Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP.Optional.Tarma.A & OpenCandy...How do I get rid of these...???


  • Please log in to reply
7 replies to this topic

#1 Fhoosa

Fhoosa

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Seabrook, TX
  • Local time:02:28 PM

Posted 28 August 2013 - 08:37 PM

I ran a scan with MalwareBytes and it detected 3 of the Tarma.A's and 1 OpenCandy.  

 

I need your help in getting rid of these viruses.

 

Thank you.

 

Fhoosa



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:28 PM

Posted 28 August 2013 - 08:44 PM

Hello Fhoosa, I moved his from XP to the Am I Infected forum.

Please post your MBAM log then do these.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
Do not change the default options on scan results.


Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • >>>
  • Last run ESET.
    • Hold down Control and click on this link to open ESET OnlineScan in a new window.
    • Click the esetonlinebtn.png button.
    • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
    • Check "YES, I accept the Terms of Use."
    • Click the Start button.
    • Accept any security warnings from your browser.
    • Under scan settings, check "Scan Archives" and "Remove found threats"
    • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
    • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    • When the scan completes, click List Threats
    • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    • Click the Back button.
    • Click the Finish button.
    • NOTE:Sometimes if ESET finds no infections it will not create a log.
Please see quietman7 post 12 on Open Candy here
http://www.bleepingcomputer.com/forums/t/467444/infected-by-backdoor/

About the Tarma Installer PUP. Stands for "Potentially Unwanted Program."
The term "PUP" was created by McAfee, a security technology company, to describe unwanted software. A PUP is similar to malware in that it may cause problems once it is installed on your computer. However, unlike malware, you consent to a PUP being installed, rather than it installing itself without your knowledge.

More HERE

Edited by boopme, 28 August 2013 - 08:51 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Fhoosa

Fhoosa
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Seabrook, TX
  • Local time:02:28 PM

Posted 28 August 2013 - 10:47 PM

Here are the reports that you requested:

 

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.08.27.06
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Mark :: MARKS [administrator]
 
Protection: Enabled
 
8/28/2013 3:45:06 AM
mbam-log-2013-08-28 (03-45-06).txt
 
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 290015
Time elapsed: 42 minute(s), 45 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 5
C:\Documents and Settings\Mark\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.40\agent\stub_data\stubinst_pkg_en-us.cab (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{492F47A8-4ACF-43E2-8223-513C3AA6182A}\RP1172\A0105531.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{492F47A8-4ACF-43E2-8223-513C3AA6182A}\RP1172\A0105532.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{492F47A8-4ACF-43E2-8223-513C3AA6182A}\RP1172\A0105533.exe (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{492F47A8-4ACF-43E2-8223-513C3AA6182A}\RP1172\A0105534.dll (PUP.Optional.Tarma.A) -> Quarantined and deleted successfully.
 
(end)
 
MiniToolBox by Farbar  Version: 13-07-2013
Ran by Mark (administrator) on 28-08-2013 at 19:17:13
Running from "C:\Documents and Settings\Mark\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
1394 Net Adapter = 1394 Connection (Disconnected)
Intel® WiFi Link 5300 AGN = Wireless Network Connection 2 (Connected)
Intel® 82567LM Gigabit Network Connection = Local Area Connection (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Wireless Network Connection 2"
 
set address name="Wireless Network Connection 2" source=dhcp 
set dns name="Wireless Network Connection 2" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 2" source=dhcp
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : marks
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Hybrid
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : hsd1.ca.comcast.net.
 
 
 
Ethernet adapter Wireless Network Connection 2:
 
 
 
        Connection-specific DNS Suffix  . : hsd1.ca.comcast.net.
 
        Description . . . . . . . . . . . : Intel® WiFi Link 5300 AGN
 
        Physical Address. . . . . . . . . : 00-21-6A-61-52-5E
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 10.0.0.2
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 10.0.0.1
 
        DHCP Server . . . . . . . . . . . : 10.0.0.1
 
        DNS Servers . . . . . . . . . . . : 75.75.75.75
 
                                            75.75.76.76
 
        Lease Obtained. . . . . . . . . . : Wednesday, August 28, 2013 3:01:28 PM
 
        Lease Expires . . . . . . . . . . : Wednesday, September 04, 2013 3:01:28 PM
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Intel® 82567LM Gigabit Network Connection
 
        Physical Address. . . . . . . . . : 00-24-E8-C2-45-2A
 
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    google.com
Addresses:  74.125.239.34, 74.125.239.36, 74.125.239.37, 74.125.239.39
 74.125.239.32, 74.125.239.41, 74.125.239.46, 74.125.239.40, 74.125.239.33
 74.125.239.38, 74.125.239.35
 
 
 
Pinging google.com [74.125.239.137] with 32 bytes of data:
 
 
 
Reply from 74.125.239.137: bytes=32 time=42ms TTL=54
 
Reply from 74.125.239.137: bytes=32 time=28ms TTL=54
 
 
 
Ping statistics for 74.125.239.137:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 28ms, Maximum = 42ms, Average = 35ms
 
Server:  cdns01.comcast.net
Address:  75.75.75.75
 
Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
 
 
Reply from 206.190.36.45: bytes=32 time=42ms TTL=50
 
Reply from 206.190.36.45: bytes=32 time=45ms TTL=50
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 42ms, Maximum = 45ms, Average = 43ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 21 6a 61 52 5e ...... Intel® WiFi Link 5300 AGN - Packet Scheduler Miniport
0x3 ...00 24 e8 c2 45 2a ...... Intel® 82567LM Gigabit Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1        10.0.0.2  25
         10.0.0.0    255.255.255.0         10.0.0.2        10.0.0.2  25
         10.0.0.2  255.255.255.255        127.0.0.1       127.0.0.1  25
   10.255.255.255  255.255.255.255         10.0.0.2        10.0.0.2  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
        224.0.0.0        240.0.0.0         10.0.0.2        10.0.0.2  25
  255.255.255.255  255.255.255.255         10.0.0.2               3  1
  255.255.255.255  255.255.255.255         10.0.0.2        10.0.0.2  1
Default Gateway:          10.0.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/12/2013 03:16:16 PM) (Source: Microsoft Security Client Setup) (User: )
Description: HRESULT:0x8004FF0A
Description:.  0x8004FF0A.
 
