Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP freezes at user account screen


  • Please log in to reply
24 replies to this topic

#1 jollyroger623

jollyroger623

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 16 February 2014 - 12:40 AM

Hi,

I heard about bleepingcomputer from a fellow user.  I really need help with what seems to be a malware issue.

 

I am running windows xp sp3.

 

On Wednesday night checked the news on the website vz.ru then on odnoklassniki.ru as well a a couple of links from odnoklassniki to vkontakte - vk.com/vo_maidan and watched some videos embedded there and read a couple of articles,

Shut the computer down overnight and on

Thursday morning the computer had this freeze up problem.

 

So far I have tried full scan disk and repair, super antispyware free version, malware bytes free version.

 

Initially, lost function of mouse and keyboard.

No error messages

Computer freezes at user account screen,

sometimes will make it into user account but task bar/start button won't appear, then freezes;

system restore doesn't work.

Replaced CMOS battery

I am posting this using safe mode with networking.

 

Many thanks for your help!!!

 



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:32 AM

Posted 16 February 2014 - 09:36 PM

Lets try this jollyroger

Reboot into Safe Mode with Networking. 

Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.

  • Do not reboot the computer, you will need to run the application again.
  • [/list]

    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer like it did before.
  • After the scan has finished...
    <-insert any special instructions here for what to uncheck OR remove this line if there are none->
  • This time click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • .
    .
    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 jollyroger623

jollyroger623
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 17 February 2014 - 05:09 PM

Boopme

 

Good Day!

 

The RKill ran but ran in the black DOS box did a complete scan and left a .txt notepad log.

 

Here is the RKILL log:

 

Rkill 2.6.5 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/17/2014 02:10:10 PM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Manual

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * Automatic Updates (wuauserv) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

      127.0.0.1        localhost
  127.0.0.1    www.007guard.com
  127.0.0.1    007guard.com
  127.0.0.1    008i.com
  127.0.0.1    www.008k.com
  127.0.0.1    008k.com
  127.0.0.1    www.00hq.com
  127.0.0.1    00hq.com
  127.0.0.1    010402.com
  127.0.0.1    www.032439.com
  127.0.0.1    032439.com
  127.0.0.1    www.0scan.com
  127.0.0.1    0scan.com
  127.0.0.1    1000gratisproben.com
  127.0.0.1    www.1000gratisproben.com
  127.0.0.1    1001namen.com
  127.0.0.1    www.1001namen.com
  127.0.0.1    100888290cs.com
  127.0.0.1    www.100888290cs.com
  127.0.0.1    www.100sexlinks.com

  20 out of 15493 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 02/17/2014 02:10:43 PM
Execution time: 0 hours(s), 0 minute(s), and 32 seconds(s)
 

 

 

 

Here is the TDSSKILLER log:

 

 

