Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer running slow


  • Please log in to reply
8 replies to this topic

#1 rhodaellen

rhodaellen

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 05 January 2014 - 11:56 AM

Pop-ups I cannot delete from:  loadus.exe and from Luahsai.exe and from dpx.js.  There is a folder on my desktop: mbar.  Did not put it there.  I called a toll free number on the computer from people to fix the e-mail.  Sounded fishy and I hung up.  They called back; I didn't answer the phone but the area code was 212 and the name was Sales VJX.  I keep getting Malebytes pop-ups saying they are blocking outgoing messages.





BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:28 PM

Posted 05 January 2014 - 02:10 PM

Hello

first that MBAR could be this and we should run it.

Download Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt



  • Please download MiniToolBox, save it to your desktop and run it.
    Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
    [list]
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 rhodaellen

rhodaellen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 08 January 2014 - 05:45 PM

Thought these got posted

didn't see them so I'll try again

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1008
www.malwarebytes.org

Database version: v2014.01.06.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Marian :: DH32RNG1 [administrator]

1/6/2014 6:51:58 PM
mbar-log-2014-01-06 (18-51-58).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 244476
Time elapsed: 2 hour(s), 38 minute(s), 22 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 1062207488, free: 269107200

=======================================

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.994000 GHz
Memory total: 1062207488, free: 610873344

=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 1062207488, free: 228179968

Downloaded database version: v2014.01.05.04
Downloaded database version: v2013.12.18.01
Initializing...
======================
------------ Kernel report ------------
     01/05/2014 16:42:10
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
iaStor.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
\WINDOWS\system32\ntkrnlpa.exe
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igxpmp32.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\e1e5132.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HSFHWBS2.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\HSF_DP.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\MODEMCSA.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\i2omgmt.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\igxpgd32.dll
\SystemRoot\System32\igxprd32.dll
\SystemRoot\System32\igxpdv32.DLL
\SystemRoot\System32\igxpdx32.DLL
\SystemRoot\System32\ATMFD.DLL
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\system32\DRIVERS\ipfltdrv.sys
\SystemRoot\System32\Drivers\HTTP.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR7
Upper Device Object: 0xffffffff86712030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000077\
Lower Device Object: 0xffffffff86e96030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR6
Upper Device Object: 0xffffffff86bdca20
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000076\
Lower Device Object: 0xffffffff86b6b030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR5
Upper Device Object: 0xffffffff86bd49b8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000075\
Lower Device Object: 0xffffffff86ac5da8
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR4
Upper Device Object: 0xffffffff86779030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000074\
Lower Device Object: 0xffffffff86e8fea0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86f1eab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff86f67940
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86f1eab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86f23c60, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86f1eab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86f88c98, DeviceName: \Device\00000063\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86f67940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 41AB2316

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 96327

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 96390  Numsec = 481243140
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Other (0xdb)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 481339530  Numsec = 6924015

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250000000000 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-488261250-488281250)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff86779030, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86b51020, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86779030, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86e8fea0, DeviceName: \Device\00000074\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff86bd49b8, DeviceName: \Device\Harddisk2\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86db0020, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86bd49b8, DeviceName: \Device\Harddisk2\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86ac5da8, DeviceName: \Device\00000075\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff86bdca20, DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86d40758, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86bdca20, DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86b6b030, DeviceName: \Device\00000076\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff86712030, DeviceName: \Device\Harddisk4\DR7\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86bbd180, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86712030, DeviceName: \Device\Harddisk4\DR7\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86e96030, DeviceName: \Device\00000077\, DriverName: \Driver\USBSTOR\
------------ End ----------
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 1062313984, free: 523427840

Could not load protection driver
Downloaded database version: v2014.01.06.01
Downloaded database version: v2014.01.06.02
Downloaded database version: v2014.01.06.03
Downloaded database version: v2014.01.06.04
Downloaded database version: v2014.01.06.05
Downloaded database version: v2014.01.06.06
Downloaded database version: v2014.01.06.07
Downloaded database version: v2014.01.06.08
=======================================
Initializing...
------------ Kernel report ------------
     01/06/2014 16:42:17
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
iaStor.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igxpmp32.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\e1e5132.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HSFHWBS2.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\HSF_DP.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\MODEMCSA.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\i2omgmt.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\igxpgd32.dll
\SystemRoot\System32\igxprd32.dll
\SystemRoot\System32\igxpdv32.DLL
\SystemRoot\System32\igxpdx32.DLL
\SystemRoot\System32\ATMFD.DLL
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\ipfltdrv.sys
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR7
Upper Device Object: 0xffffffff86371030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000077\
Lower Device Object: 0xffffffff86c42030
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR6
Upper Device Object: 0xffffffff86367030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000076\
Lower Device Object: 0xffffffff86adb7e8
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR5
Upper Device Object: 0xffffffff8635a148
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000075\
Lower Device Object: 0xffffffff86e9cea0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR4
Upper Device Object: 0xffffffff86d6cab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000074\
Lower Device Object: 0xffffffff86ea2ea0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86f5fab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff86f1b940
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86f5fab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86f64e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86f5fab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86f8fa90, DeviceName: \Device\00000063\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86f1b940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 41AB2316

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 96327

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 96390  Numsec = 481243140
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Other (0xdb)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 481339530  Numsec = 6924015

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250000000000 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-488261250-488281250)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff86d6cab8, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86a93020, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86d6cab8, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86ea2ea0, DeviceName: \Device\00000074\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff8635a148, DeviceName: \Device\Harddisk2\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86c31778, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8635a148, DeviceName: \Device\Harddisk2\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86e9cea0, DeviceName: \Device\00000075\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff86367030, DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86dd3e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86367030, DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86adb7e8, DeviceName: \Device\00000076\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff86371030, DeviceName: \Device\Harddisk4\DR7\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86e0de08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86371030, DeviceName: \Device\Harddisk4\DR7\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86c42030, DeviceName: \Device\00000077\, DriverName: \Driver\USBSTOR\
------------ End ----------
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1008

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.995000 GHz
Memory total: 1062313984, free: 537464832

Could not load protection driver
Initializing...
======================
------------ Kernel report ------------
     01/06/2014 18:51:43
------------ Loaded modules -----------
\WINDOWS\system32\ntkrnlpa.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
atapi.sys
iaStor.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\igxpmp32.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\HSFHWBS2.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\HSF_DP.sys
\SystemRoot\system32\DRIVERS\HSF_CNXT.sys
\SystemRoot\System32\Drivers\Modem.SYS
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\imapi.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\MODEMCSA.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\RtkHDAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\i2omgmt.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\igxpgd32.dll
\SystemRoot\System32\igxprd32.dll
\SystemRoot\System32\igxpdv32.DLL
\SystemRoot\System32\igxpdx32.DLL
\SystemRoot\System32\ATMFD.DLL
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\mdmxsdk.sys
\SystemRoot\system32\DRIVERS\ipfltdrv.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\drivers\kmixer.sys
\SystemRoot\System32\Drivers\HTTP.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR7
Upper Device Object: 0xffffffff865da1d8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000076\
Lower Device Object: 0xffffffff86ad0b98
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR6
Upper Device Object: 0xffffffff865cb848
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000075\
Lower Device Object: 0xffffffff86a96ea0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR5
Upper Device Object: 0xffffffff86bd3128
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000074\
Lower Device Object: 0xffffffff86af1600
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR4
Upper Device Object: 0xffffffff86c04030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000073\
Lower Device Object: 0xffffffff86a73ea0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff86f87ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-3\
Lower Device Object: 0xffffffff86f09940
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff86f87ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86f70e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86f87ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86fa88b8, DeviceName: \Device\00000062\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff86f09940, DeviceName: \Device\Ide\IdeDeviceP0T0L0-3\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 41AB2316

Partition information:

    Partition 0 type is Other (0xde)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 96327

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 96390  Numsec = 481243140
    Partition file system is NTFS
    Partition is bootable

    Partition 2 type is Other (0xdb)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 481339530  Numsec = 6924015

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250000000000 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-488261250-488281250)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff86c04030, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86dec3b0, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86c04030, DeviceName: \Device\Harddisk1\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86a73ea0, DeviceName: \Device\00000073\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 2, DevicePointer: 0xffffffff86bd3128, DeviceName: \Device\Harddisk2\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86d4e7a8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff86bd3128, DeviceName: \Device\Harddisk2\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86af1600, DeviceName: \Device\00000074\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xffffffff865cb848, DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86bd5e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff865cb848, DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86a96ea0, DeviceName: \Device\00000075\, DriverName: \Driver\USBSTOR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xffffffff865da1d8, DeviceName: \Device\Harddisk4\DR7\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff86bec0e8, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff865da1d8, DeviceName: \Device\Harddisk4\DR7\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff86ad0b98, DeviceName: \Device\00000076\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================

Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_96390_i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...
Removal finished

 

MiniToolBox by Farbar  Version: 18-12-2013
Ran by Marian (administrator) on 06-01-2014 at 17:14:42
Running from "C:\Documents and Settings\Marian\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® 82562V-2 10/100 Network Connection = Local Area Connection (Connected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : DH32RNG1

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Intel® 82562V-2 10/100 Network Connection

        Physical Address. . . . . . . . . : 00-1D-09-9D-49-44

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.101

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 192.168.0.1

        Lease Obtained. . . . . . . . . . : Monday, January 06, 2014 4:39:21 PM

        Lease Expires . . . . . . . . . . : Tuesday, January 07, 2014 4:39:21 PM

Server:  UnKnown
Address:  192.168.0.1

Name:    google.com
Addresses:  74.125.227.197, 74.125.227.198, 74.125.227.199, 74.125.227.200
   74.125.227.201, 74.125.227.206, 74.125.227.192, 74.125.227.193, 74.125.227.194
   74.125.227.195, 74.125.227.196

 

Pinging google.com [173.194.115.37] with 32 bytes of data:

 

Reply from 173.194.115.37: bytes=32 time=59ms TTL=53

Reply from 173.194.115.37: bytes=32 time=58ms TTL=53

 

Ping statistics for 173.194.115.37:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 58ms, Maximum = 59ms, Average = 58ms

Server:  UnKnown
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109

 

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:

 

Reply from 206.190.36.45: bytes=32 time=88ms TTL=43

Reply from 206.190.36.45: bytes=32 time=82ms TTL=43

 

Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 82ms, Maximum = 88ms, Average = 85ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 1d 09 9d 49 44 ...... Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.101   20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      169.254.0.0      255.255.0.0    192.168.0.101   192.168.0.101   20
      192.168.0.0    255.255.255.0    192.168.0.101   192.168.0.101   20
    192.168.0.101  255.255.255.255        127.0.0.1       127.0.0.1   20
    192.168.0.255  255.255.255.255    192.168.0.101   192.168.0.101   20
        224.0.0.0        240.0.0.0    192.168.0.101   192.168.0.101   20
  255.255.255.255  255.255.255.255    192.168.0.101   192.168.0.101   1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/06/2014 00:08:40 PM) (Source: Application Hang) (User: )
Description: Hanging application thunderbird.exe, version 17.0.8.4961, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/06/2014 00:08:40 PM) (Source: Application Hang) (User: )
Description: Hanging application thunderbird.exe, version 17.0.8.4961, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/06/2014 08:47:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32884735

Error: (01/06/2014 08:47:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32884735

Error: (01/06/2014 08:47:09 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2014 05:15:52 PM) (Source: Application Error) (User: )
Description: Faulting application drwtsn32.exe, version 5.1.2600.0, faulting module dbghelp.dll, version 5.1.2600.5512, fault address 0x0001295d.
Processing media-specific event for [drwtsn32.exe!ws!]

