:02:25.0316 0x17b0  bvrp_pci - ok
01:02:25.0347 0x17b0  [ 3E44AC015742401A685A4CF5D98EBD3E, C33BFF0D8F1F411E93081EB5D56F5C16E0A2C742081F8E6945BFEA017E9AD7ED ] CamdAudio       C:\WINDOWS\system32\drivers\CamdAudio.sys
01:02:25.0363 0x17b0  CamdAudio - ok
01:02:25.0394 0x17b0  [ F719ED6223B50E2D115821572339F0B8, 47D235C2DFCF75428BDF1ABC3F4CFFF1DB4762F1CB3CDC129E58611685D1239C ] CamdVideo       C:\WINDOWS\system32\DRIVERS\CamdVideo.sys
01:02:25.0394 0x17b0  CamdVideo - ok
01:02:25.0441 0x17b0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
01:02:25.0441 0x17b0  cbidf - ok
01:02:25.0456 0x17b0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
01:02:25.0456 0x17b0  cbidf2k - ok
01:02:25.0535 0x17b0  [ A9ACC4B9730B6D5B0BB2BFFDC53F0812, 4823608742EE23B9B090B9BD42F758CE6DBDA4985865AAEB1D3660763A154636 ] CCALib8         C:\Program Files\Canon\CAL\CALMAIN.exe
01:02:25.0535 0x17b0  CCALib8 - ok
01:02:25.0566 0x17b0  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
01:02:25.0566 0x17b0  CCDECODE - ok
01:02:25.0675 0x17b0  [ 3BEE52611F22C9C0023A98A4425E084F, 974FD5D89C8E06DC0C7E7ADB73E060CFCCA4910E69691F2BC9585B0ED1DCEFC2 ] ccSet_NIS       C:\WINDOWS\system32\drivers\NIS\1404000.028\ccSetx86.sys
01:02:25.0691 0x17b0  ccSet_NIS - ok
01:02:25.0738 0x17b0  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
01:02:25.0738 0x17b0  cd20xrnt - ok
01:02:25.0785 0x17b0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
01:02:25.0785 0x17b0  Cdaudio - ok
01:02:25.0816 0x17b0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
01:02:25.0831 0x17b0  Cdfs - ok
01:02:25.0863 0x17b0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:02:25.0863 0x17b0  Cdrom - ok
01:02:25.0878 0x17b0  Changer - ok
01:02:25.0910 0x17b0  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
01:02:25.0910 0x17b0  CiSvc - ok
01:02:25.0956 0x17b0  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
01:02:25.0956 0x17b0  ClipSrv - ok
01:02:26.0019 0x17b0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:02:26.0175 0x17b0  clr_optimization_v2.0.50727_32 - ok
01:02:26.0253 0x17b0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:02:26.0269 0x17b0  clr_optimization_v4.0.30319_32 - ok
01:02:26.0316 0x17b0  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
01:02:26.0316 0x17b0  CmdIde - ok
01:02:26.0347 0x17b0  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
01:02:26.0347 0x17b0  Compbatt - ok
01:02:26.0363 0x17b0  COMSysApp - ok
01:02:26.0410 0x17b0  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
01:02:26.0410 0x17b0  Cpqarray - ok
01:02:26.0456 0x17b0  [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
01:02:26.0456 0x17b0  Creative Service for CDROM Access - ok
01:02:26.0519 0x17b0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
01:02:26.0519 0x17b0  CryptSvc - ok
01:02:26.0550 0x17b0  [ 8DB84DE3AAB34A8B4C2F644EFF41CD76, 02154E064651269EEF51BA6D68285A05E1552D3FFDCA97ED810EAEB26EAF4573 ] ctsfm2k         C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
01:02:26.0581 0x17b0  ctsfm2k - ok
01:02:26.0660 0x17b0  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
01:02:26.0691 0x17b0  dac2w2k - ok
01:02:26.0738 0x17b0  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
01:02:26.0753 0x17b0  dac960nt - ok
01:02:26.0831 0x17b0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
01:02:26.0878 0x17b0  DcomLaunch - ok
01:02:26.0941 0x17b0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
01:02:26.0956 0x17b0  Dhcp - ok
01:02:27.0019 0x17b0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
01:02:27.0035 0x17b0  Disk - ok
01:02:27.0066 0x17b0  dlcq_device - ok
01:02:27.0097 0x17b0  dmadmin - ok
01:02:27.0238 0x17b0  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
01:02:27.0316 0x17b0  dmboot - ok
01:02:27.0394 0x17b0  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
01:02:27.0410 0x17b0  dmio - ok
01:02:27.0441 0x17b0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
01:02:27.0441 0x17b0  dmload - ok
01:02:27.0503 0x17b0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
01:02:27.0519 0x17b0  dmserver - ok
01:02:27.0550 0x17b0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
01:02:27.0566 0x17b0  DMusic - ok
01:02:27.0597 0x17b0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
01:02:27.0597 0x17b0  Dnscache - ok
01:02:27.0644 0x17b0  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
01:02:27.0660 0x17b0  Dot3svc - ok
01:02:27.0691 0x17b0  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
01:02:27.0706 0x17b0  dpti2o - ok
01:02:27.0738 0x17b0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
01:02:27.0738 0x17b0  drmkaud - ok
01:02:27.0753 0x17b0  [ 96BC8F872F0270C10EDC3931F1C03776, B2F835ED8E029F3F5DCE9C5F95C7DCBD3CAB4EC6006794E6D14DB0D71F22EA05 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
01:02:27.0769 0x17b0  drvmcdb - ok
01:02:27.0785 0x17b0  [ 5AFBEC7A6AC61B211633DFDB1D9E0C89, 0259139695FC681A8E70178A58BD7833168B6C83BB3DD650F566A445AA528C2E ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
01:02:27.0785 0x17b0  drvnddm - ok
01:02:27.0847 0x17b0  [ 7D91DC6342248369F94D6EBA0CF42E99, 3A0B94862AF1E085F1FD9B8B96FC1F7BD6FF00342AC04D697AB65BC686F7BC2F ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
01:02:27.0847 0x17b0  E100B - ok
01:02:27.0894 0x17b0  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
01:02:27.0894 0x17b0  EapHost - ok
01:02:27.0988 0x17b0  [ 08EE8892FD19A6A951F40254E97F6EF3, 76F19B49DDC7B1CD7839BF0DF6A417F2DD756C924931F39291BC1D25A3C6077D ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
01:02:28.0019 0x17b0  eeCtrl - ok
01:02:28.0081 0x17b0  [ 050D136C61DBCF36C257206ADBBEC009, 0FD13A4B43534ABF84B637F0749AED30CAF8EB2A50C0ABE70B76608AEE925A30 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
01:02:28.0081 0x17b0  EraserUtilRebootDrv - ok
01:02:28.0113 0x17b0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
01:02:28.0128 0x17b0  ERSvc - ok
01:02:28.0175 0x17b0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
01:02:28.0191 0x17b0  Eventlog - ok
01:02:28.0238 0x17b0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
01:02:28.0253 0x17b0  EventSystem - ok
01:02:28.0300 0x17b0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
01:02:28.0300 0x17b0  Fastfat - ok
