Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware blocks firefox from accessing google, malwarebytes and any HTTPS


  • This topic is locked This topic is locked
9 replies to this topic

#1 dubrow

dubrow

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 21 January 2014 - 09:34 AM

 

Hello,

 

some malicious code prevents my Firefox from accessing google.com; browser tries then says "The server at

google.com is taking too long to respond." Same for encrypted.google.com and forums.malwarebytes.org =( Any other sites from my everyday list are accessed OK. Except for Wikipedia since it only works via HTTPS and malware seems to block any https:// requests.

 

My proxy and firewall aren't messing with it, in fact, the proxy doesn't see any requests for affected sites. But from the Opera i was able to connect and post this panic message here! =) Malwarebytes' Anti-Malware is unable to start due to the problem described here: https://forums.malwa...howtopic=140731 to which nobody cared to answer. SpyBot found no threats. Disabling all the plugins in firefox didn't help. What can i do? Please reply something?



BC AdBot (Login to Remove)

 


m

#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:14 AM

Posted 21 January 2014 - 09:44 AM

Please download TDSSKiller exe version to your desktop. Double-click on TDSSKiller.exe to run the tool for known TDSS variants. Vista/Windows 7 users right-click and select Run As Administrator.

  •     Click on Change Parameters and click Detect TDLFS File System.
  •     Click the Start Scan button.
  •     Do not use the computer during the scan
  •     If the scan completes with nothing found, click Close to exit.
  •     If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  •     Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  •     Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  •     A TDSSKiller text file would be saved in Local Disk C.
  •     Copy and paste the contents of that file in your next reply.
ADW Cleaner


Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Clean.
  • Confirm each time with Ok.
  • You will be prompted to restart your computer. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


#3 dubrow

dubrow
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 21 January 2014 - 11:13 AM

Dear cryptodan,

 

so many thanks for noticing my message and replying! =) So:

1) TDSSKiller exe was my first choice; now isn't, -- 'cause it don't see infected MBR which Comodo's CCE easily find.

so it did find no threats, ofcourse. It didn't write me any logs on C: either but i've grabbed them from "Report" link on its window.

2) ADWCleaner found nothing; though corrupted my FF settings somewhat; but it isn't as much problem @the face of Malware =)

3) Same for JRT;

4) FSS log attached; "Firewall Disabled Policy" is strange, but i'm using a personal firewall.

 

here go the logz:

19:59:26.0390 0x0e9c  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
19:59:29.0656 0x0e9c  ============================================================
19:59:29.0656 0x0e9c  Current date / time: 2014/01/21 19:59:29.0656
19:59:29.0656 0x0e9c  SystemInfo:
19:59:29.0656 0x0e9c  
19:59:29.0656 0x0e9c  OS Version: 5.1.2600 ServicePack: 3.0
19:59:29.0656 0x0e9c  Product type: Workstation
19:59:29.0656 0x0e9c  ComputerName: HAGAL
19:59:29.0656 0x0e9c  UserName: Akim
19:59:29.0656 0x0e9c  Windows directory: C:\XP
19:59:29.0656 0x0e9c  System windows directory: C:\XP
19:59:29.0656 0x0e9c  Processor architecture: Intel x86
19:59:29.0656 0x0e9c  Number of processors: 2
19:59:29.0656 0x0e9c  Page size: 0x1000
19:59:29.0656 0x0e9c  Boot type: Normal boot
19:59:29.0656 0x0e9c  ============================================================
19:59:29.0859 0x0e9c  KLMD registered as C:\XP\system32\drivers\52723409.sys
19:59:30.0171 0x0e9c  System UUID: {D61DD2DD-B7EA-BCDF-DDDB-2C8437072769}
19:59:30.0843 0x0e9c  Drive \Device\Harddisk0\DR0 - Size: 0x2E93E36000 (186.31 Gb), SectorSize: 0x200, Cylinders: 0x5F01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
19:59:30.0843 0x0e9c  ============================================================
19:59:30.0843 0x0e9c  \Device\Harddisk0\DR0:
19:59:30.0843 0x0e9c  MBR partitions:
19:59:30.0843 0x0e9c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x80340C
19:59:30.0843 0x0e9c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0xC, StartLBA 0x80344B, BlocksNum 0x40A757C
19:59:30.0843 0x0e9c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0xC, StartLBA 0x48AA9C7, BlocksNum 0x12BF33FA
19:59:30.0843 0x0e9c  ============================================================
19:59:30.0859 0x0e9c  C: <-> \Device\Harddisk0\DR0\Partition2
19:59:30.0859 0x0e9c  S: <-> \Device\Harddisk0\DR0\Partition1
19:59:30.0875 0x0e9c  D: <-> \Device\Harddisk0\DR0\Partition3
19:59:30.0875 0x0e9c  ============================================================
19:59:30.0875 0x0e9c  Initialize success
19:59:30.0875 0x0e9c  ============================================================
19:59:39.0343 0x0be8  ============================================================
19:59:39.0343 0x0be8  Scan started
19:59:39.0343 0x0be8  Mode: Manual; TDLFS; 
19:59:39.0343 0x0be8  ============================================================
19:59:39.0343 0x0be8  KSN ping started
19:59:43.0578 0x0be8  KSN ping finished: false
19:59:43.0703 0x0be8  ================ Scan system memory ========================
19:59:43.0703 0x0be8  System memory - ok
19:59:43.0703 0x0be8  ================ Scan services =============================
19:59:43.0953 0x0be8  [ 3FEFA63FDACBAB9C020CE2273AC45C47, 1E55519CD797336F7F6229DA94E0B63FA629FDD0767CC603F9E2BB68B774250D ] 6to4            C:\XP\System32\6to4svc.dll
19:59:43.0968 0x0be8  6to4 - ok
19:59:44.0046 0x0be8  Abiosdsk - ok
19:59:44.0046 0x0be8  abp480n5 - ok
19:59:44.0093 0x0be8  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\XP\system32\DRIVERS\ACPI.sys
19:59:44.0093 0x0be8  ACPI - ok
19:59:44.0109 0x0be8  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\XP\system32\DRIVERS\ACPIEC.sys
19:59:44.0109 0x0be8  ACPIEC - ok
19:59:44.0109 0x0be8  adpu160m - ok
19:59:44.0156 0x0be8  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\XP\system32\drivers\aec.sys
19:59:44.0171 0x0be8  aec - ok
19:59:44.0187 0x0be8  [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD             C:\XP\System32\drivers\afd.sys
19:59:44.0187 0x0be8  AFD - ok
19:59:44.0203 0x0be8  Aha154x - ok
19:59:44.0203 0x0be8  aic78u2 - ok
19:59:44.0218 0x0be8  aic78xx - ok
19:59:44.0234 0x0be8  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\XP\system32\alrsvc.dll
19:59:44.0250 0x0be8  Alerter - ok
19:59:44.0281 0x0be8  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\XP\System32\alg.exe
19:59:44.0281 0x0be8  ALG - ok
19:59:44.0296 0x0be8  AliIde - ok
19:59:44.0296 0x0be8  amsint - ok
19:59:44.0343 0x0be8  [ 87EC3FDCAF6C5052E2E72B861DEDD3D3, 3CC800F333930115E857CE5C365E8030F52A8BEA800ED04D1663A2DA5B6F0749 ] ApfiltrService  C:\XP\system32\DRIVERS\Apfiltr.sys
19:59:44.0343 0x0be8  ApfiltrService - ok
19:59:44.0390 0x0be8  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\XP\System32\appmgmts.dll
19:59:44.0406 0x0be8  AppMgmt - ok
19:59:44.0421 0x0be8  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\XP\system32\DRIVERS\arp1394.sys
19:59:44.0437 0x0be8  Arp1394 - ok
19:59:44.0453 0x0be8  asc - ok
19:59:44.0453 0x0be8  asc3350p - ok
19:59:44.0468 0x0be8  asc3550 - ok
19:59:44.0500 0x0be8  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\XP\system32\DRIVERS\asyncmac.sys
19:59:44.0500 0x0be8  AsyncMac - ok
19:59:44.0531 0x0be8  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\XP\system32\DRIVERS\atapi.sys
19:59:44.0531 0x0be8  atapi - ok
19:59:44.0546 0x0be8  Atdisk - ok
19:59:44.0562 0x0be8  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\XP\system32\DRIVERS\atmarpc.sys
19:59:44.0562 0x0be8  Atmarpc - ok
19:59:44.0593 0x0be8  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\XP\System32\audiosrv.dll
19:59:44.0593 0x0be8  AudioSrv - ok
19:59:44.0625 0x0be8  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\XP\system32\DRIVERS\audstub.sys
19:59:44.0625 0x0be8  audstub - ok
19:59:44.0640 0x0be8  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\XP\system32\drivers\Beep.sys
19:59:44.0640 0x0be8  Beep - ok
19:59:44.0750 0x0be8  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\XP\system32\qmgr.dll
19:59:44.0765 0x0be8  BITS - ok
19:59:44.0828 0x0be8  [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser         C:\XP\System32\browser.dll
19:59:44.0828 0x0be8  Browser - ok
19:59:44.0843 0x0be8  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\XP\system32\drivers\cbidf2k.sys
19:59:44.0843 0x0be8  cbidf2k - ok
19:59:44.0875 0x0be8  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\XP\system32\DRIVERS\CCDECODE.sys
19:59:44.0875 0x0be8  CCDECODE - ok
19:59:44.0890 0x0be8  cd20xrnt - ok
19:59:44.0906 0x0be8  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\XP\system32\drivers\Cdaudio.sys
19:59:44.0906 0x0be8  Cdaudio - ok
19:59:44.0921 0x0be8  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\XP\system32\drivers\Cdfs.sys
19:59:44.0921 0x0be8  Cdfs - ok
19:59:44.0953 0x0be8  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\XP\system32\DRIVERS\cdrom.sys
19:59:44.0953 0x0be8  Cdrom - ok
19:59:44.0984 0x0be8  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\XP\system32\cisvc.exe
19:59:44.0984 0x0be8  CiSvc - ok
19:59:45.0031 0x0be8  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\XP\system32\clipsrv.exe
19:59:45.0031 0x0be8  ClipSrv - ok
19:59:45.0046 0x0be8  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\XP\system32\DRIVERS\CmBatt.sys
19:59:45.0046 0x0be8  CmBatt - ok
19:59:45.0062 0x0be8  CmdIde - ok
19:59:45.0078 0x0be8  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\XP\system32\DRIVERS\compbatt.sys
19:59:45.0078 0x0be8  Compbatt - ok
19:59:45.0156 0x0be8  COMSysApp - ok
19:59:45.0171 0x0be8  Cpqarray - ok
19:59:45.0218 0x0be8  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\XP\System32\cryptsvc.dll
19:59:45.0218 0x0be8  CryptSvc - ok
19:59:45.0234 0x0be8  dac2w2k - ok
19:59:45.0250 0x0be8  dac960nt - ok
19:59:45.0312 0x0be8  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] DcomLaunch      C:\XP\system32\rpcss.dll
19:59:45.0312 0x0be8  DcomLaunch - ok
19:59:45.0343 0x0be8  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\XP\System32\dhcpcsvc.dll
19:59:45.0343 0x0be8  Dhcp - ok