14:13:01.0187 0x01b4  TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
14:13:21.0031 0x01b4  ============================================================
14:13:21.0031 0x01b4  Current date / time: 2014/02/17 14:13:21.0031
14:13:21.0031 0x01b4  SystemInfo:
14:13:21.0031 0x01b4  
14:13:21.0031 0x01b4  OS Version: 5.1.2600 ServicePack: 3.0
14:13:21.0031 0x01b4  Product type: Workstation
14:13:21.0031 0x01b4  ComputerName: ZHENYA
14:13:21.0031 0x01b4  UserName: Administrator
14:13:21.0031 0x01b4  Windows directory: C:\WINDOWS
14:13:21.0031 0x01b4  System windows directory: C:\WINDOWS
14:13:21.0031 0x01b4  Processor architecture: Intel x86
14:13:21.0031 0x01b4  Number of processors: 2
14:13:21.0031 0x01b4  Page size: 0x1000
14:13:21.0031 0x01b4  Boot type: Safe boot with network
14:13:21.0031 0x01b4  ============================================================
14:13:21.0890 0x01b4  KLMD registered as C:\WINDOWS\system32\drivers\07161813.sys
14:13:22.0046 0x01b4  System UUID: {FAB94F77-B015-B3FA-023F-F1303ED53188}
14:13:22.0656 0x01b4  Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
14:13:22.0656 0x01b4  ============================================================
14:13:22.0656 0x01b4  \Device\Harddisk0\DR0:
14:13:22.0656 0x01b4  MBR partitions:
14:13:22.0656 0x01b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x1C805E05
14:13:22.0656 0x01b4  ============================================================
14:13:22.0687 0x01b4  C: <-> \Device\Harddisk0\DR0\Partition1
14:13:22.0687 0x01b4  ============================================================
14:13:22.0687 0x01b4  Initialize success
14:13:22.0687 0x01b4  ============================================================
14:13:36.0296 0x015c  ============================================================
14:13:36.0296 0x015c  Scan started
14:13:36.0296 0x015c  Mode: Manual;
14:13:36.0296 0x015c  ============================================================
14:13:36.0296 0x015c  KSN ping started
14:13:39.0171 0x015c  KSN ping finished: true
14:13:39.0656 0x015c  ================ Scan system memory ========================
14:13:39.0656 0x015c  System memory - ok
14:13:39.0656 0x015c  ================ Scan services =============================
14:13:39.0781 0x015c  [ 51F207D5A9E7B2E76BEE59C05CCC23C4, BE78957DD197777D899FAFBBE71E2FDB5DB9AC6AC4F1595A562FD362429BED6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
14:13:39.0781 0x015c  !SASCORE - ok
14:13:39.0968 0x015c  175B32F6A38 - ok
14:13:40.0015 0x015c  [ D7975C535706A40B2106768E39DAC55F, 4E0BA5FF27CA167A8351AA869E48CC6FF356D51DC7489511198343DB1437EC1E ] 44DFC5C15630    c:\documents and settings\shane\local settings\temp\44DFC5C15630.sys
14:13:40.0031 0x015c  44DFC5C15630 - ok
14:13:40.0109 0x015c  Abiosdsk - ok
14:13:40.0125 0x015c  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
14:13:40.0125 0x015c  abp480n5 - ok
14:13:40.0187 0x015c  AcerSyncServiceWinService - ok
14:13:40.0250 0x015c  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
14:13:40.0250 0x015c  ACPI - ok
14:13:40.0281 0x015c  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
14:13:40.0281 0x015c  ACPIEC - ok
14:13:40.0390 0x015c  [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
14:13:40.0390 0x015c  AdobeFlashPlayerUpdateSvc - ok
14:13:40.0468 0x015c  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
14:13:40.0500 0x015c  adpu160m - ok
14:13:40.0546 0x015c  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
14:13:40.0546 0x015c  aec - ok
14:13:40.0593 0x015c  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
14:13:40.0593 0x015c  AFD - ok
14:13:40.0625 0x015c  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
14:13:40.0625 0x015c  agp440 - ok
14:13:40.0671 0x015c  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
14:13:40.0671 0x015c  agpCPQ - ok