01:02:28.0347 0x17b0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:02:28.0378 0x17b0  FastUserSwitchingCompatibility - ok
01:02:28.0441 0x17b0  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
01:02:28.0441 0x17b0  Fax - ok
01:02:28.0472 0x17b0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
01:02:28.0503 0x17b0  Fdc - ok
01:02:28.0550 0x17b0  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
01:02:28.0550 0x17b0  Fips - ok
01:02:28.0581 0x17b0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
01:02:28.0581 0x17b0  Flpydisk - ok
01:02:28.0628 0x17b0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
01:02:28.0628 0x17b0  FltMgr - ok
01:02:28.0706 0x17b0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:02:28.0722 0x17b0  FontCache3.0.0.0 - ok
01:02:28.0831 0x17b0  [ 9513B437B7ADB1E6065B7F0D83D11ECF, 3CC583C10D177635AD7BBB308AD90232651244EC66D8E93258316C35956C3D50 ] FreeAgentGoNext Service C:\Program Files\Seagate\SeagateManager\Sync\FreeAgentService.exe
01:02:28.0831 0x17b0  FreeAgentGoNext Service - ok
01:02:28.0863 0x17b0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:02:28.0863 0x17b0  Fs_Rec - ok
01:02:28.0925 0x17b0  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:02:28.0925 0x17b0  Ftdisk - ok
01:02:29.0035 0x17b0  [ 876D29312C0A297EEE28F3DA30A994E8, 09FD1AA8BA3BD8222CAB1FB915EF673D7A1C1604B0D7E78AB5F3A965D9D94886 ] Garmin Core Update Service C:\Program Files\Garmin\Garmin Express\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
01:02:29.0050 0x17b0  Garmin Core Update Service - ok
01:02:29.0113 0x17b0  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
01:02:29.0113 0x17b0  GEARAspiWDM - ok
01:02:29.0175 0x17b0  [ C6B9F48D46C13389EA2AF2065AE66612, BFB2CFF1B9BFE55E027F01C3714DF9BF8E0C5CFD0EF0BF6B8DA029D98C1288D7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\896\g2aservice.exe
01:02:29.0175 0x17b0  GoToAssist - ok
01:02:29.0222 0x17b0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:02:29.0222 0x17b0  Gpc - ok
01:02:29.0300 0x17b0  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
01:02:29.0300 0x17b0  gupdate - ok
01:02:29.0331 0x17b0  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
01:02:29.0331 0x17b0  gupdatem - ok
01:02:29.0378 0x17b0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
01:02:29.0394 0x17b0  gusvc - ok
01:02:29.0456 0x17b0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:02:29.0456 0x17b0  helpsvc - ok
01:02:29.0519 0x17b0  [ 748031FF4FE45CCC47546294905FEAB8, 451E5988529997C60CC4A43B71D35BDA8596D799E86A44218B32CBEC8F8BBF27 ] HidBatt         C:\WINDOWS\system32\DRIVERS\HidBatt.sys
01:02:29.0519 0x17b0  HidBatt - ok
01:02:29.0550 0x17b0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
01:02:29.0550 0x17b0  HidServ - ok
01:02:29.0581 0x17b0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:02:29.0581 0x17b0  HidUsb - ok
01:02:29.0628 0x17b0  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
01:02:29.0628 0x17b0  hkmsvc - ok
01:02:29.0660 0x17b0  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
01:02:29.0660 0x17b0  hpn - ok
01:02:29.0706 0x17b0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
01:02:29.0722 0x17b0  HTTP - ok
01:02:29.0769 0x17b0  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
01:02:29.0769 0x17b0  HTTPFilter - ok
01:02:29.0800 0x17b0  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
01:02:29.0800 0x17b0  i2omgmt - ok
01:02:29.0831 0x17b0  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
01:02:29.0831 0x17b0  i2omp - ok
01:02:29.0863 0x17b0  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:02:29.0863 0x17b0  i8042prt - ok
01:02:29.0972 0x17b0  [ 9A883C3C4D91292C0D09DE7C728E781C, 34DD9E781C42FF55BF83F62DFE7B0F4FE3CAEF19B517245BA004C2C641493A98 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
01:02:30.0097 0x17b0  ialm - ok
01:02:30.0222 0x17b0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
01:02:30.0238 0x17b0  IDriverT - ok
01:02:30.0378 0x17b0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:02:30.0456 0x17b0  idsvc - ok
01:02:30.0597 0x17b0  [ 5260C0F8FC9A3932EF8776262076ECA8, D67A494989B321AB56C837C05EE8C27F7114D64169DB811193134D77288E7B89 ] IDSxpx86        C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\IPSDefs\20131126.001\IDSxpx86.sys
01:02:30.0597 0x17b0  IDSxpx86 - ok
01:02:30.0660 0x17b0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
01:02:30.0675 0x17b0  Imapi - ok
01:02:30.0706 0x17b0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
01:02:30.0722 0x17b0  ImapiService - ok
01:02:30.0753 0x17b0  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
01:02:30.0753 0x17b0  ini910u - ok
01:02:30.0878 0x17b0  [ 7509C548400F4C9E0211E3F6E66ABBE6, 10884F759DE3EE38F93EF74202B0DBDA3CC5D5E7532E361DC33385D4CC18B659 ] IntelC51        C:\WINDOWS\system32\DRIVERS\IntelC51.sys
01:02:30.0956 0x17b0  IntelC51 - ok
01:02:31.0066 0x17b0  [ 9584FFDD41D37F2C239681D0DAC2513E, AB48DA5AA95C2D1F6C06EEF6635CC7DBCA64F90A5219E0A1501D46D5CD2944FA ] IntelC52        C:\WINDOWS\system32\DRIVERS\IntelC52.sys
01:02:31.0128 0x17b0  IntelC52 - ok
01:02:31.0175 0x17b0  [ CF0B937710CEC6EF39416EDECD803CBB, 45929596C8E8D47809065F3B690E26E93B66206390447292801CF2985C05289D ] IntelC53        C:\WINDOWS\system32\DRIVERS\IntelC53.sys
01:02:31.0175 0x17b0  IntelC53 - ok
01:02:31.0191 0x17b0  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
01:02:31.0191 0x17b0  IntelIde - ok
01:02:31.0238 0x17b0  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:02:31.0238 0x17b0  intelppm - ok
01:02:31.0285 0x17b0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
01:02:31.0285 0x17b0  Ip6Fw - ok
01:02:31.0316 0x17b0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:02:31.0316 0x17b0  IpFilterDriver - ok
01:02:31.0378 0x17b0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:02:31.0378 0x17b0  IpInIp - ok
01:02:31.0410 0x17b0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:02:31.0425 0x17b0  IpNat - ok
01:02:31.0613 0x17b0  [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
01:02:31.0613 0x17b0  iPod Service - ok
01:02:31.0660 0x17b0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:02:31.0660 0x17b0  IPSec - ok
01:02:31.0706 0x17b0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
01:02:31.0706 0x17b0  IRENUM - ok
