Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gmail account hacked / fraudulent bank payments


  • Please log in to reply
12 replies to this topic

#1 blackhawk147

blackhawk147

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 08 October 2013 - 12:39 PM

I would like help to ensure my computer is free of any malware, spyware etc. my gmail account was hacked and bank account used fraudulently in the last few days. I have been using avast & rapport for security. Ive already changed passwords, locked online banking etc.

Thanks guys

Black-hawk 147

BC AdBot (Login to Remove)

 


#2 blackhawk147

blackhawk147
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 15 October 2013 - 08:13 AM

... still requiring help when available

 

Thanks

 

Blackhawk147



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:34 AM

Posted 15 October 2013 - 08:23 PM

Thanks for waiting.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 blackhawk147

blackhawk147
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 16 October 2013 - 10:09 AM

Ok thanks for getting back to me. Here are  the report logs....

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Sarah Zahari (administrator) on 16-10-2013 at 08:51:34
Running from "C:\Documents and Settings\Sarah Zahari\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Atheros AR5007EG Wireless Network Adapter = Wireless Network Connection (Connected)
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : SarahZahari

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Hybrid

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller

        Physical Address. . . . . . . . . : 00-23-54-0B-88-B7



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Atheros AR5007EG Wireless Network Adapter

        Physical Address. . . . . . . . . : 00-22-43-08-89-56

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.102

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : 16 October 2013 08:34:56

        Lease Expires . . . . . . . . . . : 16 October 2013 10:34:56

Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  173.194.34.70, 173.194.34.71, 173.194.34.72, 173.194.34.73
      173.194.34.78, 173.194.34.64, 173.194.34.65, 173.194.34.66, 173.194.34.67
      173.194.34.68, 173.194.34.69



Pinging google.com [173.194.34.69] with 32 bytes of data:



Reply from 173.194.34.69: bytes=32 time=7ms TTL=57

Reply from 173.194.34.69: bytes=32 time=8ms TTL=57



Ping statistics for 173.194.34.69:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 7ms, Maximum = 8ms, Average = 7ms

Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=109ms TTL=49

Reply from 98.139.183.24: bytes=32 time=119ms TTL=49



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 109ms, Maximum = 119ms, Average = 114ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 23 54 0b 88 b7 ...... Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller - Packet Scheduler Miniport
0x3 ...00 22 43 08 89 56 ...... Atheros AR5007EG Wireless Network Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.102      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0    192.168.0.102   192.168.0.102      25
    192.168.0.102  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.0.255  255.255.255.255    192.168.0.102   192.168.0.102      25
        224.0.0.0        240.0.0.0    192.168.0.102   192.168.0.102      25
  255.255.255.255  255.255.255.255    192.168.0.102   192.168.0.102      1
  255.255.255.255  255.255.255.255    192.168.0.102               2      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/16/2013 05:35:10 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 4.2.0.187, faulting module skype.exe, version 4.2.0.187, fault address 0x000eaac4.
Processing media-specific event for [skype.exe!ws!]

Error: (09/13/2013 04:56:03 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 4.2.0.187, faulting module skype.exe, version 4.2.0.187, fault address 0x000eaac4.
Processing media-specific event for [skype.exe!ws!]

Error: (09/08/2013 08:54:55 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/08/2013 08:54:55 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (08/21/2013 07:42:10 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application connectifyd.exe, version 1.0.0.0, stamp 509d59a0, faulting module connectifynat.dll, version 0.0.0.0, stamp 509d5941, debug? 0, fault address 0x0002c544.

Error: (08/03/2013 09:03:14 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application connectifyd.exe, version 1.0.0.0, stamp 509d59a0, faulting module connectifynat.dll, version 0.0.0.0, stamp 509d5941, debug? 0, fault address 0x0002b338.

Error: (07/31/2013 07:59:44 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application connectifyd.exe, version 1.0.0.0, stamp 509d59a0, faulting module connectifynat.dll, version 0.0.0.0, stamp 509d5941, debug? 0, fault address 0x0002b409.

Error: (07/25/2013 09:56:20 AM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 22.0.0.4917, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/11/2013 07:59:32 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application connectifyd.exe, version 1.0.0.0, stamp 509d59a0, faulting module connectifynat.dll, version 0.0.0.0, stamp 509d5941, debug? 0, fault address 0x0002c544.

Error: (07/10/2013 07:28:04 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: Faulting application connectifyd.exe, version 1.0.0.0, stamp 509d59a0, faulting module connectifynat.dll, version 0.0.0.0, stamp 509d5941, debug? 0, fault address 0x0002b409.


System errors:
=============
Error: (10/08/2013 05:51:32 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PCIIde

Error: (09/26/2013 10:01:25 PM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (09/24/2013 02:59:44 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.0.102 on the
Network Card with network address 002243088956.

Error: (09/23/2013 10:02:04 PM) (Source: Dhcp) (User: )
Description: Your computer has lost the lease to its IP address 192.168.0.102 on the
Network Card with network address 002243088956.

Error: (09/16/2013 07:06:38 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.0.100 for the Network Card with network address 0023540B88B7 has been
denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (09/16/2013 06:51:20 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.23.101 for the Network Card with network address 0023540B88B7 has been
denied by the DHCP server 192.168.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (09/10/2013 11:31:20 AM) (Source: Dhcp) (User: )
Description: The IP address lease 10.93.252.36 for the Network Card with network address 0023540B88B7 has been
denied by the DHCP server 10.93.0.1 (The DHCP Server sent a DHCPNACK message).

Error: (09/07/2013 11:30:06 PM) (Source: Service Control Manager) (User: )
Description: The Application Layer Gateway Service service failed to start due to the following error:
%%1053

Error: (09/07/2013 11:30:01 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

Error: (09/05/2013 01:14:22 PM) (Source: ipnathlp) (User: )
Description: The Network Address Translator (NAT) was unable to request an operation
of the kernel-mode translation module.
This may indicate misconfiguration, insufficient resources, or
an internal error.
The data is the error code.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Adabas D 13.01.00 (Version: 13.0100.8895)
Adobe Flash Player 11 Plugin (Version: 11.8.800.168)
Adobe Reader X (10.1.8) - Italiano (Version: 10.1.8)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Alcatel USB Modem (Version: 1.002.00001)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Asus ACPI Driver (Version: 3.00.0009)
ASUSUpdate for Eee PC
Atheros Communications Inc.® AR8121/AR8113/AR8114 Gigabit/Fast Ethernet Driver (Version: 1.0.0.21)
avast! Free Antivirus (Version: 8.0.1489.0)
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Connectify Hotspot (Version: 3.7.1.25486)
Connection Manager (Version: 8.7.6.800)
Critical Update for Windows Media Player 11 (KB959772)
Eee Instant Key (Version: 1.08)
Eee Storage (Version: 1.1.10)
ESET NOD32 register program
Evernote v. 4.5.2 (Version: 4.5.2.5904)
Free Hide Folder
Google Chrome (Version: 30.0.1599.69)
Google Toolbar for Internet Explorer
Google Update Helper (Version: 1.3.21.153)
HiJackThis (Version: 1.0.0)
HP Update (Version: 5.002.005.003)
IBM SPSS Statistics 21 (Version: 21.0.0.0)
Intel® Graphics Media Accelerator Driver
InterVideo Register Manager (Version: 1.0.4.0)
InterVideo WinDVD (Version: 5.0-B11.1244)
IrfanView (remove only) (Version: 4.35)
iTunes (Version: 11.0.2.26)
Java 7 Update 15 (Version: 7.0.150)
Java Auto Updater (Version: 2.1.9.0)
Java™ 6 Update 3 (Version: 1.6.0.30)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB953297)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Search Enhancement Pack (Version: 2.0.271.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2008 R2 Native Client (Version: 10.51.2500.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Mozilla Firefox 24.0 (x86 en-GB) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My Lockbox 2.0 (Version: 2.0)
Paint.NET v3.36 (Version: 3.36.0)
PhotoScape
Pokki Download Helper (Version: 1.3.0.6)
Poladroid (Version: 0.9.6.0)
QuickTime (Version: 7.70.80.34)
Rapport (Version: 3.5.1302.61)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver (Version: 5.10.0.5667)
RealUpgrade 1.1 (Version: 1.1.0)
Segoe UI (Version: 14.0.4327.805)
Skype™ 4.2 (Version: 4.2.187)
Sony Picture Utility (Version: 3.0.00.11220)
Stickies 7.1e
Super Hybrid Engine (Version: 1.06)
swMSM (Version: 12.0.0.1)
Syncios version 2.0.6 (Version: 2.0.6)
Titledrome Lite 2013.1
Trusteer Endpoint Protection (Version: 3.5.1302.61)
Unlocker 1.8.7 (Version: 1.8.7)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB942763) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB953356) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
VLC media player 1.0.1 (Version: 1.0.1)
WebFldrs XP (Version: 9.50.7523)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Mail
Windows Live Mail (Version: 14.0.8064.0206)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinMend Folder Hidden 1.4.9

========================= Memory info: ===================================

Percentage of memory in use: 45%
Total physical RAM: 1015.05 MB
Available physical RAM: 556.67 MB
Total Pagefile: 2439.69 MB
Available Pagefile: 2040.88 MB
Total Virtual: 2047.88 MB
Available Virtual: 1980.82 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:40 GB) (Free:8.72 GB) NTFS
2 Drive d: () (Fixed) (Total:34.49 GB) (Free:21.4 GB) NTFS

========================= Users: ========================================

User accounts for \\SARAHZAHARI

Administrator            ASPNET                   Guest                    
HelpAssistant            Sarah Zahari             SUPPORT_388945a0         


**** End of log ****

 

TDSS Killer

 

