Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible rvzr-a.akamaihd.net Virus Infection


  • Please log in to reply
6 replies to this topic

#1 LosDogg

LosDogg

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:26 AM

Posted 13 November 2013 - 05:34 AM

Hello, Group,

 

I believe that my system may be infected by the rvzr-a.akamaihd.net virus.

 

I have seen that other users that have been infected with said virus have included the following information/logs for you to peruse:  SecurityCheck, Farbar Service Scanner, MiniToolbox, Malwarebytes Anti-Malware Scan, Malwarebytes Anti-Rootkit Scan, and RKill.  I will now list the results of each in this post.

 

 Results of screen317's Security Check version 0.99.76  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!!
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 25  
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!
 Adobe Flash Player 11.9.900.117  
 Adobe Reader 9  
 Adobe Reader XI  
 Mozilla Firefox (25.0)
 Mozilla Thunderbird (24.1.0)
 Google Chrome 30.0.1599.101  
 Google Chrome 30.0.1599.69  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

 

 

 

 

Farbar Service Scanner Version: 24-10-2013
Ran by los (administrator) on 05-11-2013 at 00:44:08
Running from "C:\Users\los\Desktop"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============
MpsSvc Service is not running. Checking service configuration:
The start type of MpsSvc service is OK.
The ImagePath of MpsSvc service is OK.
The ServiceDll of MpsSvc service is OK.


Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.
The ServiceDll of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit


**** End of log ****

 

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by los (administrator) on 05-11-2013 at 02:52:15
Running from "C:\Users\los\Desktop"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
***************************************************************************

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

========================= FF Proxy Settings: ==============================

========================= Hosts content: =================================



========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Cleopatra
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
   Physical Address. . . . . . . . . : 90-E6-BA-EB-50-61
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b937:71e0:56c:e131%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Sunday, November 03, 2013 7:07:11 AM
   Lease Expires . . . . . . . . . . : Tuesday, November 05, 2013 5:20:49 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 244377274
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6D-0F-B4-90-E6-BA-EB-50-61
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{1C468584-7D57-4A14-8913-D28C2F54B082}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:2c84:2b6:b341:3927(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2c84:2b6:b341:3927%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  www.asusnetwork.net
Address:  192.168.1.1

Name:    google.com
Addresses:  2607:f8b0:4004:802::1000
      74.125.228.68
      74.125.228.69
      74.125.228.70
      74.125.228.71
      74.125.228.72
      74.125.228.73
      74.125.228.78
      74.125.228.64
      74.125.228.65
      74.125.228.66
      74.125.228.67


Pinging google.com [74.125.228.67] with 32 bytes of data:
Reply from 74.125.228.67: bytes=32 time=17ms TTL=50
Reply from 74.125.228.67: bytes=32 time=16ms TTL=50

Ping statistics for 74.125.228.67:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 16ms, Maximum = 17ms, Average = 16ms
Server:  www.asusnetwork.net
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.139.183.24
      206.190.36.45
      98.138.253.109


Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
Reply from 98.138.253.109: bytes=32 time=48ms TTL=47
Reply from 98.138.253.109: bytes=32 time=48ms TTL=47

Ping statistics for 98.138.253.109:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 48ms, Maximum = 48ms, Average = 48ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...90 e6 ba eb 50 61 ......NVIDIA nForce 10/100 Mbps Ethernet
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    276
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:5ef5:79fb:2c84:2b6:b341:3927/128
                                    On-link
 11    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::2c84:2b6:b341:3927/128
                                    On-link
 11    276 fe80::b937:71e0:56c:e131/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/04/2013 08:58:06 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/04/2013 08:58:06 PM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.

Error: (11/04/2013 06:45:38 PM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/04/2013 06:45:38 PM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.

Error: (11/04/2013 11:01:24 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/04/2013 11:01:24 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.

Error: (11/04/2013 11:01:11 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/04/2013 11:01:11 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.

Error: (11/04/2013 11:01:03 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/04/2013 11:01:03 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.


System errors:
=============
Error: (11/04/2013 08:58:06 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 48 time(s).

Error: (11/04/2013 08:58:06 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801

Error: (11/04/2013 06:45:39 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 47 time(s).

Error: (11/04/2013 06:45:39 PM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801

Error: (11/04/2013 05:07:22 PM) (Source: volsnap) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (11/04/2013 11:17:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 46 time(s).

Error: (11/04/2013 11:17:30 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801

Error: (11/04/2013 11:04:05 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 45 time(s).

Error: (11/04/2013 11:04:05 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801

Error: (11/04/2013 11:03:25 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 44 time(s).


Microsoft Office Sessions:
=========================
Error: (11/04/2013 08:58:06 PM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/04/2013 08:58:06 PM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (11/04/2013 06:45:38 PM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/04/2013 06:45:38 PM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (11/04/2013 11:01:24 AM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/04/2013 11:01:24 AM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (11/04/2013 11:01:11 AM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/04/2013 11:01:11 AM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (11/04/2013 11:01:03 AM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/04/2013 11:01:03 AM) (Source: Windows Search Service)(User: )
Description: 200x80071a91


=========================== Installed Programs ============================

.sol Editor 1.1.0.1 (Version: 1.1.0.1)
µTorrent (Version: 3.3.2.30260)
7-Zip 9.19 (x64 edition) (Version: 9.19.00.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.2)
Adobe Dreamweaver CS5.5 (Version: 11.5)
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.5.3 (Version: 9.5.3)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Akamai NetSession Interface
Akamai NetSession Interface Service
Amazon Kindle
Apple Application Support (Version: 1.3.2)
Apple Mobile Device Support (Version: 3.2.0.47)
Apple Software Update (Version: 2.1.2.120)
Avidemux 2.6 (Version: 2.6.1.8321)
Bonjour (Version: 2.0.3.0)
Bookworm Adventures Vol. 2
Bulk Image Downloader v4.24.0.0
Carcassonne
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ConvertXtoDVD 4.0.6.316 (Version: 4.0.6.316)
CyberLink DVD Suite Deluxe (Version: 7.0.2115)
D3DX10 (Version: 15.4.2368.0902)
Defender's Quest (Version: 0.8.6)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Dropbox (Version: 2.2.13)
DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)
DVD Shrink 3.2
EaseUS Partition Master 9.1.1 Home Edition
eMule
FileZilla Client 3.3.5.1 (Version: 3.3.5.1)
FileZilla Server (Version: beta 0.9.41)
Folder Size 2.9.0.0 (Version: 2.9.0.0)
Forté Agent (Version: 6.00)
Freemake Video Converter version 4.0.1 (Version: 4.0.1)
Game Character Hub version 2.0b (Version: 2.0b)
GetDataBack for FAT (Version: 4.01.000)
Giganews Accelerator (Version: 1.0.111)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 30.0.1599.101)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.165)
Hardware Diagnostic Tools (Version: 6.0.5247.34)
HitmanPro 3.7 (Version: 3.7.8.208)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1000 J110 series Help (Version: 140.0.65.65)
HP Games (Version: 1.0.0.71)
HP MediaSmart Demo (Version: 1.00.0000)
HP MediaSmart DVD (Version: 3.1.3317)
HP MediaSmart Music/Photo/Video (Version: 3.1.3422)
HP MediaSmart SmartMenu (Version: 3.1.0.1)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)
HP Odometer (Version: 2.10.0000)
HP Remote Solution (Version: 1.1.11.0)
HP Setup (Version: 1.2.3560.3170)
HP Support Assistant (Version: 4.2.5.3)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.001.000.014)
HPAsset component for HP Active Support Library (Version: 3.0.2.2)
ImgBurn (Version: 2.5.4.0)
inSSIDer 2.0 (Version: 2.0.7)
iTunes (Version: 10.0.1.22)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JDownloader 0.9 (Version: 0.9)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2017)
Lexmark 2200 Series
LightScribe System Software (Version: 1.18.8.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MathMap-1.3.5 (Version: 1.3.5)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)
Mozilla Firefox 25.0 (x86 en-US) (Version: 25.0)
Mozilla Maintenance Service (Version: 25.0)
Mozilla Thunderbird 24.1.0 (x86 en-US) (Version: 24.1.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Internet Security (Version: 21.1.0.18)
Norton Online Backup (Version: 1.2.20.0)
Notepad++ (Version: 5.8.4)
NVIDIA Drivers (Version: 1.5)
OpenOffice.org 3.2 (Version: 3.2.9502)
PCGen5164
PDF Settings CS5 (Version: 10.0)
Picasa 3 (Version: 3.9)
PictureMover (Version: 3.3.1.19)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (Version: 6.0.3304)
PowerDirector (Version: 7.0.3503)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.68.75.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
Recovery Manager (Version: 5.5.2216)
Red Light Center 3D Client (Version: 1.9.2945)
Redblade 1.3.0.16 RC 1
RPG MAKER VX Ace RTP (Version: 1.00)
RPG Maker VX RTP (Version: 1.02)
R-Studio 5.2 (Version: 5.2.130695)
SES Driver (Version: 1.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VLC media player 1.1.5 (Version: 1.1.5)
Waterfox 9.0 (x64 en-US) (Version: 9.0)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (Version: 01/19/2011 1.0.0009.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Messenger
Zoo Tycoon 2 - Extinct Animals (Version: 1.00.0000)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 53%
Total physical RAM: 5887.24 MB
Available physical RAM: 2744.99 MB
Total Pagefile: 11772.62 MB
Available Pagefile: 8552.95 MB
Total Virtual: 4095.88 MB
Available Virtual: 3961.02 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:920.57 GB) (Free:10.19 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.84 GB) (Free:1.58 GB) NTFS
4 Drive f: (Cleopatra) (Fixed) (Total:931.51 GB) (Free:5.04 GB) NTFS

========================= Users: ========================================

User accounts for \\CLEOPATRA

Administrator            Amanda                   Guest                    
los                      


**** End of log ****
 

 

 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.11.05.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
los :: CLEOPATRA [administrator]

11/5/2013 2:55:24 AM
mbam-log-2013-11-05 (02-55-24).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244421
Time elapsed: 11 minute(s), 50 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 

 

 

 

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1007
www.malwarebytes.org

Database version: v2013.11.05.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
los :: CLEOPATRA [administrator]

11/5/2013 3:43:15 AM
mbar-log-2013-11-05 (03-43-15).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Kernel memory modifications detected. Deep Anti-Rootkit Scan engaged.
Objects scanned: 306062
Time elapsed: 1 hour(s), 31 minute(s), 23 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

 

 

 

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 11/05/2013 08:05:08 AM in x64 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\los\Desktop\rkill\rkill-11-05-2013-08-05-23.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Defender Disabled

   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001

Checking Windows Service Integrity:

 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Automatic

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 11/05/2013 08:06:04 AM
Execution time: 0 hours(s), 0 minute(s), and 55 seconds(s)
 

 

 

 

 

Thank you very much for taking the time to read this post.  I hope that someone out there can help me!  :D

 

 

casl



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,430 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:26 AM

Posted 13 November 2013 - 10:17 AM

Hello LosDogg

This is an adware infection. Let's see what we can remove and then update.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.