01:02:31.0753 0x17b0  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:02:31.0753 0x17b0  isapnp - ok
01:02:31.0831 0x17b0  [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
01:02:31.0831 0x17b0  JavaQuickStarterService - ok
01:02:31.0863 0x17b0  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:02:31.0863 0x17b0  Kbdclass - ok
01:02:31.0894 0x17b0  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:02:31.0910 0x17b0  kbdhid - ok
01:02:31.0941 0x17b0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
01:02:31.0972 0x17b0  kmixer - ok
01:02:32.0003 0x17b0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
01:02:32.0019 0x17b0  KSecDD - ok
01:02:32.0050 0x17b0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
01:02:32.0066 0x17b0  lanmanserver - ok
01:02:32.0113 0x17b0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:02:32.0128 0x17b0  lanmanworkstation - ok
01:02:32.0144 0x17b0  Lavasoft Kernexplorer - ok
01:02:32.0238 0x17b0  [ 69A841BCBCCC2D5F2A18A3A9DD4BD7B4, 6C65500BA878DBA5D76D13EBEC7192D0CEC9CD4FD5C492A1F7BF017083B4B680 ] LavasoftAdAwareService11 C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe
01:02:32.0253 0x17b0  LavasoftAdAwareService11 - ok
01:02:32.0269 0x17b0  Lbd - ok
01:02:32.0285 0x17b0  lbrtfdc - ok
01:02:32.0316 0x17b0  lmab_device - ok
01:02:32.0347 0x17b0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
01:02:32.0347 0x17b0  LmHosts - ok
01:02:32.0410 0x17b0  [ DDF15A42E27E8EFE27B18FD403151A86, D6FAA6B1C70065DFCF53DF0509119233ADAE4B1C8B5ACAAEBC62A3D546EB7423 ] MatSvc          C:\Program Files\Microsoft Fix it Center\Matsvc.exe
01:02:32.0410 0x17b0  MatSvc - ok
01:02:32.0503 0x17b0  [ B3024618F99FE141172BB15205B3E8D7, 5970081ED0B83AE3CC4CBACDBCA92DBF7A79DAD3B7A677680BA335129535C8E7 ] MemeoBackgroundService C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
01:02:32.0503 0x17b0  MemeoBackgroundService - ok
01:02:32.0550 0x17b0  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
01:02:32.0550 0x17b0  Messenger - ok
01:02:32.0597 0x17b0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
01:02:32.0597 0x17b0  mnmdd - ok
01:02:32.0644 0x17b0  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
01:02:32.0644 0x17b0  mnmsrvc - ok
01:02:32.0691 0x17b0  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
01:02:32.0691 0x17b0  Modem - ok
01:02:32.0800 0x17b0  [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
01:02:32.0800 0x17b0  MODEMCSA - ok
01:02:32.0831 0x17b0  [ 59B8B11FF70728EEC60E72131C58B716, EB001E1FC17D57AE2A9D4CC7B6C45DC5C6869D3602C1B86F5D4940B11AAECA0A ] mohfilt         C:\WINDOWS\system32\DRIVERS\mohfilt.sys
01:02:32.0831 0x17b0  mohfilt - ok
01:02:32.0863 0x17b0  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:02:32.0863 0x17b0  Mouclass - ok
01:02:32.0894 0x17b0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:02:32.0894 0x17b0  mouhid - ok
01:02:32.0925 0x17b0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
01:02:32.0941 0x17b0  MountMgr - ok
01:02:32.0972 0x17b0  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
01:02:32.0972 0x17b0  mraid35x - ok
01:02:33.0019 0x17b0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:02:33.0050 0x17b0  MRxDAV - ok
01:02:33.0128 0x17b0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:02:33.0160 0x17b0  MRxSmb - ok
01:02:33.0191 0x17b0  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
01:02:33.0206 0x17b0  MSDTC - ok
01:02:33.0253 0x17b0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
01:02:33.0253 0x17b0  Msfs - ok
01:02:33.0269 0x17b0  MSIServer - ok
01:02:33.0300 0x17b0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:02:33.0300 0x17b0  MSKSSRV - ok
01:02:33.0347 0x17b0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:02:33.0347 0x17b0  MSPCLOCK - ok
01:02:33.0378 0x17b0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
01:02:33.0378 0x17b0  MSPQM - ok
01:02:33.0410 0x17b0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:02:33.0410 0x17b0  mssmbios - ok
01:02:33.0441 0x17b0  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
01:02:33.0441 0x17b0  MSTEE - ok
01:02:33.0519 0x17b0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
01:02:33.0519 0x17b0  Mup - ok
01:02:33.0566 0x17b0  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
01:02:33.0566 0x17b0  NABTSFEC - ok
01:02:33.0644 0x17b0  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
01:02:33.0675 0x17b0  napagent - ok
01:02:33.0785 0x17b0  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131126.016\NAVENG.SYS
01:02:33.0785 0x17b0  NAVENG - ok
01:02:33.0956 0x17b0  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.0.36\Definitions\VirusDefs\20131126.016\NAVEX15.SYS
01:02:34.0003 0x17b0  NAVEX15 - ok
01:02:34.0050 0x17b0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
01:02:34.0066 0x17b0  NDIS - ok
01:02:34.0097 0x17b0  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
01:02:34.0097 0x17b0  NdisIP - ok
01:02:34.0144 0x17b0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:02:34.0144 0x17b0  NdisTapi - ok
01:02:34.0175 0x17b0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:02:34.0175 0x17b0  Ndisuio - ok
01:02:34.0222 0x17b0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:02:34.0222 0x17b0  NdisWan - ok
01:02:34.0269 0x17b0  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
01:02:34.0269 0x17b0  NDProxy - ok
01:02:34.0300 0x17b0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
01:02:34.0300 0x17b0  NetBIOS - ok
01:02:34.0331 0x17b0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
01:02:34.0363 0x17b0  NetBT - ok
01:02:34.0394 0x17b0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
01:02:34.0410 0x17b0  NetDDE - ok
01:02:34.0425 0x17b0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
01:02:34.0425 0x17b0  NetDDEdsdm - ok
01:02:34.0456 0x17b0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
01:02:34.0456 0x17b0  Netlogon - ok
01:02:34.0519 0x17b0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
01:02:34.0535 0x17b0  Netman - ok
01:02:34.0660 0x17b0  [ 02D0798F376FCBD0210EDA58476D0B1B, 7658BFBF216FC92C27A60D7E6FF105E89AF2C125519174F27AC73D2E9F397E4C ] NetSvc          C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
01:02:34.0675 0x17b0  NetSvc - ok
01:02:34.0753 0x17b0  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