08:56:36.0453 0x075c  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
08:56:50.0421 0x075c  ============================================================
08:56:50.0421 0x075c  Current date / time: 2013/10/16 08:56:50.0421
08:56:50.0421 0x075c  SystemInfo:
08:56:50.0421 0x075c  
08:56:50.0421 0x075c  OS Version: 5.1.2600 ServicePack: 3.0
08:56:50.0421 0x075c  Product type: Workstation
08:56:50.0421 0x075c  ComputerName: SARAHZAHARI
08:56:50.0421 0x075c  UserName: Sarah Zahari
08:56:50.0421 0x075c  Windows directory: C:\WINDOWS
08:56:50.0421 0x075c  System windows directory: C:\WINDOWS
08:56:50.0421 0x075c  Processor architecture: Intel x86
08:56:50.0421 0x075c  Number of processors: 1
08:56:50.0421 0x075c  Page size: 0x1000
08:56:50.0421 0x075c  Boot type: Normal boot
08:56:50.0421 0x075c  ============================================================
08:56:53.0328 0x075c  System UUID: {725CC351-43B7-3EB5-E527-0BCA5678D50E}
08:56:55.0578 0x075c  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:56:55.0578 0x075c  ============================================================
08:56:55.0578 0x075c  \Device\Harddisk0\DR0:
08:56:55.0578 0x075c  MBR partitions:
08:56:55.0578 0x075c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x50014A7
08:56:55.0578 0x075c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x50014E6, BlocksNum 0x44FD4D7
08:56:55.0578 0x075c  ============================================================
08:56:55.0609 0x075c  C: <-> \Device\Harddisk0\DR0\Partition1
08:56:55.0765 0x075c  D: <-> \Device\Harddisk0\DR0\Partition2
08:56:55.0781 0x075c  ============================================================
08:56:55.0781 0x075c  Initialize success
08:56:55.0781 0x075c  ============================================================
08:57:23.0703 0x0cd4  ============================================================
08:57:23.0703 0x0cd4  Scan started
08:57:23.0703 0x0cd4  Mode: Manual;
08:57:23.0703 0x0cd4  ============================================================
08:57:23.0703 0x0cd4  KSN ping started
08:57:26.0171 0x0cd4  KSN ping finished: true
08:57:26.0890 0x0cd4  ================ Scan system memory ========================
08:57:26.0890 0x0cd4  System memory - ok
08:57:26.0890 0x0cd4  ================ Scan services =============================
08:57:27.0000 0x0cd4  Abiosdsk - ok
08:57:27.0015 0x0cd4  abp480n5 - ok
08:57:27.0093 0x0cd4  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:57:27.0109 0x0cd4  ACPI - ok
08:57:27.0296 0x0cd4  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
08:57:27.0312 0x0cd4  ACPIEC - ok
08:57:27.0390 0x0cd4  [ 3109B16A0939BA11696EEB04F345D099, 8863EFE3631F0F4D8F6BAE804DBB01564FF2969D53393B2887F682427C289B25 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
08:57:27.0421 0x0cd4  AdobeFlashPlayerUpdateSvc - ok
08:57:27.0421 0x0cd4  adpu160m - ok
08:57:27.0484 0x0cd4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
08:57:27.0500 0x0cd4  aec - ok
08:57:27.0562 0x0cd4  [ 7618D5218F2A614672EC61A80D854A37, A125ED9BE19F851A30AA107A15DD1CB6C471CEB4A7C275AA0783C6C4CD0EFE79 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
08:57:27.0593 0x0cd4  AFD - ok
08:57:27.0609 0x0cd4  Aha154x - ok
08:57:27.0625 0x0cd4  aic78u2 - ok
08:57:27.0640 0x0cd4  aic78xx - ok
08:57:27.0703 0x0cd4  [ 467BCF2F7E323E9B243D606F83DF3044, 4CF2BFABE056291C458921447663AB9ACB6385789DD7829A3920A6A63C462482 ] AlcatelOTnet    C:\WINDOWS\system32\DRIVERS\AlcatelOTUsbnet.sys
08:57:27.0703 0x0cd4  AlcatelOTnet - ok
08:57:27.0765 0x0cd4  [ FDE74D42599B4882A022DCBA6C8D435C, F6A4994A97CCF06719A91AB2BEE9703C24D480B7258FF88C97756E7FF7CA605D ] ALCATELUSB      C:\WINDOWS\system32\Drivers\AlcatelUsb.sys
08:57:27.0765 0x0cd4  ALCATELUSB - ok
08:57:27.0828 0x0cd4  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
08:57:27.0828 0x0cd4  Alerter - ok
08:57:27.0859 0x0cd4  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
08:57:27.0875 0x0cd4  ALG - ok
08:57:27.0890 0x0cd4  AliIde - ok
08:57:27.0906 0x0cd4  amsint - ok
08:57:28.0015 0x0cd4  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:57:28.0031 0x0cd4  Apple Mobile Device - ok
08:57:28.0046 0x0cd4  AppMgmt - ok
08:57:28.0140 0x0cd4  [ 6D5F95602B8D0D994D31A864872B38EF, E200D48DB4831D5073D1583067D254CD5C3F70557F07CAF77A26A4672FB32F8E ] AR5211          C:\WINDOWS\system32\DRIVERS\ar5211.sys
08:57:28.0187 0x0cd4  AR5211 - ok
08:57:28.0218 0x0cd4  asc - ok
08:57:28.0234 0x0cd4  asc3350p - ok
08:57:28.0250 0x0cd4  asc3550 - ok
08:57:28.0375 0x0cd4  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:57:28.0484 0x0cd4  aspnet_state - ok
08:57:28.0515 0x0cd4  [ 784FCB197F9A50A419D8CE4980655AE4, 296CAB5C1E22C68719E574CAA07EE10F3EC2D29148704CF8AAD6D464DF9AC306 ] AsusACPI        C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
08:57:28.0515 0x0cd4  AsusACPI - ok
08:57:28.0562 0x0cd4  [ 4AF5F360BA1E8794D32B366E45A64A0A, 6AF5410168E06A6895237183AA9769576031FAF412ABFC46572A013432BE1F86 ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
08:57:28.0562 0x0cd4  aswFsBlk - ok
08:57:28.0609 0x0cd4  [ 1F7094D4268D46F718C51286DC189791, 4820C1417876C45EBC1C33C66265AC16A6A016599256DDBA45D4D6E147DDE8A0 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
08:57:28.0609 0x0cd4  aswMonFlt - ok
08:57:28.0640 0x0cd4  [ 7B43265F92257A21CBFD88E7A651044C, E01A0E5BB3621CDEA906B63992A0258AC2BC79C487D128551153563FE1CBE819 ] AswRdr          C:\WINDOWS\system32\drivers\AswRdr.sys
08:57:28.0656 0x0cd4  AswRdr - ok
08:57:28.0687 0x0cd4  [ B680134BA1813B78B47FDD1DFF223CA5, 51B749766B8D1E75F8D652A9BDB8839A95A2637B05E1B2BFF4FF8B0E77A02D50 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
08:57:28.0703 0x0cd4  aswRvrt - ok
08:57:28.0828 0x0cd4  [ CCD565A8A72AF7D45F9A242013870926, 7E5A0EA32C5BAEA25C093A270CFEEE21E57272BC79221BDA58DDBF1CD9E9868C ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
08:57:28.0890 0x0cd4  aswSnx - ok
08:57:29.0031 0x0cd4  [ 937300BC7C4CDF7576BCCE44E19BBB9D, 2275DE904940042421D8A33ACC8C0E1C7FAED7E59FA4658938FB8DBE6D624634 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
08:57:29.0062 0x0cd4  aswSP - ok
08:57:29.0093 0x0cd4  [ 1F71F170D90E42EFDE9633D81D5E12DC, 62053E412F8269B4E906E482B905CADCFEA0D3296B525C1141944D5EA9B227A8 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
08:57:29.0109 0x0cd4  aswTdi - ok
08:57:29.0156 0x0cd4  [ 8CFAA2B965773A653F48F1207A9CB9C4, A4A58FAF10BB174A0400F3A25912A497300E5EEDF54B93B44FA67CA191047D06 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
08:57:29.0187 0x0cd4  aswVmm - ok
08:57:29.0234 0x0cd4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:57:29.0234 0x0cd4  AsyncMac - ok
08:57:29.0281 0x0cd4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
08:57:29.0296 0x0cd4  atapi - ok
08:57:29.0312 0x0cd4  Atdisk - ok
08:57:29.0359 0x0cd4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:57:29.0359 0x0cd4  Atmarpc - ok
08:57:29.0406 0x0cd4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
08:57:29.0421 0x0cd4  AudioSrv - ok
08:57:29.0453 0x0cd4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
08:57:29.0453 0x0cd4  audstub - ok
08:57:29.0531 0x0cd4  [ 28D6701C710AD7BA3CB95E75F8F1A9AA, 66EE8BC56E5043B5A84E1BA37D591EAD132BD949F03CA8092FDCC3E196AB39D0 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
08:57:29.0546 0x0cd4  avast! Antivirus - ok
08:57:29.0593 0x0cd4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
08:57:29.0609 0x0cd4  Beep - ok
08:57:29.0671 0x0cd4  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
08:57:29.0765 0x0cd4  BITS - ok
08:57:29.0812 0x0cd4  [ CAC61BDD786A6928989451871FBCEDB8, 802263F5EF6934BA4542BA1BB9CFFBCC3193B8140E76E08C7F4F56EF41DC91BF ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
08:57:29.0812 0x0cd4  Brother XP spl Service - ok
08:57:29.0859 0x0cd4  [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser         C:\WINDOWS\System32\browser.dll
08:57:29.0875 0x0cd4  Browser - ok
08:57:29.0984 0x0cd4  catchme - ok
08:57:30.0000 0x0cd4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
08:57:30.0000 0x0cd4  cbidf2k - ok
08:57:30.0031 0x0cd4  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
08:57:30.0046 0x0cd4  CCDECODE - ok
08:57:30.0062 0x0cd4  cd20xrnt - ok
08:57:30.0109 0x0cd4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
08:57:30.0109 0x0cd4  Cdaudio - ok
08:57:30.0140 0x0cd4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
08:57:30.0156 0x0cd4  Cdfs - ok
08:57:30.0203 0x0cd4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:57:30.0203 0x0cd4  Cdrom - ok
08:57:30.0234 0x0cd4  Changer - ok
08:57:30.0250 0x0cd4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
08:57:30.0265 0x0cd4  CiSvc - ok
08:57:30.0281 0x0cd4  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
08:57:30.0296 0x0cd4  ClipSrv - ok
08:57:30.0359 0x0cd4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:57:30.0468 0x0cd4  clr_optimization_v2.0.50727_32 - ok
08:57:30.0515 0x0cd4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:57:30.0625 0x0cd4  clr_optimization_v4.0.30319_32 - ok
08:57:30.0671 0x0cd4  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
08:57:30.0671 0x0cd4  CmBatt - ok
08:57:30.0687 0x0cd4  CmdIde - ok
08:57:30.0734 0x0cd4  [ 10996BCB155D97D72EE17EBE34484755, 4D6FA628911321B4DCFB57EBDA04D1B114E5CEDA6F58CE1ACA0A43388721AAC0 ] cnnctfy2        C:\WINDOWS\system32\DRIVERS\cnnctfy2.sys
08:57:30.0734 0x0cd4  cnnctfy2 - ok
08:57:30.0750 0x0cd4  [ 10996BCB155D97D72EE17EBE34484755, 4D6FA628911321B4DCFB57EBDA04D1B114E5CEDA6F58CE1ACA0A43388721AAC0 ] cnnctfy2MP      C:\WINDOWS\system32\DRIVERS\cnnctfy2.sys
08:57:30.0750 0x0cd4  cnnctfy2MP - ok
08:57:30.0781 0x0cd4  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
08:57:30.0796 0x0cd4  Compbatt - ok
08:57:30.0812 0x0cd4  COMSysApp - ok
08:57:30.0875 0x0cd4  [ 27A6C0D6DF4734852A9065624F3580D4, C6C03FE240756808618C34E96FFEABCDFB4103238CCB931C2B0817F4A93BEA00 ] Connectify      C:\Program Files\Connectify\ConnectifyService.exe
08:57:30.0875 0x0cd4  Connectify - ok
08:57:30.0906 0x0cd4  Cpqarray - ok
08:57:30.0953 0x0cd4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
08:57:30.0968 0x0cd4  CryptSvc - ok
08:57:30.0984 0x0cd4  dac2w2k - ok
08:57:31.0000 0x0cd4  dac960nt - ok
08:57:31.0078 0x0cd4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
08:57:31.0140 0x0cd4  DcomLaunch - ok
08:57:31.0203 0x0cd4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
08:57:31.0218 0x0cd4  Dhcp - ok
08:57:31.0250 0x0cd4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
08:57:31.0250 0x0cd4  Disk - ok
08:57:31.0265 0x0cd4  dmadmin - ok
08:57:31.0390 0x0cd4  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
08:57:31.0468 0x0cd4  dmboot - ok
08:57:31.0531 0x0cd4  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
08:57:31.0546 0x0cd4  dmio - ok
08:57:31.0578 0x0cd4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
08:57:31.0578 0x0cd4  dmload - ok
08:57:31.0625 0x0cd4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
08:57:31.0640 0x0cd4  dmserver - ok
08:57:31.0687 0x0cd4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
08:57:31.0703 0x0cd4  DMusic - ok
08:57:31.0750 0x0cd4  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
08:57:31.0750 0x0cd4  Dnscache - ok
08:57:31.0812 0x0cd4  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
08:57:31.0828 0x0cd4  Dot3svc - ok
08:57:31.0859 0x0cd4  dpti2o - ok
08:57:31.0890 0x0cd4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
08:57:31.0906 0x0cd4  drmkaud - ok
08:57:31.0953 0x0cd4  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
08:57:31.0968 0x0cd4  EapHost - ok
08:57:32.0015 0x0cd4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
08:57:32.0015 0x0cd4  ERSvc - ok
08:57:32.0078 0x0cd4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
08:57:32.0109 0x0cd4  Eventlog - ok
08:57:32.0171 0x0cd4  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
08:57:32.0187 0x0cd4  EventSystem - ok
08:57:32.0250 0x0cd4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
08:57:32.0265 0x0cd4  Fastfat - ok
08:57:32.0328 0x0cd4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:57:32.0375 0x0cd4  FastUserSwitchingCompatibility - ok
08:57:32.0421 0x0cd4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
08:57:32.0421 0x0cd4  Fdc - ok
08:57:32.0453 0x0cd4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
08:57:32.0453 0x0cd4  Fips - ok
08:57:32.0500 0x0cd4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
08:57:32.0500 0x0cd4  Flpydisk - ok
08:57:32.0546 0x0cd4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
08:57:32.0578 0x0cd4  FltMgr - ok
08:57:32.0656 0x0cd4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:57:32.0656 0x0cd4  FontCache3.0.0.0 - ok
08:57:32.0687 0x0cd4  [ 40A2371FFC715157099282238FC76915, B7A1C61EEBD10739F65D161F0D8C7E18165935E202138EB8ED7D1658F4C0036A ] FSProFilter     C:\WINDOWS\system32\Drivers\FSPFltd.sys
08:57:32.0687 0x0cd4  FSProFilter - ok
08:57:32.0750 0x0cd4  [ B6911CB6436139AF4B65F0C26C0F69AD, 3CC9457E0230331101CB61C8D1E1EDD34544B62F99420E74DBBB182BE0C7B62C ] fsproflt        C:\WINDOWS\system32\fsproflt.exe
08:57:32.0765 0x0cd4  fsproflt - ok
08:57:32.0812 0x0cd4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:57:32.0812 0x0cd4  Fs_Rec - ok
08:57:32.0859 0x0cd4  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:57:32.0875 0x0cd4  Ftdisk - ok
08:57:32.0921 0x0cd4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
08:57:32.0921 0x0cd4  GEARAspiWDM - ok
08:57:32.0953 0x0cd4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:57:32.0968 0x0cd4  Gpc - ok
08:57:33.0062 0x0cd4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
08:57:33.0078 0x0cd4  gupdate - ok
08:57:33.0109 0x0cd4  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
08:57:33.0125 0x0cd4  gupdatem - ok
08:57:33.0171 0x0cd4  [ 1BF044E23206FDDC16891A32922D571B, DCD0C07654C39BA44C4C40FF0E3E3B6169DF330C96D3EC85C8AC07159A7904D2 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
08:57:33.0187 0x0cd4  gusvc - ok
08:57:33.0250 0x0cd4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:57:33.0265 0x0cd4  HDAudBus - ok
08:57:33.0343 0x0cd4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:57:33.0359 0x0cd4  helpsvc - ok
08:57:33.0375 0x0cd4  HidServ - ok
08:57:33.0406 0x0cd4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:57:33.0421 0x0cd4  HidUsb - ok
08:57:33.0468 0x0cd4  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
08:57:33.0484 0x0cd4  hkmsvc - ok
08:57:33.0500 0x0cd4  hpn - ok
08:57:33.0562 0x0cd4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
08:57:33.0593 0x0cd4  HTTP - ok
08:57:33.0640 0x0cd4  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
08:57:33.0671 0x0cd4  HTTPFilter - ok
08:57:33.0687 0x0cd4  i2omgmt - ok
08:57:33.0703 0x0cd4  i2omp - ok
08:57:33.0750 0x0cd4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:57:33.0750 0x0cd4  i8042prt - ok
08:57:33.0890 0x0cd4  [ 6FCB904910DA07C9DC2593D66438FA29, D826C75316735DB325FF74583A5C3FDF16E9790A4D438FB428A2F0841C29623D ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
08:57:34.0031 0x0cd4  ialm - ok
08:57:34.0156 0x0cd4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:57:34.0281 0x0cd4  idsvc - ok
08:57:34.0312 0x0cd4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
08:57:34.0328 0x0cd4  Imapi - ok
08:57:34.0375 0x0cd4  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
08:57:34.0406 0x0cd4  ImapiService - ok
08:57:34.0437 0x0cd4  ini910u - ok
08:57:34.0921 0x0cd4  [ 47C79F7E330CBB829934D00F64D55FC9, F4CC6E11B8D75D97CAB33646A430356434D8F060A84CBC9822C73FC054976A82 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
08:57:35.0390 0x0cd4  IntcAzAudAddService - ok
08:57:35.0500 0x0cd4  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
08:57:35.0500 0x0cd4  IntelIde - ok
08:57:35.0531 0x0cd4  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:57:35.0531 0x0cd4  intelppm - ok
08:57:35.0562 0x0cd4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
08:57:35.0578 0x0cd4  Ip6Fw - ok
08:57:35.0593 0x0cd4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:57:35.0609 0x0cd4  IpFilterDriver - ok
08:57:35.0640 0x0cd4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:57:35.0640 0x0cd4  IpInIp - ok
08:57:35.0687 0x0cd4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:57:35.0703 0x0cd4  IpNat - ok
08:57:35.0796 0x0cd4  [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:57:35.0843 0x0cd4  iPod Service - ok
08:57:35.0906 0x0cd4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:57:35.0906 0x0cd4  IPSec - ok
08:57:35.0937 0x0cd4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
08:57:35.0953 0x0cd4  IRENUM - ok
08:57:36.0000 0x0cd4  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:57:36.0000 0x0cd4  isapnp - ok
08:57:36.0062 0x0cd4  [ 213822072085B5BBAD9AF30AB577D817, 2C373B804D840933EC3A5F3ABFC43E47C2636CDB2431AB51846C565077B7C468 ] IviRegMgr       C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
08:57:36.0078 0x0cd4  IviRegMgr - ok
08:57:36.0203 0x0cd4  [ 1758AF653723679E3746FC7DDD93C69B, 292132F6C19A9903203E3FF69665B0C90BFB2BE53ED92EC5644C397615525D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
08:57:36.0218 0x0cd4  JavaQuickStarterService - ok
08:57:36.0250 0x0cd4  [ 42933B35F756C5B51441F4C6B3CABDB6, 74CDC829856448B0EC4644B2ED979C81C333D86FC06BDBE50885180AA34A6599 ] jrdusbser       C:\WINDOWS\system32\DRIVERS\jrdusbser.sys
08:57:36.0265 0x0cd4  jrdusbser - ok
08:57:36.0312 0x0cd4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:57:36.0312 0x0cd4  Kbdclass - ok
08:57:36.0375 0x0cd4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
08:57:36.0390 0x0cd4  kmixer - ok
08:57:36.0453 0x0cd4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
08:57:36.0453 0x0cd4  KSecDD - ok
08:57:36.0515 0x0cd4  [ 9EA9D6BA04629CB14260F46FF8BBD65A, AB5C0A40C8159AEF41FFD007DE720CF360820F606460F270F72FBA08701F0EB3 ] Ktp             C:\WINDOWS\system32\DRIVERS\ETD.sys
08:57:36.0515 0x0cd4  Ktp - ok
08:57:36.0562 0x0cd4  [ 303627228DD739D98289679901A38C8F, 2E2C249CDD0C1D04EF4EC03DD5EF1984DD74FC66253BBDA553FB30FAA8173F60 ] L1e             C:\WINDOWS\system32\DRIVERS\l1e51x86.sys
08:57:36.0593 0x0cd4  L1e - ok
08:57:36.0640 0x0cd4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
08:57:36.0671 0x0cd4  LanmanServer - ok
08:57:36.0703 0x0cd4  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:57:36.0765 0x0cd4  lanmanworkstation - ok
08:57:36.0781 0x0cd4  lbrtfdc - ok
08:57:36.0890 0x0cd4  LDJL - ok
08:57:36.0921 0x0cd4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
08:57:36.0953 0x0cd4  LmHosts - ok
08:57:36.0984 0x0cd4  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
08:57:37.0000 0x0cd4  Messenger - ok
08:57:37.0046 0x0cd4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
08:57:37.0046 0x0cd4  mnmdd - ok
08:57:37.0093 0x0cd4  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
08:57:37.0125 0x0cd4  mnmsrvc - ok
08:57:37.0156 0x0cd4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
08:57:37.0171 0x0cd4  Modem - ok
08:57:37.0203 0x0cd4  [ 37E5A8C7F9A3B38F113B71EC7CE34F92, 71FF57CCBD345F63CCBBABB2D89B506AF4EE096D9B7B865EDAB148CE408DECB6 ] motmodem        C:\WINDOWS\system32\DRIVERS\motmodem.sys
08:57:37.0218 0x0cd4  motmodem - ok
08:57:37.0234 0x0cd4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:57:37.0234 0x0cd4  Mouclass - ok
08:57:37.0281 0x0cd4  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:57:37.0296 0x0cd4  mouhid - ok
08:57:37.0328 0x0cd4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
08:57:37.0328 0x0cd4  MountMgr - ok