  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:26 AM

Posted 13 November 2013 - 04:18 PM

Sorry to jump in here but please read this topic including Post #4. I would recommend you start with the instructions I provided there before running TDSSKiller, AdwCleaner, and JRT. Once you identify the responsible extension...you can permanently remove it but let me know which one it was as I am trying to create a comprehensive list of the doggy extensions.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 LosDogg

LosDogg
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:26 AM

Posted 14 November 2013 - 08:12 AM

Quietman7,

 

It was very easy for me to determine which Firefox Add-On was responsible; it was the one that I didn't download myself.  :/

 

The culprit was something called DowLOAd keePer 1.6.  I confirmed this with the instructions you asked me to follow on the other page.

 

I am now removing it from my system and beginning with the recommended removal steps above.  I hope this helped!

 

 

Your friend,

 

LD



#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:26 AM

Posted 14 November 2013 - 09:03 AM

Yes that information is helpful.

When done, follow the instructions for running AdwCleaner and posting the log like the OP did in the other topic. AdwCleaner found and removed additional remnants of DownLoade keeepper. Apparently this particular add-on has several name variations.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 LosDogg

LosDogg
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:26 AM

Posted 15 November 2013 - 03:51 AM

Boopme,

 

I believe that I have followed your instructions properly.  Here are the logs generated by the programs you recommended:

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by los (administrator) on 14-11-2013 at 08:40:44
Running from "C:\Users\los\Desktop"
Microsoft Windows 7 Home Premium   (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

NVIDIA nForce 10/100 Mbps Ethernet  = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Cleopatra
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : NVIDIA nForce 10/100 Mbps Ethernet
   Physical Address. . . . . . . . . : 90-E6-BA-EB-50-61
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::b937:71e0:56c:e131%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, November 05, 2013 3:39:24 AM
   Lease Expires . . . . . . . . . . : Friday, November 15, 2013 7:16:50 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 244377274
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-6D-0F-B4-90-E6-BA-EB-50-61
   DNS Servers . . . . . . . . . . . : 192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{1C468584-7D57-4A14-8913-D28C2F54B082}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:9d38:6ab8:2431:3d3d:b341:3927(Preferred)
   Link-local IPv6 Address . . . . . : fe80::2431:3d3d:b341:3927%13(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  www.asusnetwork.net
Address:  192.168.1.1

Name:    google.com
Addresses:  2404:6800:4005:805::1006
      173.194.127.65
      173.194.127.66
      173.194.127.67
      173.194.127.68
      173.194.127.69
      173.194.127.70
      173.194.127.71
      173.194.127.72
      173.194.127.73
      173.194.127.78
      173.194.127.64


Pinging google.com [173.194.127.64] with 32 bytes of data:
Reply from 173.194.127.64: bytes=32 time=221ms TTL=42
Reply from 173.194.127.64: bytes=32 time=217ms TTL=42

Ping statistics for 173.194.127.64:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 217ms, Maximum = 221ms, Average = 219ms
Server:  www.asusnetwork.net
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109
      98.139.183.24
      206.190.36.45


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=147ms TTL=42
Reply from 206.190.36.45: bytes=32 time=89ms TTL=42

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 89ms, Maximum = 147ms, Average = 118ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...90 e6 ba eb 50 61 ......NVIDIA nForce 10/100 Mbps Ethernet
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    276
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    276
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    276
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 13     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 13     58 2001::/32                On-link
 13    306 2001:0:9d38:6ab8:2431:3d3d:b341:3927/128
                                    On-link
 11    276 fe80::/64                On-link
 13    306 fe80::/64                On-link
 13    306 fe80::2431:3d3d:b341:3927/128
                                    On-link
 11    276 fe80::b937:71e0:56c:e131/128
                                    On-link
  1    306 ff00::/8                 On-link
 13    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [193824] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (11/14/2013 08:31:53 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/14/2013 08:31:53 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.

Error: (11/14/2013 08:30:03 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/14/2013 08:30:03 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.

Error: (11/14/2013 08:19:20 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/14/2013 08:19:20 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.

Error: (11/14/2013 08:18:09 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: Recovery phase failed.

Context: Windows Application, SystemIndex Catalog


Details:
    The gatherer is shutting down.  (HRESULT : 0x80040d23) (0x80040d23)

Error: (11/14/2013 08:18:09 AM) (Source: Windows Search Service) (User: )
Description: Error ID 1 happened in Windows Search recovery stage, please restart the service. If this error persists, please recreate the index.

Context: Windows Application, SystemIndex Catalog


Details:
    The gatherer is shutting down.  (HRESULT : 0x80040d23) (0x80040d23)

Error: (11/14/2013 08:18:09 AM) (Source: Windows Search Service) (User: )
Description: The Windows Search Service has failed to create the new search index. Internal error <10, 0x80071a91, Failed to save Crawl Scope Manager changes: >.

Error: (11/14/2013 08:18:09 AM) (Source: Windows Search Service) (User: )
Description: Windows Search Service failed to process the list of included and excluded locations with the error <20, 0x80071a91, "">.


System errors:
=============
Error: (11/14/2013 08:31:53 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 389 time(s).

Error: (11/14/2013 08:31:53 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801

Error: (11/14/2013 08:30:05 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 388 time(s).

Error: (11/14/2013 08:30:05 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801

Error: (11/14/2013 08:19:21 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 387 time(s).

Error: (11/14/2013 08:19:21 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801

Error: (11/14/2013 08:18:10 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 386 time(s).

Error: (11/14/2013 08:18:10 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801

Error: (11/14/2013 08:17:51 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 385 time(s).

Error: (11/14/2013 08:17:51 AM) (Source: Service Control Manager) (User: )
Description: The Windows Search service terminated with the following error:
%%6801


Microsoft Office Sessions:
=========================
Error: (11/14/2013 08:31:53 AM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/14/2013 08:31:53 AM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (11/14/2013 08:30:03 AM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/14/2013 08:30:03 AM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (11/14/2013 08:19:20 AM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/14/2013 08:19:20 AM) (Source: Windows Search Service)(User: )
Description: 200x80071a91

Error: (11/14/2013 08:18:09 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The gatherer is shutting down.  (HRESULT : 0x80040d23) (0x80040d23)
Recovery phase failed

Error: (11/14/2013 08:18:09 AM) (Source: Windows Search Service)(User: )
Description: Context: Windows Application, SystemIndex Catalog


Details:
    The gatherer is shutting down.  (HRESULT : 0x80040d23) (0x80040d23)
1

Error: (11/14/2013 08:18:09 AM) (Source: Windows Search Service)(User: )
Description: 100x80071a91Failed to save Crawl Scope Manager changes:

Error: (11/14/2013 08:18:09 AM) (Source: Windows Search Service)(User: )
Description: 200x80071a91


=========================== Installed Programs ============================

.sol Editor 1.1.0.1 (Version: 1.1.0.1)
µTorrent (Version: 3.3.2.30260)
7-Zip 9.19 (x64 edition) (Version: 9.19.00.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 3.1.0.4880)
Adobe Community Help (Version: 3.4.980)
Adobe Download Assistant (Version: 1.0.2)
Adobe Dreamweaver CS5.5 (Version: 11.5)
Adobe Flash Player 10 ActiveX (Version: 10.1.102.64)
Adobe Flash Player 10 ActiveX 64-bit (Version: 10.3.162.28)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Media Player (Version: 1.8)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Reader 9.5.3 (Version: 9.5.3)
Adobe Reader XI (11.0.03) (Version: 11.0.03)
Adobe Widget Browser (Version: 2.0 Build 230)
Adobe Widget Browser (Version: 2.0.230)
Akamai NetSession Interface
Akamai NetSession Interface Service
Amazon Kindle
Apple Application Support (Version: 1.3.2)
Apple Mobile Device Support (Version: 3.2.0.47)
Apple Software Update (Version: 2.1.2.120)
Avidemux 2.6 (Version: 2.6.1.8321)
Bonjour (Version: 2.0.3.0)
Bookworm Adventures Vol. 2
Bulk Image Downloader v4.24.0.0
Carcassonne
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
ConvertXtoDVD 4.0.6.316 (Version: 4.0.6.316)
CyberLink DVD Suite Deluxe (Version: 7.0.2115)
D3DX10 (Version: 15.4.2368.0902)
Defender's Quest (Version: 0.8.6)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
Dropbox (Version: 2.2.13)
DVD Menu Pack for HP MediaSmart Video (Version: 3.1.3224)
DVD Shrink 3.2
EaseUS Partition Master 9.1.1 Home Edition
eMule
FileZilla Client 3.3.5.1 (Version: 3.3.5.1)
FileZilla Server (Version: beta 0.9.41)
Folder Size 2.9.0.0 (Version: 2.9.0.0)
Forté Agent (Version: 6.00)
Freemake Video Converter version 4.0.1 (Version: 4.0.1)
Game Character Hub version 2.0b (Version: 2.0b)
GetDataBack for FAT (Version: 4.01.000)
Giganews Accelerator (Version: 1.0.111)
GIMP 2.6.11 (Version: 2.6.11)
Google Chrome (Version: 30.0.1599.101)
Google Earth Plug-in (Version: 7.1.1.1888)
Google Update Helper (Version: 1.3.21.165)
Hardware Diagnostic Tools (Version: 6.0.5247.34)
HitmanPro 3.7 (Version: 3.7.8.208)
HP Advisor (Version: 3.3.9512.3162)
HP Customer Experience Enhancements (Version: 6.0.1.3)
HP Deskjet 1000 J110 series Basic Device Software (Version: 22.50.231.0)
HP Deskjet 1000 J110 series Help (Version: 140.0.65.65)
HP Games (Version: 1.0.0.71)
HP MediaSmart Demo (Version: 1.00.0000)
HP MediaSmart DVD (Version: 3.1.3317)
HP MediaSmart Music/Photo/Video (Version: 3.1.3422)
HP MediaSmart SmartMenu (Version: 3.1.0.1)
HP MediaSmart/TouchSmart Netflix (Version: 1.0.2.0)
HP Odometer (Version: 2.10.0000)
HP Remote Solution (Version: 1.1.11.0)
HP Setup (Version: 1.2.3560.3170)
HP Support Assistant (Version: 4.2.5.3)
HP Support Information (Version: 10.1.0002)
HP Update (Version: 5.001.000.014)
HPAsset component for HP Active Support Library (Version: 3.0.2.2)
HTML TADS Player Kit
ImgBurn (Version: 2.5.4.0)
inSSIDer 2.0 (Version: 2.0.7)
iTunes (Version: 10.0.1.22)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
JDownloader 0.9 (Version: 0.9)
Junk Mail filter update (Version: 15.4.3502.0922)
LabelPrint (Version: 2.5.2017)
Lexmark 2200 Series
LightScribe System Software (Version: 1.18.8.1)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MathMap-1.3.5 (Version: 1.3.5)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Live Search Toolbar (Version: 3.0.566.0)
Microsoft Office Home and Student 60 day trial
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Works (Version: 9.7.0621)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Movie Theme Pack for HP MediaSmart Video (Version: 3.1.3310)
Mozilla Firefox 25.0 (x86 en-US) (Version: 25.0)
Mozilla Maintenance Service (Version: 25.0)
Mozilla Thunderbird 24.1.0 (x86 en-US) (Version: 24.1.0)
MSVCRT (Version: 15.4.2862.0708)
MSVCRT_amd64 (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Norton Internet Security (Version: 21.1.0.18)
Norton Online Backup (Version: 1.2.20.0)
Notepad++ (Version: 5.8.4)
NVIDIA Drivers (Version: 1.5)
OpenOffice.org 3.2 (Version: 3.2.9502)
PCGen5164
PDF Settings CS5 (Version: 10.0)
Picasa 3 (Version: 3.9)
PictureMover (Version: 3.3.1.19)
PlayReady PC Runtime amd64 (Version: 1.3.0)
Power2Go (Version: 6.0.3304)
PowerDirector (Version: 7.0.3503)
QuickPar 0.9 (Version: 0.9)
QuickTime (Version: 7.68.75.0)
Realtek High Definition Audio Driver (Version: 6.0.1.6196)
Recovery Manager (Version: 5.5.2216)
Red Light Center 3D Client (Version: 1.9.2945)
Redblade 1.3.0.16 RC 1
RPG MAKER VX Ace RTP (Version: 1.00)
RPG Maker VX RTP (Version: 1.02)
R-Studio 5.2 (Version: 5.2.130695)
SES Driver (Version: 1.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
VLC media player 1.1.5 (Version: 1.1.5)
Waterfox 9.0 (x64 en-US) (Version: 9.0)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (Version: 01/19/2011 1.0.0009.0)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Messenger
Zoo Tycoon 2 - Extinct Animals (Version: 1.00.0000)