Error: (06/30/2013 08:38:29 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: The server name or address could not be resolved
 
Error: (06/26/2013 07:10:11 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (06/12/2013 01:25:13 PM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (05/16/2013 05:57:23 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
 
Error: (04/11/2013 08:16:43 AM) (Source: CltMngSvc) (User: )
Description: CltMngSvcShutting down. (Error: 997)
 
Error: (04/11/2013 08:12:09 AM) (Source: CltMngSvc) (User: )
Description: CltMngSvcServiceInstall: Fail to Start serviceSearch Protect by Conduit Updater (Error: 1056)
 
 
System errors:
=============
Error: (08/19/2013 03:55:42 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.155.2519.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.3.0215.00
 
Source Path: 4.3.0215.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (08/14/2013 09:30:03 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (08/14/2013 09:30:03 PM) (Source: Service Control Manager) (User: )
Description: Timeout (120000 milliseconds) waiting for the Windows Search service to connect.
 
Error: (08/14/2013 09:30:03 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (08/14/2013 09:24:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (08/14/2013 09:24:47 PM) (Source: Service Control Manager) (User: )
Description: Timeout (120000 milliseconds) waiting for the Windows Search service to connect.
 
Error: (08/14/2013 09:24:47 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (08/14/2013 09:24:47 PM) (Source: Service Control Manager) (User: )
Description: Timeout (120000 milliseconds) waiting for the Windows Search service to connect.
 
Error: (08/14/2013 09:24:47 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1053" attempting to start the service WSearch with arguments ""
in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
 
Error: (08/11/2013 04:06:45 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.155.1972.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.3.0215.00
 
Source Path: 4.3.0215.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
32 Bit HP CIO Components Installer (Version: 2.1.4)
Adobe AIR (Version: 3.6.0.5970)
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Shockwave Player 12.0 (Version: 12.0.3.133)
Applian Director (Version: 2.1)
Big Dollar Casino
BitComet 1.36 (Version: 1.36)
CCleaner (Version: 4.03)
Cirrus Casino (Version: 12.1.7-RTG)
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3)
CorelDRAW Graphics Suite X5 - Common (Version: 15.3)
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3)
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3)
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3)
CorelDRAW Graphics Suite X5 - EN (Version: 15.3)
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3)
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3)
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3)
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3)
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.3)
CorelDRAW Graphics Suite X5 - Redist (Version: 15.3)
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3)
CorelDRAW Graphics Suite X5 - VBA (Version: 15.3)
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3)
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.3)
CorelDRAW Graphics Suite X5 - WT (Version: 15.3)
CorelDRAW Graphics Suite X5 (Version: 15.3)
Dell Support Center (Version: 3.1.5907.39)
Dell Touchpad (Version: 7.1207.101.108)
Easy CD-DA Extractor 15 (Version: 15.3.1)
Express Burn Disc Burning Software
Freecorder 2.3 (with Skype Call Recording)
GoldMine 5.0
Google Chrome (Version: 29.0.1547.62)
Google Chrome Frame (Version: 29.0.1547.62)
Google Talk Plugin (Version: 4.4.2.14502)
Google Update Helper (Version: 1.3.21.153)
Green Moon
HP Photosmart C4400 All-In-One Driver 11.0 Rel .3 (Version: 11.0)
IDT Audio (Version: 1.0.6274.0)
Intel PROSet Wireless
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.5390)
Intel® Network Connections Drivers (Version: 16.1)
Intel® PROSet/Wireless WiFi Software (Version: 14.2.0000)
Internet Explorer (Enable DEP)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Junk Mail filter update (Version: 14.0.8117.416)
K-Lite Mega Codec Pack 9.8.5 (Version: 9.8.5)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Memeo Instant Backup (Version: 4.60.0.7923)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Corporation (Version: 9.0.30729.1)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Security Client (Version: 4.3.0215.0)
Microsoft Security Essentials (Version: 4.3.215.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
OpenAL
PS_AIO_03_C4400_Software_Min (Version: 110.0.201.000)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.5)
RealUpgrade 1.1 (Version: 1.1.0)
Replay Converter 4 (Version: 4.07)
Scan (Version: 11.0.0.0)
Seagate Dashboard (Version: 1.1.0.1421)
Segoe UI (Version: 14.0.4327.805)
Skype Click to Call (Version: 6.11.13348)
Skype™ 6.0 (Version: 6.0.126)
Switch Sound File Converter
swMSM (Version: 12.0.0.1)
System Requirements Lab for Intel (Version: 4.5.5.0)
Toolbox (Version: 110.0.180.000)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2768023) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817642) 32-Bit Edition
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2808679) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update Installer for WildTangent Games App
Visual Basic for Applications ® Core - English (Version: 6.4.99.69)
Visual Basic for Applications ® Core (Version: 6.4.99.69)
VLC media player 2.0.8 (Version: 2.0.8)
WebFldrs XP (Version: 9.50.6513)
WildTangent Games (Version: 1.0.3.0)
WildTangent Games App (Version: 4.0.10.5)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR 4.01 (32-bit) (Version: 4.01.0)
Wise Registry Cleaner 7.83 (Version: 7.83)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 31%
Total physical RAM: 3535.84 MB
Available physical RAM: 2431.93 MB
Total Pagefile: 5418.27 MB
Available Pagefile: 4350.27 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.97 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:232.88 GB) (Free:204.55 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MARKS
 
Administrator            ASPNET                   Guest                    
HelpAssistant            Mark                     SUPPORT_388945a0         
 