08:57:37.0390 0x0cd4  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:57:37.0421 0x0cd4  MozillaMaintenance - ok
08:57:37.0421 0x0cd4  mraid35x - ok
08:57:37.0468 0x0cd4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:57:37.0500 0x0cd4  MRxDAV - ok
08:57:37.0562 0x0cd4  [ 0EA4D8ED179B75F8AFA7998BA22285CA, CAE7820899B53AB6D2652A23E837113420BE49315DA3132349683D7A93474AF9 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:57:37.0625 0x0cd4  MRxSmb - ok
08:57:37.0671 0x0cd4  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
08:57:37.0687 0x0cd4  MSDTC - ok
08:57:37.0750 0x0cd4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
08:57:37.0765 0x0cd4  Msfs - ok
08:57:37.0781 0x0cd4  MSIServer - ok
08:57:37.0828 0x0cd4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:57:37.0828 0x0cd4  MSKSSRV - ok
08:57:37.0859 0x0cd4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:57:37.0859 0x0cd4  MSPCLOCK - ok
08:57:37.0890 0x0cd4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
08:57:37.0890 0x0cd4  MSPQM - ok
08:57:37.0937 0x0cd4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:57:37.0937 0x0cd4  mssmbios - ok
08:57:37.0984 0x0cd4  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
08:57:38.0000 0x0cd4  MSTEE - ok
08:57:38.0046 0x0cd4  [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
08:57:38.0062 0x0cd4  Mup - ok
08:57:38.0093 0x0cd4  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
08:57:38.0109 0x0cd4  NABTSFEC - ok
08:57:38.0171 0x0cd4  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
08:57:38.0218 0x0cd4  napagent - ok
08:57:38.0265 0x0cd4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
08:57:38.0296 0x0cd4  NDIS - ok
08:57:38.0328 0x0cd4  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
08:57:38.0328 0x0cd4  NdisIP - ok
08:57:38.0359 0x0cd4  [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:57:38.0359 0x0cd4  NdisTapi - ok
08:57:38.0390 0x0cd4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:57:38.0437 0x0cd4  Ndisuio - ok
08:57:38.0468 0x0cd4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:57:38.0484 0x0cd4  NdisWan - ok
08:57:38.0546 0x0cd4  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
08:57:38.0546 0x0cd4  NDProxy - ok
08:57:38.0578 0x0cd4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
08:57:38.0578 0x0cd4  NetBIOS - ok
08:57:38.0625 0x0cd4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
08:57:38.0640 0x0cd4  NetBT - ok
08:57:38.0671 0x0cd4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
08:57:38.0718 0x0cd4  NetDDE - ok
08:57:38.0750 0x0cd4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
08:57:38.0765 0x0cd4  NetDDEdsdm - ok
08:57:38.0890 0x0cd4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
08:57:38.0906 0x0cd4  Netlogon - ok
08:57:38.0953 0x0cd4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
08:57:39.0000 0x0cd4  Netman - ok
08:57:39.0031 0x0cd4  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:57:39.0093 0x0cd4  NetTcpPortSharing - ok
08:57:39.0140 0x0cd4  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
08:57:39.0171 0x0cd4  Nla - ok
08:57:39.0218 0x0cd4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
08:57:39.0234 0x0cd4  Npfs - ok
08:57:39.0312 0x0cd4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
08:57:39.0375 0x0cd4  Ntfs - ok
08:57:39.0406 0x0cd4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
08:57:39.0421 0x0cd4  NtLmSsp - ok
08:57:39.0484 0x0cd4  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
08:57:39.0546 0x0cd4  NtmsSvc - ok
08:57:39.0578 0x0cd4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
08:57:39.0593 0x0cd4  Null - ok
08:57:39.0625 0x0cd4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:57:39.0625 0x0cd4  NwlnkFlt - ok
08:57:39.0671 0x0cd4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:57:39.0671 0x0cd4  NwlnkFwd - ok
08:57:39.0718 0x0cd4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
08:57:39.0734 0x0cd4  Parport - ok
08:57:39.0750 0x0cd4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
08:57:39.0765 0x0cd4  PartMgr - ok
08:57:39.0812 0x0cd4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
08:57:39.0812 0x0cd4  ParVdm - ok
08:57:39.0828 0x0cd4  PCASp50 - ok
08:57:39.0859 0x0cd4  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
08:57:39.0859 0x0cd4  PCI - ok
08:57:39.0890 0x0cd4  PCIDump - ok
08:57:39.0921 0x0cd4  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\drivers\PCIIde.sys
08:57:39.0937 0x0cd4  PCIIde - ok
08:57:39.0984 0x0cd4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
08:57:40.0000 0x0cd4  Pcmcia - ok
08:57:40.0015 0x0cd4  PDCOMP - ok
08:57:40.0031 0x0cd4  PDFRAME - ok
08:57:40.0046 0x0cd4  PDRELI - ok
08:57:40.0062 0x0cd4  PDRFRAME - ok
08:57:40.0078 0x0cd4  perc2 - ok
08:57:40.0093 0x0cd4  perc2hib - ok
08:57:40.0156 0x0cd4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
08:57:40.0187 0x0cd4  PlugPlay - ok
08:57:40.0234 0x0cd4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
08:57:40.0250 0x0cd4  PolicyAgent - ok
08:57:40.0281 0x0cd4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:57:40.0296 0x0cd4  PptpMiniport - ok
08:57:40.0312 0x0cd4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:57:40.0328 0x0cd4  ProtectedStorage - ok
08:57:40.0343 0x0cd4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
08:57:40.0359 0x0cd4  PSched - ok
08:57:40.0390 0x0cd4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:57:40.0390 0x0cd4  Ptilink - ok
08:57:40.0437 0x0cd4  [ 1962166E0CEB740704F30FA55AD3D509, 22C21907D7FDCA2CBBE1EC0479D83DDD4C4FCBC07C8791A2F62414EC5E85E488 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:57:40.0453 0x0cd4  PxHelp20 - ok
08:57:40.0468 0x0cd4  ql1080 - ok
08:57:40.0484 0x0cd4  Ql10wnt - ok
08:57:40.0500 0x0cd4  ql12160 - ok
08:57:40.0515 0x0cd4  ql1240 - ok
08:57:40.0546 0x0cd4  ql1280 - ok
08:57:40.0687 0x0cd4  [ B5909D985716A9CD8B75C12D6581426D, C8FF9936C77A840A9E3AB5D7393C4F142BA7DD3B542228B2A0DB85B732A4BFFB ] RapportCerberus_56758 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys
08:57:40.0718 0x0cd4  RapportCerberus_56758 - ok
08:57:40.0796 0x0cd4  [ A0F0C41EE3F367CF71B9A50388E77CFA, 7B08B0A725C26EFE4351707704775474B41FD2BC59F0BAC36ADFA0CC2D336C4A ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
08:57:40.0812 0x0cd4  RapportEI - ok
08:57:40.0859 0x0cd4  [ 7E2C84E45379406B74117D86C40048DA, A359953A2C1E7C5DEEF8E8D5082425C04064661B5D37ADAE6A3FD5CCDC4D3E5C ] RapportKELL     C:\WINDOWS\system32\Drivers\RapportKELL.sys
08:57:40.0875 0x0cd4  RapportKELL - ok
08:57:41.0031 0x0cd4  [ 96759B4647AC26E2FA9F8D256700B5DC, 6E8C0B42D2F0D0AAF4F3013AE25357D23EF796AEDA8DCD71C19113165168C1EF ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
08:57:41.0171 0x0cd4  RapportMgmtService - ok
08:57:41.0234 0x0cd4  [ 21FD14972C7E0DE6966463F823F97881, F5C863E711B54B0EDD26E907495A793077D980AA16F824AB9B4B74060C544ACF ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
08:57:41.0250 0x0cd4  RapportPG - ok
08:57:41.0296 0x0cd4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:57:41.0296 0x0cd4  RasAcd - ok
08:57:41.0343 0x0cd4  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
08:57:41.0359 0x0cd4  RasAuto - ok
08:57:41.0406 0x0cd4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:57:41.0406 0x0cd4  Rasl2tp - ok
08:57:41.0468 0x0cd4  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
08:57:41.0515 0x0cd4  RasMan - ok
08:57:41.0531 0x0cd4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:57:41.0546 0x0cd4  RasPppoe - ok
08:57:41.0562 0x0cd4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
08:57:41.0562 0x0cd4  Raspti - ok
08:57:41.0609 0x0cd4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:57:41.0625 0x0cd4  Rdbss - ok
08:57:41.0671 0x0cd4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:57:41.0671 0x0cd4  RDPCDD - ok
08:57:41.0750 0x0cd4  [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
08:57:41.0750 0x0cd4  RDPWD - ok
08:57:41.0796 0x0cd4  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
08:57:41.0828 0x0cd4  RDSessMgr - ok
08:57:41.0890 0x0cd4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
08:57:41.0906 0x0cd4  redbook - ok
08:57:41.0953 0x0cd4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
08:57:41.0984 0x0cd4  RemoteAccess - ok
08:57:42.0015 0x0cd4  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
08:57:42.0062 0x0cd4  RpcLocator - ok
08:57:42.0125 0x0cd4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
08:57:42.0187 0x0cd4  RpcSs - ok
08:57:42.0234 0x0cd4  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
08:57:42.0265 0x0cd4  RSVP - ok
08:57:42.0312 0x0cd4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
08:57:42.0328 0x0cd4  SamSs - ok
08:57:42.0375 0x0cd4  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
08:57:42.0390 0x0cd4  SCardSvr - ok
08:57:42.0453 0x0cd4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
08:57:42.0500 0x0cd4  Schedule - ok
08:57:42.0578 0x0cd4  [ 4A5809A1D796E2675AC0332BF7B0CB11, 7EEEC85A397F04A9460DC37A070D115E19114D9A3E5D9D7E8021F60A7986C8C1 ] SeaPort         C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
08:57:42.0625 0x0cd4  SeaPort - ok
08:57:42.0656 0x0cd4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:57:42.0671 0x0cd4  Secdrv - ok
08:57:42.0687 0x0cd4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
08:57:42.0718 0x0cd4  seclogon - ok
08:57:42.0765 0x0cd4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
08:57:42.0796 0x0cd4  SENS - ok
08:57:42.0828 0x0cd4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
08:57:42.0828 0x0cd4  Serial - ok
08:57:42.0906 0x0cd4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\DRIVERS\sfloppy.sys
08:57:42.0921 0x0cd4  Sfloppy - ok
08:57:42.0968 0x0cd4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
08:57:43.0015 0x0cd4  SharedAccess - ok
08:57:43.0062 0x0cd4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:57:43.0093 0x0cd4  ShellHWDetection - ok
08:57:43.0109 0x0cd4  Simbad - ok
08:57:43.0140 0x0cd4  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
08:57:43.0140 0x0cd4  SLIP - ok
08:57:43.0187 0x0cd4  Sparrow - ok
08:57:43.0203 0x0cd4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
08:57:43.0203 0x0cd4  splitter - ok
08:57:43.0265 0x0cd4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
08:57:43.0281 0x0cd4  Spooler - ok
08:57:43.0328 0x0cd4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
08:57:43.0343 0x0cd4  sr - ok
08:57:43.0390 0x0cd4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
08:57:43.0453 0x0cd4  srservice - ok
08:57:43.0500 0x0cd4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
08:57:43.0546 0x0cd4  Srv - ok
08:57:43.0593 0x0cd4  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
08:57:43.0625 0x0cd4  SSDPSRV - ok
08:57:43.0703 0x0cd4  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
08:57:43.0750 0x0cd4  stisvc - ok
08:57:43.0781 0x0cd4  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
08:57:43.0796 0x0cd4  streamip - ok
08:57:43.0828 0x0cd4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
08:57:43.0843 0x0cd4  swenum - ok
08:57:43.0890 0x0cd4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
08:57:43.0890 0x0cd4  swmidi - ok
08:57:43.0921 0x0cd4  SwPrv - ok
08:57:43.0937 0x0cd4  symc810 - ok
08:57:43.0953 0x0cd4  symc8xx - ok
08:57:43.0984 0x0cd4  sym_hi - ok
08:57:44.0000 0x0cd4  sym_u3 - ok
08:57:44.0031 0x0cd4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
08:57:44.0031 0x0cd4  sysaudio - ok
08:57:44.0093 0x0cd4  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
08:57:44.0125 0x0cd4  SysmonLog - ok
08:57:44.0187 0x0cd4  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
08:57:44.0250 0x0cd4  TapiSrv - ok
08:57:44.0328 0x0cd4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:57:44.0359 0x0cd4  Tcpip - ok
08:57:44.0375 0x0cd4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
08:57:44.0390 0x0cd4  TDPIPE - ok
08:57:44.0406 0x0cd4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
08:57:44.0421 0x0cd4  TDTCP - ok
08:57:44.0468 0x0cd4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
08:57:44.0468 0x0cd4  TermDD - ok
08:57:44.0531 0x0cd4  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
08:57:44.0593 0x0cd4  TermService - ok
08:57:44.0656 0x0cd4  [ AB10AFD7809ABA275A8E20F215C5C0BD, 566718AE01B4B46AD3CAE50B8F54D131FF8DFB13D28F592639D0572C74C8B168 ] TGCM_ImportWiFiSvc C:\Program Files\O2\Connection Manager\ImpWiFiSvc.exe
08:57:44.0687 0x0cd4  TGCM_ImportWiFiSvc - ok
08:57:44.0734 0x0cd4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
08:57:44.0765 0x0cd4  Themes - ok
08:57:44.0796 0x0cd4  [ E27982D1C30AE1DD7EB8EB5CAF8D20C6, EEFC2E645A8AB8B5BA75EF335718D0245F6B008AE0AFB80837833B5B451697B1 ] tidnet          C:\WINDOWS\system32\DRIVERS\tidnet.sys
08:57:44.0812 0x0cd4  tidnet - ok
08:57:44.0828 0x0cd4  TosIde - ok
08:57:44.0875 0x0cd4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
08:57:44.0906 0x0cd4  TrkWks - ok
08:57:44.0984 0x0cd4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
08:57:44.0984 0x0cd4  Udfs - ok
08:57:45.0015 0x0cd4  ultra - ok
08:57:45.0093 0x0cd4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
08:57:45.0140 0x0cd4  Update - ok
08:57:45.0218 0x0cd4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
08:57:45.0265 0x0cd4  upnphost - ok
08:57:45.0312 0x0cd4  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
08:57:45.0343 0x0cd4  UPS - ok
08:57:45.0375 0x0cd4  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
08:57:45.0375 0x0cd4  USBAAPL - ok
08:57:45.0437 0x0cd4  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
08:57:45.0437 0x0cd4  usbaudio - ok
08:57:45.0515 0x0cd4  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:57:45.0515 0x0cd4  usbccgp - ok
08:57:45.0562 0x0cd4  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:57:45.0578 0x0cd4  usbehci - ok
08:57:45.0625 0x0cd4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:57:45.0640 0x0cd4  usbhub - ok
08:57:45.0671 0x0cd4  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:57:45.0687 0x0cd4  usbprint - ok
08:57:45.0718 0x0cd4  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:57:45.0734 0x0cd4  usbscan - ok
08:57:45.0750 0x0cd4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:57:45.0750 0x0cd4  usbstor - ok
08:57:45.0796 0x0cd4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:57:45.0796 0x0cd4  usbuhci - ok
08:57:45.0843 0x0cd4  [ 63BBFCA7F390F4C49ED4B96BFB1633E0, AEB89CF43376709CDD715D844E8CBB8F2BE24D39795F45F7C84F21962F3A52AB ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
08:57:45.0859 0x0cd4  usbvideo - ok
08:57:45.0890 0x0cd4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
08:57:45.0890 0x0cd4  VgaSave - ok
08:57:45.0921 0x0cd4  ViaIde - ok
08:57:45.0968 0x0cd4  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
08:57:45.0984 0x0cd4  VolSnap - ok
08:57:46.0031 0x0cd4  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
08:57:46.0078 0x0cd4  VSS - ok
08:57:46.0140 0x0cd4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
08:57:46.0203 0x0cd4  W32Time - ok
08:57:46.0250 0x0cd4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:57:46.0265 0x0cd4  Wanarp - ok
08:57:46.0343 0x0cd4  [ FD47474BD21794508AF449D9D91AF6E6, 2AD586390824F673B5DC5D86FC2423ED9252413D221E1C7EC3A760782DB6436A ] Wdf01000        C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
08:57:46.0406 0x0cd4  Wdf01000 - ok
08:57:46.0421 0x0cd4  WDICA - ok
08:57:46.0484 0x0cd4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
08:57:46.0500 0x0cd4  wdmaud - ok
08:57:46.0546 0x0cd4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
08:57:46.0593 0x0cd4  WebClient - ok
08:57:46.0687 0x0cd4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
08:57:46.0703 0x0cd4  winmgmt - ok
08:57:46.0921 0x0cd4  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:57:47.0062 0x0cd4  wlidsvc - ok
08:57:47.0140 0x0cd4  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
08:57:47.0156 0x0cd4  WmdmPmSN - ok
08:57:47.0203 0x0cd4  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:57:47.0234 0x0cd4  WmiApSrv - ok
08:57:47.0281 0x0cd4  WMPNetworkSvc - ok
08:57:47.0390 0x0cd4  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:57:47.0484 0x0cd4  WPFFontCache_v0400 - ok
08:57:47.0546 0x0cd4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
08:57:47.0578 0x0cd4  wscsvc - ok
08:57:47.0609 0x0cd4  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
08:57:47.0625 0x0cd4  WSTCODEC - ok
08:57:47.0656 0x0cd4  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:57:47.0687 0x0cd4  WudfPf - ok
08:57:47.0718 0x0cd4  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:57:47.0718 0x0cd4  WudfRd - ok
08:57:47.0750 0x0cd4  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
08:57:47.0781 0x0cd4  WudfSvc - ok
08:57:47.0875 0x0cd4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
08:57:47.0937 0x0cd4  WZCSVC - ok
08:57:47.0968 0x0cd4  xcpip - ok
08:57:48.0015 0x0cd4  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
08:57:48.0062 0x0cd4  xmlprov - ok
08:57:48.0078 0x0cd4  xpsec - ok
08:57:48.0093 0x0cd4  YKZBGH - ok
08:57:48.0140 0x0cd4  ================ Scan global ===============================
08:57:48.0187 0x0cd4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
08:57:48.0250 0x0cd4  [ 42B5427FAC23BF6F1F31E466B7FEB084, 84B8297D82CBD0A38CDC15BC00E691BC849DECFE5A2184816FDD49C63C350059 ] C:\WINDOWS\system32\winsrv.dll
08:57:48.0359 0x0cd4  [ 42B5427FAC23BF6F1F31E466B7FEB084, 84B8297D82CBD0A38CDC15BC00E691BC849DECFE5A2184816FDD49C63C350059 ] C:\WINDOWS\system32\winsrv.dll
08:57:48.0421 0x0cd4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
08:57:48.0453 0x0cd4  [ Global ] - ok
08:57:48.0453 0x0cd4  ================ Scan MBR ==================================
08:57:48.0484 0x0cd4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:57:48.0515 0x0cd4  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Sinowal.b ( 0 )
08:57:48.0515 0x0cd4  \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - infected
08:57:50.0906 0x0cd4  ================ Scan VBR ==================================
08:57:50.0921 0x0cd4  [ CC195818291C54591A8BE78476AB9290 ] \Device\Harddisk0\DR0\Partition1
08:57:50.0937 0x0cd4  \Device\Harddisk0\DR0\Partition1 - ok
08:57:50.0984 0x0cd4  [ 87CD2552CEDA42E7D7E74FCF9837BA74 ] \Device\Harddisk0\DR0\Partition2
08:57:50.0984 0x0cd4  \Device\Harddisk0\DR0\Partition2 - ok
08:57:51.0000 0x0cd4  Waiting for KSN requests completion. In queue: 197
08:57:52.0000 0x0cd4  Waiting for KSN requests completion. In queue: 197
08:57:53.0000 0x0cd4  Waiting for KSN requests completion. In queue: 197
08:57:54.0171 0x0cd4  AV detected via SS1: avast! Antivirus, 5.0.134219217, enabled, updated
08:57:54.0203 0x0cd4  Win FW state via NFM: enabled
08:57:56.0562 0x0cd4  ============================================================
08:57:56.0562 0x0cd4  Scan finished
08:57:56.0562 0x0cd4  ============================================================
08:57:56.0578 0x0ff4  Detected object count: 1
08:57:56.0578 0x0ff4  Actual detected object count: 1
09:00:59.0421 0x0ff4  \Device\Harddisk0\DR0\# - copied to quarantine
09:00:59.0421 0x0ff4  \Device\Harddisk0\DR0 - copied to quarantine
09:00:59.0468 0x0ff4  \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - will be cured on reboot
09:00:59.0515 0x0ff4  \Device\Harddisk0\DR0 - ok
09:00:59.0515 0x0ff4  \Device\Harddisk0\DR0 ( Rootkit.Boot.Sinowal.b ) - User select action: Cure
09:01:15.0359 0x044c  Deinitialize success