01:02:34.0769 0x17b0  NetTcpPortSharing - ok
01:02:34.0847 0x17b0  [ 1BF9D6476061B31CD7FC2BF848529A56, 95B585543240E823D7850ADEEEA7A4738EF9E18A4B07D921F145F6EF466F0271 ] NIS             C:\Program Files\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
01:02:34.0863 0x17b0  NIS - ok
01:02:34.0894 0x17b0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
01:02:34.0925 0x17b0  Nla - ok
01:02:34.0956 0x17b0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
01:02:34.0956 0x17b0  Npfs - ok
01:02:35.0003 0x17b0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
01:02:35.0050 0x17b0  Ntfs - ok
01:02:35.0081 0x17b0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
01:02:35.0081 0x17b0  NtLmSsp - ok
01:02:35.0144 0x17b0  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
01:02:35.0175 0x17b0  NtmsSvc - ok
01:02:35.0222 0x17b0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
01:02:35.0222 0x17b0  Null - ok
01:02:35.0363 0x17b0  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
01:02:35.0831 0x17b0  nv - ok
01:02:35.0863 0x17b0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:02:35.0878 0x17b0  NwlnkFlt - ok
01:02:35.0894 0x17b0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:02:35.0910 0x17b0  NwlnkFwd - ok
01:02:35.0941 0x17b0  [ 103A9B117A7D9903111955CDAFE65AC6, 06060CA6036F757ABB6C9CFD8376D70996E80ACC7896896DD426AEA0786E2B15 ] ossrv           C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
01:02:35.0956 0x17b0  ossrv - ok
01:02:36.0050 0x17b0  [ DF886FFED69AEAD0CF608B89B18C3F6F, 1FF0557AB2105584A78F600F5CFEB39F91BC8BB74D69608EE42472D2DD907D4B ] P17             C:\WINDOWS\system32\drivers\P17.sys
01:02:36.0144 0x17b0  P17 - ok
01:02:36.0191 0x17b0  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
01:02:36.0191 0x17b0  Parport - ok
01:02:36.0222 0x17b0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
01:02:36.0222 0x17b0  PartMgr - ok
01:02:36.0269 0x17b0  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
01:02:36.0269 0x17b0  ParVdm - ok
01:02:36.0300 0x17b0  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
01:02:36.0738 0x17b0  PCI - ok
01:02:36.0738 0x17b0  PCIDump - ok
01:02:36.0800 0x17b0  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
01:02:36.0800 0x17b0  PCIIde - ok
01:02:36.0831 0x17b0  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
01:02:36.0847 0x17b0  Pcmcia - ok
01:02:36.0863 0x17b0  PDCOMP - ok
01:02:36.0878 0x17b0  PDFRAME - ok
01:02:36.0878 0x17b0  PDRELI - ok
01:02:36.0894 0x17b0  PDRFRAME - ok
01:02:36.0941 0x17b0  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
01:02:36.0941 0x17b0  perc2 - ok
01:02:36.0956 0x17b0  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
01:02:36.0956 0x17b0  perc2hib - ok
01:02:37.0019 0x17b0  [ D9ED17AC15720096A9F92FF4EA587B09, 9E57ABBEB07B0DD0D4CF51D2600CE7BC94B604D1878D3AA02022D51B5ACA5531 ] PfModNT         C:\WINDOWS\system32\drivers\PfModNT.sys
01:02:37.0019 0x17b0  PfModNT - ok
01:02:37.0050 0x17b0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
01:02:37.0066 0x17b0  PlugPlay - ok
01:02:37.0081 0x17b0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
01:02:37.0081 0x17b0  PolicyAgent - ok
01:02:37.0113 0x17b0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:02:37.0113 0x17b0  PptpMiniport - ok
01:02:37.0144 0x17b0  [ 73279EEE81B342B57976374B528EF501, 61449CDBA093F663816E08F74015EAA412E8AA826C579D0E03658C91DBECAC14 ] Prodface        C:\WINDOWS\System32\drivers\Prodface.sys
01:02:37.0144 0x17b0  Prodface - ok
01:02:37.0175 0x17b0  [ BCB2F4A7DB22132B0DE087AB5BBD6BDC, 6431247E15A73C920AA510033A642B7FDD73CAB611BE64BD295349362DB324F4 ] Prodikeys       C:\WINDOWS\system32\DRIVERS\Proddrvr.sys
01:02:37.0175 0x17b0  Prodikeys - ok
01:02:37.0191 0x17b0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:02:37.0191 0x17b0  ProtectedStorage - ok
01:02:37.0238 0x17b0  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
01:02:37.0238 0x17b0  PSched - ok
01:02:37.0300 0x17b0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:02:37.0300 0x17b0  Ptilink - ok
01:02:37.0331 0x17b0  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
01:02:37.0331 0x17b0  PxHelp20 - ok
01:02:37.0378 0x17b0  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
01:02:37.0378 0x17b0  ql1080 - ok
01:02:37.0394 0x17b0  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
01:02:37.0410 0x17b0  Ql10wnt - ok
01:02:37.0425 0x17b0  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
01:02:37.0425 0x17b0  ql12160 - ok
01:02:37.0441 0x17b0  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
01:02:37.0456 0x17b0  ql1240 - ok
01:02:37.0472 0x17b0  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
01:02:37.0488 0x17b0  ql1280 - ok
01:02:37.0535 0x17b0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:02:37.0535 0x17b0  RasAcd - ok
01:02:37.0581 0x17b0  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
01:02:37.0581 0x17b0  RasAuto - ok
01:02:37.0660 0x17b0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:02:37.0660 0x17b0  Rasl2tp - ok
01:02:37.0706 0x17b0  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
01:02:37.0722 0x17b0  RasMan - ok
01:02:37.0769 0x17b0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:02:37.0769 0x17b0  RasPppoe - ok
01:02:37.0800 0x17b0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
01:02:37.0800 0x17b0  Raspti - ok
01:02:37.0831 0x17b0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:02:37.0847 0x17b0  Rdbss - ok
01:02:37.0878 0x17b0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:02:37.0878 0x17b0  RDPCDD - ok
01:02:37.0925 0x17b0  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:02:37.0941 0x17b0  rdpdr - ok
01:02:37.0988 0x17b0  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
01:02:38.0003 0x17b0  RDPWD - ok
01:02:38.0050 0x17b0  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
01:02:38.0066 0x17b0  RDSessMgr - ok
01:02:38.0097 0x17b0  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
01:02:38.0113 0x17b0  redbook - ok
01:02:38.0144 0x17b0  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
01:02:38.0160 0x17b0  RemoteAccess - ok
01:02:38.0191 0x17b0  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
01:02:38.0206 0x17b0  RemoteRegistry - ok