14:13:40.0687 0x015c  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
14:13:40.0687 0x015c  Aha154x - ok
14:13:40.0703 0x015c  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
14:13:40.0703 0x015c  aic78u2 - ok
14:13:40.0718 0x015c  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
14:13:40.0734 0x015c  aic78xx - ok
14:13:40.0765 0x015c  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
14:13:40.0765 0x015c  Alerter - ok
14:13:40.0781 0x015c  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
14:13:40.0781 0x015c  ALG - ok
14:13:40.0812 0x015c  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
14:13:40.0812 0x015c  AliIde - ok
14:13:40.0843 0x015c  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
14:13:40.0843 0x015c  alim1541 - ok
14:13:40.0890 0x015c  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
14:13:40.0890 0x015c  amdagp - ok
14:13:40.0890 0x015c  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
14:13:40.0906 0x015c  amsint - ok
14:13:40.0984 0x015c  [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:13:40.0984 0x015c  Apple Mobile Device - ok
14:13:41.0031 0x015c  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
14:13:41.0031 0x015c  AppMgmt - ok
14:13:41.0046 0x015c  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
14:13:41.0046 0x015c  asc - ok
14:13:41.0062 0x015c  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
14:13:41.0062 0x015c  asc3350p - ok
14:13:41.0078 0x015c  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
14:13:41.0078 0x015c  asc3550 - ok
14:13:41.0109 0x015c  [ D880831279ED91F9A4190A2DB9539EA9, EAF7D48E026C99EE9C4BC838A3004966517F948051B39DA5B5072F6DE81165AB ] ASCTRM          C:\WINDOWS\system32\drivers\ASCTRM.sys
14:13:41.0109 0x015c  ASCTRM - ok
14:13:41.0218 0x015c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
14:13:41.0218 0x015c  aspnet_state - ok
14:13:41.0281 0x015c  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
14:13:41.0281 0x015c  AsyncMac - ok
14:13:41.0312 0x015c  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
14:13:41.0328 0x015c  atapi - ok
14:13:41.0343 0x015c  Atdisk - ok
14:13:41.0375 0x015c  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
14:13:41.0375 0x015c  Atmarpc - ok
14:13:41.0406 0x015c  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
14:13:41.0406 0x015c  AudioSrv - ok
14:13:41.0578 0x015c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
14:13:41.0578 0x015c  audstub - ok
14:13:41.0625 0x015c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
14:13:41.0625 0x015c  Beep - ok
14:13:41.0671 0x015c  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
14:13:41.0687 0x015c  BITS - ok
14:13:41.0734 0x015c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:13:41.0750 0x015c  Bonjour Service - ok
14:13:41.0796 0x015c  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
14:13:41.0796 0x015c  Browser - ok
14:13:41.0843 0x015c  [ 92A964547B96D697E5E9ED43B4297F5A, 01A84802B68253FF093EAFED5B85DE716BB85EBD080D92D4814B6FB39286CD24 ] BrScnUsb        C:\WINDOWS\system32\DRIVERS\BrScnUsb.sys
14:13:41.0843 0x015c  BrScnUsb - ok
14:13:41.0906 0x015c  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files\Browny02\BrYNSvc.exe
14:13:41.0921 0x015c  BrYNSvc - ok
14:13:41.0921 0x015c  bvrp_pci - ok
14:13:41.0953 0x015c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
14:13:41.0953 0x015c  cbidf - ok
14:13:41.0953 0x015c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
14:13:41.0953 0x015c  cbidf2k - ok
14:13:42.0000 0x015c  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
14:13:42.0000 0x015c  CCDECODE - ok
14:13:42.0000 0x015c  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
14:13:42.0000 0x015c  cd20xrnt - ok
14:13:42.0031 0x015c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
14:13:42.0031 0x015c  Cdaudio - ok