========================= Memory info: ===================================

Percentage of memory in use: 34%
Total physical RAM: 5887.24 MB
Available physical RAM: 3885.06 MB
Total Pagefile: 11772.62 MB
Available Pagefile: 9455 MB
Total Virtual: 4095.88 MB
Available Virtual: 3972.76 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:920.57 GB) (Free:3.88 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:10.84 GB) (Free:1.58 GB) NTFS
4 Drive f: (Cleopatra) (Fixed) (Total:931.51 GB) (Free:5.86 GB) NTFS

========================= Users: ========================================

User accounts for \\CLEOPATRA

Administrator            Amanda                   Guest                    
los                      


**** End of log ****
 

 

 

 

 

08:43:23.0838 0x123c  TDSS rootkit removing tool 3.0.0.17 Nov 12 2013 19:54:52
08:43:29.0978 0x123c  ============================================================
08:43:29.0978 0x123c  Current date / time: 2013/11/14 08:43:29.0978
08:43:29.0978 0x123c  SystemInfo:
08:43:29.0978 0x123c  
08:43:29.0978 0x123c  OS Version: 6.1.7600 ServicePack: 0.0
08:43:29.0978 0x123c  Product type: Workstation
08:43:29.0978 0x123c  ComputerName: CLEOPATRA
08:43:29.0978 0x123c  UserName: los
08:43:29.0978 0x123c  Windows directory: C:\Windows
08:43:29.0978 0x123c  System windows directory: C:\Windows
08:43:29.0978 0x123c  Running under WOW64
08:43:29.0978 0x123c  Processor architecture: Intel x64
08:43:29.0988 0x123c  Number of processors: 4
08:43:29.0988 0x123c  Page size: 0x1000
08:43:29.0988 0x123c  Boot type: Normal boot
08:43:29.0988 0x123c  ============================================================
08:43:34.0118 0x123c  System UUID: {4AC65F87-9DE0-7C2D-B632-64ACEF4FF492}
08:43:34.0998 0x123c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:43:35.0008 0x123c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:43:35.0058 0x123c  ============================================================
08:43:35.0058 0x123c  \Device\Harddisk0\DR0:
08:43:35.0078 0x123c  MBR partitions:
08:43:35.0078 0x123c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:43:35.0078 0x123c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3283F, BlocksNum 0x73123FC1
08:43:35.0078 0x123c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x73156800, BlocksNum 0x15AF800
08:43:35.0078 0x123c  \Device\Harddisk1\DR1:
08:43:35.0078 0x123c  MBR partitions:
08:43:35.0078 0x123c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
08:43:35.0078 0x123c  ============================================================
08:43:35.0118 0x123c  C: <-> \Device\Harddisk0\DR0\Partition2
08:43:35.0188 0x123c  D: <-> \Device\Harddisk0\DR0\Partition3
08:43:35.0208 0x123c  F: <-> \Device\Harddisk1\DR1\Partition1
08:43:35.0208 0x123c  ============================================================
08:43:35.0208 0x123c  Initialize success
08:43:35.0208 0x123c  ============================================================
08:43:40.0298 0x1978  ============================================================
08:43:40.0298 0x1978  Scan started
08:43:40.0298 0x1978  Mode: Manual;
08:43:40.0298 0x1978  ============================================================
08:43:40.0298 0x1978  KSN ping started
08:43:42.0968 0x1978  KSN ping finished: true
08:43:45.0858 0x1978  ================ Scan system memory ========================
08:43:45.0858 0x1978  System memory - ok
08:43:45.0858 0x1978  ================ Scan services =============================
08:43:46.0108 0x1978  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
08:43:46.0118 0x1978  1394ohci - ok
08:43:46.0158 0x1978  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
08:43:46.0168 0x1978  ACPI - ok
08:43:46.0178 0x1978  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
08:43:46.0178 0x1978  AcpiPmi - ok
08:43:46.0458 0x1978  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
08:43:46.0458 0x1978  AdobeARMservice - ok
08:43:46.0518 0x1978  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
08:43:46.0568 0x1978  adp94xx - ok
08:43:46.0598 0x1978  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
08:43:46.0608 0x1978  adpahci - ok
08:43:46.0628 0x1978  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
08:43:46.0638 0x1978  adpu320 - ok
08:43:46.0698 0x1978  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
08:43:46.0698 0x1978  AeLookupSvc - ok
08:43:46.0818 0x1978  [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD             C:\Windows\system32\drivers\afd.sys
08:43:46.0848 0x1978  AFD - ok
08:43:46.0878 0x1978  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
08:43:46.0878 0x1978  agp440 - ok
08:43:47.0448 0x1978  [ BBE9054FDADC8D49D29C5DA4FB84A803, 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF ] Akamai          c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll
08:43:47.0448 0x1978  Suspicious file ( Hidden ): c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll. md5: BBE9054FDADC8D49D29C5DA4FB84A803, sha256: 4315C1D7DBD35A80E25F15B45587AA76F6E9FCDC617B5ABF62301570771066AF
08:43:47.0458 0x1978  Akamai - detected HiddenFile.Multi.Generic ( 1 )
08:43:50.0148 0x1978  Detect skipped due to KSN trusted
08:43:50.0148 0x1978  Akamai - ok
08:43:50.0178 0x1978  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
08:43:50.0178 0x1978  ALG - ok
08:43:50.0188 0x1978  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
08:43:50.0198 0x1978  aliide - ok
08:43:50.0228 0x1978  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
08:43:50.0228 0x1978  amdide - ok
08:43:50.0248 0x1978  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
08:43:50.0248 0x1978  AmdK8 - ok
08:43:50.0278 0x1978  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
08:43:50.0288 0x1978  AmdPPM - ok
08:43:50.0348 0x1978  [ EC7EBAB00A4D8448BAB68D1E49B4BEB9, 786B30C86FA7FEC6BA2569FF818044AA0F7C134693304ED0FF7BD0541F9A755F ] amdsata         C:\Windows\system32\drivers\amdsata.sys
08:43:50.0358 0x1978  amdsata - ok
08:43:50.0388 0x1978  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
08:43:50.0398 0x1978  amdsbs - ok
08:43:50.0418 0x1978  [ DB27766102C7BF7E95140A2AA81D042E, 489F812B596EA06E53D891CD05047AA17CDF752854BBD553BA65D10799AF78DF ] amdxata         C:\Windows\system32\drivers\amdxata.sys
08:43:50.0418 0x1978  amdxata - ok
08:43:50.0478 0x1978  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
08:43:50.0478 0x1978  AppID - ok
08:43:50.0508 0x1978  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
08:43:50.0508 0x1978  AppIDSvc - ok
08:43:50.0528 0x1978  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
08:43:50.0538 0x1978  Appinfo - ok
08:43:50.0638 0x1978  [ 70D7BE78061126DD0C3ACCDB7E129017, 6F330C925B2567ECCDA0C743A51BA64CAA91E16021EFA5946B3A135282BFB1BF ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
08:43:50.0648 0x1978  Apple Mobile Device - ok
08:43:50.0678 0x1978  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
08:43:50.0678 0x1978  arc - ok
08:43:50.0708 0x1978  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
08:43:50.0718 0x1978  arcsas - ok
08:43:50.0758 0x1978  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
08:43:50.0758 0x1978  AsyncMac - ok
08:43:50.0788 0x1978  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
08:43:50.0788 0x1978  atapi - ok
08:43:50.0908 0x1978  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
08:43:50.0938 0x1978  AudioEndpointBuilder - ok
08:43:50.0958 0x1978  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
08:43:50.0978 0x1978  AudioSrv - ok
08:43:50.0988 0x1978  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
08:43:50.0988 0x1978  AxInstSV - ok
08:43:51.0018 0x1978  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
08:43:51.0028 0x1978  b06bdrv - ok
08:43:51.0068 0x1978  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
08:43:51.0078 0x1978  b57nd60a - ok
08:43:51.0098 0x1978  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
08:43:51.0098 0x1978  BDESVC - ok
08:43:51.0118 0x1978  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
08:43:51.0118 0x1978  Beep - ok
08:43:51.0178 0x1978  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
08:43:51.0188 0x1978  BFE - ok
08:43:51.0508 0x1978  [ CB1B72BDCCF77B8F2104CF068FD2355C, BD6D8932B77660666824522F110F13DCCA06BE6FC27C186D79C0BD80EC17845B ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\BASHDefs\20131101.003\BHDrvx64.sys
08:43:51.0548 0x1978  BHDrvx64 - ok
08:43:51.0648 0x1978  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
08:43:51.0688 0x1978  BITS - ok
08:43:51.0698 0x1978  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
08:43:51.0708 0x1978  blbdrive - ok
08:43:51.0848 0x1978  [ 673CF4F6BB1FBE09331B526802FBB892, 1C592111174757CA3F495BD6571FB17E45D4BCCF2893CE63C5F2809B066F69F6 ] Bonjour Service C:\Program Files (x86)\Bonjour\mDNSResponder.exe
08:43:51.0878 0x1978  Bonjour Service - ok
08:43:51.0948 0x1978  [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
08:43:51.0958 0x1978  bowser - ok
08:43:51.0998 0x1978  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
08:43:51.0998 0x1978  BrFiltLo - ok
08:43:52.0028 0x1978  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
08:43:52.0028 0x1978  BrFiltUp - ok
08:43:52.0068 0x1978  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
08:43:52.0078 0x1978  Browser - ok
08:43:52.0138 0x1978  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
08:43:52.0158 0x1978  Brserid - ok
08:43:52.0188 0x1978  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
08:43:52.0188 0x1978  BrSerWdm - ok
08:43:52.0218 0x1978  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
08:43:52.0218 0x1978  BrUsbMdm - ok
08:43:52.0228 0x1978  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
08:43:52.0238 0x1978  BrUsbSer - ok
08:43:52.0248 0x1978  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
08:43:52.0248 0x1978  BTHMODEM - ok
08:43:52.0268 0x1978  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
08:43:52.0278 0x1978  bthserv - ok
08:43:52.0388 0x1978  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1501000.012\ccSetx64.sys
08:43:52.0398 0x1978  ccSet_NIS - ok
08:43:52.0468 0x1978  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
08:43:52.0468 0x1978  cdfs - ok
08:43:52.0508 0x1978  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
08:43:52.0518 0x1978  cdrom - ok
08:43:52.0548 0x1978  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
08:43:52.0558 0x1978  CertPropSvc - ok
08:43:52.0588 0x1978  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
08:43:52.0598 0x1978  circlass - ok
08:43:52.0638 0x1978  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
08:43:52.0658 0x1978  CLFS - ok
08:43:52.0798 0x1978  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:43:52.0808 0x1978  clr_optimization_v2.0.50727_32 - ok
08:43:52.0948 0x1978  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
08:43:52.0958 0x1978  clr_optimization_v2.0.50727_64 - ok
08:43:53.0098 0x1978  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:43:53.0108 0x1978  clr_optimization_v4.0.30319_32 - ok
08:43:53.0138 0x1978  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
08:43:53.0148 0x1978  clr_optimization_v4.0.30319_64 - ok
08:43:53.0178 0x1978  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
08:43:53.0178 0x1978  CmBatt - ok
08:43:53.0198 0x1978  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
08:43:53.0198 0x1978  cmdide - ok
08:43:53.0278 0x1978  [ 937BEB186A735ACA91D717044A49D17E, 3A2BF72670C94D1A7656289F5284F082AB089C96D451F8C5CD9D0211064D3FB1 ] CNG             C:\Windows\system32\Drivers\cng.sys
08:43:53.0288 0x1978  CNG - ok