01:02:38.0535 0x17b0  [ 6FB9B33D20A2AAC7C89884246A0E25FB, F7E0F718D0DFE25BDFF24EEF70C401BA2EA96133A750A29D721EE215DF044548 ] RetroLauncher   C:\Program Files\Dantz\Retrospect\retrorun.exe
01:02:38.0535 0x17b0  RetroLauncher - ok
01:02:38.0581 0x17b0  [ 5B767DF028DC39D4246F09F5628D7FDD, DB90EC66DF438505E0259F361EB8AC12FF7D8FDF6C0A134C8AF7B60E974ADC8A ] Retrospect Helper C:\Program Files\Dantz\Retrospect\rthlpsvc.exe
01:02:38.0613 0x17b0  Retrospect Helper - ok
01:02:38.0644 0x17b0  [ 6F5386267113FE4E0F87A882DE48C577, BCDD4CF433AFEB3408F5BB08AB636F8379B64BE1043515D9A597B6053A438197 ] RetroWDSvc      C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe
01:02:38.0660 0x17b0  RetroWDSvc - ok
01:02:38.0691 0x17b0  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
01:02:38.0691 0x17b0  RpcLocator - ok
01:02:38.0753 0x17b0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
01:02:38.0769 0x17b0  RpcSs - ok
01:02:38.0816 0x17b0  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
01:02:38.0816 0x17b0  RSVP - ok
01:02:38.0863 0x17b0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
01:02:38.0863 0x17b0  SamSs - ok
01:02:38.0894 0x17b0  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
01:02:38.0910 0x17b0  SCardSvr - ok
01:02:38.0972 0x17b0  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
01:02:38.0988 0x17b0  Schedule - ok
01:02:39.0128 0x17b0  [ AC11FA2FD932460D41B7C4DC90CA885D, 4C530FD3D43492F1CFEB33616187994CBB85BD67D3AAB1FDF98EBDF932AC13B4 ] SeagateDashboardService C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
01:02:39.0128 0x17b0  SeagateDashboardService - ok
01:02:39.0191 0x17b0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:02:39.0191 0x17b0  Secdrv - ok
01:02:39.0269 0x17b0  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
01:02:39.0300 0x17b0  seclogon - ok
01:02:39.0331 0x17b0  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
01:02:39.0347 0x17b0  SENS - ok
01:02:39.0378 0x17b0  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
01:02:39.0378 0x17b0  serenum - ok
01:02:39.0410 0x17b0  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
01:02:39.0410 0x17b0  Serial - ok
01:02:39.0472 0x17b0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
01:02:39.0503 0x17b0  Sfloppy - ok
01:02:39.0566 0x17b0  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
01:02:39.0581 0x17b0  SharedAccess - ok
01:02:39.0628 0x17b0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:02:39.0628 0x17b0  ShellHWDetection - ok
01:02:39.0644 0x17b0  Simbad - ok
01:02:39.0675 0x17b0  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
01:02:39.0691 0x17b0  sisagp - ok
01:02:39.0956 0x17b0  [ D0776778A9FC5E37F2E9EB21FC8A9709, 37FA45B666DE664FDA378AA755F2FC9E1DF4674651EEE451253D99C04488CCD9 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
01:02:40.0128 0x17b0  Skype C2C Service - ok
01:02:40.0206 0x17b0  [ 3E587DBBDFF938DDE5D4CE4047BE9041, CA13B2C50FB09365362077AEC4B25120CF09F8C35702F645922D618FE57B5E05 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
01:02:40.0206 0x17b0  SkypeUpdate - ok
01:02:40.0253 0x17b0  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
01:02:40.0253 0x17b0  SLIP - ok
01:02:40.0316 0x17b0  [ BBE1769FECCF844C4ACFD86929B61F6E, 6D535CDC7581D9D732BB9D0CF9BFF165E796E28EE12FE9D4F319EEE9BC1BEF82 ] SoundMovieServer C:\WINDOWS\system32\snmvtsvc.exe
01:02:40.0316 0x17b0  SoundMovieServer - ok
01:02:40.0347 0x17b0  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
01:02:40.0347 0x17b0  Sparrow - ok
01:02:40.0363 0x17b0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
01:02:40.0363 0x17b0  splitter - ok
01:02:40.0410 0x17b0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
01:02:40.0410 0x17b0  Spooler - ok
01:02:40.0425 0x17b0  sprtsvc_dellsupportcenter - ok
01:02:40.0535 0x17b0  [ 02622E1D2B770B63E796B8E72B6E7AB6, 95E1DF7134E100C0A75FFD34C1B81491D9A028C47591CC732F8EA7662BFE48C0 ] SQTECH930B      C:\WINDOWS\system32\Drivers\Capt930b.sys
01:02:40.0550 0x17b0  SQTECH930B - ok
01:02:40.0581 0x17b0  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
01:02:40.0597 0x17b0  sr - ok
01:02:40.0628 0x17b0  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
01:02:40.0660 0x17b0  srservice - ok
01:02:40.0785 0x17b0  [ C743E384E9EFCA10B41C60D406DE39C0, A8872FE127F374D6008D161FFD9792B17E8DA8F6E8C74C52E06B92AB19E9FAFB ] SRTSP           C:\WINDOWS\System32\Drivers\NIS\1404000.028\SRTSP.SYS
01:02:40.0831 0x17b0  SRTSP - ok
01:02:40.0894 0x17b0  [ FE9BD381778A344F0E39AE2D5E607D7F, 04F7EEE5ADF802BE120CFC730D5D5B97AF561278ABDE3C094E43174886C3867B ] SRTSPX          C:\WINDOWS\system32\drivers\NIS\1404000.028\SRTSPX.SYS
01:02:40.0894 0x17b0  SRTSPX - ok
01:02:40.0941 0x17b0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
01:02:40.0972 0x17b0  Srv - ok
01:02:41.0019 0x17b0  [ 98625722AD52B40305E74AAA83C93086, 1A022CE84C1F3522C15A23885B3154CB0477512F4E4C95C89BEDB61B3F76B9DF ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
01:02:41.0019 0x17b0  sscdbhk5 - ok
01:02:41.0066 0x17b0  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
01:02:41.0066 0x17b0  SSDPSRV - ok
01:02:41.0113 0x17b0  [ D79412E3942C8A257253487536D5A994, 09A5AB33E4EB49006FD22CCC2535BB8052E8FB617DB842B1F6A0F0B4D520FAF2 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
01:02:41.0128 0x17b0  ssrtln - ok
01:02:41.0175 0x17b0  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
01:02:41.0206 0x17b0  stisvc - ok
01:02:41.0269 0x17b0  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
01:02:41.0269 0x17b0  streamip - ok
01:02:41.0300 0x17b0  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
01:02:41.0300 0x17b0  swenum - ok
01:02:41.0331 0x17b0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
01:02:41.0331 0x17b0  swmidi - ok
01:02:41.0347 0x17b0  SwPrv - ok
01:02:41.0550 0x17b0  [ 267C914667C94E5F47D342311C1C577F, E4FE7A8E41680E6845AD4D0FEEF4EDA6DACAE7728D2401520175AAD8ED16ABAD ] Symantec RemoteAssist C:\Program Files\Common Files\Symantec Shared\Support Controls\ssrc.exe
01:02:41.0566 0x17b0  Symantec RemoteAssist - ok
01:02:41.0597 0x17b0  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
01:02:41.0597 0x17b0  symc810 - ok
01:02:41.0628 0x17b0  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
01:02:41.0628 0x17b0  symc8xx - ok