14:13:42.0062 0x015c  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
14:13:42.0062 0x015c  Cdfs - ok
14:13:42.0093 0x015c  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
14:13:42.0093 0x015c  Cdrom - ok
14:13:42.0125 0x015c  [ 1DCB5209601A70E36C70FE8D197D62CB, 09E975F9BC5FFECD2843746C5B736222F9FA49A6267EA174DDA86686601EA2C8 ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
14:13:42.0125 0x015c  cfwids - ok
14:13:42.0125 0x015c  Changer - ok
14:13:42.0171 0x015c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
14:13:42.0171 0x015c  CiSvc - ok
14:13:42.0203 0x015c  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
14:13:42.0203 0x015c  ClipSrv - ok
14:13:42.0234 0x015c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:13:42.0250 0x015c  clr_optimization_v2.0.50727_32 - ok
14:13:42.0265 0x015c  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
14:13:42.0265 0x015c  CmdIde - ok
14:13:42.0265 0x015c  COMSysApp - ok
14:13:42.0312 0x015c  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
14:13:42.0312 0x015c  Cpqarray - ok
14:13:42.0359 0x015c  [ 7DB5E3F44D797BD38B8E336CCC2E49D5, C04F2EA8147FAA1646B15886D911D6656DA961F0F9C3515C62BDF8E63666F794 ] Creative Labs Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
14:13:42.0359 0x015c  Creative Labs Licensing Service - ok
14:13:42.0390 0x015c  [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe
14:13:42.0390 0x015c  Creative Service for CDROM Access - ok
14:13:42.0421 0x015c  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
14:13:42.0421 0x015c  CryptSvc - ok
14:13:42.0468 0x015c  [ 8DB84DE3AAB34A8B4C2F644EFF41CD76, 02154E064651269EEF51BA6D68285A05E1552D3FFDCA97ED810EAEB26EAF4573 ] ctsfm2k         C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
14:13:42.0468 0x015c  ctsfm2k - ok
14:13:42.0515 0x015c  [ 4EE8822ADB764EDD28CE44E808097995, 0BCAFE9DD6B8ED9600C3C8D35AF01524B31B3061E8BE4513854CED2CED006A41 ] CTUSFSYN        C:\WINDOWS\system32\drivers\ctusfsyn.sys
14:13:42.0531 0x015c  CTUSFSYN - ok
14:13:42.0562 0x015c  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
14:13:42.0578 0x015c  dac2w2k - ok
14:13:42.0593 0x015c  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
14:13:42.0593 0x015c  dac960nt - ok
14:13:42.0656 0x015c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
14:13:42.0671 0x015c  DcomLaunch - ok
14:13:42.0703 0x015c  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
14:13:42.0703 0x015c  Dhcp - ok
14:13:42.0765 0x015c  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
14:13:42.0765 0x015c  Disk - ok
14:13:42.0828 0x015c  [ D8D58A84F3ECE3359DF95FD2E459B330, 4020D318C8A67C72E6835FCD66CCDF12D317AEB6C1D948CB4EB0B0C7480500FA ] DLABOIOM        C:\WINDOWS\system32\DLA\DLABOIOM.SYS
14:13:42.0828 0x015c  DLABOIOM - ok
14:13:42.0843 0x015c  [ EC6AE8BC9F773382D2EED49E4DFDAE2A, EB9ED376529A4142485DE637BA5F2DAA609DC25ADFF83DCCDC927ADA12DC9A93 ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
14:13:42.0859 0x015c  DLACDBHM - ok
14:13:42.0875 0x015c  [ 27C78078BD9C4F2DE2AD3EB04BFE101B, D4B4D652EF6A24C8C900155A4A19757AA1A2FC9DD4F13BE484675BC7FBFF0A53 ] DLADResN        C:\WINDOWS\system32\DLA\DLADResN.SYS
14:13:42.0875 0x015c  DLADResN - ok
14:13:42.0875 0x015c  [ 7F2D93E560B763EF5D11422D78DA8ED0, E982DDA33B2B5ACA11FA033A3E10EADAECA1DCA63C80D37C0D7AB08E0B520A3E ] DLAIFS_M        C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
14:13:42.0875 0x015c  DLAIFS_M - ok
14:13:42.0890 0x015c  [ F643637DE6AAC57E38D197AA63D9EA74, 0A194A46FACE0CE4AB02A9A7160C7C711D732195CD15E1D075B05C1E7D8DA1A2 ] DLAOPIOM        C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
14:13:42.0890 0x015c  DLAOPIOM - ok
14:13:42.0890 0x015c  [ 340705474807F57A46D59D18FC2959F1, C823E42FD5D0144174664ACBDEA4031EED66CD7753D58E25EEDF113C8B34407E ] DLAPoolM        C:\WINDOWS\system32\DLA\DLAPoolM.SYS