 
**** End of log ****
 
19:18:26.0437 0x0624  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
19:18:26.0984 0x0624  ============================================================
19:18:26.0984 0x0624  Current date / time: 2013/08/28 19:18:26.0984
19:18:26.0984 0x0624  SystemInfo:
19:18:26.0984 0x0624  
19:18:26.0984 0x0624  OS Version: 5.1.2600 ServicePack: 3.0
19:18:26.0984 0x0624  Product type: Workstation
19:18:26.0984 0x0624  ComputerName: MARKS
19:18:26.0984 0x0624  UserName: Mark
19:18:26.0984 0x0624  Windows directory: C:\WINDOWS
19:18:26.0984 0x0624  System windows directory: C:\WINDOWS
19:18:26.0984 0x0624  Processor architecture: Intel x86
19:18:26.0984 0x0624  Number of processors: 2
19:18:26.0984 0x0624  Page size: 0x1000
19:18:26.0984 0x0624  Boot type: Normal boot
19:18:26.0984 0x0624  ============================================================
19:18:28.0921 0x0624  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
19:18:28.0921 0x0624  ============================================================
19:18:28.0921 0x0624  \Device\Harddisk0\DR0:
19:18:28.0921 0x0624  MBR partitions:
19:18:28.0921 0x0624  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
19:18:28.0921 0x0624  ============================================================
19:18:28.0953 0x0624  C: <-> \Device\Harddisk0\DR0\Partition1
19:18:28.0953 0x0624  ============================================================
19:18:28.0953 0x0624  Initialize success
19:18:28.0953 0x0624  ============================================================
19:19:01.0437 0x01d4  ============================================================
19:19:01.0437 0x01d4  Scan started
19:19:01.0437 0x01d4  Mode: Manual; TDLFS; 
19:19:01.0437 0x01d4  ============================================================
19:19:02.0546 0x01d4  ================ Scan system memory ========================
19:19:02.0546 0x01d4  System memory - ok
19:19:02.0546 0x01d4  ================ Scan services =============================
19:19:02.0625 0x01d4  Abiosdsk - ok
19:19:02.0625 0x01d4  abp480n5 - ok
19:19:02.0656 0x01d4  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
19:19:02.0671 0x01d4  ACPI - ok
19:19:02.0687 0x01d4  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
19:19:02.0687 0x01d4  ACPIEC - ok
19:19:02.0734 0x01d4  [ 476BB014F3F68C0C15EDDD5B444DA8FF ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:19:02.0750 0x01d4  AdobeFlashPlayerUpdateSvc - ok
19:19:02.0750 0x01d4  adpu160m - ok
19:19:02.0765 0x01d4  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
19:19:02.0812 0x01d4  aec - ok
19:19:02.0828 0x01d4  [ 822D53766D57C90C437536232ECE9023 ] AESTAud         C:\WINDOWS\system32\drivers\AESTAud.sys
19:19:02.0890 0x01d4  AESTAud - ok
19:19:02.0921 0x01d4  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
19:19:02.0921 0x01d4  AFD - ok
19:19:02.0921 0x01d4  Aha154x - ok
19:19:02.0937 0x01d4  aic78u2 - ok
19:19:02.0937 0x01d4  aic78xx - ok
19:19:02.0953 0x01d4  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
19:19:02.0953 0x01d4  Alerter - ok
19:19:02.0968 0x01d4  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
19:19:02.0968 0x01d4  ALG - ok
19:19:02.0968 0x01d4  AliIde - ok
19:19:02.0984 0x01d4  amsint - ok
19:19:03.0015 0x01d4  [ 9910A9C7D307A9E156D951248601C33E ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
19:19:03.0015 0x01d4  ApfiltrService - ok
19:19:03.0046 0x01d4  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
19:19:03.0046 0x01d4  AppMgmt - ok
19:19:03.0062 0x01d4  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
19:19:03.0093 0x01d4  Arp1394 - ok
19:19:03.0093 0x01d4  asc - ok
19:19:03.0109 0x01d4  asc3350p - ok
19:19:03.0109 0x01d4  asc3550 - ok
19:19:03.0187 0x01d4  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
19:19:03.0187 0x01d4  aspnet_state - ok
19:19:03.0203 0x01d4  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
19:19:03.0234 0x01d4  AsyncMac - ok
19:19:03.0250 0x01d4  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
19:19:03.0250 0x01d4  atapi - ok
19:19:03.0250 0x01d4  Atdisk - ok
19:19:03.0265 0x01d4  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
19:19:03.0296 0x01d4  Atmarpc - ok
19:19:03.0312 0x01d4  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
19:19:03.0312 0x01d4  AudioSrv - ok
19:19:03.0343 0x01d4  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
19:19:03.0343 0x01d4  audstub - ok
19:19:03.0375 0x01d4  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
19:19:03.0390 0x01d4  Beep - ok
19:19:03.0421 0x01d4  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
19:19:03.0421 0x01d4  BITS - ok
19:19:03.0453 0x01d4  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
19:19:03.0453 0x01d4  Browser - ok
19:19:03.0484 0x01d4  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
19:19:03.0500 0x01d4  cbidf2k - ok
19:19:03.0531 0x01d4  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
19:19:03.0546 0x01d4  CCDECODE - ok
19:19:03.0546 0x01d4  cd20xrnt - ok
19:19:03.0578 0x01d4  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
19:19:03.0593 0x01d4  Cdaudio - ok
19:19:03.0625 0x01d4  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
19:19:03.0625 0x01d4  Cdfs - ok
19:19:03.0640 0x01d4  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
19:19:03.0687 0x01d4  Cdrom - ok
19:19:03.0687 0x01d4  Changer - ok
19:19:03.0703 0x01d4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
19:19:03.0703 0x01d4  CiSvc - ok
19:19:03.0718 0x01d4  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
19:19:03.0734 0x01d4  ClipSrv - ok
19:19:03.0765 0x01d4  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:19:03.0765 0x01d4  clr_optimization_v2.0.50727_32 - ok
19:19:03.0796 0x01d4  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:19:03.0796 0x01d4  clr_optimization_v4.0.30319_32 - ok
19:19:03.0812 0x01d4  [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
19:19:03.0843 0x01d4  CmBatt - ok
19:19:03.0843 0x01d4  CmdIde - ok
19:19:03.0859 0x01d4  [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
19:19:03.0859 0x01d4  Compbatt - ok
19:19:03.0859 0x01d4  COMSysApp - ok
19:19:03.0875 0x01d4  Cpqarray - ok
19:19:03.0921 0x01d4  [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv          C:\Program Files\SystemRequirementsLab\cpudrv.sys
19:19:03.0921 0x01d4  cpudrv - ok
19:19:03.0953 0x01d4  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
19:19:03.0953 0x01d4  CryptSvc - ok
19:19:03.0953 0x01d4  dac2w2k - ok
19:19:03.0953 0x01d4  dac960nt - ok
19:19:03.0984 0x01d4  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
19:19:04.0000 0x01d4  DcomLaunch - ok
19:19:04.0015 0x01d4  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
19:19:04.0015 0x01d4  Dhcp - ok
19:19:04.0031 0x01d4  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
19:19:04.0031 0x01d4  Disk - ok
19:19:04.0031 0x01d4  dmadmin - ok
19:19:04.0062 0x01d4  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
19:19:04.0109 0x01d4  dmboot - ok
19:19:04.0125 0x01d4  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
19:19:04.0125 0x01d4  dmio - ok
19:19:04.0156 0x01d4  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