ESET

 

C:\AdwCleaner\Backup\C\Documents and Settings\Sarah Zahari\Application Data\Mozilla\Firefox\Profiles\0aebx4rt.Default User\prefs_16_10_2013_09_17_33.js    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Sarah Zahari\Application Data\Mozilla\Firefox\Profiles\0aebx4rt.Default User\user.js.vir    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\Documents and Settings\Sarah Zahari\Application Data\Mozilla\Firefox\Profiles\0aebx4rt.Default User\prefs.js    JS/SecurityDisabler.A.Gen application    cleaned by deleting - quarantined
C:\Documents and Settings\Sarah Zahari\Application Data\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\stub_data\stubinst_pkg_en-eu.cab    Win32/OpenCandy application    deleted - quarantined
C:\Documents and Settings\Sarah Zahari\Application Data\Sun\Java\Deployment\cache\6.0\11\3d726d4b-64b28a7a    Java/Exploit.CVE-2010-3562.A trojan    cleaned by deleting - quarantined
C:\Documents and Settings\Sarah Zahari\My Documents\Downloads\syncios.exe    Win32/OpenCandy application    cleaned by deleting - quarantined
C:\Documents and Settings\Sarah Zahari\SmitfraudFix\Process.exe    Win32/PrcView application    cleaned by deleting - quarantined


 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:34 AM

Posted 16 October 2013 - 03:14 PM

Hi, a reboot of the machine is need to complete the rootkit removal.