14:13:42.0890 0x015c  DLAPoolM - ok
14:13:42.0890 0x015c  [ 0605B66052F82B6F07204DBDB61C13FF, 301B0F44C3608AA3719C0D8536C542F272F4C3EB4279F86C416C3E7A7746C08A ] DLARTL_N        C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
14:13:42.0890 0x015c  DLARTL_N - ok
14:13:42.0906 0x015c  [ 6984EA763907C045CE813468882BC587, 62EA300E4AB6334A4AD56121567E45C028E03FB69A36317182A146E9929FAD85 ] DLAUDFAM        C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
14:13:42.0906 0x015c  DLAUDFAM - ok
14:13:42.0906 0x015c  [ 12B30C449CFD36ADBED53EB6560933C6, 1F06EA8D3E71DE87140DA9F1DF904F98F746DE1334F153F0C5784814C9BEF2E4 ] DLAUDF_M        C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
14:13:42.0921 0x015c  DLAUDF_M - ok
14:13:42.0921 0x015c  dmadmin - ok
14:13:42.0968 0x015c  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
14:13:42.0984 0x015c  dmboot - ok
14:13:43.0015 0x015c  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
14:13:43.0015 0x015c  dmio - ok
14:13:43.0046 0x015c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
14:13:43.0046 0x015c  dmload - ok
14:13:43.0078 0x015c  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
14:13:43.0078 0x015c  dmserver - ok
14:13:43.0109 0x015c  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
14:13:43.0109 0x015c  DMusic - ok
14:13:43.0140 0x015c  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
14:13:43.0140 0x015c  Dnscache - ok
14:13:43.0187 0x015c  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
14:13:43.0187 0x015c  Dot3svc - ok
14:13:43.0203 0x015c  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
14:13:43.0203 0x015c  dpti2o - ok
14:13:43.0250 0x015c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
14:13:43.0250 0x015c  drmkaud - ok
14:13:43.0250 0x015c  [ FD0F95981FEF9073659D8EC58E40AA3C, 9EF2D538A90276DFF72BCE0E9A3AF50E607F2FD17B9EE46506156FBF3FC9E970 ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
14:13:43.0250 0x015c  DRVMCDB - ok
14:13:43.0281 0x015c  [ B4869D320428CDC5EC4D7F5E808E99B5, A84D1D65E84C0B17CE48188AD95DF52E1FEF785E6C6415E028CB5F7F4F31C466 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
14:13:43.0281 0x015c  DRVNDDM - ok
14:13:43.0296 0x015c  DSproct - ok
14:13:43.0328 0x015c  [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
14:13:43.0328 0x015c  E100B - ok
14:13:43.0375 0x015c  [ 6F7CCD3C02B26D530900F06D98171A69, B733E924DA68FEA0E755CD1491C6C693CDFFAECE160046A74C9EF0A09822775F ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
14:13:43.0375 0x015c  e1express - ok
14:13:43.0437 0x015c  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
14:13:43.0437 0x015c  EapHost - ok
14:13:43.0531 0x015c  [ 5D1347AA5AE6E2F77D7F4F8372D95AC9, F3CA10753B7D76C87A71A0FEDB5EACE77E2E10E8DD44BEE7C66BCE17BD3EFD71 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
14:13:43.0531 0x015c  ehRecvr - ok
14:13:43.0593 0x015c  [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
14:13:43.0593 0x015c  ehSched - ok
14:13:43.0640 0x015c  [ 0923AEC043F5D355B4EF0C2B29A362DE, 94A4988E2E9526F5202F8043E47E1D9390D38D074E1F1228CC58816919D1BF0A ] ELacpi          C:\WINDOWS\system32\DRIVERS\ELacpi.sys
14:13:43.0640 0x015c  ELacpi - ok
14:13:43.0656 0x015c  [ CBD71E7772F92BFB85CCC302B2DEEFBA, 65E01452F2F41AF72948690E184655BB20AB40E4AC7B34F26FDE575B9F1B10E5 ] ELhid           C:\WINDOWS\System32\Drivers\Elhid.sys
14:13:43.0656 0x015c  ELhid - ok
14:13:43.0656 0x015c  [ AC75B576C45D144E146FD1F0576A1F53, F7CAE3B39A7E40A69C92CB7A0D08E60CB852785828F24A9BFD647E3A47B58A4C ] ELkbd           C:\WINDOWS\System32\Drivers\Elkbd.sys
14:13:43.0656 0x015c  ELkbd - ok
14:13:43.0656 0x015c  [ 483CCE5E40137D4E437F4DEF55C80007, 027F3B6750AE7BE80372F8610ABE1E8DDC7CC0B14F83CB274133D77A3BD503A4 ] ELmon           C:\WINDOWS\System32\Drivers\Elmon.sys