19:19:04.0156 0x01d4  dmload - ok
19:19:04.0187 0x01d4  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
19:19:04.0187 0x01d4  dmserver - ok
19:19:04.0203 0x01d4  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
19:19:04.0234 0x01d4  DMusic - ok
19:19:04.0250 0x01d4  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
19:19:04.0250 0x01d4  Dnscache - ok
19:19:04.0281 0x01d4  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
19:19:04.0296 0x01d4  Dot3svc - ok
19:19:04.0296 0x01d4  dpti2o - ok
19:19:04.0312 0x01d4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
19:19:04.0343 0x01d4  drmkaud - ok
19:19:04.0390 0x01d4  [ 0000BFDA0DE85BFD5D0086B1013E1F72 ] e1yexpress      C:\WINDOWS\system32\DRIVERS\e1y5132.sys
19:19:04.0390 0x01d4  e1yexpress - ok
19:19:04.0406 0x01d4  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
19:19:04.0406 0x01d4  EapHost - ok
19:19:04.0437 0x01d4  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
19:19:04.0453 0x01d4  ERSvc - ok
19:19:04.0468 0x01d4  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
19:19:04.0468 0x01d4  Eventlog - ok
19:19:04.0500 0x01d4  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\System32\es.dll
19:19:04.0500 0x01d4  EventSystem - ok
19:19:04.0593 0x01d4  [ 52859724EDD0EE282522225E056B6EB3 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
19:19:04.0625 0x01d4  EvtEng - ok
19:19:04.0671 0x01d4  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
19:19:04.0718 0x01d4  Fastfat - ok
19:19:04.0750 0x01d4  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
19:19:04.0750 0x01d4  FastUserSwitchingCompatibility - ok
19:19:04.0765 0x01d4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
19:19:04.0812 0x01d4  Fdc - ok
19:19:04.0828 0x01d4  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
19:19:04.0859 0x01d4  Fips - ok
19:19:04.0859 0x01d4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
19:19:04.0890 0x01d4  Flpydisk - ok
19:19:04.0921 0x01d4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
19:19:04.0921 0x01d4  FltMgr - ok
19:19:04.0968 0x01d4  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
19:19:04.0984 0x01d4  FontCache3.0.0.0 - ok
19:19:04.0984 0x01d4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:19:05.0031 0x01d4  Fs_Rec - ok
19:19:05.0046 0x01d4  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
19:19:05.0062 0x01d4  Ftdisk - ok
19:19:05.0125 0x01d4  [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files\WildTangent Games\App\GamesAppService.exe
19:19:05.0125 0x01d4  GamesAppService - ok
19:19:05.0156 0x01d4  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
19:19:05.0265 0x01d4  Gpc - ok
19:19:05.0343 0x01d4  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
19:19:05.0359 0x01d4  gupdate - ok
19:19:05.0375 0x01d4  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
19:19:05.0375 0x01d4  gupdatem - ok
19:19:05.0390 0x01d4  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
19:19:05.0515 0x01d4  HDAudBus - ok
19:19:05.0562 0x01d4  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:19:05.0562 0x01d4  helpsvc - ok
19:19:05.0593 0x01d4  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
19:19:05.0593 0x01d4  HidServ - ok
19:19:05.0625 0x01d4  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
19:19:05.0671 0x01d4  hidusb - ok
19:19:05.0687 0x01d4  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
19:19:05.0687 0x01d4  hkmsvc - ok
19:19:05.0703 0x01d4  hpn - ok
19:19:05.0734 0x01d4  [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
19:19:05.0812 0x01d4  HPZid412 - ok
19:19:05.0843 0x01d4  [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
19:19:05.0890 0x01d4  HPZipr12 - ok
19:19:05.0890 0x01d4  [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
19:19:05.0953 0x01d4  HPZius12 - ok
19:19:06.0000 0x01d4  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
19:19:06.0015 0x01d4  HTTP - ok
19:19:06.0046 0x01d4  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
19:19:06.0046 0x01d4  HTTPFilter - ok
19:19:06.0062 0x01d4  i2omgmt - ok
19:19:06.0062 0x01d4  i2omp - ok
19:19:06.0109 0x01d4  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
19:19:06.0171 0x01d4  i8042prt - ok
19:19:06.0296 0x01d4  [ 5BF90FA45E7DBF57004A94BEE3AF92E3 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
19:19:06.0515 0x01d4  ialm - ok
19:19:06.0578 0x01d4  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:19:06.0609 0x01d4  idsvc - ok
19:19:06.0640 0x01d4  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
19:19:06.0718 0x01d4  Imapi - ok
19:19:06.0750 0x01d4  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
19:19:06.0765 0x01d4  ImapiService - ok
19:19:06.0765 0x01d4  ini910u - ok
19:19:06.0796 0x01d4  [ F5C70E41B19D33CC764998786AB74165 ] IntcHdmiAddService C:\WINDOWS\system32\drivers\IntcHdmi.sys
19:19:06.0937 0x01d4  IntcHdmiAddService - ok
19:19:06.0953 0x01d4  IntelIde - ok
19:19:07.0046 0x01d4  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
19:19:07.0078 0x01d4  intelppm - ok
19:19:07.0078 0x01d4  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
19:19:07.0140 0x01d4  ip6fw - ok
19:19:07.0187 0x01d4  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:19:07.0187 0x01d4  IpFilterDriver - ok
19:19:07.0187 0x01d4  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
19:19:07.0250 0x01d4  IpInIp - ok
19:19:07.0265 0x01d4  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
19:19:07.0296 0x01d4  IpNat - ok
19:19:07.0296 0x01d4  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
19:19:07.0343 0x01d4  IPSec - ok
19:19:07.0375 0x01d4  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
19:19:07.0390 0x01d4  IRENUM - ok
19:19:07.0406 0x01d4  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
19:19:07.0406 0x01d4  isapnp - ok
19:19:07.0421 0x01d4  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
19:19:07.0437 0x01d4  Kbdclass - ok
19:19:07.0453 0x01d4  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
19:19:07.0468 0x01d4  kbdhid - ok
19:19:07.0484 0x01d4  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
19:19:07.0484 0x01d4  kmixer - ok
19:19:07.0515 0x01d4  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
19:19:07.0515 0x01d4  KSecDD - ok
19:19:07.0546 0x01d4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
19:19:07.0546 0x01d4  lanmanserver - ok
19:19:07.0562 0x01d4  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
19:19:07.0562 0x01d4  lanmanworkstation - ok
19:19:07.0562 0x01d4  lbrtfdc - ok
19:19:07.0609 0x01d4  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
19:19:07.0609 0x01d4  LmHosts - ok
19:19:07.0625 0x01d4  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
19:19:07.0625 0x01d4  MBAMProtector - ok
19:19:07.0687 0x01d4  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
19:19:07.0703 0x01d4  MBAMScheduler - ok
19:19:07.0734 0x01d4  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
19:19:07.0765 0x01d4  MBAMService - ok
19:19:07.0812 0x01d4  [ 780D96F551833E0DCFE0A33B02B774E8 ] MemeoBackgroundService C:\Program Files\Memeo\AutoBackup\MemeoBackgroundService.exe
19:19:07.0812 0x01d4  MemeoBackgroundService - ok
19:19:07.0843 0x01d4  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