ADW Cleaner

Double click on AdwCleaner.exe to run the tool again.
[list]
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .


    How is it niw?

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 blackhawk147

blackhawk147
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 17 October 2013 - 07:02 AM

seems to be running a little better, though i did notice it doesnt let me turn windows automatic updates on. Anyway here is the report....

 

# AdwCleaner v3.008 - Report created 17/10/2013 at 12:47:47
# Updated 17/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Sarah Zahari - SARAHZAHARI
# Running from : C:\Documents and Settings\Sarah Zahari\My Documents\Downloads\AdwCleaner (1).exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v24.0 (en-GB)

[ File : C:\Documents and Settings\Sarah Zahari\Application Data\Mozilla\Firefox\Profiles\0aebx4rt.Default User\prefs.js ]


[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\qo0q3n8g.default\prefs.js ]


-\\ Google Chrome v30.0.1599.69

[ File : C:\Documents and Settings\Sarah Zahari\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2539 octets] - [16/10/2013 09:10:37]
AdwCleaner[R1].txt - [1262 octets] - [17/10/2013 12:43:30]
AdwCleaner[S0].txt - [2626 octets] - [16/10/2013 09:17:24]
AdwCleaner[S1].txt - [1183 octets] - [17/10/2013 12:47:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1243 octets] ##########
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:34 AM

Posted 18 October 2013 - 11:04 AM

it doesnt let me turn windows automatic updates on



Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

p22002979.gif



Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22002980.gif


Go to Step 4 and under "System Restore" click on Create button:

p22002982.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22003030.gif

Post Windows Repair log (_windows_repair_log.txt) which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 blackhawk147

blackhawk147
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 19 October 2013 - 11:50 AM

Ok that seems to have fixed it, here is the log:-

 

Starting Repairs...
   Start (19/10/2013 12:03:09)

01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (19/10/2013 12:03:09)
   Running Repair Under Current User Account
   Done (19/10/2013 12:03:25)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (19/10/2013 12:03:25)
   Running Repair Under System Account
   Done (19/10/2013 12:10:38)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (19/10/2013 12:10:38)
   Running Repair Under System Account
   Done (19/10/2013 12:15:25)

03 - Register System Files
   Start (19/10/2013 12:15:25)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:19:52)

04 - Repair WMI
   Start (19/10/2013 12:19:52)
   Running Repair Under Current User Account
   Done (19/10/2013 12:26:02)

05 - Repair Windows Firewall
   Start (19/10/2013 12:26:02)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:26:52)

06 - Repair Internet Explorer
   Start (19/10/2013 12:26:52)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:33:16)

07 - Repair MDAC/MS Jet
   Start (19/10/2013 12:33:16)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:34:38)

08 - Repair Hosts File
   Start (19/10/2013 12:34:38)
   Running Repair Under System Account
   Done (19/10/2013 12:34:42)

09 - Remove Policies Set By Infections
   Start (19/10/2013 12:34:42)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:34:49)

11 - Repair Icons
   Start (19/10/2013 12:34:49)
   Running Repair Under System Account
   Done (19/10/2013 12:34:54)

12 - Repair Winsock & DNS Cache
   Start (19/10/2013 12:34:54)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:35:20)

14 - Repair Proxy Settings
   Start (19/10/2013 12:35:20)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:35:28)

16 - Repair Windows Updates
   Start (19/10/2013 12:35:28)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:37:43)

17 - Repair CD/DVD Missing/Not Working
   Start (19/10/2013 12:37:43)
   Done (19/10/2013 12:37:43)

18 - Repair Volume Shadow Copy Service
   Start (19/10/2013 12:37:43)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:39:19)

20 - Repair MSI (Windows Installer)
   Start (19/10/2013 12:39:19)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:40:03)

22.01 - Repair bat Association
   Start (19/10/2013 12:40:03)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:40:11)

22.02 - Repair cmd Association
   Start (19/10/2013 12:40:11)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:40:16)

22.03 - Repair com Association
   Start (19/10/2013 12:40:16)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:40:24)

22.04 - Repair Directory Association
   Start (19/10/2013 12:40:24)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:40:31)

22.05 - Repair Drive Association
   Start (19/10/2013 12:40:31)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:40:39)

22.06 - Repair exe Association
   Start (19/10/2013 12:40:39)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:40:45)

22.07 - Repair Folder Association
   Start (19/10/2013 12:40:46)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:40:53)

22.08 - Repair inf Association
   Start (19/10/2013 12:40:53)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:41:00)

22.09 - Repair lnk (Shortcuts) Association
   Start (19/10/2013 12:41:00)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:41:07)

22.10 - Repair msc Association
   Start (19/10/2013 12:41:07)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:41:14)

22.11 - Repair reg Association
   Start (19/10/2013 12:41:14)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:41:21)

22.12 - Repair scr Association
   Start (19/10/2013 12:41:21)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:41:28)

23 - Repair Windows Safe Mode
   Start (19/10/2013 12:41:28)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:41:35)

24 - Repair Print Spooler
   Start (19/10/2013 12:41:35)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:42:05)

25 - Restore Important Windows Services
   Start (19/10/2013 12:42:05)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:42:33)

26 - Set Windows Services To Default Startup
   Start (19/10/2013 12:42:33)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (19/10/2013 12:44:02)

Cleaning up empty logs...

All Selected Repairs Done.
   Done (19/10/2013 12:44:02)
   Total Repair Time: 00:40:53


...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account
 

... do i still need to do more scans?

 

Also my girlfriends computer seems fine but came up with pup.babylon and pup. serialinstaller on malware bytes, can you help me with that here or do i need to start a new thread?

 

anyway thanks so much for the help so far.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:34 AM

Posted 20 October 2013 - 08:39 PM

This machine looks good and you're welcome.

 

Do post 3 and post her logs here.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 blackhawk147

blackhawk147
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 21 October 2013 - 02:20 PM

Scans for girlfriends computer....

 

adwcleaner

 

# AdwCleaner v3.010 - Report created 21/10/2013 at 19:00:00
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Marcsi - MARIANN
# Running from : C:\Documents and Settings\Marcsi\My Documents\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Documents and Settings\Marcsi\Application Data\Mozilla\Firefox\Profiles\a0ch8pvs.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Marcsi\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [1464 octets] - [18/10/2013 18:51:26]
AdwCleaner[R1].txt - [1089 octets] - [21/10/2013 18:58:26]
AdwCleaner[S0].txt - [1535 octets] - [18/10/2013 18:53:18]
AdwCleaner[S1].txt - [1011 octets] - [21/10/2013 19:00:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1071 octets] ##########
 

Tdss Killer

 