Error: (01/05/2014 05:04:06 PM) (Source: .NET Runtime 2.0 Error Reporting) (User: )
Description: EventType clr20r3, P1 preinstallchecker_google.exe, P2 1.0.0.0, P3 52c70c56, P4 mscorlib, P5 2.0.0.0, P6 5174dd4c, P7 3455, P8 21c, P9 clr20r30, P10 clr20r31.

Error: (01/05/2014 04:59:01 PM) (Source: Application Error) (User: )
Description: Faulting application explorer.exe, version 6.0.2900.5512, faulting module ntdll.dll, version 5.1.2600.6055, fault address 0x000673be.
Processing media-specific event for [explorer.exe!ws!]

Error: (01/05/2014 02:41:35 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/05/2014 02:41:35 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

System errors:
=============
Error: (01/05/2014 09:25:10 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
iaStor

Error: (01/05/2014 09:02:28 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/05/2014 08:59:08 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/05/2014 08:45:05 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/05/2014 08:23:10 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/05/2014 08:19:34 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/05/2014 08:12:14 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/05/2014 08:11:05 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/05/2014 07:58:24 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Error: (01/05/2014 07:50:59 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort0

Microsoft Office Sessions:
=========================
Error: (01/06/2014 00:08:40 PM) (Source: Application Hang)(User: )
Description: thunderbird.exe17.0.8.4961hungapp0.0.0.000000000

Error: (01/06/2014 00:08:40 PM) (Source: Application Hang)(User: )
Description: thunderbird.exe17.0.8.4961hungapp0.0.0.000000000

Error: (01/06/2014 08:47:09 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 32884735

Error: (01/06/2014 08:47:09 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 32884735

Error: (01/06/2014 08:47:09 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (01/05/2014 05:15:52 PM) (Source: Application Error)(User: )
Description: drwtsn32.exe5.1.2600.0dbghelp.dll5.1.2600.55120001295d

Error: (01/05/2014 05:04:06 PM) (Source: .NET Runtime 2.0 Error Reporting)(User: )
Description: clr20r3preinstallchecker_google.exe1.0.0.052c70c56mscorlib2.0.0.05174dd4c345521csystem.io.ioexceptionNIL

Error: (01/05/2014 04:59:01 PM) (Source: Application Error)(User: )
Description: explorer.exe6.0.2900.5512ntdll.dll5.1.2600.6055000673be

Error: (01/05/2014 02:41:35 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (01/05/2014 02:41:35 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

=========================== Installed Programs ============================

Adobe AIR (Version: 3.6.0.6090)
Adobe Digital Editions
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170)
Adobe Reader XI (11.0.05) (Version: 11.0.05)
Amazon Kindle
Amazon MP3 Downloader 1.0.3
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
Bing Bar (Version: 7.3.124.0)
Bonjour (Version: 3.0.0.10)
Browser Address Error Redirector (Version: 1.00.0000)
Canon Camera Access Library (Version: 8.4.0.1)
Canon Camera Support Core Library (Version: 7.3.1.6)
Canon G.726 WMP-Decoder (Version: 1.1.0.4)
Canon i550
Canon MovieEdit Task for ZoomBrowser EX (Version: 2.5.0.15)
Canon RAW Image Task for ZoomBrowser EX (Version: 3.0.0.18)
Canon Utilities CameraWindow (Version: 7.0.0.8)
Canon Utilities CameraWindow DC (Version: 7.0.1.16)
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX (Version: 5.4.5.17)
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX (Version: 6.4.1.15)
Canon Utilities EOS Utility (Version: 1.1.0.8)
Canon Utilities MyCamera (Version: 6.4.0.5)
Canon Utilities MyCamera DC (Version: 7.0.0.5)
Canon Utilities PhotoStitch (Version: 3.1.20.44)
Canon Utilities RemoteCapture DC (Version: 3.0.1.8)
Canon Utilities RemoteCapture Task for ZoomBrowser EX (Version: 1.7.1.9)
Canon Utilities ZoomBrowser EX (Version: 6.0.0.246)
Canon ZoomBrowser EX Memory Card Utility (Version: 1.0.0.19)
CCleaner (Version: 4.02)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant D850 56K V.9x DFVc Modem
Coupon Printer for Windows (Version: 5.0.0.0)
Critical Update for Windows Media Player 11 (KB959772)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Driver Reset Tool (Version: 1.02.0000)
Dell System Restore (Version: 2.00.0000)
Digital Line Detect (Version: 1.10)
Documentation & Support Launcher (Version: 1.00.0000)
EarthLink Setup Files (Version: 2005.2.178.0.2.2)
Games, Music, & Photos Launcher (Version: 1.00.0000)
Google Update Helper (Version: 1.3.22.3)
Griffith 0.12.1 (Version: 0.12.1)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
Hoyle Word Games 2
HP Deskjet 2510 series Basic Device Software (Version: 27.0.847.0)
HP Deskjet 2510 series Help (Version: 27.0.0)
HP Deskjet 2510 series Product Improvement Study (Version: 27.0.847.0)
HP Deskjet 2510 series Setup Guide (Version: 27.0.0)
HP Photo Creations (Version: 1.0.0.3341)
HP Update (Version: 5.005.000.002)
HPDiagnosticAlert (Version: 1.00.0000)
iMusic Tools Essentials (Version: 2.02.75)
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Internet Service Offers Launcher (Version: 1.00.0000)
iTunes (Version: 11.1.1.11)
Just CrossStitch Pattern CD Volume 1
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Professional 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.6029.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Works (Version: 9.7.0621)
Move Networks Media Player for Internet Explorer
Mozilla Firefox (2.0.0.20) (Version: 2.0.0.20 (en-US))
Mozilla Maintenance Service (Version: 24.2.0)
Mozilla Thunderbird 24.2.0 (x86 en-US) (Version: 24.2.0)
MSN
MSXML 6.0 Parser (KB933579) (Version: 6.10.1200.0)
Musicmatch for Windows Media Player (Version: 0.00.000)
MyDataBase (Version: 6.5.0)
MySoftware Fonts
NetWaiting (Version: 2.5.12)
NetZero Internet and Voice Offer (Version: 2.0)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
OpenOffice.org 3.2 (Version: 3.2.9502)
PCStitch for Windows
Photo Notifier and Animation Creator (Version: 1.0.0.1009)
Photo Viewer s2.5
PhotoMail Maker (Version: 6.0.0.1007)
Picasa 3 (Version: 3.9)
PowerDVD (Version: 7.0)
QuickTime (Version: 7.70.80.34)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1 (Version: 1.1.0)
SCRABBLE
SearchAssist
Shorter Oxford English Dictionary (Sixth Edition)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB971180) (Version: 1)
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows Internet Explorer 8 (KB976749) (Version: 1)
Update for Windows Internet Explorer 8 (KB980182) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Walmart Photo Manager (Version: 2.4.0.570)
WebFldrs XP (Version: 9.50.7523)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7 (Version: 20070813.185237)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Devices: ================================

Name: ACPI Multiprocessor PC
Description: ACPI Multiprocessor PC
Class Guid: {4D36E966-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: ACPI

Name: Intel® Pentium® Dual  CPU  E2180  @ 2.00GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm

Name: Intel® Pentium® Dual  CPU  E2180  @ 2.00GHz
Description: Intel Processor
Class Guid: {50127DC3-0F36-415E-A6CC-4CB3BE910B65}
Manufacturer: Intel
Service: intelppm

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: PCI bus
Description: PCI bus
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: pci

Name: Intel® G33/G31/P35 Express Chipset Processor to I/O Controller - 29C0
Description: Intel® G33/G31/P35 Express Chipset Processor to I/O Controller - 29C0
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: Intel® G33/G31/P35 Express Chipset PCI Express Root Port - 29C1
Description: Intel® G33/G31/P35 Express Chipset PCI Express Root Port - 29C1
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Intel® G33/G31 Express Chipset Family
Description: Intel® G33/G31 Express Chipset Family
Class Guid: {4D36E968-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel Corporation
Service: ialm

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Plug and Play Monitor
Description: Plug and Play Monitor
Class Guid: {4D36E96E-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard monitor types)
Service:

Name: Intel® 82562V-2 10/100 Network Connection
Description: Intel® 82562V-2 10/100 Network Connection
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: e1express

Name: Intel® ICH9 Family USB Universal Host Controller - 2937
Description: Intel® ICH9 Family USB Universal Host Controller - 2937
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2938
Description: Intel® ICH9 Family USB Universal Host Controller - 2938
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID Keyboard Device
Description: HID Keyboard Device
Class Guid: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard keyboards)
Service: kbdhid

Name: Intel® ICH9 Family USB Universal Host Controller - 2939
Description: Intel® ICH9 Family USB Universal Host Controller - 2939
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: USB Human Interface Device
Description: USB Human Interface Device
Class Guid: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA}
Manufacturer: (Standard system devices)
Service: HidUsb

Name: HID-compliant mouse
Description: HID-compliant mouse
Class Guid: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: mouhid

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293C
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Microsoft UAA Bus Driver for High Definition Audio
Description: Microsoft UAA Bus Driver for High Definition Audio
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Realtek High Definition Audio
Description: Realtek High Definition Audio
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek
Service: IntcAzAudAddService