14:13:43.0656 0x015c  ELmon - ok
14:13:43.0671 0x015c  [ 8E88CAFEAC0812BF2D15BEEEDFCCE8BD, 23C80168A960946DFA09F87A4D5B5C31549F7A07F881C7C90E0B0356B021CEC2 ] ELmou           C:\WINDOWS\System32\Drivers\Elmou.sys
14:13:43.0671 0x015c  ELmou - ok
14:13:43.0718 0x015c  [ 47FCF6628E1A221C41F3F0130FBF258E, C413234CF36358F0744E89F317E7B0B79B692339A50AF6B9E19613D0CB06C2C9 ] ELService       C:\Program Files\Intel\IntelDH\Intel® Quick Resume Technology Drivers\Elservice.exe
14:13:43.0734 0x015c  ELService - ok
14:13:43.0765 0x015c  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
14:13:43.0765 0x015c  ERSvc - ok
14:13:43.0796 0x015c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
14:13:43.0796 0x015c  Eventlog - ok
14:13:43.0843 0x015c  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
14:13:43.0843 0x015c  EventSystem - ok
14:13:43.0875 0x015c  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
14:13:43.0875 0x015c  Fastfat - ok
14:13:43.0906 0x015c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
14:13:43.0921 0x015c  FastUserSwitchingCompatibility - ok
14:13:43.0937 0x015c  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
14:13:43.0953 0x015c  Fax - ok
14:13:43.0968 0x015c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
14:13:43.0968 0x015c  Fdc - ok
14:13:44.0000 0x015c  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
14:13:44.0000 0x015c  Fips - ok
14:13:44.0015 0x015c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
14:13:44.0015 0x015c  Flpydisk - ok
14:13:44.0046 0x015c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
14:13:44.0062 0x015c  FltMgr - ok
14:13:44.0140 0x015c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
14:13:44.0156 0x015c  FontCache3.0.0.0 - ok
14:13:44.0171 0x015c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
14:13:44.0171 0x015c  Fs_Rec - ok
14:13:44.0187 0x015c  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
14:13:44.0203 0x015c  Ftdisk - ok
14:13:44.0234 0x015c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
14:13:44.0234 0x015c  GEARAspiWDM - ok
14:13:44.0281 0x015c  [ 93CA4D9A0433BE0EDD0B9F2F26D5E54C, ACD6BBB639CAF092809927F84F5693B7BA11080684A4993029D713ACF67D4C79 ] ggflt           C:\WINDOWS\system32\DRIVERS\ggflt.sys
14:13:44.0281 0x015c  ggflt - ok
14:13:44.0328 0x015c  [ 17E678AAB82CCDFB80E7614504933895, 43935C8C5C30DA415957B789DC9FA10721C240C603DC8733D9B791A2F58BE1BD ] ggsemc          C:\WINDOWS\system32\DRIVERS\ggsemc.sys
14:13:44.0328 0x015c  ggsemc - ok
14:13:44.0359 0x015c  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
14:13:44.0359 0x015c  Gpc - ok
14:13:44.0453 0x015c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
14:13:44.0453 0x015c  gupdate - ok
14:13:44.0453 0x015c  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
14:13:44.0453 0x015c  gupdatem - ok
14:13:44.0546 0x015c  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
14:13:44.0546 0x015c  gusvc - ok
14:13:44.0593 0x015c  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
14:13:44.0593 0x015c  HDAudBus - ok
14:13:44.0687 0x015c  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
14:13:44.0687 0x015c  helpsvc - ok
14:13:44.0703 0x015c  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
14:13:44.0734 0x015c  HidServ - ok
14:13:44.0781 0x015c  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
14:13:44.0781 0x015c  HidUsb - ok
14:13:44.0812 0x015c  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
14:13:44.0812 0x015c  hkmsvc - ok
14:13:44.0859 0x015c  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
14:13:44.0859 0x015c  hpn - ok
14:13:44.0968 0x015c  [ 58D4765AB87347DB835D5693ADF652C1, C82C844C29AC9041BEE7D02FB846AA9BC17D7DF0D8295AE31A485CC44B0CC7D7 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:13:44.0984 0x015c  hpqcxs08 - ok
14:13:45.0015 0x015c  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