19:59:45.0359 0x0be8  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\XP\system32\DRIVERS\disk.sys
19:59:45.0359 0x0be8  Disk - ok
19:59:45.0390 0x0be8  dmadmin - ok
19:59:45.0468 0x0be8  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\XP\system32\drivers\dmboot.sys
19:59:45.0500 0x0be8  dmboot - ok
19:59:45.0531 0x0be8  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\XP\system32\DRIVERS\dmio.sys
19:59:45.0531 0x0be8  dmio - ok
19:59:45.0546 0x0be8  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\XP\system32\drivers\dmload.sys
19:59:45.0546 0x0be8  dmload - ok
19:59:45.0578 0x0be8  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\XP\System32\dmserver.dll
19:59:45.0578 0x0be8  dmserver - ok
19:59:45.0609 0x0be8  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\XP\system32\drivers\DMusic.sys
19:59:45.0609 0x0be8  DMusic - ok
19:59:45.0656 0x0be8  [ 474B4DC3983173E4B4C9740B0DAC98A6, C0B1B5B3A87529FFA93BCFCC2BC013A96CAD7F5049ED4D999E8D5D9AC91F95B7 ] Dnscache        C:\XP\System32\dnsrslvr.dll
19:59:45.0656 0x0be8  Dnscache - ok
19:59:45.0687 0x0be8  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\XP\System32\dot3svc.dll
19:59:45.0687 0x0be8  Dot3svc - ok
19:59:45.0703 0x0be8  dpti2o - ok
19:59:45.0718 0x0be8  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\XP\system32\drivers\drmkaud.sys
19:59:45.0718 0x0be8  drmkaud - ok
19:59:45.0750 0x0be8  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\XP\System32\eapsvc.dll
19:59:45.0750 0x0be8  EapHost - ok
19:59:45.0812 0x0be8  [ A0506011ED380575DD4D9EE2979042DB, 0D99E812FD2C4EB5467DE8939719FD7A6D5DCAA42551F60FFDA5424B35E2C3E0 ] EnterpriseDBApachePHP C:\Program Files\ApachePhp\apache\bin\httpd.exe
19:59:45.0812 0x0be8  EnterpriseDBApachePHP - ok
19:59:45.0828 0x0be8  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\XP\System32\ersvc.dll
19:59:45.0828 0x0be8  ERSvc - ok
19:59:45.0875 0x0be8  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] Eventlog        C:\XP\system32\services.exe
19:59:45.0875 0x0be8  Eventlog - ok
19:59:45.0921 0x0be8  [ 19A799805B24990867B00C120D300C3A, 3C8CB64BE0508B5136D4F4919DA665AB86366EFFFFDD890A9B27E7CE39DCF098 ] EventSystem     C:\XP\system32\es.dll
19:59:45.0937 0x0be8  EventSystem - ok
19:59:45.0968 0x0be8  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\XP\system32\drivers\Fastfat.sys
19:59:45.0968 0x0be8  Fastfat - ok
19:59:46.0031 0x0be8  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] FastUserSwitchingCompatibility C:\XP\System32\shsvcs.dll
19:59:46.0031 0x0be8  FastUserSwitchingCompatibility - ok
19:59:46.0046 0x0be8  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\XP\system32\drivers\Fdc.sys
19:59:46.0046 0x0be8  Fdc - ok
19:59:46.0062 0x0be8  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\XP\system32\drivers\Fips.sys
19:59:46.0062 0x0be8  Fips - ok
19:59:46.0171 0x0be8  [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:59:46.0218 0x0be8  FLEXnet Licensing Service - ok
19:59:46.0218 0x0be8  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\XP\system32\drivers\Flpydisk.sys
19:59:46.0234 0x0be8  Flpydisk - ok
19:59:46.0250 0x0be8  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\XP\system32\drivers\fltmgr.sys
19:59:46.0250 0x0be8  FltMgr - ok
19:59:46.0265 0x0be8  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\XP\system32\drivers\Fs_Rec.sys
19:59:46.0265 0x0be8  Fs_Rec - ok
19:59:46.0296 0x0be8  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\XP\system32\DRIVERS\ftdisk.sys
19:59:46.0312 0x0be8  Ftdisk - ok
19:59:46.0359 0x0be8  [ 60AE5ACE8E06936D2BD50178B5251226, 4DE10CC5DB2956AB15F443500F11E05B72DE35E6EA5E51CB8D1B12BA677138B1 ] fwdrv           C:\XP\system32\Drivers\fwdrv.sys
19:59:46.0359 0x0be8  fwdrv - ok
19:59:46.0375 0x0be8  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\XP\system32\DRIVERS\msgpc.sys
19:59:46.0375 0x0be8  Gpc - ok
19:59:46.0406 0x0be8  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\XP\system32\DRIVERS\HDAudBus.sys
19:59:46.0406 0x0be8  HDAudBus - ok
19:59:46.0453 0x0be8  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\XP\PCHealth\HelpCtr\Binaries\pchsvc.dll
19:59:46.0453 0x0be8  helpsvc - ok
19:59:46.0500 0x0be8  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\XP\System32\hidserv.dll
19:59:46.0500 0x0be8  HidServ - ok
19:59:46.0515 0x0be8  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\XP\system32\DRIVERS\hidusb.sys
19:59:46.0515 0x0be8  hidusb - ok
19:59:46.0562 0x0be8  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\XP\System32\kmsvc.dll
19:59:46.0562 0x0be8  hkmsvc - ok
19:59:46.0578 0x0be8  hpn - ok
19:59:46.0671 0x0be8  [ 99ED733F614660EB32199BF889DFB7E2, E96CD3DB09639DB9685AF20915BE9097E270D331A2516FA2929B4E2251B2FA61 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
19:59:46.0687 0x0be8  hpqddsvc - ok
19:59:46.0734 0x0be8  [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP            C:\XP\system32\Drivers\HTTP.sys
19:59:46.0750 0x0be8  HTTP - ok
19:59:46.0781 0x0be8  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\XP\System32\w3ssl.dll
19:59:46.0781 0x0be8  HTTPFilter - ok
19:59:46.0796 0x0be8  i2omp - ok
19:59:46.0812 0x0be8  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\XP\system32\DRIVERS\i8042prt.sys
19:59:46.0812 0x0be8  i8042prt - ok
19:59:46.0906 0x0be8  [ 72B53E9C8924949DEC8F3799BCBA2251, FA49C575A9FB45729A9A54CE9A78BD93BAA7A514B1488A8A5BD71489CE033D69 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
19:59:46.0906 0x0be8  IAANTMON - ok
19:59:47.0437 0x0be8  [ 00CD8ECE5983C6175A78230653FFDBF1, F39DAD2DC5DADD7D84F568F9A8C470717EED7329A8258E1E71BC3D4584F4F94B ] ialm            C:\XP\system32\DRIVERS\igxpmp32.sys
19:59:47.0656 0x0be8  ialm - ok
19:59:47.0781 0x0be8  [ E5A0034847537EAEE3C00349D5C34C5F, 3E0F99512CDFF0B628E2FF5B91BB371CDEF65201B03C53182C97DDE34E26E04C ] iaStor          C:\XP\system32\drivers\iaStor.sys
19:59:47.0781 0x0be8  iaStor - ok
19:59:47.0796 0x0be8  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\XP\system32\DRIVERS\imapi.sys
19:59:47.0796 0x0be8  Imapi - ok
19:59:47.0828 0x0be8  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\XP\system32\imapi.exe
19:59:47.0843 0x0be8  ImapiService - ok
19:59:47.0843 0x0be8  ini910u - ok
19:59:48.0281 0x0be8  [ B2957D6C1226F029230DAC2C46D34286, C581D967C96DD3EC1DFFEDF01087A3042FED333CFF389698FCC7396B79B8C13F ] IntcAzAudAddService C:\XP\system32\drivers\RtkHDAud.sys
19:59:48.0375 0x0be8  IntcAzAudAddService - ok
19:59:48.0421 0x0be8  IntelIde - ok
19:59:48.0437 0x0be8  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\XP\system32\DRIVERS\intelppm.sys
19:59:48.0437 0x0be8  intelppm - ok
19:59:48.0531 0x0be8  [ 692BCDCEAB912922A6BB015F45ABE862, 53FE66EB7CDC497EE5BB3FBF6F67E50BF8468B7EB37326A73825845E96D4AAE2 ] InterBaseGuardian C:\Borland\InterBase\bin\ibguard.exe
19:59:48.0531 0x0be8  InterBaseGuardian - ok
19:59:48.0718 0x0be8  [ 1DF5DB8996EC9D5FFCE0A60135C33F8F, 8731A7027CFE4ECF4E403A66DB88796FA81089B2FE46BAF60B0BF546CEE23541 ] InterBaseServer C:\Borland\InterBase\bin\ibserver.exe
19:59:48.0765 0x0be8  InterBaseServer - ok
19:59:48.0796 0x0be8  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\XP\system32\drivers\ip6fw.sys
19:59:48.0796 0x0be8  Ip6Fw - ok
19:59:48.0812 0x0be8  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\XP\system32\DRIVERS\ipfltdrv.sys
19:59:48.0812 0x0be8  IpFilterDriver - ok
19:59:48.0828 0x0be8  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\XP\system32\DRIVERS\ipinip.sys
19:59:48.0828 0x0be8  IpInIp - ok
19:59:48.0859 0x0be8  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\XP\system32\DRIVERS\ipnat.sys