Name: Intel® ICH9 Family USB Universal Host Controller - 2934
Description: Intel® ICH9 Family USB Universal Host Controller - 2934
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2935
Description: Intel® ICH9 Family USB Universal Host Controller - 2935
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB Universal Host Controller - 2936
Description: Intel® ICH9 Family USB Universal Host Controller - 2936
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbuhci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Description: Intel® ICH9 Family USB2 Enhanced Host Controller - 293A
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: Intel
Service: usbehci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: CA-200
Description: CA-200
Class Guid: {36FC9E60-C465-11CF-8056-444553540000}
Manufacturer: TEAC
Service: USBSTOR

Name: TEAC USB   HS-CF Card USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: TEAC USB   HS-xD/SM USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: TEAC USB   HS-MS Card USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: TEAC USB   HS-SD Card USB Device
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Intel® 82801 PCI Bridge - 244E
Description: Intel® 82801 PCI Bridge - 244E
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pci

Name: Conexant D850 56K V.9x DFVc Modem
Description: Conexant D850 56K V.9x DFVc Modem
Class Guid: {4D36E96D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Conexant
Service: Modem

Name: Unimodem Half-Duplex Audio Device
Description: Unimodem Half-Duplex Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: MODEMCSA

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: isapnp

Name: ISAPNP Read Data Port
Description: ISAPNP Read Data Port
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System timer
Description: System timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: High Precision Event Timer
Description: High Precision Event Timer
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Standard floppy disk controller
Description: Standard floppy disk controller
Class Guid: {4D36E969-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard floppy disk controllers)
Service: fdc

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Intel® 82802 Firmware Hub Device
Description: Intel® 82802 Firmware Hub Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: Intel® ICH9 4 port Serial ATA Storage Controller 1 - 2920
Description: Intel® ICH9 4 port Serial ATA Storage Controller 1 - 2920
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: ST3250310AS
Description: Disk drive
Class Guid: {4D36E967-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Optiarc DVD+-RW AD-7200S
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: Intel® ICH9 Family SMBus Controller - 2930
Description: Intel® ICH9 Family SMBus Controller - 2930
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service:

Name: Intel® ICH9 2 port Serial ATA Storage Controller 2 - 2926
Description: Intel® ICH9 2 port Serial ATA Storage Controller 2 - 2926
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: Intel
Service: pciide

Name: Primary IDE Channel
Description: Primary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Secondary IDE Channel
Description: Secondary IDE Channel
Class Guid: {4D36E96A-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: System board
Description: System board
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fan
Description: ACPI Fan
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Thermal Zone
Description: ACPI Thermal Zone
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service:

Name: Logical Disk Manager
Description: Logical Disk Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: dmio

Name: Volume Manager
Description: Volume Manager
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: ftdisk

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: Generic volume
Description: Generic volume
Class Guid: {71A27CDD-812A-11D0-BEC7-08002BE2092F}
Manufacturer: Microsoft
Service:

Name: AFD
Description: AFD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Beep
Description: Beep
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Beep

Name: dmboot
Description: dmboot
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmboot

Name: dmload
Description: dmload
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: dmload

Name: Fips
Description: Fips
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Fips

Name: Generic Packet Classifier
Description: Generic Packet Classifier
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Gpc

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: i2omgmt
Description: i2omgmt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: i2omgmt

Name: Intel RAID Controller
Description: Intel RAID Controller
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: iaStor

Name: IP Traffic Filter Driver
Description: IP Traffic Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpFilterDriver

Name: IP Network Address Translator
Description: IP Network Address Translator
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IpNat

Name: IPSEC driver
Description: IPSEC driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: IPSec

Name: ksecdd
Description: ksecdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ksecdd

Name: MBAMSwissArmy
Description: MBAMSwissArmy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MBAMSwissArmy

Name: mdmxsdk
Description: mdmxsdk
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mdmxsdk

Name: mnmdd
Description: mnmdd
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mnmdd

Name: mountmgr
Description: mountmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: Remote Access NDIS TAPI Driver
Description: Remote Access NDIS TAPI Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NdisTapi

Name: NDIS Usermode I/O Protocol
Description: NDIS Usermode I/O Protocol
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Ndisuio

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: NetBios over Tcpip
Description: NetBios over Tcpip
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: PartMgr
Description: PartMgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PartMgr

Name: ParVdm
Description: ParVdm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ParVdm

Name: Remote Access Auto Connection Driver
Description: Remote Access Auto Connection Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RasAcd

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: VolSnap
Description: VolSnap
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VolSnap

Name: Remote Access IP ARP Driver
Description: Remote Access IP ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarp

Name: Audio Codecs
Description: Audio Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Audio Drivers
Description: Legacy Audio Drivers
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Media Control Devices
Description: Media Control Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Legacy Video Capture Devices
Description: Legacy Video Capture Devices
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: Video Codecs
Description: Video Codecs
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: audstub

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Rasl2tp

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NdisWan

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: RasPppoe

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PptpMiniport

Name: Intel® 82562V-2 10/100 Network Connection - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: WAN Miniport (IP) - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: ARRIS TOUCHSTONE DEVICE - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: ARRIS TOUCHSTONE DEVICE #2 - Packet Scheduler Miniport
Description: Packet Scheduler Miniport
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: PSched

Name: Direct Parallel
Description: Direct Parallel
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: Raspti

Name: Terminal Server Device Redirector
Description: Terminal Server Device Redirector
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: rdpdr

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: Microsoft WINMM WDM Audio Compatibility Driver
Description: Microsoft WINMM WDM Audio Compatibility Driver
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: wdmaud

Name: Microsoft Kernel System Audio Device
Description: Microsoft Kernel System Audio Device
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: sysaudio

Name: Microsoft Kernel Wave Audio Mixer
Description: Microsoft Kernel Wave Audio Mixer
Class Guid: {4D36E96C-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: kmixer

Name: Microcode Update Device
Description: Microcode Update Device
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: update

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4D36E97D-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard system devices)
Service: mssmbios

========================= Memory info: ===================================

Percentage of memory in use: 96%
Total physical RAM: 1013.1 MB
Available physical RAM: 39.16 MB
Total Pagefile: 2439.85 MB
Available Pagefile: 1149.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.99 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:229.47 GB) (Free:166.12 GB) NTFS

========================= Users: ========================================

User accounts for \\DH32RNG1

Administrator            Guest                    HelpAssistant           
Marian                   SUPPORT_388945a0        

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

09-10-2013 19:21:03 System Checkpoint
10-10-2013 18:00:37 Software Distribution Service 3.0
11-10-2013 18:42:49 System Checkpoint
12-10-2013 19:32:30 System Checkpoint
13-10-2013 18:28:40 Software Distribution Service 3.0
26-10-2013 02:11:46 System Checkpoint
27-10-2013 12:08:31 System Checkpoint
28-10-2013 13:42:04 System Checkpoint
29-10-2013 14:13:28 System Checkpoint
30-10-2013 15:37:12 System Checkpoint
31-10-2013 17:38:15 System Checkpoint
01-11-2013 18:34:47 System Checkpoint
02-11-2013 23:11:48 System Checkpoint
04-11-2013 15:12:02 System Checkpoint
05-11-2013 15:49:38 System Checkpoint
06-11-2013 16:19:27 System Checkpoint
07-11-2013 18:31:43 System Checkpoint
08-11-2013 19:39:46 System Checkpoint
10-11-2013 00:12:24 System Checkpoint
11-11-2013 01:05:46 System Checkpoint
12-11-2013 02:09:49 System Checkpoint
13-11-2013 15:06:42 System Checkpoint
13-11-2013 21:49:50 Software Distribution Service 3.0
15-11-2013 15:25:33 System Checkpoint
16-11-2013 15:51:04 System Checkpoint
17-11-2013 17:35:07 System Checkpoint
18-11-2013 17:36:40 System Checkpoint
19-11-2013 19:33:49 System Checkpoint
20-11-2013 22:25:26 System Checkpoint
21-11-2013 22:35:36 System Checkpoint
22-11-2013 22:43:34 System Checkpoint
23-11-2013 23:29:14 System Checkpoint
25-11-2013 00:58:22 System Checkpoint
26-11-2013 01:57:16 System Checkpoint
27-11-2013 03:33:09 System Checkpoint
28-11-2013 15:44:36 System Checkpoint
29-11-2013 15:58:46 System Checkpoint
30-11-2013 16:09:36 System Checkpoint
01-12-2013 16:48:48 System Checkpoint
02-12-2013 19:29:05 System Checkpoint
03-12-2013 23:06:41 System Checkpoint
05-12-2013 00:29:09 System Checkpoint
06-12-2013 01:02:53 System Checkpoint
07-12-2013 14:35:35 System Checkpoint
08-12-2013 14:53:25 System Checkpoint
09-12-2013 15:11:36 System Checkpoint
10-12-2013 20:11:00 System Checkpoint
11-12-2013 20:22:46 System Checkpoint
12-12-2013 20:17:19 Software Distribution Service 3.0
13-12-2013 19:00:18 Software Distribution Service 3.0
14-12-2013 19:30:56 System Checkpoint
15-12-2013 20:30:48 System Checkpoint
16-12-2013 21:49:03 System Checkpoint
17-12-2013 22:51:43 System Checkpoint
18-12-2013 23:16:01 System Checkpoint
19-12-2013 23:50:49 System Checkpoint
21-12-2013 02:37:22 System Checkpoint
22-12-2013 15:25:44 System Checkpoint
23-12-2013 16:45:13 System Checkpoint
24-12-2013 17:48:55 System Checkpoint
25-12-2013 18:14:02 System Checkpoint
26-12-2013 19:11:41 System Checkpoint
27-12-2013 21:44:45 System Checkpoint
28-12-2013 21:48:43 System Checkpoint
29-12-2013 23:36:50 System Checkpoint
31-12-2013 01:01:43 System Checkpoint
01-01-2014 18:16:18 System Checkpoint
02-01-2014 18:45:48 System Checkpoint
03-01-2014 15:56:53 Removed Quicken 2009
04-01-2014 16:36:10 System Checkpoint
05-01-2014 17:34:23 System Checkpoint
06-01-2014 19:44:28 System Checkpoint

**** End of log ****

 

16:37:44.0328 0x1138 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50

16:37:48.0828 0x1138 ============================================================

16:37:48.0828 0x1138 Current date / time: 2014/01/08 16:37:48.0828

16:37:48.0828 0x1138 SystemInfo:

16:37:48.0828 0x1138

16:37:48.0828 0x1138 OS Version: 5.1.2600 ServicePack: 3.0

16:37:48.0828 0x1138 Product type: Workstation

16:37:48.0828 0x1138 ComputerName: DH32RNG1

16:37:48.0828 0x1138 UserName: Marian

16:37:48.0828 0x1138 Windows directory: C:\WINDOWS

16:37:48.0828 0x1138 System windows directory: C:\WINDOWS

16:37:48.0828 0x1138 Processor architecture: Intel x86

16:37:48.0828 0x1138 Number of processors: 2

16:37:48.0828 0x1138 Page size: 0x1000

16:37:48.0828 0x1138 Boot type: Normal boot

16:37:48.0828 0x1138 ============================================================