08:43:53.0308 0x1978  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
08:43:53.0308 0x1978  Compbatt - ok
08:43:53.0338 0x1978  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
08:43:53.0338 0x1978  CompositeBus - ok
08:43:53.0348 0x1978  COMSysApp - ok
08:43:53.0368 0x1978  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
08:43:53.0368 0x1978  crcdisk - ok
08:43:53.0438 0x1978  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
08:43:53.0448 0x1978  CryptSvc - ok
08:43:53.0548 0x1978  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
08:43:53.0578 0x1978  DcomLaunch - ok
08:43:53.0658 0x1978  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
08:43:53.0688 0x1978  defragsvc - ok
08:43:53.0768 0x1978  [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
08:43:53.0768 0x1978  DfsC - ok
08:43:53.0818 0x1978  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
08:43:53.0838 0x1978  Dhcp - ok
08:43:53.0898 0x1978  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
08:43:53.0898 0x1978  discache - ok
08:43:53.0928 0x1978  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
08:43:53.0928 0x1978  Disk - ok
08:43:54.0018 0x1978  [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
08:43:54.0028 0x1978  Dnscache - ok
08:43:54.0098 0x1978  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
08:43:54.0118 0x1978  dot3svc - ok
08:43:54.0168 0x1978  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
08:43:54.0178 0x1978  DPS - ok
08:43:54.0278 0x1978  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
08:43:54.0278 0x1978  drmkaud - ok
08:43:54.0388 0x1978  [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
08:43:54.0418 0x1978  DXGKrnl - ok
08:43:54.0438 0x1978  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
08:43:54.0438 0x1978  EapHost - ok
08:43:54.0578 0x1978  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
08:43:54.0678 0x1978  ebdrv - ok
08:43:54.0828 0x1978  [ A2DA3D8E0B336E13F7A155B5789B58CF, D492E24807857547F62E69B8F2935ABC48113C28832B1155AB3186D04A63DEF1 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
08:43:54.0868 0x1978  eeCtrl - ok
08:43:54.0928 0x1978  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS             C:\Windows\System32\lsass.exe
08:43:54.0928 0x1978  EFS - ok
08:43:55.0048 0x1978  [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
08:43:55.0088 0x1978  ehRecvr - ok
08:43:55.0158 0x1978  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
08:43:55.0168 0x1978  ehSched - ok
08:43:55.0218 0x1978  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
08:43:55.0258 0x1978  elxstor - ok
08:43:55.0318 0x1978  [ 9EAFB3B3B60B8AD958985152A9309ACA, EC58F487D50A125DA3F747670282EA2104580CCAAF709EA494B61C7549576AE6 ] epmntdrv        C:\Windows\system32\epmntdrv.sys
08:43:55.0318 0x1978  epmntdrv - ok
08:43:55.0388 0x1978  [ 23C3061D2F7F8BCB6140A098447035B4, A89A628D99637DA72F51E90A6C3CBAAB552B423447C2EDC561E3D7CCB4D7EAB7 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
08:43:55.0398 0x1978  EraserUtilRebootDrv - ok
08:43:55.0418 0x1978  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
08:43:55.0418 0x1978  ErrDev - ok
08:43:55.0468 0x1978  [ FB949ED2C93C878A189039F3D7730942, 857AFB9965F14C80C21948C05A44D37948BD206961101DFF087735D6A7CCAA8A ] EuGdiDrv        C:\Windows\system32\EuGdiDrv.sys
08:43:55.0468 0x1978  EuGdiDrv - ok
08:43:55.0578 0x1978  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
08:43:55.0608 0x1978  EventSystem - ok
08:43:55.0678 0x1978  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
08:43:55.0678 0x1978  exfat - ok
08:43:55.0708 0x1978  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
08:43:55.0718 0x1978  fastfat - ok
08:43:55.0768 0x1978  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
08:43:55.0788 0x1978  Fax - ok
08:43:55.0808 0x1978  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
08:43:55.0808 0x1978  fdc - ok
08:43:55.0828 0x1978  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
08:43:55.0828 0x1978  fdPHost - ok
08:43:55.0838 0x1978  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
08:43:55.0838 0x1978  FDResPub - ok
08:43:55.0848 0x1978  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
08:43:55.0858 0x1978  FileInfo - ok
08:43:55.0858 0x1978  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
08:43:55.0868 0x1978  Filetrace - ok
08:43:55.0998 0x1978  [ 7E76EED28B8B8696B7F7ED5F757AA304, 4D42711B63F90FF9AF3D6C8E4EDB3FF08CAB6FE5131D9A43F4D10D1CA51F7378 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
08:43:56.0028 0x1978  FileZilla Server - ok
08:43:56.0068 0x1978  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
08:43:56.0068 0x1978  flpydisk - ok
08:43:56.0088 0x1978  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
08:43:56.0098 0x1978  FltMgr - ok
08:43:56.0198 0x1978  [ CB5E4B9C319E3C6BB363EB7E58A4A051, C9DCF2C2A6AFE0A0F3E23A265843D0C423C08B2E54702C5B389CF293D9A6BAC5 ] FontCache       C:\Windows\system32\FntCache.dll
08:43:56.0228 0x1978  FontCache - ok
08:43:56.0348 0x1978  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:43:56.0348 0x1978  FontCache3.0.0.0 - ok
08:43:56.0378 0x1978  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
08:43:56.0378 0x1978  FsDepends - ok
08:43:56.0408 0x1978  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
08:43:56.0418 0x1978  Fs_Rec - ok
08:43:56.0488 0x1978  [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
08:43:56.0508 0x1978  fvevol - ok
08:43:56.0548 0x1978  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
08:43:56.0558 0x1978  gagp30kx - ok
08:43:56.0628 0x1978  [ C1BBCE4B30B45410178EE674C818D10C, 3FD449C20493057592A21CA812CA39803BC32136B84A060B2BF9621776D94E54 ] GameConsoleService C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe
08:43:56.0648 0x1978  GameConsoleService - ok
08:43:56.0708 0x1978  [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
08:43:56.0708 0x1978  GEARAspiWDM - ok
08:43:56.0808 0x1978  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
08:43:56.0848 0x1978  gpsvc - ok
08:43:56.0978 0x1978  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:43:56.0988 0x1978  gupdate - ok
08:43:57.0018 0x1978  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:43:57.0028 0x1978  gupdatem - ok
08:43:57.0108 0x1978  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
08:43:57.0128 0x1978  gusvc - ok
08:43:57.0148 0x1978  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
08:43:57.0148 0x1978  hcw85cir - ok
08:43:57.0178 0x1978  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
08:43:57.0188 0x1978  HDAudBus - ok
08:43:57.0198 0x1978  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
08:43:57.0198 0x1978  HidBatt - ok
08:43:57.0208 0x1978  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
08:43:57.0218 0x1978  HidBth - ok
08:43:57.0218 0x1978  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
08:43:57.0228 0x1978  HidIr - ok
08:43:57.0238 0x1978  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
08:43:57.0238 0x1978  hidserv - ok
08:43:57.0268 0x1978  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
08:43:57.0268 0x1978  HidUsb - ok
08:43:57.0328 0x1978  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
08:43:57.0338 0x1978  hkmsvc - ok
08:43:57.0368 0x1978  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
08:43:57.0398 0x1978  HomeGroupListener - ok
08:43:57.0448 0x1978  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
08:43:57.0458 0x1978  HomeGroupProvider - ok
08:43:57.0588 0x1978  [ 00B239202F7756695C8CCDF8BAFA7D3D, EE119080A77DE49CD70AEFC02CB653E730FAB5618E3464CAD295432C1F4AD975 ] HP Health Check Service C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
08:43:57.0598 0x1978  HP Health Check Service - ok
08:43:57.0688 0x1978  [ FDF273A845F1FFCCEADF363AAF47582F, 9BB99346A977225EF77261CD3CF4219A238EB06FFE2DB91D00A0037BDCFECEF1 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
08:43:57.0708 0x1978  hpqwmiex - ok
08:43:57.0748 0x1978  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
08:43:57.0748 0x1978  HpSAMD - ok
08:43:57.0878 0x1978  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
08:43:57.0908 0x1978  HTTP - ok
08:43:57.0918 0x1978  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
08:43:57.0918 0x1978  hwpolicy - ok
08:43:57.0938 0x1978  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
08:43:57.0948 0x1978  i8042prt - ok
08:43:58.0028 0x1978  [ B75E45C564E944A2657167D197AB29DA, 622EA73F4D9CAE17628C18148FB241817A0AE6D80A74B099204ED27C1A750B24 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
08:43:58.0058 0x1978  iaStorV - ok
08:43:58.0158 0x1978  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
08:43:58.0168 0x1978  IDriverT - ok
08:43:58.0298 0x1978  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
08:43:58.0358 0x1978  idsvc - ok
08:43:58.0508 0x1978  [ B96F641291378569E8525383FAA183EB, 9C728BA6B1D558B5C3F76003AE93DA61793DB4684E8FC326FF002CDC6060EED7 ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\IPSDefs\20131113.002\IDSvia64.sys
08:43:58.0528 0x1978  IDSVia64 - ok
08:43:58.0558 0x1978  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
08:43:58.0568 0x1978  iirsp - ok
08:43:58.0668 0x1978  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
08:43:58.0718 0x1978  IKEEXT - ok
08:43:58.0878 0x1978  [ 3C4B4EE54FEBB09F7E9F58776DE96DCA, 4E0320281FB9D02A4D8571597D157C0DF2A85CF17D53775D93CF3C54BEC34B24 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
08:43:58.0948 0x1978  IntcAzAudAddService - ok
08:43:58.0968 0x1978  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
08:43:58.0968 0x1978  intelide - ok
08:43:58.0998 0x1978  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
08:43:58.0998 0x1978  intelppm - ok
08:43:59.0018 0x1978  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
08:43:59.0028 0x1978  IPBusEnum - ok
08:43:59.0088 0x1978  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
08:43:59.0088 0x1978  IpFilterDriver - ok
08:43:59.0158 0x1978  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
08:43:59.0178 0x1978  iphlpsvc - ok
08:43:59.0198 0x1978  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
08:43:59.0208 0x1978  IPMIDRV - ok
08:43:59.0228 0x1978  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
08:43:59.0238 0x1978  IPNAT - ok
08:43:59.0348 0x1978  [ F0EAC938ECC1B2764D04CE16F8627E56, 65C366CBBB8FA59C988F3953C28E9A6332F83A0B7CFAB4ED4C894D5E7D91EEAC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
08:43:59.0368 0x1978  iPod Service - ok
08:43:59.0388 0x1978  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
08:43:59.0398 0x1978  IRENUM - ok
08:43:59.0408 0x1978  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
08:43:59.0408 0x1978  isapnp - ok
08:43:59.0428 0x1978  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
08:43:59.0438 0x1978  iScsiPrt - ok
08:43:59.0478 0x1978  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
08:43:59.0478 0x1978  kbdclass - ok
08:43:59.0498 0x1978  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
08:43:59.0498 0x1978  kbdhid - ok
08:43:59.0508 0x1978  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso          C:\Windows\system32\lsass.exe
08:43:59.0518 0x1978  KeyIso - ok
08:43:59.0528 0x1978  [ 16C1B906FC5EAD84769F90B736B6BF0E, 2FD11B1A6C208CBA4FB97DB2E48B9A487C7649B1FCF5F761B2A0E4D6A02E61EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
08:43:59.0528 0x1978  KSecDD - ok
08:43:59.0588 0x1978  [ 0B711550C56444879D71C7DAABDA6C83, A598E0817B0B943457068AD196FD5C9DB9C4135C9901B9B6EAFD1D3B3F4F0E2F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