19:59:48.0859 0x0be8  IpNat - ok
19:59:48.0890 0x0be8  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\XP\system32\DRIVERS\ipsec.sys
19:59:48.0890 0x0be8  IPSec - ok
19:59:48.0906 0x0be8  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\XP\system32\DRIVERS\irenum.sys
19:59:48.0906 0x0be8  IRENUM - ok
19:59:48.0937 0x0be8  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\XP\system32\DRIVERS\isapnp.sys
19:59:48.0937 0x0be8  isapnp - ok
19:59:49.0046 0x0be8  [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
19:59:49.0046 0x0be8  JavaQuickStarterService - ok
19:59:49.0078 0x0be8  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\XP\system32\DRIVERS\kbdclass.sys
19:59:49.0078 0x0be8  Kbdclass - ok
19:59:49.0093 0x0be8  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\XP\system32\DRIVERS\kbdhid.sys
19:59:49.0093 0x0be8  kbdhid - ok
19:59:49.0156 0x0be8  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\XP\system32\drivers\kmixer.sys
19:59:49.0156 0x0be8  kmixer - ok
19:59:49.0187 0x0be8  [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD          C:\XP\system32\drivers\KSecDD.sys
19:59:49.0187 0x0be8  KSecDD - ok
19:59:49.0250 0x0be8  [ F385F4B02C535BFFE1D70CAB80838123, A1695E161673BCB77CE150C2D98A07FCB454C53F10EEBECD754D2CC40DEAA1E0 ] LanmanServer    C:\XP\System32\srvsvc.dll
19:59:49.0265 0x0be8  LanmanServer - ok
19:59:49.0312 0x0be8  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6, 48A6DB1EC7515F0DDD0639AEE3056F32C273B4D541F3647915A32ABA140DA34A ] lanmanworkstation C:\XP\System32\wkssvc.dll
19:59:49.0328 0x0be8  lanmanworkstation - ok
19:59:49.0359 0x0be8  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\XP\System32\lmhsvc.dll
19:59:49.0375 0x0be8  LmHosts - ok
19:59:49.0406 0x0be8  [ 4A5FFDF0FE830C448830BD4B02B02B4B, 777603317D35A1FEDFF985A6387A5C9C5E1C42C35513699BCD70A0C7AE762600 ] mbamchameleon   C:\XP\system32\drivers\mbamchameleon.sys
19:59:49.0421 0x0be8  mbamchameleon - ok
19:59:49.0437 0x0be8  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\XP\system32\drivers\mbamswissarmy.sys
19:59:49.0437 0x0be8  MBAMSwissArmy - ok
19:59:49.0546 0x0be8  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
19:59:49.0562 0x0be8  MDM - ok
19:59:49.0609 0x0be8  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\XP\System32\msgsvc.dll
19:59:49.0609 0x0be8  Messenger - ok
19:59:49.0625 0x0be8  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\XP\system32\drivers\mnmdd.sys
19:59:49.0625 0x0be8  mnmdd - ok
19:59:49.0703 0x0be8  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\XP\system32\mnmsrvc.exe
19:59:49.0703 0x0be8  mnmsrvc - ok
19:59:49.0734 0x0be8  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\XP\system32\drivers\Modem.sys
19:59:49.0734 0x0be8  Modem - ok
19:59:49.0765 0x0be8  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\XP\system32\DRIVERS\mouclass.sys
19:59:49.0765 0x0be8  Mouclass - ok
19:59:49.0781 0x0be8  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\XP\system32\DRIVERS\mouhid.sys
19:59:49.0781 0x0be8  mouhid - ok
19:59:49.0796 0x0be8  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\XP\system32\drivers\MountMgr.sys
19:59:49.0796 0x0be8  MountMgr - ok
19:59:49.0843 0x0be8  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:59:49.0843 0x0be8  MozillaMaintenance - ok
19:59:49.0859 0x0be8  mraid35x - ok
19:59:49.0890 0x0be8  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\XP\system32\DRIVERS\mrxdav.sys
19:59:49.0906 0x0be8  MRxDAV - ok
19:59:49.0968 0x0be8  [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb          C:\XP\system32\DRIVERS\mrxsmb.sys
19:59:49.0984 0x0be8  MRxSmb - ok
19:59:50.0062 0x0be8  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\XP\system32\msdtc.exe
19:59:50.0062 0x0be8  MSDTC - ok
19:59:50.0093 0x0be8  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\XP\system32\drivers\Msfs.sys
19:59:50.0093 0x0be8  Msfs - ok
19:59:50.0171 0x0be8  MSIServer - ok
19:59:50.0203 0x0be8  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\XP\system32\drivers\MSKSSRV.sys
19:59:50.0203 0x0be8  MSKSSRV - ok
19:59:50.0218 0x0be8  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\XP\system32\drivers\MSPCLOCK.sys
19:59:50.0218 0x0be8  MSPCLOCK - ok
19:59:50.0218 0x0be8  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\XP\system32\drivers\MSPQM.sys
19:59:50.0218 0x0be8  MSPQM - ok
19:59:50.0250 0x0be8  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\XP\system32\DRIVERS\mssmbios.sys
19:59:50.0250 0x0be8  mssmbios - ok
19:59:50.0281 0x0be8  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\XP\system32\drivers\MSTEE.sys
19:59:50.0281 0x0be8  MSTEE - ok
19:59:50.0312 0x0be8  [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup             C:\XP\system32\drivers\Mup.sys
19:59:50.0312 0x0be8  Mup - ok
19:59:50.0359 0x0be8  MySQL - ok
19:59:50.0390 0x0be8  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\XP\system32\DRIVERS\NABTSFEC.sys
19:59:50.0390 0x0be8  NABTSFEC - ok
19:59:50.0484 0x0be8  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\XP\System32\qagentrt.dll
19:59:50.0500 0x0be8  napagent - ok
19:59:50.0546 0x0be8  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\XP\system32\drivers\NDIS.sys
19:59:50.0546 0x0be8  NDIS - ok
19:59:50.0578 0x0be8  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\XP\system32\DRIVERS\NdisIP.sys
19:59:50.0578 0x0be8  NdisIP - ok
19:59:50.0593 0x0be8  [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi        C:\XP\system32\DRIVERS\ndistapi.sys
19:59:50.0593 0x0be8  NdisTapi - ok
19:59:50.0609 0x0be8  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\XP\system32\DRIVERS\ndisuio.sys
19:59:50.0609 0x0be8  Ndisuio - ok
19:59:50.0625 0x0be8  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\XP\system32\DRIVERS\ndiswan.sys
19:59:50.0640 0x0be8  NdisWan - ok
19:59:50.0640 0x0be8  [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy         C:\XP\system32\drivers\NDProxy.sys
19:59:50.0640 0x0be8  NDProxy - ok
19:59:50.0656 0x0be8  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\XP\system32\DRIVERS\netbios.sys
19:59:50.0656 0x0be8  NetBIOS - ok
19:59:50.0718 0x0be8  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\XP\system32\DRIVERS\netbt.sys
19:59:50.0718 0x0be8  NetBT - ok
19:59:50.0781 0x0be8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\XP\system32\netdde.exe
19:59:50.0781 0x0be8  NetDDE - ok
19:59:50.0796 0x0be8  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\XP\system32\netdde.exe
19:59:50.0796 0x0be8  NetDDEdsdm - ok
19:59:50.0875 0x0be8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\XP\system32\lsass.exe
19:59:50.0875 0x0be8  Netlogon - ok
19:59:50.0937 0x0be8  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\XP\System32\netman.dll
19:59:50.0937 0x0be8  Netman - ok
19:59:51.0156 0x0be8  [ E0860951A0294826BE9D1A64A42370B4, A62E8BDB5CA36E608CE47B54565B6D32837BF9F2FF2E16547908FAFDC2A6EA49 ] NETw4x32        C:\XP\system32\DRIVERS\NETw4x32.sys
19:59:51.0203 0x0be8  NETw4x32 - ok
19:59:51.0281 0x0be8  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\XP\system32\DRIVERS\nic1394.sys
19:59:51.0281 0x0be8  NIC1394 - ok
19:59:51.0312 0x0be8  [ B4138E99236F0F57D4CF49BAE98A0746, DDEAE046C1165C41F06933E808B143118208B02BB83FA80BEF8F550D4DC78149 ] Nla             C:\XP\System32\mswsock.dll
19:59:51.0328 0x0be8  Nla - ok
19:59:51.0359 0x0be8  [ 1E421A6BCF2203CC61B821ADA9DE878B, C658F1D5DCE7525CF929C65C46AB2881C99D89BF8F0F61C1D440C9D9BFB2F89F ] nm              C:\XP\system32\DRIVERS\NMnt.sys
19:59:51.0359 0x0be8  nm - ok