16:37:56.0578 0x1138 KLMD registered as C:\WINDOWS\system32\drivers\43210279.sys

16:37:58.0437 0x1138 System UUID: {241F5A43-96AD-0513-4E9E-9A8B106EA370}

16:38:01.0937 0x1138 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

16:38:02.0125 0x1138 ============================================================

16:38:02.0125 0x1138 \Device\Harddisk0\DR0:

16:38:02.0156 0x1138 MBR partitions:

16:38:02.0156 0x1138 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0x1CAF3004

16:38:02.0156 0x1138 ============================================================

16:38:02.0281 0x1138 C: <-> \Device\Harddisk0\DR0\Partition1

16:38:02.0484 0x1138 ============================================================

16:38:02.0484 0x1138 Initialize success

16:38:02.0484 0x1138 ============================================================

16:38:05.0906 0x17f0 ============================================================

16:38:05.0906 0x17f0 Scan started

16:38:05.0906 0x17f0 Mode: Manual;

16:38:05.0906 0x17f0 ============================================================

16:38:05.0906 0x17f0 KSN ping started

16:38:08.0968 0x17f0 KSN ping finished: true

16:38:12.0781 0x17f0 ================ Scan system memory ========================

16:38:12.0781 0x17f0 System memory - ok

16:38:12.0781 0x17f0 ================ Scan services =============================

16:38:13.0203 0x17f0 Abiosdsk - ok

16:38:13.0265 0x17f0 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS

16:38:13.0281 0x17f0 abp480n5 - ok

16:38:14.0046 0x17f0 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

16:38:14.0109 0x17f0 ACPI - ok

16:38:14.0171 0x17f0 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

16:38:14.0171 0x17f0 ACPIEC - ok

16:38:14.0359 0x17f0 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

16:38:14.0593 0x17f0 AdobeFlashPlayerUpdateSvc - ok

16:38:14.0703 0x17f0 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys

16:38:14.0734 0x17f0 adpu160m - ok

16:38:14.0843 0x17f0 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys

16:38:14.0921 0x17f0 aec - ok

16:38:15.0015 0x17f0 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys

16:38:15.0062 0x17f0 AFD - ok

16:38:15.0109 0x17f0 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys

16:38:15.0125 0x17f0 agp440 - ok

16:38:15.0156 0x17f0 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys

16:38:15.0171 0x17f0 agpCPQ - ok

16:38:15.0203 0x17f0 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys

16:38:15.0218 0x17f0 Aha154x - ok

16:38:15.0234 0x17f0 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys

16:38:15.0250 0x17f0 aic78u2 - ok

16:38:15.0281 0x17f0 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys

16:38:15.0296 0x17f0 aic78xx - ok

16:38:15.0390 0x17f0 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

16:38:15.0500 0x17f0 Alerter - ok

16:38:15.0562 0x17f0 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe

16:38:15.0578 0x17f0 ALG - ok

16:38:15.0609 0x17f0 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys

16:38:15.0609 0x17f0 AliIde - ok

16:38:15.0640 0x17f0 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys

16:38:15.0656 0x17f0 alim1541 - ok

16:38:15.0671 0x17f0 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys

16:38:15.0687 0x17f0 amdagp - ok

16:38:15.0718 0x17f0 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys

16:38:15.0718 0x17f0 amsint - ok

16:38:15.0890 0x17f0 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

16:38:15.0921 0x17f0 Apple Mobile Device - ok

16:38:16.0046 0x17f0 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

16:38:16.0093 0x17f0 AppMgmt - ok

16:38:16.0125 0x17f0 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys

16:38:16.0125 0x17f0 asc - ok

16:38:16.0156 0x17f0 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys

16:38:16.0156 0x17f0 asc3350p - ok

16:38:16.0187 0x17f0 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys

16:38:16.0203 0x17f0 asc3550 - ok

16:38:16.0515 0x17f0 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

16:38:16.0609 0x17f0 aspnet_state - ok

16:38:16.0656 0x17f0 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

16:38:16.0656 0x17f0 AsyncMac - ok

16:38:16.0734 0x17f0 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

16:38:16.0765 0x17f0 atapi - ok

16:38:16.0765 0x17f0 Atdisk - ok

16:38:16.0812 0x17f0 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

16:38:16.0828 0x17f0 Atmarpc - ok

16:38:16.0875 0x17f0 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

16:38:16.0890 0x17f0 AudioSrv - ok

16:38:16.0968 0x17f0 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

16:38:16.0968 0x17f0 audstub - ok

16:38:17.0125 0x17f0 [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe

16:38:17.0187 0x17f0 BBSvc - ok

16:38:17.0281 0x17f0 [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe

16:38:17.0359 0x17f0 BBUpdate - ok

16:38:17.0546 0x17f0 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys

16:38:17.0546 0x17f0 Beep - ok

16:38:17.0703 0x17f0 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll

16:38:17.0843 0x17f0 BITS - ok

16:38:18.0062 0x17f0 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

16:38:18.0203 0x17f0 Bonjour Service - ok

16:38:18.0281 0x17f0 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll

16:38:18.0296 0x17f0 Browser - ok

16:38:18.0343 0x17f0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys

16:38:18.0343 0x17f0 cbidf - ok

16:38:18.0359 0x17f0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

16:38:18.0359 0x17f0 cbidf2k - ok

16:38:18.0578 0x17f0 [ 8EF654045E518AC00E52E7A1E2D3AD70, C267AAB7CA9C6D1DD49043DE13211E25157AADECC8D302712BBBD6EB6F530ED9 ] CCALib8 C:\Program Files\Canon\CAL\CALMAIN.exe

16:38:18.0609 0x17f0 CCALib8 - ok

16:38:18.0640 0x17f0 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys

16:38:18.0656 0x17f0 cd20xrnt - ok

16:38:18.0687 0x17f0 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

16:38:18.0687 0x17f0 Cdaudio - ok

16:38:18.0765 0x17f0 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

16:38:18.0781 0x17f0 Cdfs - ok

16:38:18.0828 0x17f0 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

16:38:18.0843 0x17f0 Cdrom - ok

16:38:18.0859 0x17f0 Changer - ok

16:38:18.0906 0x17f0 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe

16:38:18.0906 0x17f0 CiSvc - ok

16:38:18.0937 0x17f0 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

16:38:18.0937 0x17f0 ClipSrv - ok

16:38:19.0031 0x17f0 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:38:19.0125 0x17f0 clr_optimization_v2.0.50727_32 - ok

16:38:19.0156 0x17f0 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys

16:38:19.0171 0x17f0 CmdIde - ok

16:38:19.0171 0x17f0 COMSysApp - ok

16:38:19.0250 0x17f0 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys

16:38:19.0250 0x17f0 Cpqarray - ok

16:38:19.0312 0x17f0 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

16:38:19.0328 0x17f0 CryptSvc - ok

16:38:19.0531 0x17f0 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys

16:38:19.0609 0x17f0 dac2w2k - ok

16:38:19.0625 0x17f0 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys

16:38:19.0640 0x17f0 dac960nt - ok

16:38:19.0828 0x17f0 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

16:38:20.0000 0x17f0 DcomLaunch - ok

16:38:20.0140 0x17f0 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

16:38:20.0187 0x17f0 Dhcp - ok

16:38:20.0218 0x17f0 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

16:38:20.0234 0x17f0 Disk - ok

16:38:20.0234 0x17f0 dmadmin - ok

16:38:20.0687 0x17f0 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

16:38:20.0953 0x17f0 dmboot - ok

16:38:21.0015 0x17f0 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys

16:38:21.0062 0x17f0 dmio - ok

16:38:21.0078 0x17f0 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys

16:38:21.0078 0x17f0 dmload - ok

16:38:21.0125 0x17f0 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll

16:38:21.0140 0x17f0 dmserver - ok

16:38:21.0203 0x17f0 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

16:38:21.0218 0x17f0 DMusic - ok

16:38:21.0281 0x17f0 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

16:38:21.0296 0x17f0 Dnscache - ok

16:38:21.0390 0x17f0 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

16:38:21.0578 0x17f0 Dot3svc - ok

16:38:21.0609 0x17f0 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys

16:38:21.0609 0x17f0 dpti2o - ok

16:38:21.0640 0x17f0 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

16:38:21.0640 0x17f0 drmkaud - ok

16:38:21.0703 0x17f0 [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys

16:38:21.0734 0x17f0 E100B - ok

16:38:21.0859 0x17f0 [ 34AAA3B298A852B3663E6E0D94D12945, 908BDC3E67780E7B97A08985A938AB5F461967F74D81135ACEF31FF3F73BBBA2 ] e1express C:\WINDOWS\system32\DRIVERS\e1e5132.sys

16:38:21.0953 0x17f0 e1express - ok

16:38:22.0000 0x17f0 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll

16:38:22.0015 0x17f0 EapHost - ok

16:38:22.0062 0x17f0 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll

16:38:22.0078 0x17f0 ERSvc - ok

16:38:22.0156 0x17f0 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe

16:38:22.0203 0x17f0 Eventlog - ok

16:38:22.0328 0x17f0 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll

16:38:22.0406 0x17f0 EventSystem - ok

16:38:22.0609 0x17f0 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

16:38:22.0656 0x17f0 Fastfat - ok

16:38:22.0750 0x17f0 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

16:38:22.0796 0x17f0 FastUserSwitchingCompatibility - ok

16:38:22.0890 0x17f0 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe

16:38:22.0984 0x17f0 Fax - ok

16:38:23.0000 0x17f0 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

16:38:23.0015 0x17f0 Fdc - ok

16:38:23.0046 0x17f0 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys

16:38:23.0062 0x17f0 Fips - ok

16:38:23.0093 0x17f0 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys

16:38:23.0093 0x17f0 Flpydisk - ok

16:38:23.0187 0x17f0 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

16:38:23.0218 0x17f0 FltMgr - ok

16:38:23.0328 0x17f0 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

16:38:23.0359 0x17f0 FontCache3.0.0.0 - ok

16:38:23.0390 0x17f0 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

16:38:23.0390 0x17f0 Fs_Rec - ok

16:38:23.0437 0x17f0 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

16:38:23.0625 0x17f0 Ftdisk - ok

16:38:23.0671 0x17f0 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

16:38:23.0687 0x17f0 GEARAspiWDM - ok

16:38:23.0750 0x17f0 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

16:38:23.0765 0x17f0 Gpc - ok

16:38:23.0906 0x17f0 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

16:38:23.0953 0x17f0 gupdate - ok

16:38:24.0000 0x17f0 [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

16:38:24.0000 0x17f0 gupdatem - ok

16:38:24.0125 0x17f0 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

16:38:24.0187 0x17f0 gusvc - ok

16:38:24.0250 0x17f0 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

16:38:24.0296 0x17f0 HDAudBus - ok

16:38:24.0406 0x17f0 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

16:38:24.0421 0x17f0 helpsvc - ok

16:38:24.0421 0x17f0 HidServ - ok

16:38:24.0593 0x17f0 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys

16:38:24.0593 0x17f0 HidUsb - ok

16:38:24.0687 0x17f0 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

16:38:24.0718 0x17f0 hkmsvc - ok

16:38:24.0765 0x17f0 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys

16:38:24.0765 0x17f0 hpn - ok

16:38:24.0906 0x17f0 [ 77E4FF0B73BC0AEAAF39BF0C8104231F, A5D35FCD9E52003D990EB97DF1634DE9B516647C8DAAD3152550CD875DBBDA82 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