01:02:41.0691 0x17b0  [ 5A193E5E0F0A776430E5D62A051C1E16, A65E927581CD92F9769F540D3292EF12299273F9EEE99DECAE01E2B52B8DB465 ] SymDS           C:\WINDOWS\system32\drivers\NIS\1404000.028\SYMDS.SYS
01:02:41.0722 0x17b0  SymDS - ok
01:02:41.0800 0x17b0  [ 1773FB2920EBB3A8BAD0360618091470, 82ABB41801BB4DBADEC8AED8579F0B2BC4D704B1559F768DC223FCB0B13C6A01 ] SymEFA          C:\WINDOWS\system32\drivers\NIS\1404000.028\SYMEFA.SYS
01:02:41.0894 0x17b0  SymEFA - ok
01:02:41.0941 0x17b0  [ F50D81D3E0C7A353F205562B89CD06D6, 5D5B3685A6D9B16575C01FCC7A701458524B875F3FBC0EE6D42008E6087D93CC ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
01:02:41.0956 0x17b0  SymEvent - ok
01:02:41.0988 0x17b0  [ 123A13DCD5210F8A3BE5FC8CACBFE324, 056D77F182901FD2F115ACFF445449E4AB821D170225217480A3198141CD1ECF ] SymIM           C:\WINDOWS\system32\DRIVERS\SymIM.sys
01:02:41.0988 0x17b0  SymIM - ok
01:02:42.0003 0x17b0  [ 123A13DCD5210F8A3BE5FC8CACBFE324, 056D77F182901FD2F115ACFF445449E4AB821D170225217480A3198141CD1ECF ] SymIMMP         C:\WINDOWS\system32\DRIVERS\SymIM.sys
01:02:42.0003 0x17b0  SymIMMP - ok
01:02:42.0081 0x17b0  [ 8C9B9036E301A9965CF15BEC91C58A12, B96C5FF47880552277596FB3CBEEBCFE91115331DB9A77B2A0D8ABA2AFCDF0AF ] SymIRON         C:\WINDOWS\system32\drivers\NIS\1404000.028\Ironx86.SYS
01:02:42.0097 0x17b0  SymIRON - ok
01:02:42.0144 0x17b0  [ E9C316262C48BF299E02FC8B1CE2B925, DC005E4EFC8D71919BDBE02256664DE25413C8BC0482A26DB40F7CB7A60439AA ] SYMTDI          C:\WINDOWS\System32\Drivers\NIS\1404000.028\SYMTDI.SYS
01:02:42.0191 0x17b0  SYMTDI - ok
01:02:42.0206 0x17b0  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
01:02:42.0206 0x17b0  sym_hi - ok
01:02:42.0238 0x17b0  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
01:02:42.0238 0x17b0  sym_u3 - ok
01:02:42.0269 0x17b0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
01:02:42.0285 0x17b0  sysaudio - ok
01:02:42.0331 0x17b0  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
01:02:42.0331 0x17b0  SysmonLog - ok
01:02:42.0394 0x17b0  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
01:02:42.0425 0x17b0  TapiSrv - ok
01:02:42.0535 0x17b0  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:02:42.0566 0x17b0  Tcpip - ok
01:02:42.0597 0x17b0  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
01:02:42.0613 0x17b0  TDPIPE - ok
01:02:42.0644 0x17b0  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
01:02:42.0660 0x17b0  TDTCP - ok
01:02:42.0691 0x17b0  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
01:02:42.0691 0x17b0  TermDD - ok
01:02:42.0738 0x17b0  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
01:02:42.0769 0x17b0  TermService - ok
01:02:42.0831 0x17b0  [ D0177776E11B0B3F272EEBD262A69661, E826ADC7381AD5891C6DD514ED48E8F74A804A9C4BE6E6555CDCCF60286BE898 ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
01:02:42.0831 0x17b0  tfsnboio - ok
01:02:42.0847 0x17b0  [ 599804BC938B8305A5422319774DA871, C0B450D71A0FD36A9358C241D6CDA2CB3392F2A8182401B4DC44BF5CF93847C8 ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
01:02:42.0863 0x17b0  tfsncofs - ok
01:02:42.0878 0x17b0  [ A1902C00ADC11C4D83F8E3ED947A6A32, 5B05B8BF4C0EF5E86ABEE4C7EACD976427699061520A6CCB04EEEDDA3F6FFF56 ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
01:02:42.0878 0x17b0  tfsndrct - ok
01:02:42.0910 0x17b0  [ D8DDB3F2B1BEF15CFF6728D89C042C61, 61E1EE3CEB5B1B2234E1187086CDAD7450E6B69058264F3C30F73F65E05C0F05 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
01:02:42.0910 0x17b0  tfsndres - ok
01:02:42.0941 0x17b0  [ C4F2DEA75300971CDAEE311007DE138D, 9B1DE826445672C2F4CC73E99843CCC53918B9622C2709ED611086A817958B10 ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
01:02:42.0941 0x17b0  tfsnifs - ok
01:02:42.0972 0x17b0  [ 272925BE0EA919F08286D2EE6F102B0F, EE4B7AB9061C6202166C9B947AE1431DB12B9A898C1F20C7E05A0E3531BBA65F ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
01:02:42.0972 0x17b0  tfsnopio - ok
01:02:42.0988 0x17b0  [ 7B7D955E5CEBC2FB88B03EF875D52A2F, 53E1595BAC6C508B389AB695CC954FE739EA4014C8EF2FD6C2ABC1492732BB25 ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
01:02:42.0988 0x17b0  tfsnpool - ok
01:02:43.0019 0x17b0  [ E3D01263109D800C1967C12C10A0B018, 96FBD863C1EC1C603203EA425B5891D7CE1D0D04BBA29B68E8654CD40AD70B09 ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
01:02:43.0035 0x17b0  tfsnudf - ok
01:02:43.0066 0x17b0  [ B9E9C377906E3A65BC74598FFF7F7458, F2B175EB5FCF8F19E765A01B5289F158E07F8698F8A35171E7767F084C503512 ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
01:02:43.0081 0x17b0  tfsnudfa - ok
01:02:43.0097 0x17b0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
01:02:43.0113 0x17b0  Themes - ok
01:02:43.0144 0x17b0  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
01:02:43.0144 0x17b0  TlntSvr - ok
01:02:43.0191 0x17b0  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
01:02:43.0191 0x17b0  TosIde - ok
01:02:43.0238 0x17b0  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
01:02:43.0238 0x17b0  TrkWks - ok
01:02:43.0300 0x17b0  [ B7C681175E3F8DE967CEFE90E46440B5, A47DA5AD1FD6E2DC4C8B7F06118985A2038E9CD6BD0F55ED95A3590258CB44EB ] Trufos          C:\WINDOWS\system32\DRIVERS\Trufos.sys
01:02:43.0347 0x17b0  Trufos - ok
01:02:43.0410 0x17b0  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
01:02:43.0410 0x17b0  Udfs - ok
01:02:43.0425 0x17b0  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
01:02:43.0441 0x17b0  ultra - ok
01:02:43.0488 0x17b0  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
01:02:43.0519 0x17b0  Update - ok
01:02:43.0581 0x17b0  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
01:02:43.0597 0x17b0  upnphost - ok
01:02:43.0644 0x17b0  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
01:02:43.0644 0x17b0  UPS - ok
01:02:43.0691 0x17b0  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
01:02:43.0706 0x17b0  USBAAPL - ok
01:02:43.0738 0x17b0  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
01:02:43.0753 0x17b0  usbaudio - ok
01:02:43.0800 0x17b0  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:02:43.0800 0x17b0  usbccgp - ok
01:02:43.0816 0x17b0  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:02:43.0816 0x17b0  usbehci - ok
01:02:43.0847 0x17b0  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:02:43.0863 0x17b0  usbhub - ok
01:02:43.0894 0x17b0  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:02:43.0894 0x17b0  usbprint - ok