19:59:51.0390 0x0be8  [ 25401B0C9576C8456B3E0BBD74FF0771, BB569C99360A631850537DC2EDA0BF85D091CC30BD98B3FD2AC9DABDFB7741DA ] NPF             C:\XP\system32\drivers\npf.sys
19:59:51.0390 0x0be8  NPF - ok
19:59:51.0406 0x0be8  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\XP\system32\drivers\Npfs.sys
19:59:51.0406 0x0be8  Npfs - ok
19:59:51.0468 0x0be8  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\XP\system32\drivers\Ntfs.sys
19:59:51.0484 0x0be8  Ntfs - ok
19:59:51.0531 0x0be8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\XP\system32\lsass.exe
19:59:51.0531 0x0be8  NtLmSsp - ok
19:59:51.0625 0x0be8  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\XP\system32\ntmssvc.dll
19:59:51.0640 0x0be8  NtmsSvc - ok
19:59:51.0656 0x0be8  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\XP\system32\drivers\Null.sys
19:59:51.0656 0x0be8  Null - ok
19:59:51.0671 0x0be8  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\XP\system32\DRIVERS\nwlnkflt.sys
19:59:51.0687 0x0be8  NwlnkFlt - ok
19:59:51.0687 0x0be8  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\XP\system32\DRIVERS\nwlnkfwd.sys
19:59:51.0687 0x0be8  NwlnkFwd - ok
19:59:51.0859 0x0be8  [ AE404E89E2A936CE62A27A104894D6B4, DE37DEE4CE1BF4B8AC1E0EDCB8B3C8C222DE7DFA93C8265DA6ADADB7115615A7 ] O&O Defrag      C:\XP\system32\oodag.exe
19:59:51.0906 0x0be8  O&O Defrag - ok
19:59:51.0921 0x0be8  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\XP\system32\DRIVERS\ohci1394.sys
19:59:51.0921 0x0be8  ohci1394 - ok
19:59:52.0000 0x0be8  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:59:52.0000 0x0be8  ose - ok
19:59:52.0062 0x0be8  [ 937A02981F11B2CE96B1D493C95AED2B, C619E1B6593E4BF740E631CC5A886C8E10D8796145C0A38417F9C599C2F54191 ] p2pgasvc        C:\XP\system32\p2pgasvc.dll
19:59:52.0078 0x0be8  p2pgasvc - ok
19:59:52.0203 0x0be8  [ 4A1035CB8F0D57BE41873B5183D96CF4, D6F53EEEA56C724BF3F7DABC2DD7E1E995B07BE32CB0AF0F77EB6651B741F050 ] p2pimsvc        C:\XP\system32\p2psvc.dll
19:59:52.0218 0x0be8  p2pimsvc - ok
19:59:52.0250 0x0be8  [ 4A1035CB8F0D57BE41873B5183D96CF4, D6F53EEEA56C724BF3F7DABC2DD7E1E995B07BE32CB0AF0F77EB6651B741F050 ] p2psvc          C:\XP\system32\p2psvc.dll
19:59:52.0281 0x0be8  p2psvc - ok
19:59:52.0312 0x0be8  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\XP\system32\drivers\Parport.sys
19:59:52.0312 0x0be8  Parport - ok
19:59:52.0328 0x0be8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\XP\system32\drivers\PartMgr.sys
19:59:52.0343 0x0be8  PartMgr - ok
19:59:52.0359 0x0be8  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\XP\system32\drivers\ParVdm.sys
19:59:52.0359 0x0be8  ParVdm - ok
19:59:52.0375 0x0be8  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\XP\system32\DRIVERS\pci.sys
19:59:52.0375 0x0be8  PCI - ok
19:59:52.0375 0x0be8  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\XP\system32\DRIVERS\pciide.sys
19:59:52.0390 0x0be8  PCIIde - ok
19:59:52.0406 0x0be8  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\XP\system32\DRIVERS\pcmcia.sys
19:59:52.0406 0x0be8  Pcmcia - ok
19:59:52.0421 0x0be8  perc2 - ok
19:59:52.0421 0x0be8  perc2hib - ok
19:59:52.0500 0x0be8  [ A62753E0A56A247715B793EF5A149E21, 8D063E7738FDB94B1189C1855D18B7AA5193837A1E10BD42FFB4F178CCFAD5FC ] PersFw          C:\Program Files\Kerio PF\persfw.exe
19:59:52.0500 0x0be8  PersFw - ok
19:59:52.0546 0x0be8  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] PlugPlay        C:\XP\system32\services.exe
19:59:52.0562 0x0be8  PlugPlay - ok
19:59:52.0593 0x0be8  [ 4A1035CB8F0D57BE41873B5183D96CF4, D6F53EEEA56C724BF3F7DABC2DD7E1E995B07BE32CB0AF0F77EB6651B741F050 ] PNRPSvc         C:\XP\system32\p2psvc.dll
19:59:52.0609 0x0be8  PNRPSvc - ok
19:59:52.0640 0x0be8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\XP\system32\lsass.exe
19:59:52.0656 0x0be8  PolicyAgent - ok
19:59:52.0703 0x0be8  postgresql-8.4 - ok
19:59:52.0718 0x0be8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\XP\system32\DRIVERS\raspptp.sys
19:59:52.0718 0x0be8  PptpMiniport - ok
19:59:52.0750 0x0be8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\XP\system32\lsass.exe
19:59:52.0750 0x0be8  ProtectedStorage - ok
19:59:52.0765 0x0be8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\XP\system32\DRIVERS\ptilink.sys
19:59:52.0765 0x0be8  Ptilink - ok
19:59:52.0765 0x0be8  ql1080 - ok
19:59:52.0781 0x0be8  Ql10wnt - ok
19:59:52.0781 0x0be8  ql12160 - ok
19:59:52.0796 0x0be8  ql1240 - ok
19:59:52.0796 0x0be8  ql1280 - ok
19:59:52.0812 0x0be8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\XP\system32\DRIVERS\rasacd.sys
19:59:52.0812 0x0be8  RasAcd - ok
19:59:52.0843 0x0be8  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\XP\System32\rasauto.dll
19:59:52.0859 0x0be8  RasAuto - ok
19:59:52.0875 0x0be8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\XP\system32\DRIVERS\rasl2tp.sys
19:59:52.0875 0x0be8  Rasl2tp - ok
19:59:52.0921 0x0be8  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\XP\System32\rasmans.dll
19:59:52.0921 0x0be8  RasMan - ok
19:59:52.0953 0x0be8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\XP\system32\DRIVERS\raspppoe.sys
19:59:52.0953 0x0be8  RasPppoe - ok
19:59:52.0953 0x0be8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\XP\system32\DRIVERS\raspti.sys
19:59:52.0953 0x0be8  Raspti - ok
19:59:53.0000 0x0be8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\XP\system32\DRIVERS\rdbss.sys
19:59:53.0000 0x0be8  Rdbss - ok
19:59:53.0000 0x0be8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\XP\system32\DRIVERS\RDPCDD.sys
19:59:53.0015 0x0be8  RDPCDD - ok
19:59:53.0031 0x0be8  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\XP\system32\DRIVERS\rdpdr.sys
19:59:53.0046 0x0be8  rdpdr - ok
19:59:53.0078 0x0be8  [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD           C:\XP\system32\drivers\RDPWD.sys
19:59:53.0078 0x0be8  RDPWD - ok
19:59:53.0125 0x0be8  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\XP\system32\sessmgr.exe
19:59:53.0125 0x0be8  RDSessMgr - ok
19:59:53.0156 0x0be8  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\XP\system32\DRIVERS\redbook.sys
19:59:53.0156 0x0be8  redbook - ok
19:59:53.0187 0x0be8  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\XP\System32\mprdim.dll
19:59:53.0187 0x0be8  RemoteAccess - ok
19:59:53.0250 0x0be8  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\XP\system32\regsvc.dll
19:59:53.0250 0x0be8  RemoteRegistry - ok
19:59:53.0250 0x0be8  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\XP\system32\Drivers\RootMdm.sys
19:59:53.0250 0x0be8  ROOTMODEM - ok
19:59:53.0328 0x0be8  [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
19:59:53.0328 0x0be8  rpcapd - ok
19:59:53.0375 0x0be8  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\XP\system32\locator.exe
19:59:53.0375 0x0be8  RpcLocator - ok
19:59:53.0453 0x0be8  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] RpcSs           C:\XP\System32\rpcss.dll
19:59:53.0468 0x0be8  RpcSs - ok
19:59:53.0500 0x0be8  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\XP\system32\rsvp.exe
19:59:53.0500 0x0be8  RSVP - ok
19:59:53.0531 0x0be8  [ 89619EF503F949FAE09252A8B883EE11, D410C0BE5E930CABE5523FBE071814500AE9C7B29054DFE98B14904A4A221423 ] RTLE8023xp      C:\XP\system32\DRIVERS\Rtenicxp.sys
19:59:53.0531 0x0be8  RTLE8023xp - ok
19:59:53.0593 0x0be8  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\XP\system32\lsass.exe
19:59:53.0609 0x0be8  SamSs - ok
19:59:53.0640 0x0be8  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\XP\System32\SCardSvr.exe
19:59:53.0640 0x0be8  SCardSvr - ok
19:59:53.0703 0x0be8  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\XP\system32\schedsvc.dll