16:38:24.0968 0x17f0 HSFHWBS2 - ok

16:38:25.0296 0x17f0 [ 60E1604729A15EF4A3B05F298427B3B1, 139DE473F645A300DD436B4AA8359A23FCE3BB9688B6B597E89F8ADBC36A71B9 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

16:38:25.0750 0x17f0 HSF_DP - ok

16:38:25.0906 0x17f0 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

16:38:25.0984 0x17f0 HTTP - ok

16:38:26.0031 0x17f0 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

16:38:26.0046 0x17f0 HTTPFilter - ok

16:38:26.0093 0x17f0 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys

16:38:26.0093 0x17f0 i2omgmt - ok

16:38:26.0140 0x17f0 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys

16:38:26.0156 0x17f0 i2omp - ok

16:38:26.0171 0x17f0 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

16:38:26.0187 0x17f0 i8042prt - ok

16:38:28.0375 0x17f0 [ 28423512370705AEDA6A652FEDB25468, 381530C226AEC214F1CC22EA83C5D5FEF448B68A61EBC98A368D58F490DD2A05 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys

16:38:30.0562 0x17f0 ialm - ok

16:38:30.0734 0x17f0 [ 997E8F5939F2D12CD9F2E6B395724C16, C22F10BADE29DA6F7EB79D9F5D81D9FBEC17D4D4F8B25E0AF4E5CEAE28E8ABF6 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys

16:38:30.0843 0x17f0 iaStor - ok

16:38:30.0968 0x17f0 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

16:38:31.0000 0x17f0 IDriverT - ok

16:38:31.0359 0x17f0 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

16:38:31.0765 0x17f0 idsvc - ok

16:38:31.0812 0x17f0 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

16:38:31.0828 0x17f0 Imapi - ok

16:38:31.0937 0x17f0 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe

16:38:32.0000 0x17f0 ImapiService - ok

16:38:32.0046 0x17f0 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys

16:38:32.0046 0x17f0 ini910u - ok

16:38:33.0765 0x17f0 [ 17BBBABB21F86B650B2626045A9D016C, 01C1F7711B037844CF325C60A2ABEFBB84DD00B3F048E08D7D056E506334624B ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

16:38:35.0750 0x17f0 IntcAzAudAddService - ok

16:38:35.0953 0x17f0 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

16:38:35.0968 0x17f0 IntelIde - ok

16:38:36.0046 0x17f0 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

16:38:36.0062 0x17f0 intelppm - ok

16:38:36.0093 0x17f0 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

16:38:36.0109 0x17f0 Ip6Fw - ok

16:38:36.0156 0x17f0 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

16:38:36.0171 0x17f0 IpFilterDriver - ok

16:38:36.0250 0x17f0 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

16:38:36.0312 0x17f0 IpInIp - ok

16:38:36.0421 0x17f0 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

16:38:36.0515 0x17f0 IpNat - ok

16:38:36.0937 0x17f0 [ 061614179585BE398A73B9B3AF111310, BE715790531CBF3E038C6C2083A0802FA492D1DCAB3ACFE035DF72E3D6A4B83B ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

16:38:37.0218 0x17f0 iPod Service - ok

16:38:37.0265 0x17f0 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

16:38:37.0296 0x17f0 IPSec - ok

16:38:37.0312 0x17f0 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

16:38:37.0328 0x17f0 IRENUM - ok

16:38:37.0390 0x17f0 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

16:38:37.0406 0x17f0 isapnp - ok

16:38:37.0421 0x17f0 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

16:38:37.0437 0x17f0 Kbdclass - ok

16:38:37.0468 0x17f0 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

16:38:37.0500 0x17f0 kbdhid - ok

16:38:37.0687 0x17f0 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

16:38:37.0765 0x17f0 kmixer - ok

16:38:37.0828 0x17f0 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

16:38:37.0906 0x17f0 KSecDD - ok

16:38:38.0125 0x17f0 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

16:38:38.0187 0x17f0 lanmanserver - ok

16:38:38.0421 0x17f0 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

16:38:38.0671 0x17f0 lanmanworkstation - ok

16:38:38.0687 0x17f0 lbrtfdc - ok

16:38:38.0781 0x17f0 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

16:38:38.0781 0x17f0 LmHosts - ok

16:38:38.0953 0x17f0 [ 7FDB26D09B136D02562D19E7BDBEAD17, 2A19ABC22A51A269D4CB8E551386A781BB968B8251B35A8B9E5715036234293B ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys

16:38:38.0984 0x17f0 mbamchameleon - ok

16:38:39.0093 0x17f0 [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys

16:38:39.0109 0x17f0 MBAMProtector - ok

16:38:39.0484 0x17f0 [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

16:38:39.0953 0x17f0 MBAMScheduler - ok

16:38:40.0390 0x17f0 [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

16:38:41.0109 0x17f0 MBAMService - ok

16:38:41.0171 0x17f0 [ EEAEA6514BA7C9D273B5E87C4E1AAB30, 3B724C6A8867B1B7A45D832150E0CFAC1004D3B972A2A7BFDD2ADDDB2488BB1E ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

16:38:41.0203 0x17f0 mdmxsdk - ok

16:38:41.0343 0x17f0 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll

16:38:41.0375 0x17f0 Messenger - ok

16:38:41.0843 0x17f0 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

16:38:41.0875 0x17f0 mnmdd - ok

16:38:42.0015 0x17f0 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

16:38:42.0062 0x17f0 mnmsrvc - ok

16:38:42.0140 0x17f0 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys

16:38:42.0234 0x17f0 Modem - ok

16:38:42.0281 0x17f0 [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

16:38:42.0296 0x17f0 MODEMCSA - ok

16:38:42.0359 0x17f0 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

16:38:42.0375 0x17f0 Mouclass - ok

16:38:42.0453 0x17f0 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

16:38:42.0484 0x17f0 mouhid - ok

16:38:42.0531 0x17f0 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

16:38:42.0671 0x17f0 MountMgr - ok

16:38:42.0890 0x17f0 [ E05FD9D5854A26A13D7F138F02BF2420, 89A6D90B8DB65565C1DAF9A1584C68989A1F4937D705182DA6E3B72E14A30DEA ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

16:38:43.0156 0x17f0 MozillaMaintenance - ok

16:38:43.0312 0x17f0 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys

16:38:43.0328 0x17f0 mraid35x - ok

16:38:43.0437 0x17f0 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

16:38:43.0671 0x17f0 MRxDAV - ok

16:38:43.0984 0x17f0 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

16:38:44.0171 0x17f0 MRxSmb - ok

16:38:44.0265 0x17f0 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe

16:38:44.0281 0x17f0 MSDTC - ok

16:38:44.0312 0x17f0 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

16:38:44.0312 0x17f0 Msfs - ok

16:38:44.0328 0x17f0 MSIServer - ok

16:38:44.0343 0x17f0 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

16:38:44.0343 0x17f0 MSKSSRV - ok

16:38:44.0406 0x17f0 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

16:38:44.0421 0x17f0 MSPCLOCK - ok

16:38:44.0640 0x17f0 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

16:38:44.0640 0x17f0 MSPQM - ok

16:38:44.0687 0x17f0 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

16:38:44.0703 0x17f0 mssmbios - ok

16:38:44.0796 0x17f0 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

16:38:44.0859 0x17f0 Mup - ok

16:38:45.0250 0x17f0 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll

16:38:45.0375 0x17f0 napagent - ok

16:38:45.0453 0x17f0 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

16:38:45.0687 0x17f0 NDIS - ok

16:38:45.0828 0x17f0 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

16:38:45.0906 0x17f0 NdisTapi - ok

16:38:46.0062 0x17f0 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

16:38:46.0078 0x17f0 Ndisuio - ok

16:38:46.0125 0x17f0 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

16:38:46.0234 0x17f0 NdisWan - ok

16:38:46.0343 0x17f0 [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

16:38:46.0390 0x17f0 NDProxy - ok

16:38:46.0421 0x17f0 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

16:38:46.0453 0x17f0 NetBIOS - ok

16:38:46.0750 0x17f0 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

16:38:46.0843 0x17f0 NetBT - ok

16:38:47.0015 0x17f0 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe

16:38:47.0125 0x17f0 NetDDE - ok

16:38:47.0203 0x17f0 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

16:38:47.0218 0x17f0 NetDDEdsdm - ok

16:38:47.0312 0x17f0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe

16:38:47.0312 0x17f0 Netlogon - ok

16:38:47.0437 0x17f0 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll

16:38:47.0640 0x17f0 Netman - ok

16:38:47.0734 0x17f0 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:38:47.0906 0x17f0 NetTcpPortSharing - ok