19:19:07.0843 0x01d4  Messenger - ok
19:19:07.0906 0x01d4  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
19:19:07.0906 0x01d4  Microsoft Office Groove Audit Service - ok
19:19:07.0921 0x01d4  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
19:19:07.0937 0x01d4  mnmdd - ok
19:19:07.0968 0x01d4  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
19:19:07.0968 0x01d4  mnmsrvc - ok
19:19:07.0984 0x01d4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
19:19:08.0015 0x01d4  Modem - ok
19:19:08.0031 0x01d4  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
19:19:08.0062 0x01d4  Mouclass - ok
19:19:08.0078 0x01d4  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
19:19:08.0093 0x01d4  mouhid - ok
19:19:08.0109 0x01d4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
19:19:08.0109 0x01d4  MountMgr - ok
19:19:08.0140 0x01d4  [ 24406D75B40F0F6B3C1AC7031D734565 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
19:19:08.0140 0x01d4  MpFilter - ok
19:19:08.0140 0x01d4  mraid35x - ok
19:19:08.0156 0x01d4  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
19:19:08.0171 0x01d4  MRxDAV - ok
19:19:08.0203 0x01d4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:19:08.0203 0x01d4  MRxSmb - ok
19:19:08.0250 0x01d4  [ D98350792A7CE82E7459A7C36481BEDA ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
19:19:08.0265 0x01d4  MSCamSvc - ok
19:19:08.0281 0x01d4  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
19:19:08.0281 0x01d4  MSDTC - ok
19:19:08.0296 0x01d4  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
19:19:08.0296 0x01d4  Msfs - ok
19:19:08.0328 0x01d4  [ 5119FFC2A6B51089CDB0EFDC75808C97 ] MSHUSBVideo     C:\WINDOWS\system32\Drivers\nx6000.sys
19:19:08.0328 0x01d4  MSHUSBVideo - ok
19:19:08.0328 0x01d4  MSIServer - ok
19:19:08.0343 0x01d4  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:19:08.0375 0x01d4  MSKSSRV - ok
19:19:08.0421 0x01d4  [ 37F77AEBFF23A99D1BFB4F34CD2D07F2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:19:08.0421 0x01d4  MsMpSvc - ok
19:19:08.0453 0x01d4  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:19:08.0468 0x01d4  MSPCLOCK - ok
19:19:08.0484 0x01d4  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
19:19:08.0500 0x01d4  MSPQM - ok
19:19:08.0531 0x01d4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
19:19:08.0531 0x01d4  mssmbios - ok
19:19:08.0546 0x01d4  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
19:19:08.0562 0x01d4  MSTEE - ok
19:19:08.0593 0x01d4  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
19:19:08.0609 0x01d4  Mup - ok
19:19:08.0625 0x01d4  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
19:19:08.0671 0x01d4  NABTSFEC - ok
19:19:08.0703 0x01d4  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
19:19:08.0703 0x01d4  napagent - ok
19:19:08.0718 0x01d4  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
19:19:08.0718 0x01d4  NDIS - ok
19:19:08.0750 0x01d4  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
19:19:08.0781 0x01d4  NdisIP - ok
19:19:08.0796 0x01d4  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:19:08.0796 0x01d4  NdisTapi - ok
19:19:08.0828 0x01d4  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:19:08.0859 0x01d4  Ndisuio - ok
19:19:08.0875 0x01d4  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:19:08.0937 0x01d4  NdisWan - ok
19:19:08.0984 0x01d4  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
19:19:08.0984 0x01d4  NDProxy - ok
19:19:09.0000 0x01d4  [ 949941E4DE88DF1FAF49A4B3CFFB756F ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
19:19:09.0000 0x01d4  Net Driver HPZ12 - ok
19:19:09.0031 0x01d4  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
19:19:09.0031 0x01d4  NetBIOS - ok
19:19:09.0046 0x01d4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
19:19:09.0109 0x01d4  NetBT - ok
19:19:09.0125 0x01d4  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
19:19:09.0125 0x01d4  NetDDE - ok
19:19:09.0125 0x01d4  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
19:19:09.0140 0x01d4  NetDDEdsdm - ok
19:19:09.0171 0x01d4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
19:19:09.0171 0x01d4  Netlogon - ok
19:19:09.0187 0x01d4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
19:19:09.0187 0x01d4  Netman - ok
19:19:09.0218 0x01d4  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:19:09.0218 0x01d4  NetTcpPortSharing - ok
19:19:09.0375 0x01d4  [ 580207A7C9BDE8BA65401F51F9BA9741 ] NETw5x32        C:\WINDOWS\system32\DRIVERS\NETw5x32.sys
19:19:09.0609 0x01d4  NETw5x32 - ok
19:19:09.0765 0x01d4  [ EE7D38C283A641BC6F53C498CE556E4C ] NETwNx32        C:\WINDOWS\system32\DRIVERS\NETwNx32.sys
19:19:09.0984 0x01d4  NETwNx32 - ok
19:19:10.0000 0x01d4  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
19:19:10.0031 0x01d4  NIC1394 - ok
19:19:10.0046 0x01d4  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
19:19:10.0046 0x01d4  Nla - ok
19:19:10.0078 0x01d4  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
19:19:10.0078 0x01d4  Npfs - ok
19:19:10.0093 0x01d4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
19:19:10.0125 0x01d4  Ntfs - ok
19:19:10.0140 0x01d4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
19:19:10.0140 0x01d4  NtLmSsp - ok
19:19:10.0171 0x01d4  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
19:19:10.0187 0x01d4  NtmsSvc - ok
19:19:10.0203 0x01d4  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
19:19:10.0218 0x01d4  Null - ok
19:19:10.0250 0x01d4  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
19:19:10.0265 0x01d4  NwlnkFlt - ok
19:19:10.0265 0x01d4  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
19:19:10.0281 0x01d4  NwlnkFwd - ok
19:19:10.0343 0x01d4  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
19:19:10.0343 0x01d4  odserv - ok
19:19:10.0359 0x01d4  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
19:19:10.0359 0x01d4  ohci1394 - ok
19:19:10.0375 0x01d4  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:19:10.0390 0x01d4  ose - ok
19:19:10.0406 0x01d4  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
19:19:10.0453 0x01d4  Parport - ok
19:19:10.0453 0x01d4  Partizan - ok
19:19:10.0468 0x01d4  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
19:19:10.0468 0x01d4  PartMgr - ok
19:19:10.0515 0x01d4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
19:19:10.0531 0x01d4  ParVdm - ok
19:19:10.0531 0x01d4  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
19:19:10.0531 0x01d4  PCI - ok
19:19:10.0531 0x01d4  PCIDump - ok
19:19:10.0546 0x01d4  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
19:19:10.0546 0x01d4  PCIIde - ok
19:19:10.0578 0x01d4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
19:19:10.0593 0x01d4  Pcmcia - ok
19:19:10.0593 0x01d4  PDCOMP - ok
19:19:10.0609 0x01d4  PDFRAME - ok
19:19:10.0609 0x01d4  PDRELI - ok
19:19:10.0625 0x01d4  PDRFRAME - ok
19:19:10.0625 0x01d4  perc2 - ok
19:19:10.0640 0x01d4  perc2hib - ok
19:19:10.0656 0x01d4  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
19:19:10.0671 0x01d4  PlugPlay - ok
19:19:10.0703 0x01d4  [ 2F4CA141A609CAF5C98F6E4760EF1B9B ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