18:52:06.0234 0x0218  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
18:52:10.0218 0x0218  ============================================================
18:52:10.0218 0x0218  Current date / time: 2013/10/21 18:52:10.0218
18:52:10.0218 0x0218  SystemInfo:
18:52:10.0218 0x0218  
18:52:10.0218 0x0218  OS Version: 5.1.2600 ServicePack: 3.0
18:52:10.0218 0x0218  Product type: Workstation
18:52:10.0218 0x0218  ComputerName: MARIANN
18:52:10.0218 0x0218  UserName: Marcsi
18:52:10.0218 0x0218  Windows directory: C:\WINDOWS
18:52:10.0218 0x0218  System windows directory: C:\WINDOWS
18:52:10.0218 0x0218  Processor architecture: Intel x86
18:52:10.0218 0x0218  Number of processors: 2
18:52:10.0218 0x0218  Page size: 0x1000
18:52:10.0218 0x0218  Boot type: Normal boot
18:52:10.0218 0x0218  ============================================================
18:52:15.0843 0x0218  System UUID: {F889C119-6805-5035-3A67-305B6511AB87}
18:52:18.0578 0x0218  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:52:18.0734 0x0218  Drive \Device\Harddisk1\DR3 - Size: 0xEEF00000 (3.73 Gb), SectorSize: 0x200, Cylinders: 0x1E7, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:52:18.0734 0x0218  ============================================================
18:52:18.0734 0x0218  \Device\Harddisk0\DR0:
18:52:18.0750 0x0218  MBR partitions:
18:52:18.0750 0x0218  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x30D3C74
18:52:18.0765 0x0218  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x30D3CF2, BlocksNum 0x643690E
18:52:18.0765 0x0218  \Device\Harddisk1\DR3:
18:52:18.0765 0x0218  MBR partitions:
18:52:18.0765 0x0218  \Device\Harddisk1\DR3\Partition1: MBR, Type 0xB, StartLBA 0x18, BlocksNum 0x7777E8
18:52:18.0765 0x0218  ============================================================
18:52:18.0843 0x0218  C: <-> \Device\Harddisk0\DR0\Partition1
18:52:18.0890 0x0218  F: <-> \Device\Harddisk0\DR0\Partition2
18:52:18.0890 0x0218  ============================================================
18:52:18.0890 0x0218  Initialize success
18:52:18.0890 0x0218  ============================================================
18:52:46.0703 0x0df4  ============================================================
18:52:46.0703 0x0df4  Scan started
18:52:46.0703 0x0df4  Mode: Manual;
18:52:46.0703 0x0df4  ============================================================
18:52:46.0703 0x0df4  KSN ping started
18:52:49.0734 0x0df4  KSN ping finished: true
18:52:51.0734 0x0df4  ================ Scan system memory ========================
18:52:51.0781 0x0df4  System memory - ok
18:52:51.0781 0x0df4  ================ Scan services =============================
18:52:52.0015 0x0df4  [ 0352A73CD6B1782EA3ED7A03A8268F55, 4A4D7B418CE8788652206B44BD12A565EE3713DCE2651C9B1CC161D074FABA83 ] Aavmker4        C:\WINDOWS\system32\drivers\Aavmker4.sys
18:52:52.0031 0x0df4  Aavmker4 - ok
18:52:52.0296 0x0df4  Abiosdsk - ok
18:52:52.0343 0x0df4  abp480n5 - ok
18:52:52.0406 0x0df4  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:52:52.0421 0x0df4  ACPI - ok
18:52:52.0453 0x0df4  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
18:52:52.0468 0x0df4  ACPIEC - ok
18:52:52.0515 0x0df4  [ DE325887FFD27AEF6EC9B3D41C4A03A9, 012CCF7D31EA6F39D789948B067474F12FCB9E75D734BE01BF242DD9E06EE53D ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
18:52:52.0531 0x0df4  ADIHdAudAddService - ok
18:52:52.0609 0x0df4  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:52:52.0625 0x0df4  AdobeFlashPlayerUpdateSvc - ok
18:52:52.0640 0x0df4  adpu160m - ok
18:52:52.0718 0x0df4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:52:52.0734 0x0df4  aec - ok
18:52:52.0781 0x0df4  [ F6B7B1ECD7B41736BDB6FF4B092BCB79, B892C7303E08238C025409D602CB2F58D273B19B81CF04E26EA52A27EE7706DB ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:52:52.0796 0x0df4  AFD - ok
18:52:52.0796 0x0df4  Aha154x - ok
18:52:52.0843 0x0df4  aic78u2 - ok
18:52:52.0859 0x0df4  aic78xx - ok
18:52:52.0875 0x0df4  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:52:52.0875 0x0df4  Alerter - ok
18:52:52.0906 0x0df4  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
18:52:52.0906 0x0df4  ALG - ok
18:52:52.0921 0x0df4  AliIde - ok
18:52:52.0937 0x0df4  amsint - ok
18:52:53.0046 0x0df4  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:52:53.0062 0x0df4  Apple Mobile Device - ok
18:52:53.0078 0x0df4  AppMgmt - ok
18:52:53.0109 0x0df4  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
18:52:53.0109 0x0df4  Arp1394 - ok
18:52:53.0125 0x0df4  asc - ok
18:52:53.0140 0x0df4  asc3350p - ok
18:52:53.0171 0x0df4  asc3550 - ok
18:52:53.0296 0x0df4  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:52:53.0296 0x0df4  aspnet_state - ok
18:52:53.0343 0x0df4  [ F5DC168BF77572D51BE28BA261B30CB4, 928520AC7EED61461021B0B98E97094CE286AF7DA8B3C91A463F11EDA0CA2054 ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
18:52:53.0343 0x0df4  aswFsBlk - ok
18:52:53.0359 0x0df4  [ 2B9B1DF809E965EF63402CBBA6DB50AE, BB3A6ADF495571B2D71FB56221C80DDC2832E0EB8EF3ADF68933C39E206F3965 ] aswMon2         C:\WINDOWS\system32\drivers\aswMon2.sys
18:52:53.0375 0x0df4  aswMon2 - ok
18:52:53.0406 0x0df4  [ B7D5E4486BA658ED08624D8084ABB830, A0B1C714FDED9CB9B61D87455EC4DAA723F4F9E5F0385A651623B723121F678A ] AswRdr          C:\WINDOWS\system32\drivers\AswRdr.sys
18:52:53.0406 0x0df4  AswRdr - ok
18:52:53.0484 0x0df4  [ 30E45AF8B4D83176CA850FC9699E860B, 0AB45C282813C79392D4B4DD960EB6C05409AAC1A147BB99C80352D23C4EE023 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
18:52:53.0531 0x0df4  aswSnx - ok
18:52:53.0578 0x0df4  [ F04BDBCB965C05C51F4A7DE7B62063D6, 7F8343752558058C35FEBD4E3DD39D7179911C16D9727CA4F1254FCB7C790A82 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
18:52:53.0593 0x0df4  aswSP - ok
18:52:53.0609 0x0df4  [ DFE9152ABFA89BB8CFDC057409B2D4DA, 6403AD4E48B4D92CA4E9FC3BC6FCE000D8C79BB57DBA13A8BFF1125B1FE54AC1 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
18:52:53.0625 0x0df4  aswTdi - ok
18:52:53.0671 0x0df4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:52:53.0671 0x0df4  AsyncMac - ok
18:52:53.0703 0x0df4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:52:53.0718 0x0df4  atapi - ok
18:52:53.0734 0x0df4  Atdisk - ok
18:52:53.0781 0x0df4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:52:53.0781 0x0df4  Atmarpc - ok
18:52:53.0812 0x0df4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:52:53.0812 0x0df4  AudioSrv - ok
18:52:53.0828 0x0df4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:52:53.0828 0x0df4  audstub - ok
18:52:53.0921 0x0df4  [ 04AC21E821F259845BD7367CEE057290, AE6042E4992781BE6853838936D582CB2F2BC821201A25B63E0B2EC22E68BDEC ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:52:53.0921 0x0df4  avast! Antivirus - ok
18:52:53.0968 0x0df4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:52:53.0984 0x0df4  Beep - ok
18:52:54.0062 0x0df4  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:52:54.0203 0x0df4  BITS - ok
18:52:54.0265 0x0df4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:52:54.0296 0x0df4  Bonjour Service - ok
18:52:54.0343 0x0df4  [ FC6D1D80588D371F0321E15A75B2F8F2, C87F45BA56B273ED75693BA88879AA5E39F4DEAD7A0F386A4E51171961F880EB ] Browser         C:\WINDOWS\System32\browser.dll
18:52:54.0343 0x0df4  Browser - ok
18:52:54.0375 0x0df4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:52:54.0375 0x0df4  cbidf2k - ok
18:52:54.0421 0x0df4  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
18:52:54.0421 0x0df4  CCDECODE - ok
18:52:54.0437 0x0df4  cd20xrnt - ok
18:52:54.0484 0x0df4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:52:54.0531 0x0df4  Cdaudio - ok
18:52:54.0578 0x0df4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:52:54.0578 0x0df4  Cdfs - ok
18:52:54.0609 0x0df4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:52:54.0609 0x0df4  Cdrom - ok
18:52:54.0640 0x0df4  Changer - ok
18:52:54.0687 0x0df4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:52:54.0703 0x0df4  CiSvc - ok
18:52:54.0718 0x0df4  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:52:54.0734 0x0df4  ClipSrv - ok
18:52:54.0781 0x0df4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:52:54.0796 0x0df4  clr_optimization_v2.0.50727_32 - ok
18:52:54.0843 0x0df4  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
18:52:54.0843 0x0df4  CmBatt - ok
18:52:54.0859 0x0df4  CmdIde - ok
18:52:54.0875 0x0df4  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
18:52:54.0875 0x0df4  Compbatt - ok
18:52:54.0890 0x0df4  COMSysApp - ok
18:52:54.0937 0x0df4  Cpqarray - ok
18:52:54.0968 0x0df4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:52:54.0984 0x0df4  CryptSvc - ok
18:52:55.0000 0x0df4  dac2w2k - ok
18:52:55.0031 0x0df4  dac960nt - ok
18:52:55.0093 0x0df4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:52:55.0125 0x0df4  DcomLaunch - ok
18:52:55.0171 0x0df4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:52:55.0171 0x0df4  Dhcp - ok
18:52:55.0203 0x0df4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:52:55.0218 0x0df4  Disk - ok
18:52:55.0234 0x0df4  dmadmin - ok
18:52:55.0312 0x0df4  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:52:55.0375 0x0df4  dmboot - ok
18:52:55.0406 0x0df4  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:52:55.0406 0x0df4  dmio - ok
18:52:55.0421 0x0df4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:52:55.0437 0x0df4  dmload - ok
18:52:55.0453 0x0df4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:52:55.0468 0x0df4  dmserver - ok
18:52:55.0515 0x0df4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:52:55.0515 0x0df4  DMusic - ok
18:52:55.0562 0x0df4  [ D977659AE4D8ECE5286D99D1ED34614D, 4D7DF9C6D5E8255DDD34AFCC04DA0B675162BF852D29DB50C6451C5BDD7269D5 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:52:55.0578 0x0df4  Dnscache - ok
18:52:55.0593 0x0df4  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:52:55.0609 0x0df4  Dot3svc - ok
18:52:55.0625 0x0df4  dpti2o - ok
18:52:55.0656 0x0df4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:52:55.0671 0x0df4  drmkaud - ok
18:52:55.0703 0x0df4  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:52:55.0718 0x0df4  EapHost - ok
18:52:55.0734 0x0df4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:52:55.0750 0x0df4  ERSvc - ok
18:52:55.0812 0x0df4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
18:52:55.0812 0x0df4  Eventlog - ok
18:52:55.0843 0x0df4  [ F17F6226BDC0CD5F0BEF0DAF84D29BEC, 51EDCDEB437A8984C086CC19C25958CBF0B8EB18FEA21173D1DCCDC39B6E64E1 ] EventSystem     C:\WINDOWS\system32\es.dll
18:52:55.0859 0x0df4  EventSystem - ok
18:52:55.0890 0x0df4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:52:55.0906 0x0df4  Fastfat - ok
18:52:55.0953 0x0df4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:52:55.0968 0x0df4  FastUserSwitchingCompatibility - ok
18:52:56.0000 0x0df4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
18:52:56.0000 0x0df4  Fdc - ok
18:52:56.0046 0x0df4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:52:56.0046 0x0df4  Fips - ok
18:52:56.0062 0x0df4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
18:52:56.0078 0x0df4  Flpydisk - ok
18:52:56.0125 0x0df4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
18:52:56.0140 0x0df4  FltMgr - ok
18:52:56.0187 0x0df4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:52:56.0187 0x0df4  FontCache3.0.0.0 - ok
18:52:56.0234 0x0df4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:52:56.0234 0x0df4  Fs_Rec - ok
18:52:56.0265 0x0df4  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:52:56.0265 0x0df4  Ftdisk - ok
18:52:56.0312 0x0df4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:52:56.0343 0x0df4  GEARAspiWDM - ok
18:52:56.0390 0x0df4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:52:56.0406 0x0df4  Gpc - ok
18:52:56.0437 0x0df4  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:52:56.0453 0x0df4  HDAudBus - ok
18:52:56.0500 0x0df4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:52:56.0500 0x0df4  helpsvc - ok
18:52:56.0515 0x0df4  HidServ - ok
18:52:56.0562 0x0df4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:52:56.0578 0x0df4  HidUsb - ok
18:52:56.0609 0x0df4  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:52:56.0625 0x0df4  hkmsvc - ok
18:52:56.0640 0x0df4  hpn - ok
18:52:56.0718 0x0df4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:52:56.0734 0x0df4  HTTP - ok
18:52:56.0781 0x0df4  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:52:56.0796 0x0df4  HTTPFilter - ok
18:52:56.0796 0x0df4  i2omgmt - ok
18:52:56.0828 0x0df4  i2omp - ok
18:52:56.0875 0x0df4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:52:56.0890 0x0df4  i8042prt - ok
18:52:57.0000 0x0df4  [ 0F0194C4B635C10C3F785E4FEE52D641, A450D84AF1E2ECC59046B7DFAEF04AD0E70043A57BB2C954E4D8596D59979B48 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
18:52:57.0078 0x0df4  ialm - ok
18:52:57.0234 0x0df4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:52:57.0281 0x0df4  idsvc - ok
18:52:57.0328 0x0df4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:52:57.0343 0x0df4  Imapi - ok
18:52:57.0390 0x0df4  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:52:57.0406 0x0df4  ImapiService - ok
18:52:57.0421 0x0df4  ini910u - ok
18:52:57.0453 0x0df4  IntelIde - ok
18:52:57.0484 0x0df4  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:52:57.0500 0x0df4  intelppm - ok
18:52:57.0515 0x0df4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
18:52:57.0531 0x0df4  Ip6Fw - ok
18:52:57.0578 0x0df4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:52:57.0593 0x0df4  IpFilterDriver - ok
18:52:57.0625 0x0df4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:52:57.0625 0x0df4  IpInIp - ok
18:52:57.0656 0x0df4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:52:57.0671 0x0df4  IpNat - ok
18:52:57.0750 0x0df4  [ E46B17060D3962A384AE484094614788, 9E8EF45C72A01FA586FF028B62F6675114CC9CBBCE172A789EDA754AE3F79121 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:52:57.0781 0x0df4  iPod Service - ok
18:52:57.0812 0x0df4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:52:57.0828 0x0df4  IPSec - ok
18:52:57.0859 0x0df4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:52:57.0859 0x0df4  IRENUM - ok
18:52:57.0890 0x0df4  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:52:57.0906 0x0df4  isapnp - ok
18:52:57.0937 0x0df4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:52:57.0953 0x0df4  Kbdclass - ok
18:52:58.0000 0x0df4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:52:58.0015 0x0df4  kmixer - ok
18:52:58.0046 0x0df4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:52:58.0046 0x0df4  KSecDD - ok
18:52:58.0093 0x0df4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
18:52:58.0109 0x0df4  LanmanServer - ok
18:52:58.0171 0x0df4  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:52:58.0203 0x0df4  lanmanworkstation - ok
18:52:58.0218 0x0df4  lbrtfdc - ok
18:52:58.0296 0x0df4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:52:58.0312 0x0df4  LmHosts - ok
18:52:58.0359 0x0df4  [ 805C6F337968C7271F0421D0A386C8EE, 1FAB99BA07A4B1012857EC2F1E38696BBBE1E494AF6E165A76FE41E46BDC463A ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
18:52:58.0359 0x0df4  mbamchameleon - ok
18:52:58.0390 0x0df4  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:52:58.0406 0x0df4  Messenger - ok
18:52:58.0437 0x0df4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:52:58.0437 0x0df4  mnmdd - ok
18:52:58.0500 0x0df4  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
18:52:58.0515 0x0df4  mnmsrvc - ok
18:52:58.0546 0x0df4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:52:58.0546 0x0df4  Modem - ok
18:52:58.0578 0x0df4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:52:58.0593 0x0df4  Mouclass - ok
18:52:58.0625 0x0df4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:52:58.0640 0x0df4  MountMgr - ok
18:52:58.0687 0x0df4  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:52:58.0703 0x0df4  MozillaMaintenance - ok
18:52:58.0718 0x0df4  mraid35x - ok
18:52:58.0750 0x0df4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:52:58.0765 0x0df4  MRxDAV - ok
18:52:58.0828 0x0df4  [ FB2FCCC70F7174C7BF64F48E96D3ADF4, 484B4DF0A500CAE8AFA4F3A6393615A3963D91C95939025DF1A172C9A67D951D ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:52:58.0859 0x0df4  MRxSmb - ok
18:52:58.0890 0x0df4  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
18:52:58.0906 0x0df4  MSDTC - ok
18:52:58.0937 0x0df4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:52:58.0937 0x0df4  Msfs - ok
18:52:58.0953 0x0df4  MSIServer - ok
18:52:59.0000 0x0df4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:52:59.0000 0x0df4  MSKSSRV - ok
18:52:59.0031 0x0df4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:52:59.0046 0x0df4  MSPCLOCK - ok
18:52:59.0062 0x0df4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:52:59.0062 0x0df4  MSPQM - ok
18:52:59.0093 0x0df4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:52:59.0093 0x0df4  mssmbios - ok
18:52:59.0125 0x0df4  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:52:59.0125 0x0df4  MSTEE - ok
18:52:59.0171 0x0df4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:52:59.0187 0x0df4  Mup - ok
18:52:59.0203 0x0df4  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