16:38:48.0187 0x17f0 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll

16:38:48.0359 0x17f0 Nla - ok

16:38:48.0421 0x17f0 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

16:38:48.0453 0x17f0 Npfs - ok

16:38:49.0250 0x17f0 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

16:38:49.0765 0x17f0 Ntfs - ok

16:38:50.0906 0x17f0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

16:38:50.0906 0x17f0 NtLmSsp - ok

16:38:55.0500 0x17f0 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

16:38:56.0062 0x17f0 NtmsSvc - ok

16:38:56.0171 0x17f0 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys

16:38:56.0187 0x17f0 Null - ok

16:38:57.0812 0x17f0 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

16:38:59.0265 0x17f0 nv - ok

16:38:59.0484 0x17f0 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

16:38:59.0531 0x17f0 NwlnkFlt - ok

16:38:59.0687 0x17f0 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

16:38:59.0765 0x17f0 NwlnkFwd - ok

16:38:59.0921 0x17f0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

16:39:00.0000 0x17f0 ose - ok

16:39:02.0625 0x17f0 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

16:39:12.0062 0x17f0 osppsvc - ok

16:39:13.0843 0x17f0 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

16:39:13.0937 0x17f0 Parport - ok

16:39:14.0046 0x17f0 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

16:39:14.0078 0x17f0 PartMgr - ok

16:39:14.0265 0x17f0 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

16:39:14.0328 0x17f0 ParVdm - ok

16:39:14.0796 0x17f0 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

16:39:14.0875 0x17f0 PCI - ok

16:39:14.0921 0x17f0 PCIDump - ok

16:39:15.0578 0x17f0 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

16:39:15.0593 0x17f0 PCIIde - ok

16:39:15.0859 0x17f0 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

16:39:16.0031 0x17f0 Pcmcia - ok

16:39:16.0031 0x17f0 PDCOMP - ok

16:39:16.0046 0x17f0 PDFRAME - ok

16:39:16.0046 0x17f0 PDRELI - ok

16:39:16.0062 0x17f0 PDRFRAME - ok

16:39:16.0125 0x17f0 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys

16:39:16.0140 0x17f0 perc2 - ok

16:39:16.0281 0x17f0 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys

16:39:16.0281 0x17f0 perc2hib - ok

16:39:16.0390 0x17f0 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe

16:39:16.0437 0x17f0 PlugPlay - ok

16:39:16.0468 0x17f0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

16:39:16.0484 0x17f0 PolicyAgent - ok

16:39:18.0984 0x17f0 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

16:39:19.0109 0x17f0 PptpMiniport - ok

16:39:19.0421 0x17f0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

16:39:19.0437 0x17f0 ProtectedStorage - ok

16:39:21.0234 0x17f0 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

16:39:21.0343 0x17f0 PSched - ok

16:39:21.0828 0x17f0 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

16:39:21.0890 0x17f0 Ptilink - ok

16:39:22.0375 0x17f0 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys

16:39:22.0390 0x17f0 ql1080 - ok

16:39:22.0421 0x17f0 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys

16:39:22.0437 0x17f0 Ql10wnt - ok

16:39:22.0484 0x17f0 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys

16:39:22.0500 0x17f0 ql12160 - ok

16:39:22.0593 0x17f0 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys

16:39:22.0609 0x17f0 ql1240 - ok

16:39:23.0000 0x17f0 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys

16:39:23.0031 0x17f0 ql1280 - ok

16:39:23.0187 0x17f0 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

16:39:23.0218 0x17f0 RasAcd - ok

16:39:23.0375 0x17f0 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll

16:39:23.0437 0x17f0 RasAuto - ok

16:39:23.0500 0x17f0 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

16:39:23.0546 0x17f0 Rasl2tp - ok

16:39:23.0953 0x17f0 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll

16:39:24.0078 0x17f0 RasMan - ok

16:39:24.0140 0x17f0 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

16:39:24.0171 0x17f0 RasPppoe - ok

16:39:24.0453 0x17f0 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

16:39:24.0453 0x17f0 Raspti - ok

16:39:24.0984 0x17f0 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

16:39:25.0125 0x17f0 Rdbss - ok

16:39:25.0156 0x17f0 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

16:39:25.0187 0x17f0 RDPCDD - ok

16:39:25.0296 0x17f0 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

16:39:25.0390 0x17f0 rdpdr - ok

16:39:25.0781 0x17f0 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

16:39:25.0984 0x17f0 RDPWD - ok

16:39:26.0406 0x17f0 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

16:39:26.0531 0x17f0 RDSessMgr - ok

16:39:27.0078 0x17f0 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

16:39:27.0125 0x17f0 redbook - ok

16:39:27.0609 0x17f0 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

16:39:27.0640 0x17f0 RemoteAccess - ok

16:39:28.0250 0x17f0 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

16:39:28.0281 0x17f0 RemoteRegistry - ok

16:39:28.0343 0x17f0 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe

16:39:28.0437 0x17f0 RpcLocator - ok

16:39:30.0765 0x17f0 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll

16:39:31.0187 0x17f0 RpcSs - ok

16:39:31.0609 0x17f0 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe

16:39:32.0031 0x17f0 RSVP - ok

16:39:32.0156 0x17f0 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe

16:39:32.0171 0x17f0 SamSs - ok

16:39:32.0343 0x17f0 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

16:39:32.0437 0x17f0 SCardSvr - ok

16:39:33.0359 0x17f0 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll

16:39:33.0484 0x17f0 Schedule - ok

16:39:33.0625 0x17f0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

16:39:33.0796 0x17f0 Secdrv - ok

16:39:34.0312 0x17f0 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll

16:39:34.0359 0x17f0 seclogon - ok

16:39:34.0437 0x17f0 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll

16:39:34.0921 0x17f0 SENS - ok

16:39:35.0375 0x17f0 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

16:39:35.0406 0x17f0 serenum - ok

16:39:35.0562 0x17f0 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

16:39:35.0640 0x17f0 Serial - ok

16:39:36.0078 0x17f0 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

16:39:36.0109 0x17f0 Sfloppy - ok

16:39:36.0625 0x17f0 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

16:39:37.0093 0x17f0 SharedAccess - ok

16:39:37.0515 0x17f0 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

16:39:37.0609 0x17f0 ShellHWDetection - ok

16:39:37.0671 0x17f0 Simbad - ok

16:39:38.0250 0x17f0 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys

16:39:38.0265 0x17f0 sisagp - ok

16:39:38.0328 0x17f0 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys

16:39:38.0343 0x17f0 Sparrow - ok

16:39:38.0375 0x17f0 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys

16:39:38.0375 0x17f0 splitter - ok

16:39:38.0453 0x17f0 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe

16:39:38.0468 0x17f0 Spooler - ok

16:39:38.0500 0x17f0 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

16:39:38.0781 0x17f0 sr - ok

16:39:39.0515 0x17f0 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll

16:39:39.0781 0x17f0 srservice - ok

16:39:40.0437 0x17f0 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

16:39:40.0796 0x17f0 Srv - ok

16:39:41.0078 0x17f0 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

16:39:41.0359 0x17f0 SSDPSRV - ok

16:39:41.0593 0x17f0 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll

16:39:41.0906 0x17f0 stisvc - ok

16:39:42.0203 0x17f0 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

16:39:42.0234 0x17f0 swenum - ok

16:39:42.0265 0x17f0 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

16:39:42.0296 0x17f0 swmidi - ok

16:39:42.0296 0x17f0 SwPrv - ok

16:39:42.0390 0x17f0 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys

16:39:42.0421 0x17f0 symc810 - ok

16:39:42.0468 0x17f0 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys

16:39:42.0515 0x17f0 symc8xx - ok

16:39:42.0515 0x17f0 SymIM - ok

16:39:42.0531 0x17f0 SymIMMP - ok

16:39:42.0562 0x17f0 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys

16:39:42.0593 0x17f0 sym_hi - ok

16:39:42.0609 0x17f0 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys

16:39:42.0843 0x17f0 sym_u3 - ok

16:39:43.0046 0x17f0 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

16:39:43.0140 0x17f0 sysaudio - ok

16:39:43.0203 0x17f0 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

16:39:43.0312 0x17f0 SysmonLog - ok

16:39:43.0484 0x17f0 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

16:39:43.0578 0x17f0 TapiSrv - ok

16:39:44.0031 0x17f0 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

16:39:44.0187 0x17f0 Tcpip - ok

16:39:44.0250 0x17f0 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

16:39:44.0265 0x17f0 TDPIPE - ok

16:39:44.0281 0x17f0 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

16:39:44.0296 0x17f0 TDTCP - ok

16:39:44.0343 0x17f0 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

16:39:44.0375 0x17f0 TermDD - ok

16:39:44.0906 0x17f0 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll

16:39:45.0078 0x17f0 TermService - ok

16:39:45.0187 0x17f0 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll

16:39:45.0187 0x17f0 Themes - ok

16:39:45.0375 0x17f0 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe

16:39:45.0421 0x17f0 TlntSvr - ok

16:39:45.0515 0x17f0 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys

16:39:45.0562 0x17f0 TosIde - ok

16:39:45.0875 0x17f0 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll

16:39:45.0937 0x17f0 TrkWks - ok

16:39:46.0000 0x17f0 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

16:39:46.0046 0x17f0 Udfs - ok

16:39:46.0093 0x17f0 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys

16:39:46.0109 0x17f0 ultra - ok

16:39:46.0343 0x17f0 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

16:39:46.0531 0x17f0 Update - ok

16:39:46.0640 0x17f0 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll

16:39:46.0875 0x17f0 upnphost - ok

16:39:46.0921 0x17f0 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe

16:39:46.0968 0x17f0 UPS - ok

16:39:47.0015 0x17f0 [ 83CAFCB53201BBAC04D822F32438E244, E3F6FDE4D429FB630B19417DD9752A2CE9F6C9FD58918D714B5438A3D4136853 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys

16:39:47.0031 0x17f0 USBAAPL - ok

16:39:47.0093 0x17f0 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

16:39:47.0109 0x17f0 usbccgp - ok

16:39:47.0140 0x17f0 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

16:39:47.0140 0x17f0 usbehci - ok

16:39:47.0218 0x17f0 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

16:39:47.0234 0x17f0 usbhub - ok

16:39:47.0265 0x17f0 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

16:39:47.0281 0x17f0 usbprint - ok

16:39:47.0328 0x17f0 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

16:39:47.0343 0x17f0 usbscan - ok

16:39:47.0390 0x17f0 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

16:39:47.0421 0x17f0 USBSTOR - ok

16:39:47.0500 0x17f0 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

16:39:47.0531 0x17f0 usbuhci - ok

16:39:47.0578 0x17f0 [ 2A7A8AD9D39A2FAF9D9293B5DAFF3A4B, 38C6F6A440B718C75F7A1361297ACE671FC258B75BDCE9E0C27D497E3DF03C61 ] USB_RNDIS C:\WINDOWS\system32\DRIVERS\usb8023.sys