19:19:10.0703 0x01d4  Pml Driver HPZ12 - ok
19:19:10.0718 0x01d4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
19:19:10.0718 0x01d4  PolicyAgent - ok
19:19:10.0750 0x01d4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
19:19:10.0828 0x01d4  PptpMiniport - ok
19:19:10.0843 0x01d4  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
19:19:10.0906 0x01d4  Processor - ok
19:19:10.0906 0x01d4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
19:19:10.0906 0x01d4  ProtectedStorage - ok
19:19:10.0921 0x01d4  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
19:19:11.0000 0x01d4  PSched - ok
19:19:11.0015 0x01d4  [ 543A4EF0923BF70D126625B034EF25AF ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
19:19:11.0015 0x01d4  PSI_SVC_2 - ok
19:19:11.0062 0x01d4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
19:19:11.0078 0x01d4  Ptilink - ok
19:19:11.0078 0x01d4  ql1080 - ok
19:19:11.0093 0x01d4  Ql10wnt - ok
19:19:11.0093 0x01d4  ql12160 - ok
19:19:11.0093 0x01d4  ql1240 - ok
19:19:11.0109 0x01d4  ql1280 - ok
19:19:11.0109 0x01d4  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:19:11.0109 0x01d4  RasAcd - ok
19:19:11.0140 0x01d4  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
19:19:11.0140 0x01d4  RasAuto - ok
19:19:11.0156 0x01d4  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
19:19:11.0187 0x01d4  Rasl2tp - ok
19:19:11.0218 0x01d4  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
19:19:11.0234 0x01d4  RasMan - ok
19:19:11.0250 0x01d4  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:19:11.0281 0x01d4  RasPppoe - ok
19:19:11.0281 0x01d4  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
19:19:11.0312 0x01d4  Raspti - ok
19:19:11.0343 0x01d4  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:19:11.0343 0x01d4  Rdbss - ok
19:19:11.0359 0x01d4  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
19:19:11.0375 0x01d4  RDPCDD - ok
19:19:11.0390 0x01d4  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
19:19:11.0406 0x01d4  rdpdr - ok
19:19:11.0421 0x01d4  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
19:19:11.0437 0x01d4  RDPWD - ok
19:19:11.0468 0x01d4  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
19:19:11.0468 0x01d4  RDSessMgr - ok
19:19:11.0484 0x01d4  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
19:19:11.0531 0x01d4  redbook - ok
19:19:11.0578 0x01d4  [ 3B1A7CEA1E230103264405E0FB05532C ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
19:19:11.0593 0x01d4  RegSrvc - ok
19:19:11.0625 0x01d4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
19:19:11.0625 0x01d4  RemoteAccess - ok
19:19:11.0640 0x01d4  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
19:19:11.0656 0x01d4  RemoteRegistry - ok
19:19:11.0656 0x01d4  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\System32\locator.exe
19:19:11.0671 0x01d4  RpcLocator - ok
19:19:11.0687 0x01d4  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
19:19:11.0703 0x01d4  RpcSs - ok
19:19:11.0718 0x01d4  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\System32\rsvp.exe
19:19:11.0718 0x01d4  RSVP - ok
19:19:11.0765 0x01d4  [ 8C9D57338B02D95C0FC7DB428C50A001 ] S24EventMonitor C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
19:19:11.0796 0x01d4  S24EventMonitor - ok
19:19:11.0812 0x01d4  [ 27FC71DA659305E260ACBDA15A318399 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
19:19:11.0859 0x01d4  s24trans - ok
19:19:11.0875 0x01d4  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
19:19:11.0875 0x01d4  SamSs - ok
19:19:11.0890 0x01d4  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
19:19:11.0890 0x01d4  SCardSvr - ok
19:19:11.0921 0x01d4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
19:19:11.0921 0x01d4  Schedule - ok
19:19:11.0953 0x01d4  [ 8D04819A3CE51B9EB47E5689B44D43C4 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
19:19:11.0984 0x01d4  sdbus - ok
19:19:12.0031 0x01d4  [ 16B44D246835EAC156F8DAF0AA4F530C ] SeagateDashboardService C:\Program Files\Seagate\Seagate Dashboard\SeagateDashboardService.exe
19:19:12.0031 0x01d4  SeagateDashboardService - ok
19:19:12.0046 0x01d4  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
19:19:12.0078 0x01d4  Secdrv - ok
19:19:12.0093 0x01d4  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
19:19:12.0093 0x01d4  seclogon - ok
19:19:12.0093 0x01d4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
19:19:12.0093 0x01d4  SENS - ok
19:19:12.0109 0x01d4  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
19:19:12.0156 0x01d4  Serial - ok
19:19:12.0187 0x01d4  [ 0FA803C64DF0914B41F807EA276BF2A6 ] sffdisk         C:\WINDOWS\system32\DRIVERS\sffdisk.sys
19:19:12.0203 0x01d4  sffdisk - ok
19:19:12.0218 0x01d4  [ C17C331E435ED8737525C86A7557B3AC ] sffp_sd         C:\WINDOWS\system32\DRIVERS\sffp_sd.sys
19:19:12.0234 0x01d4  sffp_sd - ok
19:19:12.0250 0x01d4  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
19:19:12.0265 0x01d4  Sfloppy - ok
19:19:12.0281 0x01d4  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
19:19:12.0296 0x01d4  SharedAccess - ok
19:19:12.0312 0x01d4  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:19:12.0312 0x01d4  ShellHWDetection - ok
19:19:12.0312 0x01d4  Simbad - ok
19:19:12.0468 0x01d4  [ D0776778A9FC5E37F2E9EB21FC8A9709 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:19:12.0562 0x01d4  Skype C2C Service - ok
19:19:12.0609 0x01d4  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:19:12.0609 0x01d4  SkypeUpdate - ok
19:19:12.0640 0x01d4  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
19:19:12.0656 0x01d4  SLIP - ok
19:19:12.0656 0x01d4  Sparrow - ok
19:19:12.0687 0x01d4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
19:19:12.0703 0x01d4  splitter - ok
19:19:12.0734 0x01d4  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
19:19:12.0734 0x01d4  Spooler - ok
19:19:12.0765 0x01d4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
19:19:12.0765 0x01d4  sr - ok
19:19:12.0781 0x01d4  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
19:19:12.0781 0x01d4  srservice - ok
19:19:12.0812 0x01d4  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
19:19:12.0812 0x01d4  Srv - ok
19:19:12.0828 0x01d4  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
19:19:12.0828 0x01d4  SSDPSRV - ok
19:19:12.0875 0x01d4  [ 0A8FA56553913E87AA24A6CE218B88DE ] STacSV          c:\program files\idt\wdm\stacsv.exe
19:19:12.0890 0x01d4  STacSV - ok
19:19:12.0937 0x01d4  [ C111965A8DBD00768787D807EC3113FF ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
19:19:12.0937 0x01d4  STHDA - ok
19:19:12.0968 0x01d4  [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
19:19:12.0984 0x01d4  StillCam - ok
19:19:13.0015 0x01d4  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
19:19:13.0015 0x01d4  stisvc - ok
19:19:13.0062 0x01d4  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
19:19:13.0078 0x01d4  streamip - ok
19:19:13.0078 0x01d4  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
19:19:13.0093 0x01d4  swenum - ok
19:19:13.0109 0x01d4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
19:19:13.0125 0x01d4  swmidi - ok
19:19:13.0125 0x01d4  SwPrv - ok
19:19:13.0140 0x01d4  symc810 - ok
19:19:13.0140 0x01d4  symc8xx - ok