18:52:59.0218 0x0df4  NABTSFEC - ok
18:52:59.0265 0x0df4  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:52:59.0296 0x0df4  napagent - ok
18:52:59.0328 0x0df4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:52:59.0375 0x0df4  NDIS - ok
18:52:59.0390 0x0df4  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
18:52:59.0390 0x0df4  NdisIP - ok
18:52:59.0421 0x0df4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:52:59.0437 0x0df4  NdisTapi - ok
18:52:59.0484 0x0df4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:52:59.0500 0x0df4  Ndisuio - ok
18:52:59.0531 0x0df4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:52:59.0546 0x0df4  NdisWan - ok
18:52:59.0593 0x0df4  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:52:59.0593 0x0df4  NDProxy - ok
18:52:59.0609 0x0df4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:52:59.0640 0x0df4  NetBIOS - ok
18:52:59.0687 0x0df4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:52:59.0734 0x0df4  NetBT - ok
18:52:59.0781 0x0df4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:52:59.0796 0x0df4  NetDDE - ok
18:52:59.0812 0x0df4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:52:59.0828 0x0df4  NetDDEdsdm - ok
18:52:59.0859 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:52:59.0875 0x0df4  Netlogon - ok
18:52:59.0906 0x0df4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
18:52:59.0937 0x0df4  Netman - ok
18:52:59.0984 0x0df4  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:53:00.0000 0x0df4  NetTcpPortSharing - ok
18:53:00.0250 0x0df4  [ 88100EBDD10309FBD445EF8E42452EAE, 43F9DA861968485004EC0D7832979E9CCAE92A9929CBAFF02BFDED159F85503E ] NETw4x32        C:\WINDOWS\system32\DRIVERS\NETw4x32.sys
18:53:00.0406 0x0df4  NETw4x32 - ok
18:53:00.0531 0x0df4  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
18:53:00.0531 0x0df4  NIC1394 - ok
18:53:00.0578 0x0df4  [ FCEE5FCB99F7C724593365C706D28388, 96A5E34E78934026357945F7CA3D1BBEF284BE76625DF3CB6B4B5EA4B5807136 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:53:00.0593 0x0df4  Nla - ok
18:53:00.0625 0x0df4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:53:00.0625 0x0df4  Npfs - ok
18:53:00.0734 0x0df4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:53:00.0765 0x0df4  Ntfs - ok
18:53:00.0796 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
18:53:00.0796 0x0df4  NtLmSsp - ok
18:53:00.0859 0x0df4  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:53:00.0875 0x0df4  NtmsSvc - ok
18:53:00.0921 0x0df4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:53:00.0921 0x0df4  Null - ok
18:53:00.0953 0x0df4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:53:00.0953 0x0df4  NwlnkFlt - ok
18:53:00.0968 0x0df4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:53:00.0984 0x0df4  NwlnkFwd - ok
18:53:01.0000 0x0df4  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
18:53:01.0000 0x0df4  ohci1394 - ok
18:53:01.0093 0x0df4  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:53:01.0125 0x0df4  ose - ok
18:53:01.0578 0x0df4  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:53:01.0843 0x0df4  osppsvc - ok
18:53:01.0921 0x0df4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\drivers\Parport.sys
18:53:01.0921 0x0df4  Parport - ok
18:53:01.0953 0x0df4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:53:01.0953 0x0df4  PartMgr - ok
18:53:02.0000 0x0df4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:53:02.0031 0x0df4  ParVdm - ok
18:53:02.0046 0x0df4  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:53:02.0046 0x0df4  PCI - ok
18:53:02.0062 0x0df4  PCIDump - ok
18:53:02.0078 0x0df4  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:53:02.0093 0x0df4  PCIIde - ok
18:53:02.0109 0x0df4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
18:53:02.0125 0x0df4  Pcmcia - ok
18:53:02.0125 0x0df4  PDCOMP - ok
18:53:02.0156 0x0df4  PDFRAME - ok
18:53:02.0171 0x0df4  PDRELI - ok
18:53:02.0187 0x0df4  PDRFRAME - ok
18:53:02.0218 0x0df4  perc2 - ok
18:53:02.0234 0x0df4  perc2hib - ok
18:53:02.0312 0x0df4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:53:02.0328 0x0df4  PlugPlay - ok
18:53:02.0359 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:53:02.0375 0x0df4  PolicyAgent - ok
18:53:02.0390 0x0df4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:53:02.0406 0x0df4  PptpMiniport - ok
18:53:02.0421 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:53:02.0421 0x0df4  ProtectedStorage - ok
18:53:02.0437 0x0df4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:53:02.0453 0x0df4  PSched - ok
18:53:02.0500 0x0df4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:53:02.0500 0x0df4  Ptilink - ok
18:53:02.0531 0x0df4  ql1080 - ok
18:53:02.0546 0x0df4  Ql10wnt - ok
18:53:02.0562 0x0df4  ql12160 - ok
18:53:02.0578 0x0df4  ql1240 - ok
18:53:02.0609 0x0df4  ql1280 - ok
18:53:02.0750 0x0df4  [ B5909D985716A9CD8B75C12D6581426D, C8FF9936C77A840A9E3AB5D7393C4F142BA7DD3B542228B2A0DB85B732A4BFFB ] RapportCerberus_56758 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus32_56758.sys
18:53:02.0765 0x0df4  RapportCerberus_56758 - ok
18:53:02.0843 0x0df4  [ A0F0C41EE3F367CF71B9A50388E77CFA, 7B08B0A725C26EFE4351707704775474B41FD2BC59F0BAC36ADFA0CC2D336C4A ] RapportEI       C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
18:53:02.0890 0x0df4  RapportEI - ok
18:53:02.0906 0x0df4  [ 7E2C84E45379406B74117D86C40048DA, A359953A2C1E7C5DEEF8E8D5082425C04064661B5D37ADAE6A3FD5CCDC4D3E5C ] RapportKELL     C:\WINDOWS\system32\Drivers\RapportKELL.sys
18:53:02.0921 0x0df4  RapportKELL - ok
18:53:03.0031 0x0df4  [ 96759B4647AC26E2FA9F8D256700B5DC, 6E8C0B42D2F0D0AAF4F3013AE25357D23EF796AEDA8DCD71C19113165168C1EF ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
18:53:03.0125 0x0df4  RapportMgmtService - ok
18:53:03.0187 0x0df4  [ 21FD14972C7E0DE6966463F823F97881, F5C863E711B54B0EDD26E907495A793077D980AA16F824AB9B4B74060C544ACF ] RapportPG       C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
18:53:03.0218 0x0df4  RapportPG - ok
18:53:03.0250 0x0df4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:53:03.0265 0x0df4  RasAcd - ok
18:53:03.0328 0x0df4  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:53:03.0343 0x0df4  RasAuto - ok
18:53:03.0375 0x0df4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:53:03.0390 0x0df4  Rasl2tp - ok
18:53:03.0437 0x0df4  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:53:03.0484 0x0df4  RasMan - ok
18:53:03.0500 0x0df4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:53:03.0500 0x0df4  RasPppoe - ok
18:53:03.0531 0x0df4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:53:03.0531 0x0df4  Raspti - ok
18:53:03.0562 0x0df4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:53:03.0578 0x0df4  Rdbss - ok
18:53:03.0593 0x0df4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:53:03.0593 0x0df4  RDPCDD - ok
18:53:03.0671 0x0df4  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:53:03.0671 0x0df4  RDPWD - ok
18:53:03.0734 0x0df4  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:53:03.0750 0x0df4  RDSessMgr - ok
18:53:03.0781 0x0df4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:53:03.0796 0x0df4  redbook - ok
18:53:03.0812 0x0df4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:53:03.0828 0x0df4  RemoteAccess - ok
18:53:03.0875 0x0df4  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:53:03.0890 0x0df4  RpcLocator - ok
18:53:03.0937 0x0df4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:53:03.0968 0x0df4  RpcSs - ok
18:53:04.0015 0x0df4  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
18:53:04.0031 0x0df4  RSVP - ok
18:53:04.0046 0x0df4  [ 3529828EC571FB2F64F6B142F9109993, 71C58DFA51A71A824C4AAC473397B456437D0A3DC9D994B6B37E80B7E4DEC830 ] RTL8023xp       C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys
18:53:04.0078 0x0df4  RTL8023xp - ok
18:53:04.0109 0x0df4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:53:04.0125 0x0df4  SamSs - ok
18:53:04.0203 0x0df4  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:53:04.0218 0x0df4  SCardSvr - ok
18:53:04.0265 0x0df4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:53:04.0281 0x0df4  Schedule - ok
18:53:04.0312 0x0df4  [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
18:53:04.0312 0x0df4  sdbus - ok
18:53:04.0343 0x0df4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:53:04.0343 0x0df4  Secdrv - ok
18:53:04.0375 0x0df4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:53:04.0390 0x0df4  seclogon - ok
18:53:04.0406 0x0df4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
18:53:04.0421 0x0df4  SENS - ok
18:53:04.0453 0x0df4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\drivers\Serial.sys
18:53:04.0453 0x0df4  Serial - ok
18:53:04.0500 0x0df4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:53:04.0515 0x0df4  Sfloppy - ok
18:53:04.0578 0x0df4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:53:04.0609 0x0df4  SharedAccess - ok
18:53:04.0625 0x0df4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:53:04.0656 0x0df4  ShellHWDetection - ok
18:53:04.0671 0x0df4  Simbad - ok
18:53:04.0750 0x0df4  [ 9CD1BB2DB803B6AC642BD643DDB773BC, E03EC2FFBE9720E291D13ABF35E027DFA1324CE0934403D1BF4A8E1B86623053 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:53:04.0750 0x0df4  SkypeUpdate - ok
18:53:04.0796 0x0df4  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
18:53:04.0796 0x0df4  SLIP - ok
18:53:05.0625 0x0df4  [ 2A0E9A67A391CA40D8E781A3E19B6F14, F48CA6351167AFEF903493969A6687B362CC89D590EFF934F48243B2F7E83335 ] SNP2STD         C:\WINDOWS\system32\DRIVERS\snp2sxp.sys
18:53:06.0375 0x0df4  SNP2STD - ok
18:53:06.0421 0x0df4  Sparrow - ok
18:53:06.0468 0x0df4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:53:06.0484 0x0df4  splitter - ok
18:53:06.0531 0x0df4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:53:06.0546 0x0df4  Spooler - ok
18:53:06.0593 0x0df4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:53:06.0593 0x0df4  sr - ok
18:53:06.0625 0x0df4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:53:06.0640 0x0df4  srservice - ok
18:53:06.0703 0x0df4  [ 9B390283569EA58D43D2586032B892F5, FADC0AD9D8F715290F02A6A59B284A6AD53C5BD13933B1D3ECC03C558C9D5885 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:53:06.0718 0x0df4  Srv - ok
18:53:06.0750 0x0df4  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:53:06.0781 0x0df4  SSDPSRV - ok
18:53:06.0828 0x0df4  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:53:06.0859 0x0df4  stisvc - ok
18:53:06.0890 0x0df4  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
18:53:06.0890 0x0df4  streamip - ok
18:53:06.0921 0x0df4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:53:06.0937 0x0df4  swenum - ok
18:53:06.0953 0x0df4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:53:06.0953 0x0df4  swmidi - ok
18:53:06.0968 0x0df4  SwPrv - ok
18:53:07.0000 0x0df4  symc810 - ok
18:53:07.0031 0x0df4  symc8xx - ok
18:53:07.0046 0x0df4  sym_hi - ok
18:53:07.0062 0x0df4  sym_u3 - ok
18:53:07.0125 0x0df4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:53:07.0125 0x0df4  sysaudio - ok
18:53:07.0156 0x0df4  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:53:07.0171 0x0df4  SysmonLog - ok
18:53:07.0203 0x0df4  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:53:07.0234 0x0df4  TapiSrv - ok
18:53:07.0281 0x0df4  [ AD978A1B783B5719720CFF204B666C8E, FA50A3664522C58E1637C06731B9CB9D56FF14F0A5F8AB496A1945585E8A2C16 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:53:07.0296 0x0df4  Tcpip - ok
18:53:07.0328 0x0df4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:53:07.0328 0x0df4  TDPIPE - ok
18:53:07.0375 0x0df4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:53:07.0406 0x0df4  TDTCP - ok
18:53:07.0437 0x0df4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:53:07.0453 0x0df4  TermDD - ok
18:53:07.0484 0x0df4  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:53:07.0515 0x0df4  TermService - ok
18:53:07.0546 0x0df4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:53:07.0562 0x0df4  Themes - ok
18:53:07.0562 0x0df4  TosIde - ok
18:53:07.0625 0x0df4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:53:07.0640 0x0df4  TrkWks - ok
18:53:07.0703 0x0df4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:53:07.0703 0x0df4  Udfs - ok
18:53:07.0734 0x0df4  ultra - ok
18:53:07.0796 0x0df4  [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
18:53:07.0812 0x0df4  UnlockerDriver5 - ok
18:53:07.0875 0x0df4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:53:07.0906 0x0df4  Update - ok
18:53:07.0937 0x0df4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:53:07.0953 0x0df4  upnphost - ok
18:53:07.0968 0x0df4  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
18:53:07.0984 0x0df4  UPS - ok
18:53:08.0031 0x0df4  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
18:53:08.0046 0x0df4  USBAAPL - ok
18:53:08.0093 0x0df4  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
18:53:08.0093 0x0df4  usbaudio - ok
18:53:08.0156 0x0df4  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:53:08.0156 0x0df4  usbccgp - ok
18:53:08.0187 0x0df4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:53:08.0203 0x0df4  usbehci - ok
18:53:08.0250 0x0df4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:53:08.0281 0x0df4  usbhub - ok
18:53:08.0312 0x0df4  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:53:08.0328 0x0df4  usbscan - ok
18:53:08.0343 0x0df4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:53:08.0359 0x0df4  usbstor - ok
18:53:08.0375 0x0df4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:53:08.0406 0x0df4  usbuhci - ok
18:53:08.0437 0x0df4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:53:08.0437 0x0df4  VgaSave - ok
18:53:08.0453 0x0df4  ViaIde - ok
18:53:08.0484 0x0df4  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:53:08.0500 0x0df4  VolSnap - ok
18:53:08.0546 0x0df4  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
18:53:08.0562 0x0df4  VSS - ok
18:53:08.0593 0x0df4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:53:08.0609 0x0df4  W32Time - ok
18:53:08.0640 0x0df4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:53:08.0656 0x0df4  Wanarp - ok
18:53:08.0671 0x0df4  WDICA - ok
18:53:08.0718 0x0df4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:53:08.0734 0x0df4  wdmaud - ok
18:53:08.0765 0x0df4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:53:08.0781 0x0df4  WebClient - ok
18:53:08.0875 0x0df4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:53:08.0875 0x0df4  winmgmt - ok
18:53:08.0968 0x0df4  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
18:53:08.0984 0x0df4  WmdmPmSN - ok
18:53:09.0015 0x0df4  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
18:53:09.0031 0x0df4  WmiApSrv - ok
18:53:09.0062 0x0df4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:53:09.0093 0x0df4  wscsvc - ok
18:53:09.0125 0x0df4  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
18:53:09.0140 0x0df4  WSTCODEC - ok
18:53:09.0218 0x0df4  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:53:09.0234 0x0df4  wuauserv - ok
18:53:09.0296 0x0df4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:53:09.0343 0x0df4  WZCSVC - ok
18:53:09.0390 0x0df4  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:53:09.0406 0x0df4  xmlprov - ok
18:53:09.0453 0x0df4  ================ Scan global ===============================
18:53:09.0484 0x0df4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:53:09.0562 0x0df4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:53:09.0593 0x0df4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:53:09.0625 0x0df4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:53:09.0640 0x0df4  [ Global ] - ok
18:53:09.0640 0x0df4  ================ Scan MBR ==================================
18:53:09.0671 0x0df4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:53:09.0890 0x0df4  \Device\Harddisk0\DR0 - ok
18:53:09.0906 0x0df4  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR3
18:53:09.0906 0x0df4  \Device\Harddisk1\DR3 - ok
18:53:09.0906 0x0df4  ================ Scan VBR ==================================
18:53:09.0921 0x0df4  [ 7049C5506C5BC0ED0B48C3313735A314 ] \Device\Harddisk0\DR0\Partition1
18:53:09.0921 0x0df4  \Device\Harddisk0\DR0\Partition1 - ok
18:53:09.0953 0x0df4  [ 40B37330313E8E6A99AD35A8A530F5D8 ] \Device\Harddisk0\DR0\Partition2
18:53:09.0953 0x0df4  \Device\Harddisk0\DR0\Partition2 - ok
18:53:09.0968 0x0df4  [ 7CD81CC1FE0C0EC7B635DA865CC312F0 ] \Device\Harddisk1\DR3\Partition1
18:53:09.0968 0x0df4  \Device\Harddisk1\DR3\Partition1 - ok
18:53:09.0984 0x0df4  Waiting for KSN requests completion. In queue: 176
18:53:10.0984 0x0df4  Waiting for KSN requests completion. In queue: 176
18:53:11.0984 0x0df4  Waiting for KSN requests completion. In queue: 176
18:53:13.0062 0x0df4  AV detected via SS1: avast! Antivirus, 5.0.117441978, enabled, updated
18:53:13.0093 0x0df4  Win FW state via NFM: enabled
18:53:15.0609 0x0df4  ============================================================
18:53:15.0609 0x0df4  Scan finished
18:53:15.0609 0x0df4  ============================================================
18:53:15.0640 0x0d4c  Detected object count: 0
18:53:15.0640 0x0d4c  Actual detected object count: 0
18:53:39.0296 0x0ae0  Deinitialize success
 