19:59:53.0703 0x0be8  Schedule - ok
19:59:53.0718 0x0be8  [ A643D6DF1B7546256B11FB5D6B5D1375, 85AA8B4A888D4CF73420E99BC1E5ECB17AFAB571A6F18433B94A3909A2C3682C ] SCREAMINGBDRIVER C:\XP\system32\drivers\ScreamingBAudio.sys
19:59:53.0718 0x0be8  SCREAMINGBDRIVER - ok
19:59:53.0734 0x0be8  [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus           C:\XP\system32\DRIVERS\sdbus.sys
19:59:53.0750 0x0be8  sdbus - ok
19:59:54.0140 0x0be8  [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files\Spybot2\SDFSSvc.exe
19:59:54.0296 0x0be8  SDScannerService - ok
19:59:54.0484 0x0be8  [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files\Spybot2\SDUpdSvc.exe
19:59:54.0500 0x0be8  SDUpdateService - ok
19:59:54.0562 0x0be8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\XP\system32\DRIVERS\secdrv.sys
19:59:54.0562 0x0be8  Secdrv - ok
19:59:54.0578 0x0be8  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\XP\System32\seclogon.dll
19:59:54.0578 0x0be8  seclogon - ok
19:59:54.0593 0x0be8  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\XP\system32\sens.dll
19:59:54.0593 0x0be8  SENS - ok
19:59:54.0625 0x0be8  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\XP\system32\drivers\Serial.sys
19:59:54.0625 0x0be8  Serial - ok
19:59:54.0656 0x0be8  [ 0FA803C64DF0914B41F807EA276BF2A6, 847B1CD47ADF9E4AE298E74CC53A7F9DB4E58F43919D3A2BBFFE07244134778D ] sffdisk         C:\XP\system32\DRIVERS\sffdisk.sys
19:59:54.0656 0x0be8  sffdisk - ok
19:59:54.0671 0x0be8  [ C17C331E435ED8737525C86A7557B3AC, F1DEB2CA5D8E02280782B354A31E148E3A2F2B5F57AD6C575875DE20F6D3C930 ] sffp_sd         C:\XP\system32\DRIVERS\sffp_sd.sys
19:59:54.0671 0x0be8  sffp_sd - ok
19:59:54.0671 0x0be8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\XP\system32\drivers\Sfloppy.sys
19:59:54.0671 0x0be8  Sfloppy - ok
19:59:54.0734 0x0be8  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\XP\System32\ipnathlp.dll
19:59:54.0734 0x0be8  SharedAccess - ok
19:59:54.0781 0x0be8  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] ShellHWDetection C:\XP\System32\shsvcs.dll
19:59:54.0781 0x0be8  ShellHWDetection - ok
19:59:54.0796 0x0be8  Simbad - ok
19:59:54.0875 0x0be8  [ 886A3944D9A4ACD6940EEC46E776A1C1, D4A8E15A09F093843DC624840522996D3D701EC78703A2F280943BB1E984362F ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:59:54.0875 0x0be8  SkypeUpdate - ok
19:59:54.0906 0x0be8  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\XP\system32\DRIVERS\SLIP.sys
19:59:54.0906 0x0be8  SLIP - ok
19:59:54.0921 0x0be8  Sparrow - ok
19:59:54.0937 0x0be8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\XP\system32\drivers\splitter.sys
19:59:54.0937 0x0be8  splitter - ok
19:59:54.0984 0x0be8  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B, 130D686A220AF97EBF33DD481B79990F259B4EE38DD95A35CD3D0F0517790FF0 ] Spooler         C:\XP\system32\spoolsv.exe
19:59:54.0984 0x0be8  Spooler - ok
19:59:55.0109 0x0be8  [ D15DA1BA189770D93EEA2D7E18F95AF9, 9B0BB676CF0CD1AACE915A624F13939CB152F136E13F58E6156984BD92F6BA2E ] sptd            C:\XP\system32\Drivers\sptd.sys
19:59:55.0140 0x0be8  sptd - ok
19:59:55.0187 0x0be8  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\XP\system32\DRIVERS\sr.sys
19:59:55.0187 0x0be8  sr - ok
19:59:55.0265 0x0be8  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\XP\system32\srsvc.dll
19:59:55.0281 0x0be8  srservice - ok
19:59:55.0328 0x0be8  [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv             C:\XP\system32\DRIVERS\srv.sys
19:59:55.0343 0x0be8  Srv - ok
19:59:55.0421 0x0be8  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\XP\System32\ssdpsrv.dll
19:59:55.0437 0x0be8  SSDPSRV - ok
19:59:55.0531 0x0be8  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\XP\system32\wiaservc.dll
19:59:55.0546 0x0be8  stisvc - ok
19:59:55.0562 0x0be8  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\XP\system32\DRIVERS\StreamIP.sys
19:59:55.0562 0x0be8  streamip - ok
19:59:55.0578 0x0be8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\XP\system32\DRIVERS\swenum.sys
19:59:55.0578 0x0be8  swenum - ok
19:59:55.0609 0x0be8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\XP\system32\drivers\swmidi.sys
19:59:55.0609 0x0be8  swmidi - ok
19:59:55.0687 0x0be8  SwPrv - ok
19:59:55.0703 0x0be8  symc810 - ok
19:59:55.0703 0x0be8  symc8xx - ok
19:59:55.0718 0x0be8  sym_hi - ok
19:59:55.0734 0x0be8  sym_u3 - ok
19:59:55.0781 0x0be8  [ B02703203FF94CF4C785E1D8D6EE2596, FCDB55BD0B5052DB93CC5EF039956025B9ED51E7F6F608BC1812741AA4DA44EC ] SynTP           C:\XP\system32\DRIVERS\SynTP.sys
19:59:55.0796 0x0be8  SynTP - ok
19:59:55.0812 0x0be8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\XP\system32\drivers\sysaudio.sys
19:59:55.0812 0x0be8  sysaudio - ok
19:59:55.0875 0x0be8  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\XP\system32\smlogsvc.exe
19:59:55.0875 0x0be8  SysmonLog - ok
19:59:55.0953 0x0be8  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\XP\System32\tapisrv.dll
19:59:55.0968 0x0be8  TapiSrv - ok
19:59:56.0046 0x0be8  [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip           C:\XP\system32\DRIVERS\tcpip.sys
19:59:56.0062 0x0be8  Tcpip - ok
19:59:56.0109 0x0be8  [ AA7A55536096D646DC7AB0AC5641E9E8, 7E623BBDAFFC24E7F5A9035C33E1B0649086F87D8560474EA744167D1BB20CE2 ] Tcpip6          C:\XP\system32\DRIVERS\tcpip6.sys
19:59:56.0109 0x0be8  Tcpip6 - ok
19:59:56.0140 0x0be8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\XP\system32\drivers\TDPIPE.sys
19:59:56.0140 0x0be8  TDPIPE - ok
19:59:56.0156 0x0be8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\XP\system32\drivers\TDTCP.sys
19:59:56.0156 0x0be8  TDTCP - ok
19:59:56.0171 0x0be8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\XP\system32\DRIVERS\termdd.sys
19:59:56.0171 0x0be8  TermDD - ok
19:59:56.0265 0x0be8  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\XP\System32\termsrv.dll
19:59:56.0281 0x0be8  TermService - ok
19:59:56.0343 0x0be8  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] Themes          C:\XP\System32\shsvcs.dll
19:59:56.0343 0x0be8  Themes - ok
19:59:56.0390 0x0be8  [ E4C85C291DDB3DC5E4A2F227CA465BA6, 743AC3C497DE0DEA466E52FA992DF9AFF65C2F8ED6C6FD69DF3C14221E05DDD2 ] tifm21          C:\XP\system32\drivers\tifm21.sys
19:59:56.0406 0x0be8  tifm21 - ok
19:59:56.0453 0x0be8  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\XP\system32\tlntsvr.exe
19:59:56.0468 0x0be8  TlntSvr - ok
19:59:56.0562 0x0be8  [ 3C47A2841BB479201CB356285BC2B18E, 42015E2DE004F022C071AE4433B1DECF0C7C0660B23855CE2D902B44E1901F2B ] TOSHIBA Bluetooth Service C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
19:59:56.0562 0x0be8  TOSHIBA Bluetooth Service - ok
19:59:56.0578 0x0be8  TosIde - ok
19:59:56.0609 0x0be8  [ 90AFA1A4451BBBEE87C9F18A665D8121, 592AE754F117018E8777C541437544E1BC7FD93F460F3EE5DDBBC150448BFBD7 ] tosporte        C:\XP\system32\DRIVERS\tosporte.sys
19:59:56.0609 0x0be8  tosporte - ok
19:59:56.0656 0x0be8  [ 360F19E411F0B94BDCC59E670C979392, 153AA4CB47CB9F46899B86707A90C14939B87C5A6B1CFA9E068CB41DE0AB202C ] tosrfbd         C:\XP\system32\DRIVERS\tosrfbd.sys
19:59:56.0656 0x0be8  tosrfbd - ok
19:59:56.0703 0x0be8  [ 74392BAB3F0D4810DA8436EC79D6955D, 8BF02D67CE1B1C4F2E3624FF6EFEA798F8735F3D8B8AF82D0754B0A63BDCCA38 ] tosrfbnp        C:\XP\system32\Drivers\tosrfbnp.sys
19:59:56.0703 0x0be8  tosrfbnp - ok
19:59:56.0734 0x0be8  [ 1AD9EB1B5ABD0AEEE4084C8153476F1E, 8B527DDB38710B5A19956DDF56AE8CDDD9590ADD4731CACB7086A8626CF4A29B ] Tosrfcom        C:\XP\system32\Drivers\tosrfcom.sys
19:59:56.0734 0x0be8  Tosrfcom - ok