19:19:13.0140 0x01d4  sym_hi - ok
19:19:13.0156 0x01d4  sym_u3 - ok
19:19:13.0156 0x01d4  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
19:19:13.0187 0x01d4  sysaudio - ok
19:19:13.0218 0x01d4  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
19:19:13.0218 0x01d4  SysmonLog - ok
19:19:13.0234 0x01d4  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
19:19:13.0234 0x01d4  TapiSrv - ok
19:19:13.0265 0x01d4  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:19:13.0265 0x01d4  Tcpip - ok
19:19:13.0296 0x01d4  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
19:19:13.0296 0x01d4  TDPIPE - ok
19:19:13.0312 0x01d4  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
19:19:13.0312 0x01d4  TDTCP - ok
19:19:13.0328 0x01d4  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
19:19:13.0328 0x01d4  TermDD - ok
19:19:13.0359 0x01d4  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
19:19:13.0375 0x01d4  TermService - ok
19:19:13.0421 0x01d4  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
19:19:13.0421 0x01d4  Themes - ok
19:19:13.0468 0x01d4  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
19:19:13.0468 0x01d4  TlntSvr - ok
19:19:13.0468 0x01d4  TosIde - ok
19:19:13.0531 0x01d4  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
19:19:13.0562 0x01d4  TrkWks - ok
19:19:13.0578 0x01d4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
19:19:13.0609 0x01d4  Udfs - ok
19:19:13.0625 0x01d4  ultra - ok
19:19:13.0640 0x01d4  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
19:19:13.0687 0x01d4  Update - ok
19:19:13.0703 0x01d4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
19:19:13.0703 0x01d4  upnphost - ok
19:19:13.0718 0x01d4  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
19:19:13.0718 0x01d4  UPS - ok
19:19:13.0734 0x01d4  [ E919708DB44ED8543A7C017953148330 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
19:19:13.0765 0x01d4  usbaudio - ok
19:19:13.0796 0x01d4  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
19:19:13.0812 0x01d4  usbccgp - ok
19:19:13.0828 0x01d4  [ 2825E0E294686A26506690059E1F437A ] USBCCID         C:\WINDOWS\system32\DRIVERS\usbccid.sys
19:19:13.0843 0x01d4  USBCCID - ok
19:19:13.0859 0x01d4  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
19:19:13.0890 0x01d4  usbehci - ok
19:19:13.0906 0x01d4  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
19:19:13.0937 0x01d4  usbhub - ok
19:19:13.0953 0x01d4  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
19:19:13.0968 0x01d4  usbprint - ok
19:19:14.0000 0x01d4  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
19:19:14.0015 0x01d4  usbscan - ok
19:19:14.0031 0x01d4  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
19:19:14.0062 0x01d4  USBSTOR - ok
19:19:14.0093 0x01d4  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
19:19:14.0109 0x01d4  usbuhci - ok
19:19:14.0140 0x01d4  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
19:19:14.0171 0x01d4  usbvideo - ok
19:19:14.0171 0x01d4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
19:19:14.0187 0x01d4  VgaSave - ok
19:19:14.0187 0x01d4  ViaIde - ok
19:19:14.0203 0x01d4  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
19:19:14.0203 0x01d4  VolSnap - ok
19:19:14.0234 0x01d4  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
19:19:14.0250 0x01d4  VSS - ok
19:19:14.0250 0x01d4  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
19:19:14.0265 0x01d4  W32Time - ok
19:19:14.0281 0x01d4  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
19:19:14.0312 0x01d4  Wanarp - ok
19:19:14.0328 0x01d4  [ D918617B46457B9AC28027722E30F647 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
19:19:14.0343 0x01d4  Wdf01000 - ok
19:19:14.0343 0x01d4  WDICA - ok
19:19:14.0359 0x01d4  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
19:19:14.0390 0x01d4  wdmaud - ok
19:19:14.0406 0x01d4  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
19:19:14.0406 0x01d4  WebClient - ok
19:19:14.0468 0x01d4  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
19:19:14.0468 0x01d4  winmgmt - ok
19:19:14.0515 0x01d4  [ 18F347402DA544A780949B8FDF83351B ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
19:19:14.0531 0x01d4  WinRM - ok
19:19:14.0562 0x01d4  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
19:19:14.0562 0x01d4  WmdmPmSN - ok
19:19:14.0593 0x01d4  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
19:19:14.0609 0x01d4  Wmi - ok
19:19:14.0625 0x01d4  [ C42584FD66CE9E17403AEBCA199F7BDB ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
19:19:14.0625 0x01d4  WmiAcpi - ok
19:19:14.0640 0x01d4  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
19:19:14.0671 0x01d4  WmiApSrv - ok
19:19:14.0750 0x01d4  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
19:19:14.0765 0x01d4  WMPNetworkSvc - ok
19:19:14.0828 0x01d4  [ B800EEC15851597405784126C407188C ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:19:14.0843 0x01d4  WPFFontCache_v0400 - ok
19:19:14.0875 0x01d4  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
19:19:14.0890 0x01d4  WS2IFSL - ok
19:19:14.0906 0x01d4  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
19:19:14.0921 0x01d4  wscsvc - ok
19:19:14.0921 0x01d4  WSearch - ok
19:19:14.0953 0x01d4  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
19:19:14.0968 0x01d4  WSTCODEC - ok
19:19:14.0984 0x01d4  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
19:19:14.0984 0x01d4  wuauserv - ok
19:19:15.0000 0x01d4  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
19:19:15.0062 0x01d4  WudfPf - ok
19:19:15.0078 0x01d4  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
19:19:15.0125 0x01d4  WudfRd - ok
19:19:15.0140 0x01d4  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
19:19:15.0140 0x01d4  WudfSvc - ok
19:19:15.0171 0x01d4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
19:19:15.0187 0x01d4  WZCSVC - ok
19:19:15.0203 0x01d4  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
19:19:15.0203 0x01d4  xmlprov - ok
19:19:15.0218 0x01d4  ================ Scan global ===============================
19:19:15.0234 0x01d4  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
19:19:15.0281 0x01d4  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
19:19:15.0281 0x01d4  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
19:19:15.0296 0x01d4  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
19:19:15.0296 0x01d4  [Global] - ok
19:19:15.0296 0x01d4  ================ Scan MBR ==================================
19:19:15.0312 0x01d4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
19:19:15.0531 0x01d4  \Device\Harddisk0\DR0 - ok
19:19:15.0531 0x01d4  ================ Scan VBR ==================================
19:19:15.0531 0x01d4  [ 151B99B575E1F52458976694B9AEC66F ] \Device\Harddisk0\DR0\Partition1
19:19:15.0531 0x01d4  \Device\Harddisk0\DR0\Partition1 - ok
19:19:15.0531 0x01d4  ============================================================
19:19:15.0531 0x01d4  Scan finished
19:19:15.0531 0x01d4  ============================================================
19:19:15.0531 0x0a2c  Detected object count: 0
19:19:15.0531 0x0a2c  Actual detected object count: 0
19:19:39.0187 0x0874  Deinitialize success
 