01:02:43.0925 0x17b0  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:02:43.0925 0x17b0  usbscan - ok
01:02:43.0956 0x17b0  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:02:43.0956 0x17b0  USBSTOR - ok
01:02:43.0988 0x17b0  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
01:02:43.0988 0x17b0  usbuhci - ok
01:02:44.0019 0x17b0  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
01:02:44.0019 0x17b0  VgaSave - ok
01:02:44.0066 0x17b0  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
01:02:44.0066 0x17b0  viaagp - ok
01:02:44.0113 0x17b0  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
01:02:44.0113 0x17b0  ViaIde - ok
01:02:44.0160 0x17b0  [ 5F974FDE801C73952770736BECDE11E7, 6321143932DA5C9DFBA257C590D2975C9514B1494B0E4ABF45951CE8EB58188F ] Viewpoint Manager Service C:\Program Files\Viewpoint\Common\ViewpointService.exe
01:02:44.0160 0x17b0  Viewpoint Manager Service - ok
01:02:44.0191 0x17b0  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
01:02:44.0206 0x17b0  VolSnap - ok
01:02:44.0269 0x17b0  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
01:02:44.0285 0x17b0  VSS - ok
01:02:44.0331 0x17b0  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
01:02:44.0363 0x17b0  w32time - ok
01:02:44.0394 0x17b0  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:02:44.0394 0x17b0  Wanarp - ok
01:02:44.0425 0x17b0  [ 0A716C08CB13C3A8F4F51E882DBF7416, 66FFDC9151CB3676B5DF073431DE055E7F2CDA5722F7EAAC6EC45F2CF9910882 ] wanatw          C:\WINDOWS\system32\DRIVERS\wanatw4.sys
01:02:44.0425 0x17b0  wanatw - ok
01:02:44.0456 0x17b0  [ EB9A99AB5D17B1727034FF191E6448D7, 6DE6E3B23F59B187BF9FA1D8EF77E5FAD5459E9EBEB4E7BEE4D452AAA90C844D ] WANMiniportService C:\WINDOWS\wanmpsvc.exe
01:02:44.0691 0x17b0  WANMiniportService - ok
01:02:44.0691 0x17b0  WDICA - ok
01:02:44.0722 0x17b0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
01:02:44.0738 0x17b0  wdmaud - ok
01:02:44.0769 0x17b0  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
01:02:44.0769 0x17b0  WebClient - ok
01:02:44.0863 0x17b0  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
01:02:44.0878 0x17b0  winmgmt - ok
01:02:44.0941 0x17b0  [ 581176F60885AEF8F78C6E38DCC3CDF9, C175F84936964EC7AE7EA24025C4003E0907E7EA2BEAA0930BA2CB01360A5B79 ] WMDM PMSP Service C:\WINDOWS\system32\MsPMSPSv.exe
01:02:44.0941 0x17b0  WMDM PMSP Service - ok
01:02:44.0972 0x17b0  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
01:02:44.0972 0x17b0  WmdmPmSN - ok
01:02:45.0050 0x17b0  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
01:02:45.0097 0x17b0  Wmi - ok
01:02:45.0144 0x17b0  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:02:45.0160 0x17b0  WmiApSrv - ok
01:02:45.0269 0x17b0  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
01:02:45.0363 0x17b0  WMPNetworkSvc - ok
01:02:45.0519 0x17b0  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
01:02:45.0550 0x17b0  WPFFontCache_v0400 - ok
01:02:45.0613 0x17b0  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
01:02:45.0613 0x17b0  WS2IFSL - ok
01:02:45.0660 0x17b0  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
01:02:45.0660 0x17b0  wscsvc - ok
01:02:45.0722 0x17b0  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
01:02:45.0722 0x17b0  WSTCODEC - ok
01:02:45.0753 0x17b0  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
01:02:45.0769 0x17b0  wuauserv - ok
01:02:45.0878 0x17b0  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:02:45.0925 0x17b0  WudfPf - ok
01:02:45.0972 0x17b0  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
01:02:46.0003 0x17b0  WudfSvc - ok
01:02:46.0081 0x17b0  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
01:02:46.0222 0x17b0  WZCSVC - ok
01:02:46.0269 0x17b0  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
01:02:46.0394 0x17b0  xmlprov - ok
01:02:46.0394 0x17b0  ================ Scan global ===============================
01:02:46.0425 0x17b0  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
01:02:46.0472 0x17b0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
01:02:46.0519 0x17b0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
01:02:46.0550 0x17b0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
01:02:46.0566 0x17b0  [ Global ] - ok
01:02:46.0566 0x17b0  ================ Scan MBR ==================================
01:02:46.0581 0x17b0  [ B16A2359F4962B0C622D81A1C1F4B703 ] \Device\Harddisk0\DR0
01:02:46.0753 0x17b0  \Device\Harddisk0\DR0 - ok
01:02:46.0800 0x17b0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
01:02:46.0816 0x17b0  \Device\Harddisk1\DR1 - ok
01:02:47.0003 0x17b0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR6
01:02:47.0253 0x17b0  \Device\Harddisk2\DR6 - ok
01:02:47.0253 0x17b0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk3\DR7
01:02:47.0269 0x17b0  \Device\Harddisk3\DR7 - ok
01:02:47.0269 0x17b0  ================ Scan VBR ==================================
01:02:47.0269 0x17b0  [ 01698BE69B6BD12D41AECA1CA65B628E ] \Device\Harddisk0\DR0\Partition1
01:02:47.0269 0x17b0  \Device\Harddisk0\DR0\Partition1 - ok
01:02:47.0285 0x17b0  [ 37ED1EB7145FEA20E7E151BD5C2B7ACB ] \Device\Harddisk1\DR1\Partition1
01:02:47.0285 0x17b0  \Device\Harddisk1\DR1\Partition1 - ok
01:02:47.0316 0x17b0  [ 5166991816F6CB0CCE109FA353C11D14 ] \Device\Harddisk2\DR6\Partition1
01:02:47.0316 0x17b0  \Device\Harddisk2\DR6\Partition1 - ok
01:02:47.0331 0x17b0  [ 6F1CF1B143CF8423AC93ACA4C9152937 ] \Device\Harddisk3\DR7\Partition1
01:02:47.0331 0x17b0  \Device\Harddisk3\DR7\Partition1 - ok
01:02:47.0331 0x17b0  Waiting for KSN requests completion. In queue: 288
01:02:48.0331 0x17b0  Waiting for KSN requests completion. In queue: 288
01:02:49.0331 0x17b0  Waiting for KSN requests completion. In queue: 288
01:02:50.0472 0x17b0  AV detected via SS1: Ad-Aware Antivirus, , disabled, outofdate
01:02:50.0535 0x17b0  FW detected via SS1: Ad-Aware Firewall, , disabled
01:02:50.0535 0x17b0  Win FW state via NFM: disabled
01:02:53.0019 0x17b0  ============================================================
01:02:53.0019 0x17b0  Scan finished
01:02:53.0019 0x17b0  ============================================================
01:02:53.0035 0x0d20  Detected object count: 0
01:02:53.0035 0x0d20  Actual detected object count: 0