19:59:56.0750 0x0be8  [ 9EE240F7029771B21CC6200BE6516D60, BF0ADEDE8D2EBDD081A0B0C68FFF36BB2EF50D79C5C709E21CC0D4C46F173794 ] tosrfec         C:\XP\system32\DRIVERS\tosrfec.sys
19:59:56.0750 0x0be8  tosrfec - ok
19:59:56.0781 0x0be8  [ A72A3473180F378CC07D342803FFD580, A3CCF5CD9A3EE8B8FF9E9175BEB51783F9378B22562D90A8D901FD8BE901CCD3 ] Tosrfhid        C:\XP\system32\DRIVERS\Tosrfhid.sys
19:59:56.0781 0x0be8  Tosrfhid - ok
19:59:56.0812 0x0be8  [ B2A1A6538245FD69578224BBF2FD4677, 0393ECF2541A269169BA23D007266750958CD35E05FA7FCBEE1CF9727E07D9C4 ] tosrfnds        C:\XP\system32\DRIVERS\tosrfnds.sys
19:59:56.0812 0x0be8  tosrfnds - ok
19:59:56.0843 0x0be8  [ 6DB1660C5F66E6121A454E869290614A, B0D38195055977173454BEDE595F79F674C37C94C3E5734610FF1316759E57EF ] TosRfSnd        C:\XP\system32\drivers\tosrfsnd.sys
19:59:56.0843 0x0be8  TosRfSnd - ok
19:59:56.0875 0x0be8  [ 1734A114593150A2D2C2876B99151B2C, F9AEDEDFB09B5F22856E2662386643EDE04F914BD078F49E8CC67B8C2E297B98 ] Tosrfusb        C:\XP\system32\DRIVERS\tosrfusb.sys
19:59:56.0890 0x0be8  Tosrfusb - ok
19:59:56.0937 0x0be8  [ 9FFFFB4C5B06C7B75E8159F1106006AC, 925081F2D15EF34BBC74AC5BAB4673A82708AAF266761B6F377D55CB83706AC7 ] TPwSav          C:\XP\system32\drivers\TPwSav.sys
19:59:56.0937 0x0be8  TPwSav - ok
19:59:56.0968 0x0be8  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\XP\system32\trkwks.dll
19:59:56.0984 0x0be8  TrkWks - ok
19:59:57.0000 0x0be8  [ 8F861EDA21C05857EB8197300A92501C, 374FF9464F273610A051B9220C8D20F01FD4DD029095A7BE37244E20C5C8B5BB ] tunmp           C:\XP\system32\DRIVERS\tunmp.sys
19:59:57.0000 0x0be8  tunmp - ok
19:59:57.0015 0x0be8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\XP\system32\drivers\Udfs.sys
19:59:57.0031 0x0be8  Udfs - ok
19:59:57.0031 0x0be8  ultra - ok
19:59:57.0109 0x0be8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\XP\system32\DRIVERS\update.sys
19:59:57.0125 0x0be8  Update - ok
19:59:57.0187 0x0be8  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\XP\System32\upnphost.dll
19:59:57.0203 0x0be8  upnphost - ok
19:59:57.0250 0x0be8  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\XP\System32\ups.exe
19:59:57.0250 0x0be8  UPS - ok
19:59:57.0281 0x0be8  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\XP\system32\DRIVERS\usbccgp.sys
19:59:57.0281 0x0be8  usbccgp - ok
19:59:57.0296 0x0be8  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\XP\system32\DRIVERS\usbehci.sys
19:59:57.0296 0x0be8  usbehci - ok
19:59:57.0328 0x0be8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\XP\system32\DRIVERS\usbhub.sys
19:59:57.0328 0x0be8  usbhub - ok
19:59:57.0375 0x0be8  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\XP\system32\DRIVERS\usbprint.sys
19:59:57.0375 0x0be8  usbprint - ok
19:59:57.0390 0x0be8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\XP\system32\DRIVERS\USBSTOR.SYS
19:59:57.0390 0x0be8  USBSTOR - ok
19:59:57.0406 0x0be8  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\XP\system32\DRIVERS\usbuhci.sys
19:59:57.0406 0x0be8  usbuhci - ok
19:59:57.0453 0x0be8  [ 63BBFCA7F390F4C49ED4B96BFB1633E0, AEB89CF43376709CDD715D844E8CBB8F2BE24D39795F45F7C84F21962F3A52AB ] usbvideo        C:\XP\system32\Drivers\usbvideo.sys
19:59:57.0453 0x0be8  usbvideo - ok
19:59:57.0468 0x0be8  [ 3B929A72AAEA96DC0150D3A6DA268C89, 1F96D0ACEBAE7BBB7E6FEAD7C7D3C31F98E3874765BE34A76D31E2F69CBD04B4 ] UVCFTR          C:\XP\system32\Drivers\UVCFTR_S.SYS
19:59:57.0468 0x0be8  UVCFTR - ok
19:59:57.0484 0x0be8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\XP\System32\drivers\vga.sys
19:59:57.0484 0x0be8  VgaSave - ok
19:59:57.0500 0x0be8  ViaIde - ok
19:59:57.0515 0x0be8  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\XP\system32\drivers\VolSnap.sys
19:59:57.0515 0x0be8  VolSnap - ok
19:59:57.0593 0x0be8  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\XP\System32\vssvc.exe
19:59:57.0609 0x0be8  VSS - ok
19:59:57.0671 0x0be8  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\XP\system32\w32time.dll
19:59:57.0671 0x0be8  W32Time - ok
19:59:57.0703 0x0be8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\XP\system32\DRIVERS\wanarp.sys
19:59:57.0703 0x0be8  Wanarp - ok
19:59:57.0750 0x0be8  [ 4074C9CBB02F817B508265A13546C79E, 3BEB54B90240A2BF255C49E65371BCB118012C1A41EF6542E21E538B179B462F ] wanusb          C:\XP\system32\DRIVERS\gwausb.sys
19:59:57.0750 0x0be8  wanusb - ok
19:59:57.0781 0x0be8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\XP\system32\drivers\wdmaud.sys
19:59:57.0781 0x0be8  wdmaud - ok
19:59:57.0828 0x0be8  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\XP\System32\webclnt.dll
19:59:57.0828 0x0be8  WebClient - ok
19:59:57.0890 0x0be8  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\XP\system32\wbem\WMIsvc.dll
19:59:57.0890 0x0be8  winmgmt - ok
19:59:57.0953 0x0be8  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\XP\system32\mspmsnsv.dll
19:59:57.0968 0x0be8  WmdmPmSN - ok
19:59:58.0062 0x0be8  [ BAB489A5FE26F2D0C910CF7AF7E4CF92, 700325258CA7A2BC2D7AA6E3176194D21229BEA76EA37BEAE117BBF87CE4ECD4 ] Wmi             C:\XP\System32\advapi32.dll
19:59:58.0093 0x0be8  Wmi - ok
19:59:58.0140 0x0be8  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\XP\system32\wbem\wmiapsrv.exe
19:59:58.0140 0x0be8  WmiApSrv - ok
19:59:58.0171 0x0be8  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\XP\System32\drivers\ws2ifsl.sys
19:59:58.0171 0x0be8  WS2IFSL - ok
19:59:58.0218 0x0be8  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\XP\system32\wscsvc.dll
19:59:58.0234 0x0be8  wscsvc - ok
19:59:58.0265 0x0be8  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\XP\system32\DRIVERS\WSTCODEC.SYS
19:59:58.0265 0x0be8  WSTCODEC - ok
19:59:58.0312 0x0be8  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\XP\system32\wuauserv.dll
19:59:58.0328 0x0be8  wuauserv - ok
19:59:58.0421 0x0be8  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\XP\System32\wzcsvc.dll
19:59:58.0437 0x0be8  WZCSVC - ok
19:59:58.0500 0x0be8  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\XP\System32\xmlprov.dll
19:59:58.0515 0x0be8  xmlprov - ok
19:59:58.0531 0x0be8  ================ Scan global ===============================
19:59:58.0656 0x0be8  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\XP\system32\basesrv.dll
19:59:58.0765 0x0be8  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\XP\system32\winsrv.dll
19:59:58.0859 0x0be8  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\XP\system32\winsrv.dll
19:59:58.0921 0x0be8  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] C:\XP\system32\services.exe
19:59:58.0921 0x0be8  [ Global ] - ok
19:59:58.0921 0x0be8  ================ Scan MBR ==================================
19:59:58.0937 0x0be8  [ 671B81004FDD1588FA9ED1331C9CECA9 ] \Device\Harddisk0\DR0
19:59:59.0359 0x0be8  \Device\Harddisk0\DR0 - ok
19:59:59.0375 0x0be8  ================ Scan VBR ==================================
19:59:59.0375 0x0be8  [ BEB0A9FD905396C9A25CBD1408838620 ] \Device\Harddisk0\DR0\Partition1
19:59:59.0375 0x0be8  \Device\Harddisk0\DR0\Partition1 - ok
19:59:59.0375 0x0be8  [ 50ECFBCF2DC53B844273834817071A01 ] \Device\Harddisk0\DR0\Partition2
19:59:59.0375 0x0be8  \Device\Harddisk0\DR0\Partition2 - ok
19:59:59.0406 0x0be8  [ 92BAE018B3B5D75FF837C47B6EAF6DB7 ] \Device\Harddisk0\DR0\Partition3
19:59:59.0406 0x0be8  \Device\Harddisk0\DR0\Partition3 - ok
19:59:59.0453 0x0be8  ============================================================
19:59:59.0453 0x0be8  Scan finished
19:59:59.0453 0x0be8  ============================================================
19:59:59.0468 0x0a10  Detected object count: 0
19:59:59.0468 0x0a10  Actual detected object count: 0
 