# AdwCleaner v3.001 - Report created 28/08/2013 at 19:22:28
# Updated 24/08/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mark - MARKS
# Running from : C:\Documents and Settings\Mark\My Documents\Downloads\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\END
Folder Found C:\Documents and Settings\All Users\Application Data\InstallMate
Folder Found C:\Documents and Settings\All Users\Application Data\SoftSafe
Folder Found C:\Documents and Settings\Mark\Application Data\Complitly
Folder Found C:\Documents and Settings\Mark\IECompatCache
Folder Found C:\Documents and Settings\Mark\Local Settings\Application Data\Conduit
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\1ClickDownload
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\Ask&Record
Key Found : HKCU\Software\Complitly
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\ConduitSearchScopes
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh
Key Found : HKLM\Software\Iminent
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@ei.TelevisionFanatic.com/Plugin
Key Found : HKLM\Software\PIP
Key Found : HKLM\Software\SProtector
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs] - hxxp://search.babylon.com/?AF=109933&babsrc=NT_ss&mntrId=e88e321100000000000000216a61525e
 
-\\ Mozilla Firefox v
 
[ File : C:\Documents and Settings\Mark\Application Data\Mozilla\Firefox\Profiles\0\prefs.js ]
 
 
-\\ Google Chrome v29.0.1547.62
 
[ File : C:\Documents and Settings\Mark\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [4295 octets] - [28/08/2013 19:22:28]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4355 octets] ##########
 
C:\Documents and Settings\Mark\Local Settings\temp\LkALkP.exe a variant of Win32/CasOnline.J application cleaned by deleting - quarantined
C:\Documents and Settings\Mark\My Documents\Downloads\Chrome.exe a variant of Win32/AirAdInstaller.A application cleaned by deleting - quarantined
C:\Documents and Settings\Mark\My Documents\Downloads\setup.exe a variant of Win32/CasOnline.J application cleaned by deleting - quarantined
 

 



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:28 PM

Posted 29 August 2013 - 09:43 AM

Looks good, run one more and we should be good to go.

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 Fhoosa

Fhoosa
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Seabrook, TX
  • Local time:02:28 PM

Posted 29 August 2013 - 11:16 AM

Here's the report::

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 5.5.5 (08.28.2013:1)
OS: Microsoft Windows XP x86
Ran by Mark on Thu 08/29/2013 at  9:08:51.87
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT1060933
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3240727
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289847
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\WINDOWS\Tasks\wise registry cleaner schedule task.job"
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 08/29/2013 at  9:12:49.07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:28 PM

Posted 29 August 2013 - 01:36 PM

Ok, looks good to me now.. If there are no more issues Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Fhoosa

Fhoosa
  • Topic Starter

  • Members
  • 123 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Seabrook, TX
  • Local time:02:28 PM

Posted 29 August 2013 - 02:25 PM

Ok. 

I created a new restore point and did the disk clean up.

 

As far as I know, everything looks good.

 

I ran MalwareBytes and there not there anymore.

 

Thank you for all your help.

 

Take care.

 

Fhoosa



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:28 PM

Posted 29 August 2013 - 06:40 PM

You're most welcome, peace!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users