08:43:59.0608 0x1978  KSecPkg - ok
08:43:59.0618 0x1978  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
08:43:59.0618 0x1978  ksthunk - ok
08:43:59.0698 0x1978  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
08:43:59.0718 0x1978  KtmRm - ok
08:43:59.0818 0x1978  [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer    C:\Windows\system32\srvsvc.dll
08:43:59.0838 0x1978  LanmanServer - ok
08:43:59.0908 0x1978  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
08:43:59.0918 0x1978  LanmanWorkstation - ok
08:44:00.0068 0x1978  [ 2238B91AC1A12CC6CC4C4FED41258B2A, 11DEBFAC8D6B23415928C635981E3378DE7C1F361F2B7A1390D86B0D782C22C6 ] LightScribeService c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
08:44:00.0078 0x1978  LightScribeService - ok
08:44:00.0118 0x1978  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
08:44:00.0128 0x1978  lltdio - ok
08:44:00.0208 0x1978  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
08:44:00.0238 0x1978  lltdsvc - ok
08:44:00.0238 0x1978  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
08:44:00.0248 0x1978  lmhosts - ok
08:44:00.0288 0x1978  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
08:44:00.0298 0x1978  LSI_FC - ok
08:44:00.0328 0x1978  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
08:44:00.0338 0x1978  LSI_SAS - ok
08:44:00.0358 0x1978  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
08:44:00.0358 0x1978  LSI_SAS2 - ok
08:44:00.0378 0x1978  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
08:44:00.0388 0x1978  LSI_SCSI - ok
08:44:00.0468 0x1978  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
08:44:00.0478 0x1978  luafv - ok
08:44:00.0488 0x1978  lxbv_device - ok
08:44:00.0548 0x1978  [ C63BF488680F88B6A1D83302AA0ACD0E, B9DFE993C0FC605304D7DE91B5F90D9397AD8C2E6E1FCA3EF99614A8A535356B ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
08:44:00.0558 0x1978  mbamchameleon - ok
08:44:00.0608 0x1978  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
08:44:00.0618 0x1978  Mcx2Svc - ok
08:44:00.0698 0x1978  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
08:44:00.0698 0x1978  megasas - ok
08:44:00.0748 0x1978  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
08:44:00.0758 0x1978  MegaSR - ok
08:44:00.0778 0x1978  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
08:44:00.0778 0x1978  MMCSS - ok
08:44:00.0808 0x1978  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
08:44:00.0808 0x1978  Modem - ok
08:44:00.0838 0x1978  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
08:44:00.0838 0x1978  monitor - ok
08:44:00.0868 0x1978  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
08:44:00.0868 0x1978  mouclass - ok
08:44:00.0898 0x1978  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
08:44:00.0898 0x1978  mouhid - ok
08:44:00.0928 0x1978  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
08:44:00.0938 0x1978  mountmgr - ok
08:44:01.0088 0x1978  [ 5D494509432897338AFC19DB78A76DCB, 873F61F45D4A96096E17F9E266B1A20CCD65E4678DDB21DDE3DB98E831E524D3 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
08:44:01.0098 0x1978  MozillaMaintenance - ok
08:44:01.0128 0x1978  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
08:44:01.0138 0x1978  mpio - ok
08:44:01.0168 0x1978  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
08:44:01.0168 0x1978  mpsdrv - ok
08:44:01.0268 0x1978  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
08:44:01.0288 0x1978  MpsSvc - ok
08:44:01.0318 0x1978  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
08:44:01.0328 0x1978  MRxDAV - ok
08:44:01.0378 0x1978  [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
08:44:01.0388 0x1978  mrxsmb - ok
08:44:01.0478 0x1978  [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
08:44:01.0508 0x1978  mrxsmb10 - ok
08:44:01.0538 0x1978  [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
08:44:01.0538 0x1978  mrxsmb20 - ok
08:44:01.0558 0x1978  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
08:44:01.0558 0x1978  msahci - ok
08:44:01.0588 0x1978  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
08:44:01.0598 0x1978  msdsm - ok
08:44:01.0618 0x1978  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
08:44:01.0628 0x1978  MSDTC - ok
08:44:01.0658 0x1978  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
08:44:01.0658 0x1978  Msfs - ok
08:44:01.0678 0x1978  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
08:44:01.0678 0x1978  mshidkmdf - ok
08:44:01.0688 0x1978  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
08:44:01.0688 0x1978  msisadrv - ok
08:44:01.0758 0x1978  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
08:44:01.0768 0x1978  MSiSCSI - ok
08:44:01.0778 0x1978  msiserver - ok
08:44:01.0798 0x1978  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
08:44:01.0798 0x1978  MSKSSRV - ok
08:44:01.0808 0x1978  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
08:44:01.0818 0x1978  MSPCLOCK - ok
08:44:01.0828 0x1978  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
08:44:01.0828 0x1978  MSPQM - ok
08:44:01.0858 0x1978  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
08:44:01.0878 0x1978  MsRPC - ok
08:44:01.0878 0x1978  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
08:44:01.0888 0x1978  mssmbios - ok
08:44:01.0908 0x1978  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
08:44:01.0908 0x1978  MSTEE - ok
08:44:01.0928 0x1978  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
08:44:01.0928 0x1978  MTConfig - ok
08:44:01.0958 0x1978  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
08:44:01.0958 0x1978  Mup - ok
08:44:02.0048 0x1978  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
08:44:02.0068 0x1978  napagent - ok
08:44:02.0108 0x1978  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
08:44:02.0118 0x1978  NativeWifiP - ok
08:44:02.0278 0x1978  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20131113.023\ENG64.SYS
08:44:02.0288 0x1978  NAVENG - ok
08:44:02.0438 0x1978  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.1.3\Definitions\VirusDefs\20131113.023\EX64.SYS
08:44:02.0568 0x1978  NAVEX15 - ok
08:44:02.0618 0x1978  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
08:44:02.0648 0x1978  NDIS - ok
08:44:02.0658 0x1978  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
08:44:02.0668 0x1978  NdisCap - ok
08:44:02.0688 0x1978  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
08:44:02.0688 0x1978  NdisTapi - ok
08:44:02.0718 0x1978  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
08:44:02.0718 0x1978  Ndisuio - ok
08:44:02.0738 0x1978  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
08:44:02.0738 0x1978  NdisWan - ok
08:44:02.0748 0x1978  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
08:44:02.0748 0x1978  NDProxy - ok
08:44:02.0758 0x1978  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
08:44:02.0768 0x1978  NetBIOS - ok
08:44:02.0778 0x1978  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
08:44:02.0788 0x1978  NetBT - ok
08:44:02.0798 0x1978  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon        C:\Windows\system32\lsass.exe
08:44:02.0798 0x1978  Netlogon - ok
08:44:02.0878 0x1978  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
08:44:02.0908 0x1978  Netman - ok
08:44:02.0938 0x1978  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
08:44:02.0948 0x1978  netprofm - ok
08:44:03.0008 0x1978  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
08:44:03.0018 0x1978  NetTcpPortSharing - ok
08:44:03.0058 0x1978  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
08:44:03.0068 0x1978  nfrd960 - ok
08:44:03.0338 0x1978  [ C87442B6D17912785DC143CEDCA508C9, 58599BC7EE1FFC66291BF38F1800AFE087195EE3E2305BAB9C7F18F9033A93E0 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\NIS.exe
08:44:03.0358 0x1978  NIS - ok
08:44:03.0418 0x1978  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
08:44:03.0438 0x1978  NlaSvc - ok
08:44:03.0458 0x1978  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
08:44:03.0468 0x1978  Npfs - ok
08:44:03.0518 0x1978  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
08:44:03.0528 0x1978  nsi - ok
08:44:03.0548 0x1978  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
08:44:03.0548 0x1978  nsiproxy - ok
08:44:03.0718 0x1978  [ 378E0E0DFEA67D98AE6EA53ADBBD76BC, 2A78A36A729B271FE54A54E507EBC9AD9B9D764DBCB58AC3CBB8FC76D0075391 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
08:44:03.0778 0x1978  Ntfs - ok
08:44:03.0788 0x1978  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
08:44:03.0788 0x1978  Null - ok
08:44:04.0228 0x1978  [ 1CF597C9F0745735A6C5181ECB83706E, D07D7F7900CB5FF4DFC002BA2CB3C8E3D35158E6EAA96E68469DEA9F77876C76 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
08:44:04.0588 0x1978  nvlddmkm - ok
08:44:04.0678 0x1978  [ 909EEDCBD365BB81027D8E742E6B3416, 6C346C7B0E26A12BB0F56918E5324BC8C1024FEEE5952BFEB02DB2BC47182B61 ] NVNET           C:\Windows\system32\DRIVERS\nvmf6264.sys
08:44:04.0718 0x1978  NVNET - ok
08:44:04.0748 0x1978  [ A4D9C9A608A97F59307C2F2600EDC6A4, D786F4CA2D10BAC31CE14A338C442F7027D4BB2E955AB99BC44C2F241D383BBE ] nvraid          C:\Windows\system32\drivers\nvraid.sys
08:44:04.0758 0x1978  nvraid - ok
08:44:04.0828 0x1978  [ AFDE3015BB8D76E26BEC3B287C5443A0, 6D4804392149EA9B8BC555D4BEBB84A39DE14E62ACCD7EEBBE21D2D8E37E32B0 ] nvsmu           C:\Windows\system32\DRIVERS\nvsmu.sys
08:44:04.0828 0x1978  nvsmu - ok
08:44:04.0898 0x1978  [ 6C1D5F70E7A6A3FD1C90D840EDC048B9, 8D5337742A0F5B04D636C163CE77D4A9B3684CF81170026912A402513B44BA77 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
08:44:04.0918 0x1978  nvstor - ok
08:44:04.0948 0x1978  [ 1E45F96342429D63DC30E0D9117DA3D8, 3D6DB9514594377CACFD766F0153B8DCF51DDF4172864DAF589CB1EE480D2027 ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
08:44:04.0948 0x1978  nvstor64 - ok
08:44:04.0978 0x1978  [ E71CFA7AE5E7518E29073D7C20A8FCA1, 99CA07BD14D2932E007039A43289020B3A7D7BBFB92DC8D28AD38EB393894AEE ] nvsvc           C:\Windows\system32\nvvsvc.exe
08:44:04.0988 0x1978  nvsvc - ok
08:44:05.0008 0x1978  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
08:44:05.0008 0x1978  nv_agp - ok
08:44:05.0028 0x1978  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
08:44:05.0028 0x1978  ohci1394 - ok
08:44:05.0118 0x1978  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
08:44:05.0138 0x1978  p2pimsvc - ok
08:44:05.0228 0x1978  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
08:44:05.0258 0x1978  p2psvc - ok
08:44:05.0278 0x1978  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
08:44:05.0278 0x1978  Parport - ok
08:44:05.0338 0x1978  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
08:44:05.0348 0x1978  partmgr - ok
08:44:05.0378 0x1978  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
08:44:05.0398 0x1978  PcaSvc - ok
08:44:05.0508 0x1978  PcdrNdisuio - ok
08:44:05.0528 0x1978  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
08:44:05.0538 0x1978  pci - ok
08:44:05.0558 0x1978  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
08:44:05.0558 0x1978  pciide - ok
08:44:05.0588 0x1978  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
08:44:05.0598 0x1978  pcmcia - ok
08:44:05.0668 0x1978  [ AF7CE12C4F3DC8CB2B07685C916BBCFE, 1AF47113778D411BF3CF82ACF428676908121B1F3252133A5F98E188ED1E9C6C ] pcouffin        C:\Windows\system32\Drivers\pcouffin.sys
08:44:05.0678 0x1978  pcouffin - ok
08:44:05.0698 0x1978  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
08:44:05.0708 0x1978  pcw - ok
08:44:05.0748 0x1978  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
08:44:05.0778 0x1978  PEAUTH - ok