16:39:47.0578 0x17f0 USB_RNDIS - ok

16:39:47.0843 0x17f0 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

16:39:47.0843 0x17f0 VgaSave - ok

16:39:48.0062 0x17f0 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys

16:39:48.0109 0x17f0 viaagp - ok

16:39:48.0171 0x17f0 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys

16:39:48.0171 0x17f0 ViaIde - ok

16:39:48.0265 0x17f0 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

16:39:48.0312 0x17f0 VolSnap - ok

16:39:48.0484 0x17f0 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe

16:39:48.0796 0x17f0 VSS - ok

16:39:48.0890 0x17f0 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll

16:39:49.0031 0x17f0 w32time - ok

16:39:49.0140 0x17f0 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

16:39:49.0203 0x17f0 Wanarp - ok

16:39:49.0218 0x17f0 WDICA - ok

16:39:49.0546 0x17f0 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

16:39:49.0593 0x17f0 wdmaud - ok

16:39:49.0687 0x17f0 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll

16:39:49.0953 0x17f0 WebClient - ok

16:39:50.0343 0x17f0 [ F59ED5A43B988A18EF582BB07B2327A7, E870821C9C4E31D3B05049FBA5D81358F9C30E6A67F600D4EA3A5736CA344028 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

16:39:50.0828 0x17f0 winachsf - ok

16:39:51.0187 0x17f0 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

16:39:51.0250 0x17f0 winmgmt - ok

16:39:51.0312 0x17f0 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

16:39:51.0328 0x17f0 WmdmPmSN - ok

16:39:51.0562 0x17f0 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll

16:39:51.0875 0x17f0 Wmi - ok

16:39:51.0953 0x17f0 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

16:39:51.0984 0x17f0 WmiApSrv - ok

16:39:52.0375 0x17f0 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

16:39:52.0687 0x17f0 WMPNetworkSvc - ok

16:39:52.0843 0x17f0 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

16:39:52.0875 0x17f0 wscsvc - ok

16:39:52.0906 0x17f0 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll

16:39:52.0937 0x17f0 wuauserv - ok

16:39:52.0984 0x17f0 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

16:39:53.0015 0x17f0 WudfPf - ok

16:39:53.0078 0x17f0 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

16:39:53.0109 0x17f0 WudfRd - ok

16:39:53.0171 0x17f0 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

16:39:53.0187 0x17f0 WudfSvc - ok

16:39:53.0406 0x17f0 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

16:39:53.0546 0x17f0 WZCSVC - ok

16:39:53.0640 0x17f0 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll

16:39:53.0687 0x17f0 xmlprov - ok

16:39:53.0703 0x17f0 ================ Scan global ===============================

16:39:53.0921 0x17f0 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

16:39:54.0109 0x17f0 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

16:39:54.0453 0x17f0 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

16:39:54.0515 0x17f0 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

16:39:54.0562 0x17f0 [ Global ] - ok

16:39:54.0562 0x17f0 ================ Scan MBR ==================================

16:39:54.0593 0x17f0 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0

16:39:55.0531 0x17f0 \Device\Harddisk0\DR0 - ok

16:39:55.0531 0x17f0 ================ Scan VBR ==================================

16:39:55.0531 0x17f0 [ 5C8FD69EFBD670316FF00EA3265CA4B2 ] \Device\Harddisk0\DR0\Partition1

16:39:55.0546 0x17f0 \Device\Harddisk0\DR0\Partition1 - ok

16:39:55.0546 0x17f0 Waiting for KSN requests completion. In queue: 104

16:39:56.0546 0x17f0 Waiting for KSN requests completion. In queue: 104

16:39:57.0546 0x17f0 Waiting for KSN requests completion. In queue: 104

16:40:03.0500 0x17f0 Win FW state via NFM: enabled

16:40:06.0187 0x17f0 ============================================================

16:40:06.0187 0x17f0 Scan finished

16:40:06.0187 0x17f0 ============================================================

16:40:06.0234 0x1720 Detected object count: 0

16:40:06.0234 0x1720 Actual detected object count: 0

 

# AdwCleaner v3.016 - Report created 08/01/2014 at 16:41:35
# Updated 23/12/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Marian - DH32RNG1
# Running from : C:\Documents and Settings\Marian\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v2.0.0.20 (en-US)

[ File : C:\Documents and Settings\Marian\Application Data\Mozilla\Firefox\Profiles\z1mz9v33.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Marian\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [21949 octets] - [05/01/2014 17:49:08]
AdwCleaner[R1].txt - [22010 octets] - [06/01/2014 17:28:08]
AdwCleaner[R2].txt - [942 octets] - [08/01/2014 16:41:35]
AdwCleaner[S0].txt - [22360 octets] - [06/01/2014 18:46:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1062 octets] ##########

 

thats all of them

what do you think



#4 rhodaellen

rhodaellen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 08 January 2014 - 05:53 PM

One  more thing Malware keeps blocking this

IP Address 88.214.193.174 from going out.

don't know if thats any help.



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:28 PM

Posted 08 January 2014 - 09:18 PM

Well that IP is in the UK, so let it block it.

Lets run one more scan this can take a couple hours.


ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 rhodaellen

rhodaellen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 12 January 2014 - 12:03 PM

Here's is my report from ESET scan

Still slow and Malware is blocking these IP Addresses

66.45.56.109

8.26.70.22  - 4 times in the 45 min I've been on today

5.149.251.50  - almost 8 times.

Let me know what you think

thanks for all your help

 

C:\Documents and Settings\Marian\Application Data\Uhquehf\luahsai.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting (after the next restart) - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc178\acorola.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc179\moycsoa.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc181\etpua.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc182\tuwova.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc183\erceu.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc184\ryusosv.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc185\ibiwoq.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc187\piengu.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc188\ruewk.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc189\asxuodo.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc19\bohedi.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc190\rumufat.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc191\lefuigx.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc197\owomi.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc20\ahwao.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc21\amgyb.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc22\ukaric.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc23\ebhoo.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc24\afduyd.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc25\exhyf.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc28\foraa.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc3\akabd.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc30\xuyluz.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc31\fezuit.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc32\xyuza.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc33\tibinia.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc34\gedei.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc37\egintua.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc39\qepoedu.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc40\luuwzu.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc42\zapuif.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc44\giasiks.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc46\ahzoqa.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc47\eduqmie.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc49\soogyf.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc5\nonacya.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc50\yhulav.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc52\yxupi.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc53\koosi.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc57\inatr.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc58\udpib.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc61\daufiwo.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc64\tipeke.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc65\pisyald.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc67\godeas.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc68\ulzapax.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc69\uvtyn.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc7\ilenuh.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc72\seyqqo.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc74\isuht.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc75\reappea.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc76\ybakud.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc77\ryboyx.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc78\luimsyn.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc79\kugisoy.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc8\uxvuba.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc80\peepy.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc82\acavlum.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc85\lurycu.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc86\cealy.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc87\ziolc.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc88\dyoqisu.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc9\asdepe.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc91\zyoczai.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc92\orqifok.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc93\dyopirg.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc95\detayz.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc96\ywraag.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc97\kogui.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
C:\RECYCLER\S-1-5-21-319201712-1820719856-627546557-1005\Dc98\anmuw.exe a variant of Win32/Kryptik.BRVP trojan cleaned by deleting - quarantined
Operating memory multiple threats 
 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:28 PM

Posted 13 January 2014 - 12:41 PM

I feel we need a deeper look. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 rhodaellen