minibox

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Marcsi (administrator) on 21-10-2013 at 18:47:51
Running from "C:\Documents and Settings\Marcsi\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

1394 Net Adapter = 1394 Connection (Disconnected)
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Realtek RTL8139/810x Family Fast Ethernet NIC = Local Area Connection (Media disconnected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : mariann

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Realtek RTL8139/810x Family Fast Ethernet NIC

        Physical Address. . . . . . . . . : 00-0F-B0-CC-A9-C7



Ethernet adapter Wireless Network Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection

        Physical Address. . . . . . . . . : 00-18-DE-65-06-F9

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.102

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : 2013. október 21. 18:22:43

        Lease Expires . . . . . . . . . . : 2013. október 21. 20:22:43

Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  173.194.34.100, 173.194.34.101, 173.194.34.102, 173.194.34.103
      173.194.34.104, 173.194.34.105, 173.194.34.110, 173.194.34.96, 173.194.34.97
      173.194.34.98, 173.194.34.99



Pinging google.com [173.194.34.99] with 32 bytes of data:



Reply from 173.194.34.99: bytes=32 time=11ms TTL=57

Reply from 173.194.34.99: bytes=32 time=13ms TTL=57



Ping statistics for 173.194.34.99:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 11ms, Maximum = 13ms, Average = 12ms

Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=287ms TTL=43

Reply from 206.190.36.45: bytes=32 time=221ms TTL=43



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 221ms, Maximum = 287ms, Average = 254ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 0f b0 cc a9 c7 ...... Realtek RTL8139/810x Family Fast Ethernet NIC - Packet Scheduler Miniport
0x3 ...00 18 de 65 06 f9 ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.102      25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0    192.168.0.102   192.168.0.102      20
      192.168.0.0    255.255.255.0    192.168.0.102   192.168.0.102      25
    192.168.0.102  255.255.255.255        127.0.0.1       127.0.0.1      25
    192.168.0.255  255.255.255.255    192.168.0.102   192.168.0.102      25
        224.0.0.0        240.0.0.0    192.168.0.102   192.168.0.102      25
  255.255.255.255  255.255.255.255    192.168.0.102               2      1
  255.255.255.255  255.255.255.255    192.168.0.102   192.168.0.102      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/18/2013 10:05:50 PM) (Source: Application Hang) (User: )
Description: Hanging application mbam.exe, version 1.75.0.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/18/2013 08:42:37 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.7.0.102, faulting module vsnp2std.dll, version 1.1.1.4, fault address 0x00001419.
Processing media-specific event for [skype.exe!ws!]

Error: (10/07/2013 09:33:38 PM) (Source: Application Hang) (User: )
Description: Hanging application Skype.exe, version 6.7.0.102, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/06/2013 03:32:45 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.7.0.102, faulting module vsnp2std.dll, version 1.1.1.4, fault address 0x00001419.
Processing media-specific event for [skype.exe!ws!]

Error: (10/06/2013 11:13:21 AM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.7.0.102, faulting module vsnp2std.dll, version 1.1.1.4, fault address 0x00001419.
Processing media-specific event for [skype.exe!ws!]

Error: (10/05/2013 08:59:31 PM) (Source: Application Hang) (User: )
Description: Hanging application Skype.exe, version 4.2.0.187, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/26/2013 06:51:03 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.7.0.102, faulting module vsnp2std.dll, version 1.1.1.4, fault address 0x00001419.
Processing media-specific event for [skype.exe!ws!]

Error: (09/26/2013 04:22:17 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.7.0.102, faulting module vsnp2std.dll, version 1.1.1.4, fault address 0x00001419.
Processing media-specific event for [skype.exe!ws!]

Error: (09/15/2013 04:22:36 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.3.0.107, faulting module vsnp2std.dll, version 1.1.1.4, fault address 0x00001419.
Processing media-specific event for [skype.exe!ws!]

Error: (09/13/2013 06:45:12 PM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.3.0.107, faulting module vsnp2std.dll, version 1.1.1.4, fault address 0x00001419.
Processing media-specific event for [skype.exe!ws!]


System errors:
=============
Error: (10/11/2013 06:44:25 PM) (Source: DCOM) (User: MARIANN)
Description: Unable to start a DCOM Server: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding

Error: (10/11/2013 06:44:25 PM) (Source: DCOM) (User: MARIANN)
Description: Unable to start a DCOM Server: {C2BFE331-6739-4270-86C9-493D9A04CD38}.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding

Error: (10/11/2013 05:53:50 PM) (Source: DCOM) (User: MARIANN)
Description: Unable to start a DCOM Server: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding

Error: (10/11/2013 05:53:50 PM) (Source: DCOM) (User: MARIANN)
Description: Unable to start a DCOM Server: {C2BFE331-6739-4270-86C9-493D9A04CD38}.
The error:
"%%2"
Happened while starting this command:
C:\WINDOWS\system32\igfxsrvc.exe -Embedding


Microsoft Office Sessions:
=========================
Error: (10/18/2013 10:05:50 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1hungapp0.0.0.000000000

Error: (10/18/2013 08:42:37 PM) (Source: Application Error)(User: )
Description: skype.exe6.7.0.102vsnp2std.dll1.1.1.400001419

Error: (10/07/2013 09:33:38 PM) (Source: Application Hang)(User: )
Description: Skype.exe6.7.0.102hungapp0.0.0.000000000

Error: (10/06/2013 03:32:45 PM) (Source: Application Error)(User: )
Description: skype.exe6.7.0.102vsnp2std.dll1.1.1.400001419

Error: (10/06/2013 11:13:21 AM) (Source: Application Error)(User: )
Description: skype.exe6.7.0.102vsnp2std.dll1.1.1.400001419

Error: (10/05/2013 08:59:31 PM) (Source: Application Hang)(User: )
Description: Skype.exe4.2.0.187hungapp0.0.0.000000000

Error: (09/26/2013 06:51:03 PM) (Source: Application Error)(User: )
Description: skype.exe6.7.0.102vsnp2std.dll1.1.1.400001419

Error: (09/26/2013 04:22:17 PM) (Source: Application Error)(User: )
Description: skype.exe6.7.0.102vsnp2std.dll1.1.1.400001419

Error: (09/15/2013 04:22:36 PM) (Source: Application Error)(User: )
Description: skype.exe6.3.0.107vsnp2std.dll1.1.1.400001419

Error: (09/13/2013 06:45:12 PM) (Source: Application Error)(User: )
Description: skype.exe6.3.0.107vsnp2std.dll1.1.1.400001419


=========================== Installed Programs ============================

Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader X (10.1.8) (Version: 10.1.8)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
avast! Free Antivirus (Version: 7.0.1466.0)
Bonjour (Version: 3.0.0.10)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Integrated Camera (Version: 5.4.16.2)
iTunes (Version: 11.0.2.26)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
NVIDIA Drivers
Rapport (Version: 3.5.1302.61)
Skype™ 6.7 (Version: 6.7.102)
SoundMAX (Version: 5.10.01.4130)
Trusteer Endpoint Protection (Version: 3.5.1302.61)
Unlocker 1.9.1 (Version: 1.9.1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VLC media player 2.0.3 (Version: 2.0.3)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)

========================= Memory info: ===================================

Percentage of memory in use: 41%
Total physical RAM: 502.11 MB
Available physical RAM: 294.5 MB
Total Pagefile: 1225.46 MB
Available Pagefile: 880.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.28 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:24.41 GB) (Free:10.65 GB) NTFS
2 Drive d: (ALEX) (Removable) (Total:3.73 GB) (Free:3.12 GB) FAT32
4 Drive f: () (Fixed) (Total:50.11 GB) (Free:28.85 GB) NTFS

========================= Users: ========================================

User accounts for \\MARIANN

Administrator            Guest                    HelpAssistant            
Marcsi                   SUPPORT_388945a0         


**** End of log ****
 

ESET

 

- no scan - didnt find anything

 

I also ran malwarebtyes previously and malware bytes rootkit repair which removed the files i mentioned before, i think it was pup.babylon and pup.serialinstaller, i ran these two programs again earlier before these scans but they didnt find anything this time.

 

This computer also seems to be running fine without any problems.



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:34 AM

Posted 21 October 2013 - 03:40 PM

Looks clean

Create a new restore point on both machines..and clean up that space.

Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 blackhawk147

blackhawk147
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:11:34 AM

Posted 25 October 2013 - 06:26 AM

Both computers seem fine now, thanks once again for all the help, I really apppreciate it!!



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:34 AM

Posted 25 October 2013 - 10:04 AM

You're welcome from all of us here!!!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users