08:44:05.0838 0x1978  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
08:44:05.0838 0x1978  PerfHost - ok
08:44:05.0938 0x1978  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
08:44:05.0998 0x1978  pla - ok
08:44:06.0108 0x1978  [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
08:44:06.0138 0x1978  PlugPlay - ok
08:44:06.0158 0x1978  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
08:44:06.0158 0x1978  PNRPAutoReg - ok
08:44:06.0198 0x1978  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
08:44:06.0208 0x1978  PNRPsvc - ok
08:44:06.0308 0x1978  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
08:44:06.0328 0x1978  PolicyAgent - ok
08:44:06.0388 0x1978  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
08:44:06.0408 0x1978  Power - ok
08:44:06.0428 0x1978  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
08:44:06.0438 0x1978  PptpMiniport - ok
08:44:06.0458 0x1978  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
08:44:06.0468 0x1978  Processor - ok
08:44:06.0538 0x1978  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
08:44:06.0558 0x1978  ProfSvc - ok
08:44:06.0568 0x1978  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
08:44:06.0578 0x1978  ProtectedStorage - ok
08:44:06.0648 0x1978  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
08:44:06.0658 0x1978  Psched - ok
08:44:06.0758 0x1978  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
08:44:06.0808 0x1978  ql2300 - ok
08:44:06.0838 0x1978  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
08:44:06.0838 0x1978  ql40xx - ok
08:44:06.0848 0x1978  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
08:44:06.0858 0x1978  QWAVE - ok
08:44:06.0878 0x1978  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
08:44:06.0878 0x1978  QWAVEdrv - ok
08:44:06.0898 0x1978  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
08:44:06.0898 0x1978  RasAcd - ok
08:44:06.0958 0x1978  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
08:44:06.0968 0x1978  RasAgileVpn - ok
08:44:06.0988 0x1978  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
08:44:06.0998 0x1978  RasAuto - ok
08:44:07.0018 0x1978  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
08:44:07.0028 0x1978  Rasl2tp - ok
08:44:07.0068 0x1978  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
08:44:07.0088 0x1978  RasMan - ok
08:44:07.0108 0x1978  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
08:44:07.0108 0x1978  RasPppoe - ok
08:44:07.0118 0x1978  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
08:44:07.0118 0x1978  RasSstp - ok
08:44:07.0188 0x1978  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
08:44:07.0218 0x1978  rdbss - ok
08:44:07.0238 0x1978  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
08:44:07.0238 0x1978  rdpbus - ok
08:44:07.0258 0x1978  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
08:44:07.0258 0x1978  RDPCDD - ok
08:44:07.0288 0x1978  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
08:44:07.0288 0x1978  RDPENCDD - ok
08:44:07.0298 0x1978  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
08:44:07.0298 0x1978  RDPREFMP - ok
08:44:07.0388 0x1978  [ 074AC702D8B8B660B0E1371555995386, 4D038797AF891BB6FE4503178C3A9C918620FEA80AFB36083B836B2547271952 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
08:44:07.0398 0x1978  RDPWD - ok
08:44:07.0438 0x1978  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
08:44:07.0448 0x1978  rdyboost - ok
08:44:07.0508 0x1978  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
08:44:07.0518 0x1978  RemoteAccess - ok
08:44:07.0578 0x1978  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
08:44:07.0598 0x1978  RemoteRegistry - ok
08:44:07.0618 0x1978  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
08:44:07.0628 0x1978  RpcEptMapper - ok
08:44:07.0688 0x1978  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
08:44:07.0698 0x1978  RpcLocator - ok
08:44:07.0748 0x1978  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
08:44:07.0758 0x1978  RpcSs - ok
08:44:07.0778 0x1978  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
08:44:07.0778 0x1978  rspndr - ok
08:44:07.0788 0x1978  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs           C:\Windows\system32\lsass.exe
08:44:07.0788 0x1978  SamSs - ok
08:44:07.0808 0x1978  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
08:44:07.0818 0x1978  sbp2port - ok
08:44:07.0888 0x1978  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
08:44:07.0908 0x1978  SCardSvr - ok
08:44:07.0928 0x1978  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
08:44:07.0928 0x1978  scfilter - ok
08:44:08.0038 0x1978  [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule        C:\Windows\system32\schedsvc.dll
08:44:08.0078 0x1978  Schedule - ok
08:44:08.0148 0x1978  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
08:44:08.0158 0x1978  SCPolicySvc - ok
08:44:08.0218 0x1978  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
08:44:08.0238 0x1978  SDRSVC - ok
08:44:08.0248 0x1978  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
08:44:08.0248 0x1978  secdrv - ok
08:44:08.0268 0x1978  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
08:44:08.0268 0x1978  seclogon - ok
08:44:08.0278 0x1978  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
08:44:08.0278 0x1978  SENS - ok
08:44:08.0288 0x1978  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
08:44:08.0298 0x1978  SensrSvc - ok
08:44:08.0318 0x1978  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
08:44:08.0318 0x1978  Serenum - ok
08:44:08.0328 0x1978  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
08:44:08.0338 0x1978  Serial - ok
08:44:08.0378 0x1978  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
08:44:08.0388 0x1978  sermouse - ok
08:44:08.0468 0x1978  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
08:44:08.0478 0x1978  SessionEnv - ok
08:44:08.0498 0x1978  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
08:44:08.0498 0x1978  sffdisk - ok
08:44:08.0548 0x1978  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
08:44:08.0558 0x1978  sffp_mmc - ok
08:44:08.0578 0x1978  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
08:44:08.0588 0x1978  sffp_sd - ok
08:44:08.0608 0x1978  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
08:44:08.0618 0x1978  sfloppy - ok
08:44:08.0708 0x1978  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
08:44:08.0738 0x1978  SharedAccess - ok
08:44:08.0768 0x1978  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
08:44:08.0788 0x1978  ShellHWDetection - ok
08:44:08.0808 0x1978  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
08:44:08.0808 0x1978  SiSRaid2 - ok
08:44:08.0828 0x1978  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
08:44:08.0828 0x1978  SiSRaid4 - ok
08:44:08.0908 0x1978  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
08:44:08.0918 0x1978  Smb - ok
08:44:08.0958 0x1978  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
08:44:08.0958 0x1978  SNMPTRAP - ok
08:44:08.0978 0x1978  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
08:44:08.0978 0x1978  spldr - ok
08:44:09.0018 0x1978  [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler         C:\Windows\System32\spoolsv.exe
08:44:09.0038 0x1978  Spooler - ok
08:44:09.0148 0x1978  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
08:44:09.0278 0x1978  sppsvc - ok
08:44:09.0318 0x1978  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
08:44:09.0328 0x1978  sppuinotify - ok
08:44:09.0408 0x1978  [ 602884696850C86434530790B110E8EB, C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA ] sptd            C:\Windows\system32\Drivers\sptd.sys
08:44:09.0408 0x1978  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB, sha256: C9B734F070E55732B274C70381EA28AB574EF6AD3F606D3DC9B9B0038F3EDEEA
08:44:09.0408 0x1978  sptd - detected LockedFile.Multi.Generic ( 1 )
08:44:12.0258 0x1978  Detect skipped due to KSN trusted
08:44:12.0258 0x1978  sptd - ok
08:44:12.0428 0x1978  [ 8BFD1752AAA15BF47D668E9AC5AF96FB, EEC6CDA06A971D2E2C2634987228E550970C9246659C25DCCF87AC9CD08F55F3 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1501000.012\SRTSP64.SYS
08:44:12.0468 0x1978  SRTSP - ok
08:44:12.0488 0x1978  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\Windows\system32\drivers\NISx64\1501000.012\SRTSPX64.SYS
08:44:12.0488 0x1978  SRTSPX - ok
08:44:12.0548 0x1978  [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv             C:\Windows\system32\DRIVERS\srv.sys
08:44:12.0558 0x1978  srv - ok
08:44:12.0588 0x1978  [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
08:44:12.0598 0x1978  srv2 - ok
08:44:12.0678 0x1978  [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
08:44:12.0688 0x1978  srvnet - ok
08:44:12.0768 0x1978  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
08:44:12.0788 0x1978  SSDPSRV - ok
08:44:12.0798 0x1978  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
08:44:12.0798 0x1978  SstpSvc - ok
08:44:12.0818 0x1978  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
08:44:12.0818 0x1978  stexstor - ok
08:44:12.0928 0x1978  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
08:44:12.0968 0x1978  stisvc - ok
08:44:12.0978 0x1978  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
08:44:12.0988 0x1978  swenum - ok
08:44:13.0198 0x1978  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
08:44:13.0228 0x1978  SwitchBoard - ok
08:44:13.0258 0x1978  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
08:44:13.0278 0x1978  swprv - ok
08:44:13.0298 0x1978  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\NISx64\1501000.012\SYMDS64.SYS
08:44:13.0308 0x1978  SymDS - ok
08:44:13.0398 0x1978  [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA          C:\Windows\system32\drivers\NISx64\1501000.012\SYMEFA64.SYS
08:44:13.0438 0x1978  SymEFA - ok
08:44:13.0528 0x1978  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
08:44:13.0548 0x1978  SymEvent - ok
08:44:13.0598 0x1978  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\Windows\system32\drivers\NISx64\1501000.012\Ironx64.SYS
08:44:13.0608 0x1978  SymIRON - ok
08:44:13.0628 0x1978  [ 78A2F073AD9EA5EBC04A70931EA36C9A, 011395F07D7879D30E1700F060CA8C02407F8FFC99998B2E7507E7AF22578B68 ] SymNetS         C:\Windows\System32\Drivers\NISx64\1501000.012\SYMNETS.SYS
08:44:13.0638 0x1978  SymNetS - ok
08:44:13.0748 0x1978  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
08:44:13.0808 0x1978  SysMain - ok
08:44:13.0828 0x1978  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
08:44:13.0828 0x1978  TabletInputService - ok
08:44:13.0848 0x1978  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
08:44:13.0858 0x1978  TapiSrv - ok
08:44:13.0868 0x1978  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
08:44:13.0868 0x1978  TBS - ok
08:44:14.0018 0x1978  [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
08:44:14.0068 0x1978  Tcpip - ok
08:44:14.0128 0x1978  [ F18F56EFC0BFB9C87BA01C37B27F4DA5, 868EF8102EAB18E5EEC4B3032392BB4559B442A489026381F86875193325F63C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
08:44:14.0158 0x1978  TCPIP6 - ok
08:44:14.0228 0x1978  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
08:44:14.0238 0x1978  tcpipreg - ok
08:44:14.0268 0x1978  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
08:44:14.0278 0x1978  TDPIPE - ok
08:44:14.0328 0x1978  [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
08:44:14.0338 0x1978  TDTCP - ok
08:44:14.0358 0x1978  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
08:44:14.0368 0x1978  tdx - ok
08:44:14.0398 0x1978  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
08:44:14.0398 0x1978  TermDD - ok