================================================================================================================
 
# AdwCleaner v3.017 - Report created 21/01/2014 at 20:06:53
# Updated 12/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Akim - HAGAL
# Running from : C:\1\Junkware\adwcleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v6.0.2900.5512
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
[ File : C:\Documents and Settings\Akim\Application Data\Mozilla\Firefox\Profiles\lufypslf.default\prefs.js ]
 
 
*************************
 
AdwCleaner[R2].txt - [633 octets] - [21/01/2014 20:06:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [692 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by Akim on 21.01.14 at 19:30:39.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\Documents and Settings\Akim\Local Settings\Application Data\hosts"
 
####### Comment ###### i see no 'hosts' there manually =(
 
~~~ FireFox
 
Successfully deleted: [File] C:\Documents and Settings\Akim\Application Data\mozilla\firefox\profiles\lufypslf.default\extensions\searchy@searchy.xpi
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 21.01.14 at 19:34:59.12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Farbar Service Scanner Version: 08-01-2014
Ran by Akim (administrator) on 21-01-2014 at 19:43:50
Running from "D:\Down"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
IE proxy is enabled.
ProxyServer: 127.0.0.1:8118
 
 
Windows Firewall:
=============
sharedaccess Service is not running. Checking service configuration:
The start type of sharedaccess service is set to Disabled. The default start type is Auto.
The ImagePath of sharedaccess service is OK.
The ServiceDll of sharedaccess service is OK.
 
netman Service is not running. Checking service configuration:
The start type of netman service is OK.
The ImagePath of netman service is OK.
The ServiceDll of netman service is OK.
 
 
Firewall Disabled Policy: 
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0
 
 
System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice service is OK.
 
sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".
 
 
Security Center:
============
 
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Disabled. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Disabled. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Other Services:
==============
 
 
File Check:
========
C:\XP\system32\dhcpcsvc.dll => MD5 is legit
C:\XP\system32\Drivers\afd.sys => MD5 is legit
C:\XP\system32\Drivers\netbt.sys => MD5 is legit
C:\XP\system32\Drivers\tcpip.sys => MD5 is legit
C:\XP\system32\Drivers\ipsec.sys => MD5 is legit
C:\XP\system32\dnsrslvr.dll => MD5 is legit
C:\XP\system32\ipnathlp.dll => MD5 is legit
C:\XP\system32\netman.dll => MD5 is legit
C:\XP\system32\wbem\WMIsvc.dll => MD5 is legit
C:\XP\system32\srsvc.dll => MD5 is legit
C:\XP\system32\Drivers\sr.sys => MD5 is legit
C:\XP\system32\wscsvc.dll => MD5 is legit
C:\XP\system32\wbem\WMIsvc.dll => MD5 is legit
C:\XP\system32\wuauserv.dll => MD5 is legit
C:\XP\system32\qmgr.dll => MD5 is legit
C:\XP\system32\es.dll => MD5 is legit
C:\XP\system32\cryptsvc.dll => MD5 is legit
C:\XP\system32\svchost.exe => MD5 is legit
C:\XP\system32\rpcss.dll => MD5 is legit
C:\XP\system32\services.exe => MD5 is legit
 
Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) Tcpip(3) Tcpip6(8) 
0x080000000400000001000000020000000300000005000000060000000700000008000000
IpSec Tag value is correct.
 
**** End of log ****


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:14 AM

Posted 21 January 2014 - 06:33 PM

Are you running a custom installation of XP or is it a modified version, because the default location of the windows folder is c:\windows not c:\xp?

#5 dubrow

dubrow
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 21 January 2014 - 08:26 PM

No, there's nothing unusual in it, just at install time many years ago i've typed C:\XP instead of default. I was right; now i see that typing 'xp' is so much easy instead of 'windows' =)

Well, i've figured at last, that it was just HTTPS affected, not specifically Google or Malwarebytes. I've solved problem by backing up addons' .xpi files, their settings, '[my profile]/prefs.js' and bookmarks; (a shame, but the History & cookies were cleared beforehand, by advice on Mozilla forum, via menu Help > Troubleshooting > [Reset Firefox])

Okay, then i uninstalled firefox and wiped out what's left in registry and FS. The fresh installation with addons reinstalled and reconfigured back did solved the problem.

But the bunch of malware persists; i've found Win32.Nuclear.qt[some number] somewhere and Win32.Neuroaxon in "MySQLConnector.ico" file with an Emsisoft's scanner.

The problem is, they initially infected the InstallShield, Windows Installer and .NET Framework installations, so they were able to re-emerge each time i've tried something against them. And, after cleaning 'em out it's hellishly hard to repair these software which is essential to install/run many antiviruses. A number of Registry keys is blocked and i don't know a method to scan for blocked keys. And these blocked keys make impossible to install a fresh & clean versions of MSI and dotnetfx =( Installers just drop out w/ "Access denied" message.

Still i'm very afraid that some malware persists; could you maybe advise me of sequence of scanners to eliminate 'em? And maybe some resident scanner to prevent malware from re-emerging? I'm completely lost.

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:14 AM

Posted 22 January 2014 - 06:47 AM

Please download MiniToolBox, and save it to your desktop and run it, and checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

#7 dubrow

dubrow
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 22 January 2014 - 07:05 AM

Dan, you're obviously going out-of-scope. My /etc/hosts was wiped clean some days ago already (pity & shame but some antimalware scripts are too straightforward), my internet settings & connections are nice and i've solved a problem w/ firefox by brutal wipe & reinstall. Should i start another topic, now clean of inet/browser issues?

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:12:14 AM

Posted 22 January 2014 - 07:13 AM

Can you please follow the directions and post the results of the results.txt file and I am not going out of scope. I am doing what other would request of you, and you should keep this topic open.

#9 dubrow

dubrow
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:03:14 AM

Posted 22 January 2014 - 01:59 PM

Goodbye, thank you for you time and sorry for any inconvenience.

#10 hamluis

hamluis

    Moderator


  • Moderator
  • 54,830 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:06:14 PM

Posted 22 January 2014 - 08:42 PM

Topic close per PM request by OP.

 

Louis






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users