#5 popppableepa

popppableepa
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 27 November 2013 - 09:35 AM

Item three: contents of C:\AdwCleaner\AdwCleaner[S0].txt follows:

 

# AdwCleaner v3.013 - Report created 27/11/2013 at 01:24:37
# Updated 24/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : A & M - DELLSVC96YVW71
# Running from : C:\Documents and Settings\A & M\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : Viewpoint Manager Service
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Winamp Toolbar
Folder Deleted : C:\Documents and Settings\A & M\Local Settings\Application Data\Winamp Toolbar
Folder Deleted : C:\Documents and Settings\A & M\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Z\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\J\Local Settings\Application Data\Winamp Toolbar
File Deleted : C:\WINDOWS\Downloaded Program Files\popcaploader.inf
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\winamptbServer.exe
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWaySearchAssistantDE.Auxiliary
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLTBSearch.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.AOLToolBand.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.Downloader.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarInfo.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams
Key Deleted : HKLM\SOFTWARE\Classes\WinampTb.ToolbarParams.1
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\WinampTbServer.AolToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B27D9527-3762-4D71-963D-FB7A94FDD678}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57BCA5FA-5DBB-45A2-B558-1755C3F6253B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EF4E91D-DDD5-4478-BCA7-DA04435934C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B38D6EDE-390B-4620-8365-29E16459EBDA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F20F11FD-203E-45A9-B7BB-AFC1B4FEA7A6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE178B09-C8AA-4734-804D-1849BCCA0C29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F54B66A-21CF-4548-AE59-A6B83EE6676F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{51A971CA-D36E-4D13-A799-2CF0A491D04D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{56FBEA9F-EF93-4318-B75F-A96FC7C7BD7B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78B3C85E-44FF-4DC8-B3AD-156F39DC75E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{841FD004-57A2-4B49-BBDB-5897394619DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E19FDA06-5BDF-43C2-B794-BCD8A4C2051F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FAB076F5-E4DD-4EA4-AFEE-F18BF972B057}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{538CD77C-BFDD-49B0-9562-77419CAB89D1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}]
Key Deleted : HKCU\Software\Winamp Toolbar
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\MetaStream
Key Deleted : HKLM\Software\MyWaySA
Key Deleted : HKLM\Software\Viewpoint
Key Deleted : HKLM\Software\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Winamp Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Google Chrome v
 
[ File : C:\Documents and Settings\A & M\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Documents and Settings\J\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [7477 octets] - [27/11/2013 01:16:32]
AdwCleaner[S0].txt - [7584 octets] - [27/11/2013 01:24:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7644 octets] ##########


#6 popppableepa

popppableepa
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 27 November 2013 - 10:36 AM

Item Four:  Junkware Removal Tool.  Some problems here.  

 

I downloaded and ran JRT.exe as instructed.  The task ran as described, apparently to completion, i.e., the DOS window closed after displaying a bunch of progress messages (I think the last one was 'Checking Registry').  

 

It did not, however, save the expected JRT.txt log file to the desktop, nor did it open it in a Notepad window.  I opened Task Manager to confirm that neither the task nor the associated process was still running.  Tried several times with the same results.

 

Abort / Retry / Fail?

 

Now re-enabling protection (Norton Internet Security Anti-Virus Autoprotect) and moving on to item 5 (ESET scan), will post results upon completion.  


Edited by popppableepa, 27 November 2013 - 10:50 AM.


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:02 AM

Posted 27 November 2013 - 01:27 PM

Ok, Will wait for ESET now..


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#8 popppableepa

popppableepa
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 27 November 2013 - 02:49 PM

OK.  Rather a lengthy process. Been running four hours, and only 18% complete.

 

Just double-checking -- was it OK to re-enable Norton before running ESET?  Feel kinda naked without it.


Edited by popppableepa, 27 November 2013 - 06:05 PM.


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:02 AM

Posted 27 November 2013 - 09:02 PM

If you need to, ESET is longer as it is quite thorough.
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#10 popppableepa

popppableepa
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 27 November 2013 - 10:23 PM

OK Item 5 -- ESET Scan completed.  Sorry, I don't understand your previous reply.  Does having the Norton AV Autoprotect enabled interfere with the operation of ESET?

 

ESET quarantined four files.  The associated programs (Melody Can, which is an audio editor, and an older version of Ad-Aware) are not recent installs, so I wonder if they are of any consequence to the current problem.  FYI, the ESET scan took 8hr 50 min.  That beats a recent Ad-Aware Full Scan by more than an hour :-)

 

Here is the list of threats found by ESET:

 

C:\Documents and Settings\A & M\Local Settings\Temp\AAWInstallerTemp\v9.6.0\Ad-Aware.msi multiple threats deleted - quarantined
G:\Documents and Settings\A & M\My Documents\My Download Files\MelodyCan\cnet2_MelodyCan_3_6_5-Setup_www_melodycan_com_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
I:\A & M_Backup\2012-04-09_18-07-49\Memeo\2012-04-09_18-07-49\G_\Documents and Settings\A & M\My Documents\My Download Files\MelodyCan\cnet2_MelodyCan_3_6_5-Setup_www_melodycan_com_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
I:\Seagate Backup\DELLSVC96YVW71\G\Documents and Settings\A & M\My Documents\My Download Files\MelodyCan\cnet2_MelodyCan_3_6_5-Setup_www_melodycan_com_exe.exe a variant of Win32/InstallCore.D application cleaned by deleting - quarantined
 
Happy Bleeping Thanksgiving.  What next?

Edited by popppableepa, 27 November 2013 - 10:24 PM.


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:02 AM

Posted 01 December 2013 - 07:20 PM

Hello, sorry for the delay ,I stayed at my dad's a couple days longer.

 

Other scanners being active can slow the scanning process as sometimes they look at each other and figure what is going on. Also thy can get stuck searching the others database of malware signatures.

 

Usually subsequent scans are shorter, even the AdAware if you run them often ,say monthly.

 

Are there still popups etc??


How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#12 popppableepa

popppableepa
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 02 December 2013 - 07:22 PM

I hope your new icon is the view from Dad's porch.  Nice!

 

Unfortunately, we're seeing the same symptoms as originally described.  Please advise. on next step(s)  And thanks once again for helping to run this down.



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 61,720 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:03:02 AM

Posted 02 December 2013 - 09:09 PM

I had the Turkey up for the holiday.

I think it may be an Add on in Chrome
Try disabling them one at a time and se if tat stops it.

How to Disable Extensions in Google Chrome


If necessary remove the add on.
How to Uninstall Extensions in Google Chrome
How do I get help? Who is helping me?
Staying Updated Calendar of Updates.
For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....
Become a BleepingComputer fan: Facebook Have you seen..Select Real Security

#14 popppableepa

popppableepa
  • Topic Starter

  • Members
  • 29 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:02 AM

Posted 03 December 2013 - 12:43 AM

Hoo-ah!  Didn't think of that -- I actually looked among the Chrome Plug-Ins [Settings / Advanced / Privacy / Content Settings / Disable Individual Plug-Ins], but didn't see anything suspicious there.

 

Yes, Great Arcade Hits was in the Chrome Extensions. [And it makes sense, since there weren't any symptoms with other browsers.] I deleted it, and no more symptoms (at least, for the last 20 clicks or so). 

 

What to do now?



#15 chugg

chugg

  • Members
  • 510 posts
  • OFFLINE
  •  
  • Local time:03:02 AM

Posted 09 December 2013 - 12:14 AM

I have this same virus. I saw your post and removed it from my extensions.  It looks like the popups are gone but it is creating hyperextensions for things on the net and wanting you to click them.  The ads say powered by greatarcadehits.    It looks like alot of people on the net are getting this malware now.  I didnt mean to  piggyback your thread.  Should I start another thread?

 

UPDATE -  I ran Malwarebytes and it detected 12 items and cleaned them.  This seemed to fix the problem.  I will try it out and see. 


Edited by chugg, 09 December 2013 - 02:20 AM.





1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users