08:44:14.0498 0x1978  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
08:44:14.0528 0x1978  TermService - ok
08:44:14.0528 0x1978  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
08:44:14.0538 0x1978  Themes - ok
08:44:14.0558 0x1978  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
08:44:14.0558 0x1978  THREADORDER - ok
08:44:14.0568 0x1978  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
08:44:14.0578 0x1978  TrkWks - ok
08:44:14.0728 0x1978  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
08:44:14.0738 0x1978  TrustedInstaller - ok
08:44:14.0778 0x1978  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
08:44:14.0778 0x1978  tssecsrv - ok
08:44:14.0828 0x1978  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
08:44:14.0838 0x1978  tunnel - ok
08:44:14.0868 0x1978  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
08:44:14.0868 0x1978  uagp35 - ok
08:44:14.0898 0x1978  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
08:44:14.0918 0x1978  udfs - ok
08:44:14.0948 0x1978  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
08:44:14.0948 0x1978  UI0Detect - ok
08:44:14.0978 0x1978  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
08:44:14.0988 0x1978  uliagpkx - ok
08:44:15.0028 0x1978  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
08:44:15.0028 0x1978  umbus - ok
08:44:15.0048 0x1978  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
08:44:15.0058 0x1978  UmPass - ok
08:44:15.0088 0x1978  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
08:44:15.0098 0x1978  upnphost - ok
08:44:15.0168 0x1978  [ CD03479F2DA26500B203ED075C146A7A, D2A6C1D64AC213B3A181AFD298B3C3AAA820B0D9783812F10512846BC3BD8584 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
08:44:15.0178 0x1978  USBAAPL64 - ok
08:44:15.0238 0x1978  [ 7B6A127C93EE590E4D79A5F2A76FE46F, 6F178916EF6D58D1E5B26C0D9D95C276B776505BFC9F716BB1E3ABD3B2B72FCE ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
08:44:15.0248 0x1978  usbccgp - ok
08:44:15.0278 0x1978  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
08:44:15.0278 0x1978  usbcir - ok
08:44:15.0338 0x1978  [ 92969BA5AC44E229C55A332864F79677, 4ED1E1049E7641D3FFF5D296F2D59060225CE52AB9F7B5CA618898B46A772F98 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
08:44:15.0348 0x1978  usbehci - ok
08:44:15.0468 0x1978  [ E7DF1CFD28CA86B35EF5ADD0735CEEF3, AA751288EC34D61D934D7E8C036B60BBCEDC2A746815623478BB015D87D6A998 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
08:44:15.0498 0x1978  usbhub - ok
08:44:15.0568 0x1978  [ F1BB1E55F1E7A65C5839CCC7B36D773E, 4F517F81FA5688D78D3627EA7D2EA16AD4EB410D7624FE483C7AF26951E579A9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
08:44:15.0568 0x1978  usbohci - ok
08:44:15.0598 0x1978  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
08:44:15.0598 0x1978  usbprint - ok
08:44:15.0668 0x1978  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
08:44:15.0678 0x1978  usbscan - ok
08:44:15.0738 0x1978  [ F39983647BC1F3E6100778DDFE9DCE29, 3BD36594F7C753680DB5A4354B1D6A33FC3011631D2D56DD4B2464AA99C85F7B ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
08:44:15.0748 0x1978  USBSTOR - ok
08:44:15.0808 0x1978  [ BC3070350A491D84B518D7CCA9ABD36F, 96FFF9F76A93CF4806297AE7C11A5C6D1E7A9980260E6CFC960F8247D5032161 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
08:44:15.0818 0x1978  usbuhci - ok
08:44:15.0858 0x1978  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
08:44:15.0858 0x1978  UxSms - ok
08:44:15.0898 0x1978  [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc        C:\Windows\system32\lsass.exe
08:44:15.0908 0x1978  VaultSvc - ok
08:44:15.0938 0x1978  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
08:44:15.0948 0x1978  vdrvroot - ok
08:44:16.0008 0x1978  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
08:44:16.0048 0x1978  vds - ok
08:44:16.0068 0x1978  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
08:44:16.0068 0x1978  vga - ok
08:44:16.0088 0x1978  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
08:44:16.0088 0x1978  VgaSave - ok
08:44:16.0118 0x1978  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
08:44:16.0128 0x1978  vhdmp - ok
08:44:16.0148 0x1978  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
08:44:16.0278 0x1978  viaide - ok
08:44:16.0328 0x1978  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
08:44:16.0348 0x1978  volmgr - ok
08:44:16.0498 0x1978  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
08:44:16.0518 0x1978  volmgrx - ok
08:44:16.0538 0x1978  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
08:44:16.0548 0x1978  volsnap - ok
08:44:16.0568 0x1978  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
08:44:16.0568 0x1978  vsmraid - ok
08:44:16.0638 0x1978  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
08:44:16.0688 0x1978  VSS - ok
08:44:16.0708 0x1978  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
08:44:16.0718 0x1978  vwifibus - ok
08:44:16.0738 0x1978  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
08:44:16.0748 0x1978  W32Time - ok
08:44:16.0768 0x1978  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
08:44:16.0768 0x1978  WacomPen - ok
08:44:16.0798 0x1978  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
08:44:16.0808 0x1978  WANARP - ok
08:44:16.0818 0x1978  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
08:44:16.0828 0x1978  Wanarpv6 - ok
08:44:16.0958 0x1978  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
08:44:17.0018 0x1978  WatAdminSvc - ok
08:44:17.0078 0x1978  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
08:44:17.0128 0x1978  wbengine - ok
08:44:17.0138 0x1978  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
08:44:17.0148 0x1978  WbioSrvc - ok
08:44:17.0228 0x1978  [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc         C:\Windows\System32\wcncsvc.dll
08:44:17.0288 0x1978  wcncsvc - ok
08:44:17.0298 0x1978  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
08:44:17.0298 0x1978  WcsPlugInService - ok
08:44:17.0338 0x1978  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
08:44:17.0338 0x1978  Wd - ok
08:44:17.0398 0x1978  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
08:44:17.0398 0x1978  WDC_SAM - ok
08:44:17.0468 0x1978  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
08:44:17.0488 0x1978  Wdf01000 - ok
08:44:17.0518 0x1978  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
08:44:17.0518 0x1978  WdiServiceHost - ok
08:44:17.0528 0x1978  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
08:44:17.0528 0x1978  WdiSystemHost - ok
08:44:17.0608 0x1978  [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient       C:\Windows\System32\webclnt.dll
08:44:17.0628 0x1978  WebClient - ok
08:44:17.0658 0x1978  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
08:44:17.0658 0x1978  Wecsvc - ok
08:44:17.0668 0x1978  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
08:44:17.0678 0x1978  wercplsupport - ok
08:44:17.0688 0x1978  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
08:44:17.0688 0x1978  WerSvc - ok
08:44:17.0708 0x1978  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
08:44:17.0708 0x1978  WfpLwf - ok
08:44:17.0728 0x1978  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
08:44:17.0728 0x1978  WIMMount - ok
08:44:17.0758 0x1978  WinDefend - ok
08:44:17.0778 0x1978  WinHttpAutoProxySvc - ok
08:44:17.0908 0x1978  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
08:44:17.0918 0x1978  Winmgmt - ok
08:44:17.0998 0x1978  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
08:44:18.0058 0x1978  WinRM - ok
08:44:18.0128 0x1978  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
08:44:18.0138 0x1978  WinUsb - ok
08:44:18.0218 0x1978  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
08:44:18.0318 0x1978  Wlansvc - ok
08:44:18.0558 0x1978  [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
08:44:18.0628 0x1978  wlidsvc - ok
08:44:18.0648 0x1978  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
08:44:18.0648 0x1978  WmiAcpi - ok
08:44:18.0718 0x1978  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
08:44:18.0728 0x1978  wmiApSrv - ok
08:44:18.0808 0x1978  WMPNetworkSvc - ok
08:44:18.0828 0x1978  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
08:44:18.0828 0x1978  WPCSvc - ok
08:44:18.0858 0x1978  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
08:44:18.0868 0x1978  WPDBusEnum - ok
08:44:18.0878 0x1978  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
08:44:18.0888 0x1978  ws2ifsl - ok
08:44:18.0948 0x1978  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc          C:\Windows\System32\wscsvc.dll
08:44:18.0958 0x1978  wscsvc - ok
08:44:18.0968 0x1978  WSearch - ok
08:44:19.0068 0x1978  [ 38340204A2D0228F1E87740FC5E554A7, 57181ED34E73DD17B590803C770A086C57754F229C6F587637B8FBB5D6519603 ] wuauserv        C:\Windows\system32\wuaueng.dll
08:44:19.0138 0x1978  wuauserv - ok
08:44:19.0168 0x1978  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
08:44:19.0168 0x1978  WudfPf - ok
08:44:19.0198 0x1978  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
08:44:19.0198 0x1978  WUDFRd - ok
08:44:19.0208 0x1978  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
08:44:19.0208 0x1978  wudfsvc - ok
08:44:19.0228 0x1978  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
08:44:19.0238 0x1978  WwanSvc - ok
08:44:19.0238 0x1978  ================ Scan global ===============================
08:44:19.0298 0x1978  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
08:44:19.0388 0x1978  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
08:44:19.0428 0x1978  [ 0CB6EBF4B461A6043353C570BD72A1E1, B6DA0AE56A7DC373F60CA1EF69E4D55E6F2EEB0D62AB78D555C5F85EB389A356 ] C:\Windows\system32\winsrv.dll
08:44:19.0488 0x1978  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
08:44:19.0578 0x1978  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
08:44:19.0608 0x1978  [ Global ] - ok
08:44:19.0608 0x1978  ================ Scan MBR ==================================
08:44:19.0618 0x1978  [ F25CF750D97ED9EC6A11014E8182B6F2 ] \Device\Harddisk0\DR0
08:44:19.0868 0x1978  \Device\Harddisk0\DR0 - ok
08:44:19.0868 0x1978  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
08:44:19.0878 0x1978  \Device\Harddisk1\DR1 - ok
08:44:19.0878 0x1978  ================ Scan VBR ==================================
08:44:19.0878 0x1978  [ AE0CD1AAEADCB874B79808627C3D6995 ] \Device\Harddisk0\DR0\Partition1
08:44:19.0888 0x1978  \Device\Harddisk0\DR0\Partition1 - ok
08:44:19.0898 0x1978  [ 09065B1169A4FD8666170DED67619EB6 ] \Device\Harddisk0\DR0\Partition2
08:44:19.0898 0x1978  \Device\Harddisk0\DR0\Partition2 - ok
08:44:19.0938 0x1978  [ 81A00ECEE29B4BEA0E91F4513E699491 ] \Device\Harddisk0\DR0\Partition3
08:44:19.0938 0x1978  \Device\Harddisk0\DR0\Partition3 - ok
08:44:19.0948 0x1978  [ C4083CCC00BC9675E4BBA74231624400 ] \Device\Harddisk1\DR1\Partition1
08:44:19.0948 0x1978  \Device\Harddisk1\DR1\Partition1 - ok
08:44:19.0948 0x1978  Waiting for KSN requests completion. In queue: 100
08:44:20.0948 0x1978  Waiting for KSN requests completion. In queue: 100
08:44:21.0948 0x1978  Waiting for KSN requests completion. In queue: 100
08:44:22.0958 0x1978  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
08:44:22.0958 0x1978  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
08:44:25.0748 0x1978  ============================================================
08:44:25.0748 0x1978  Scan finished
08:44:25.0748 0x1978  ============================================================
08:44:25.0778 0x23f4  Detected object count: 0
08:44:25.0778 0x23f4  Actual detected object count: 0
 