rhodaellen
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:04:28 PM

Posted 14 January 2014 - 06:02 PM

Here's the two files from the DDS scan

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 9/9/2008 5:12:30 PM
System Uptime: 1/14/2014 4:43:35 PM (1 hours ago)
.
Motherboard: Dell Inc. |  | 0RY007
Processor: Intel® Pentium® Dual  CPU  E2180  @ 2.00GHz | Socket 775 | 1994/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 229 GiB total, 164.946 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP1581: 10/25/2013 9:11:46 PM - System Checkpoint
RP1582: 10/27/2013 7:08:31 AM - System Checkpoint
RP1583: 10/28/2013 8:42:04 AM - System Checkpoint
RP1584: 10/29/2013 9:13:28 AM - System Checkpoint
RP1585: 10/30/2013 10:37:12 AM - System Checkpoint
RP1586: 10/31/2013 12:38:15 PM - System Checkpoint
RP1587: 11/1/2013 1:34:47 PM - System Checkpoint
RP1588: 11/2/2013 6:11:48 PM - System Checkpoint
RP1589: 11/4/2013 9:12:02 AM - System Checkpoint
RP1590: 11/5/2013 9:49:38 AM - System Checkpoint
RP1591: 11/6/2013 10:19:27 AM - System Checkpoint
RP1592: 11/7/2013 12:31:43 PM - System Checkpoint
RP1593: 11/8/2013 1:39:46 PM - System Checkpoint
RP1594: 11/9/2013 6:12:24 PM - System Checkpoint
RP1595: 11/10/2013 7:05:46 PM - System Checkpoint
RP1596: 11/11/2013 8:09:49 PM - System Checkpoint
RP1597: 11/13/2013 9:06:42 AM - System Checkpoint
RP1598: 11/13/2013 3:49:50 PM - Software Distribution Service 3.0
RP1599: 11/15/2013 9:25:33 AM - System Checkpoint
RP1600: 11/16/2013 9:51:04 AM - System Checkpoint
RP1601: 11/17/2013 11:35:07 AM - System Checkpoint
RP1602: 11/18/2013 11:36:40 AM - System Checkpoint
RP1603: 11/19/2013 1:33:49 PM - System Checkpoint
RP1604: 11/20/2013 4:25:26 PM - System Checkpoint
RP1605: 11/21/2013 4:35:36 PM - System Checkpoint
RP1606: 11/22/2013 4:43:34 PM - System Checkpoint
RP1607: 11/23/2013 5:29:14 PM - System Checkpoint
RP1608: 11/24/2013 6:58:22 PM - System Checkpoint
RP1609: 11/25/2013 7:57:16 PM - System Checkpoint
RP1610: 11/26/2013 9:33:09 PM - System Checkpoint
RP1611: 11/28/2013 9:44:36 AM - System Checkpoint
RP1612: 11/29/2013 9:58:46 AM - System Checkpoint
RP1613: 11/30/2013 10:09:36 AM - System Checkpoint
RP1614: 12/1/2013 10:48:48 AM - System Checkpoint
RP1615: 12/2/2013 1:29:05 PM - System Checkpoint
RP1616: 12/3/2013 5:06:41 PM - System Checkpoint
RP1617: 12/4/2013 6:29:09 PM - System Checkpoint
RP1618: 12/5/2013 7:02:53 PM - System Checkpoint
RP1619: 12/7/2013 8:35:35 AM - System Checkpoint
RP1620: 12/8/2013 8:53:25 AM - System Checkpoint
RP1621: 12/9/2013 9:11:36 AM - System Checkpoint
RP1622: 12/10/2013 2:11:00 PM - System Checkpoint
RP1623: 12/11/2013 2:22:46 PM - System Checkpoint
RP1624: 12/12/2013 2:17:19 PM - Software Distribution Service 3.0
RP1625: 12/13/2013 1:00:18 PM - Software Distribution Service 3.0
RP1626: 12/14/2013 1:30:56 PM - System Checkpoint
RP1627: 12/15/2013 2:30:48 PM - System Checkpoint
RP1628: 12/16/2013 3:49:03 PM - System Checkpoint
RP1629: 12/17/2013 4:51:43 PM - System Checkpoint
RP1630: 12/18/2013 5:16:01 PM - System Checkpoint
RP1631: 12/19/2013 5:50:49 PM - System Checkpoint
RP1632: 12/20/2013 8:37:22 PM - System Checkpoint
RP1633: 12/22/2013 9:25:44 AM - System Checkpoint
RP1634: 12/23/2013 10:45:13 AM - System Checkpoint
RP1635: 12/24/2013 11:48:55 AM - System Checkpoint
RP1636: 12/25/2013 12:14:02 PM - System Checkpoint
RP1637: 12/26/2013 1:11:41 PM - System Checkpoint
RP1638: 12/27/2013 3:44:45 PM - System Checkpoint
RP1639: 12/28/2013 3:48:43 PM - System Checkpoint
RP1640: 12/29/2013 5:36:50 PM - System Checkpoint
RP1641: 12/30/2013 7:01:43 PM - System Checkpoint
RP1642: 1/1/2014 12:16:18 PM - System Checkpoint
RP1643: 1/2/2014 12:45:48 PM - System Checkpoint
RP1644: 1/3/2014 9:56:53 AM - Removed Quicken 2009
RP1645: 1/4/2014 10:36:10 AM - System Checkpoint
RP1646: 1/5/2014 11:34:23 AM - System Checkpoint
RP1647: 1/6/2014 1:44:28 PM - System Checkpoint
RP1648: 1/7/2014 2:51:48 PM - System Checkpoint
RP1649: 1/7/2014 7:43:12 PM - Software Distribution Service 3.0
RP1650: 1/9/2014 8:34:56 AM - System Checkpoint
RP1651: 1/10/2014 9:46:20 AM - System Checkpoint
RP1652: 1/11/2014 10:20:59 AM - System Checkpoint
RP1653: 1/12/2014 11:31:23 AM - System Checkpoint
RP1654: 1/13/2014 12:49:26 PM - System Checkpoint
RP1655: 1/14/2014 1:01:39 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Reader XI (11.0.06)
Amazon Kindle
Amazon MP3 Downloader 1.0.3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bing Bar
Bonjour
Browser Address Error Redirector
Canon Camera Access Library
Canon Camera Support Core Library
Canon G.726 WMP-Decoder
Canon i550
Canon MovieEdit Task for ZoomBrowser EX
Canon RAW Image Task for ZoomBrowser EX
Canon Utilities CameraWindow
Canon Utilities CameraWindow DC
Canon Utilities CameraWindow DC_DV 5 for ZoomBrowser EX
Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
Canon Utilities EOS Utility
Canon Utilities MyCamera
Canon Utilities MyCamera DC
Canon Utilities PhotoStitch
Canon Utilities RemoteCapture DC
Canon Utilities RemoteCapture Task for ZoomBrowser EX
Canon Utilities ZoomBrowser EX
Canon ZoomBrowser EX Memory Card Utility
CCleaner
Compatibility Pack for the 2007 Office system
Coupon Printer for Windows
Critical Update for Windows Media Player 11 (KB959772)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dell Driver Reset Tool
Dell System Restore
Digital Line Detect
Documentation & Support Launcher
EarthLink Setup Files
ESET Online Scanner v3
Games, Music, & Photos Launcher
Google Update Helper
Google+ Auto Backup
Griffith 0.12.1
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
Hoyle Word Games 2
HP Deskjet 2510 series Basic Device Software
HP Deskjet 2510 series Help
HP Deskjet 2510 series Product Improvement Study
HP Deskjet 2510 series Setup Guide
HP Photo Creations
HP Update
HPDiagnosticAlert
iMusic Tools Essentials
Intel® Graphics Media Accelerator Driver
Intel® PRO Network Connections Drivers
Internet Service Offers Launcher
iTunes
Just CrossStitch Pattern CD Volume 1
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office PowerPoint Viewer 2007 (English)
Microsoft Office Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Move Networks Media Player for Internet Explorer
Mozilla Firefox (2.0.0.20)
Mozilla Maintenance Service
Mozilla Thunderbird 24.2.0 (x86 en-US)
MSN
MSXML 6.0 Parser (KB933579)
Musicmatch for Windows Media Player
MyDataBase
MySoftware Fonts
NetWaiting
NetZero Internet and Voice Offer
OGA Notifier 2.0.0048.0
OpenOffice.org 3.2
PCStitch for Windows
Photo Notifier and Animation Creator
Photo Viewer s2.5
PhotoMail Maker
Picasa 3
PowerDVD
QuickTime
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
SCRABBLE
SearchAssist
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2817670) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Outlook 2010 (KB2837597) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB938127-v2)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB2862772)
Security Update for Windows Internet Explorer 8 (KB2870699)
Security Update for Windows Internet Explorer 8 (KB2879017)
Security Update for Windows Internet Explorer 8 (KB2888505)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB972260)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2849470)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876315)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2883150)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Shorter Oxford English Dictionary (Sixth Edition)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB971180)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2863058)
Update for Windows XP (KB2904266)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Walmart Photo Manager
WebFldrs XP
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray
Windows Genuine Advantage Notifications (KB905474)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows PowerShell™ 1.0
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
1/8/2014 11:17:24 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the IMAPI CD-Burning COM Service service to connect.
1/8/2014 11:17:24 AM, error: Service Control Manager [7000]  - The IMAPI CD-Burning COM Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/11/2014 8:26:39 AM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the BBUpdate service to connect.
1/11/2014 8:26:39 AM, error: Service Control Manager [7000]  - The BBUpdate service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
1/11/2014 8:25:58 AM, error: DCOM [10005]  - DCOM got error "%1053" attempting to start the service BBUpdate with arguments "-Service" in order to run the server: {D6381B4A-D254-46EB-9018-A62E0F4BA6BA}
.
==== End Of File ===========================
 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Marian at 16:58:49 on 2014-01-14
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1013.214 [GMT -6:00]
.
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\program files\real\realplayer\update\realsched.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Documents and Settings\Marian\Application Data\Uhquehf\luahsai.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Marian\Application Data\Uhquehf\luahsai.exe
C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe
C:\Documents and Settings\Marian\Application Data\Uhquehf\luahsai.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Marian\Application Data\Uhquehf\luahsai.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uSearch Bar = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uDefault_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=6080625
uDefault_Search_URL = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchAssistant = hxxp://www.google.com/ie
mSearchAssistant = hxxp://www.google.com
mCustomizeSearch = hxxp://www.google.com
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
BHO: CBrowserHelperObject Object: {CA6319C0-31B7-401E-A518-A07C3DB8F777} - c:\program files\dell\bae\BAE.dll
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\program files\microsoft\bingbar\7.3.124.0\BingExt.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\program files\microsoft\bingbar\7.3.124.0\BingExt.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Opciice] "c:\documents and settings\marian\application data\uhquehf\luahsai.exe"
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [PDVDDXSrv] "c:\program files\cyberlink\powerdvd dx\PDVDDXSrv.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [Opciice] "c:\documents and settings\marian\application data\uhquehf\luahsai.exe"
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC} - <orphaned>
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} - file:///C:/Program%20Files/Spyde%20Solitaire/Images/stg_drm.ocx
DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} - hxxp://photos.walmart.com/WalmartActivia.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1371057051500
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1373819573921
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_15-windows-i586.cab
DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} - file:///C:/Program%20Files/SCRABBLE/Images/armhelper.ocx
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{A7553F93-3A5C-4556-93B2-A9D9FCA86659} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Notify: igfxcui - igfxdev.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\marian\application data\mozilla\firefox\profiles\z1mz9v33.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: browser.startup.homepage - hxxp://en-US.google.mozilla.com/firefox
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
FF - component: c:\program files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbar.dll
FF - component: c:\program files\mozilla firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\metrics.dll
FF - component: c:\program files\mozilla firefox\extensions\talkback@mozilla.org\components\qfaservices.dll
.
============= SERVICES / DRIVERS ===============
.
R2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-4-20 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-4-15 701512]
R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-4-15 22856]
S3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2014-1-1 51416]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-1-2 40776]
.
=============== Created Last 30 ================
.
2014-01-10 23:34:05 -------- d-----w- C:\Second Run
2014-01-09 23:55:00 -------- d-----w- c:\program files\ESET
2014-01-06 19:52:33 -------- d-----w- c:\documents and settings\marian\application data\HpUpdate
2014-01-06 19:23:36 4558848 ----a-w- c:\windows\system32\GPhotos.scr
2014-01-05 23:48:59 -------- d-----w- C:\AdwCleaner
2014-01-05 22:42:10 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes' Anti-Malware (portable)
2014-01-02 15:43:27 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2014-01-02 00:44:47 51416 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2013-12-25 15:20:00 -------- d-----w- c:\documents and settings\marian\application data\Uhquehf
2013-12-25 14:55:07 -------- d-----w- c:\documents and settings\marian\application data\Teafapza
2013-12-21 06:04:22 225656 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-12-21 06:04:22 225656 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2013-12-31 19:45:16 252288 ----a-r- c:\windows\system32\cpnprt2.cid
2013-12-11 14:51:12 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 14:51:12 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll
2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll
2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll
2013-10-30 02:26:17 1879040 ----a-w- c:\windows\system32\win32k.sys
2013-10-29 07:57:34 920064 ----a-w- c:\windows\system32\wininet.dll
2013-10-29 07:57:33 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-10-29 07:57:33 18944 ----a-w- c:\windows\system32\corpol.dll
2013-10-29 07:57:33 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2013-10-29 00:45:02 385024 ----a-w- c:\windows\system32\html.iec
2013-10-23 23:45:49 172032 ----a-w- c:\windows\system32\scrrun.dll
.
============= FINISH: 17:00:27.62 ===============
 



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,573 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:28 PM

Posted 14 January 2014 - 10:18 PM

Hello please see step 7 and repost the DDS log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users