 

 

 

 

# AdwCleaner v3.012 - Report created 14/11/2013 at 08:48:46
# Updated 11/11/2013 by Xplode
# Operating System : Windows 7 Home Premium  (64 bits)
# Username : los - CLEOPATRA
# Running from : C:\Users\los\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\DownLOAd keePer
Folder Deleted : C:\Program Files (x86)\DownLOAd keePer
Folder Deleted : C:\Users\Amanda\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\los\AppData\Local\Temp\boost_interprocess
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKCU\Software\YahooPartnerToolbar

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16421


-\\ Mozilla Firefox v25.0 (en-US)

[ File : C:\Users\Amanda\AppData\Roaming\Mozilla\Firefox\Profiles\nwu7mqq3.default\prefs.js ]


[ File : C:\Users\los\AppData\Roaming\Mozilla\Firefox\Profiles\bfpfd762.default-1377246468981\prefs.js ]

Line Deleted : user_pref("extensions.YcmT0k092c3.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if (window.self.location.protocol.indexOf('hxxp') > -1 && window.self == win[...]

-\\ Google Chrome v30.0.1599.101

[ File : C:\Users\los\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [2144 octets] - [14/11/2013 08:46:55]
AdwCleaner[S0].txt - [2044 octets] - [14/11/2013 08:48:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2104 octets] ##########
 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by los on Thu 11/14/2013 at  8:56:14.49
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\los\AppData\Roaming\mozilla\firefox\profiles\bfpfd762.default-1377246468981\minidumps [11 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 11/14/2013 at  9:03:51.58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=4db66284908c9942ab74c7a18acf1710
# engine=15883
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2013-11-14 06:20:00
# local_time=2013-11-14 01:20:00 (-0500, Eastern Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=3591 16777213 100 88 214120 146959785 0 0
# compatibility_mode=5893 16776574 100 94 51172149 135996650 0 0
# scanned=413694
# found=8
# cleaned=8
# scan_time=14803
sh=D3931EB0230686CD8E8B1324A29F1CD91278FF1E ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2010-0842.L trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Amanda\AppData\Local\Temp\jar_cache2109585929971051143.tmp"
sh=333D68BD545B8B64CB634ADF9FBE820A1413E147 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\los\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmbiifaldfcmolpebmcbilgdcfllnod\1.6\1Rb2daRBDK.js"
sh=A624E6474261A8152269C5AE0380DBFC6C085289 ft=1 fh=c1b0af99eb480744 vn="Win32/InstalleRex.I application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\los\AppData\Local\Temp\bfj_F0Bd.exe.part"
sh=DE6D58A2678388A57BEF7BE2E033376681D0E912 ft=1 fh=9fc0761f9b872705 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Users\los\AppData\Local\Temp\Coupon-Caddy-ppi-US.exe"
sh=3F00CECB8B0BBDF27D4B0F503A9C33C001ACAD05 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.CVE-2011-3544.B trojan (cleaned by deleting - quarantined)" ac=C fn="C:\Users\los\AppData\Local\Temp\jar_cache411626721729459873.tmp"
sh=42B8FABB827140B8C709DB5605D9D7935569E4D7 ft=1 fh=b7b7eadd5bebf631 vn="Win32/Somoto.E application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\los\AppData\Local\Temp\xb+J+YvZ.exe.part"
sh=2D5E6CCF50FED5C5E01F54AE12572C33752D367A ft=1 fh=68259b958eaf731e vn="Win32/Packed.Autoit.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\los\AppData\Local\Temp\y_nOspSJ.exe.part"
sh=D85BE37DC66253A98FFA59308A28B9453A3A3084 ft=1 fh=8b0bf2da42805d9c vn="a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\los\AppData\Local\Temp\ICReinstall\cnet_OpenOfficePortable_3_2_0_English_paf_exe.exe"
 

 

In closing, I wanted to take the time out to thank you for your help.  It is definitely most appreciated!!!  :D

 

 

Your friend,

 

LD


Edited by LosDogg, 15 November 2013 - 03:52 AM.


#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,609 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:07:26 AM

Posted 15 November 2013 - 08:57 AM

Looks like the last remnants of DownLOAd keePer and some other junkware was found and removed.

How is your computer running now?

 

 

BTW, your first post showed outdated software which needs your attention.

 

 Results of screen317's Security Check version 0.99.76  
 Windows 7  x64 (UAC is enabled)  
 Out of date service pack!!
 Internet Explorer 10  
``````````````Antivirus/Firewall Check:``````````````
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Java 7 Update 25  
 Java version out of Date!
 Adobe Flash Player 10 Flash Player out of Date!

 

* Updating Adobe Reader

Using Java is an unnecessary security risk...especially using older versions which have vulnerabilities that malicious sites can use to exploit and infect your system.

Although, Java is commonly used in business environments and many VPN providers still use it, the average user does not need to install Java software.
* Why You don't need Java
* W3Techs usage statistics and market share data of Java on the web
* Java: should you remove it?

I recommend just uninstalling Java if you don't use it. How to Completely Remove Java Using JavaRa

If you're going to use Java, many security researchers and computer security organizations caution users to limit their usage and to disable Java Plug-ins or add-ons in your browsers.
* How to disable Java Plug-ins or add-ons in common web browsers .
* How to turn off Java on your browser
 

 

 

 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users