14:13:45.0015 0x015c  HTTP - ok
14:13:45.0046 0x015c  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
14:13:45.0046 0x015c  HTTPFilter - ok
14:13:45.0062 0x015c  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
14:13:45.0062 0x015c  i2omgmt - ok
14:13:45.0093 0x015c  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
14:13:45.0093 0x015c  i2omp - ok
14:13:45.0109 0x015c  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
14:13:45.0125 0x015c  i8042prt - ok
14:13:45.0187 0x015c  [ B122BE74E283A2BC7FEBC180BFD2EFD5, 3FB9AE63AB2ECAC62C03FF19BE60E39C8C2985868FBA393039795A660A05DED3 ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
14:13:45.0187 0x015c  IAANTMON - ok
14:13:45.0234 0x015c  [ 019CF5F31C67030841233C545A0E217A, 594D97054E3A8034D8BC3AE3B9CD8A00D95BB68F8CDA84E96D8EE08D5F24E101 ] iastor          C:\WINDOWS\system32\drivers\iastor.sys
14:13:45.0250 0x015c  iastor - ok
14:13:45.0343 0x015c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:13:45.0390 0x015c  idsvc - ok
14:13:45.0421 0x015c  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
14:13:45.0421 0x015c  Imapi - ok
14:13:45.0453 0x015c  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
14:13:45.0453 0x015c  ImapiService - ok
14:13:45.0484 0x015c  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
14:13:45.0484 0x015c  ini910u - ok
14:13:45.0500 0x015c  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
14:13:45.0500 0x015c  IntelIde - ok
14:13:45.0531 0x015c  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
14:13:45.0531 0x015c  intelppm - ok
14:13:45.0562 0x015c  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
14:13:45.0562 0x015c  Ip6Fw - ok
14:13:45.0578 0x015c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
14:13:45.0578 0x015c  IpFilterDriver - ok
14:13:45.0609 0x015c  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
14:13:45.0609 0x015c  IpInIp - ok
14:13:45.0640 0x015c  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
14:13:45.0656 0x015c  IpNat - ok
14:13:45.0703 0x015c  [ D8B8B5A8FE57CF4F307A540D9A153C23, 1C5AA5C29204A90D11FF40A5DD5967CC7195F5C4ACD7E41CB94C230A7DFD459D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:13:45.0765 0x015c  iPod Service - ok
14:13:45.0796 0x015c  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
14:13:45.0796 0x015c  IPSec - ok
14:13:45.0828 0x015c  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
14:13:45.0828 0x015c  IRENUM - ok
14:13:45.0859 0x015c  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
14:13:45.0859 0x015c  isapnp - ok
14:13:45.0859 0x015c  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
14:13:45.0875 0x015c  Kbdclass - ok
14:13:45.0875 0x015c  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
14:13:45.0875 0x015c  kbdhid - ok
14:13:45.0921 0x015c  [ 1223A8B567FFDB4B8BB5F59E5F033FDB, 47B7BA79B7BC29428B1BF0EE1E0EB1B1082B960E5458C39CE5E8D1F2F742D0F8 ] KeyScrambler    C:\WINDOWS\system32\drivers\keyscrambler.sys
14:13:45.0937 0x015c  KeyScrambler - ok
14:13:45.0984 0x015c  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
14:13:45.0984 0x015c  kmixer - ok
14:13:46.0000 0x015c  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
14:13:46.0000 0x015c  KSecDD - ok
14:13:46.0046 0x015c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
14:13:46.0046 0x015c  lanmanserver - ok
14:13:46.0078 0x015c  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
14:13:46.0093 0x015c  lanmanworkstation - ok
14:13:46.0093 0x015c  lbrtfdc - ok
14:13:46.0171 0x015c  [ 31D8B705DCD5F2366186E731F87C7A71, D73DC732EF74C3C0EADD650B65BC6EEB44EA2C4E86BFD5BE989971A34FBA160A ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
14:13:46.0171 0x015c  LightScribeService - ok
14:13:46.0203 0x015c  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
14:13:46.0203 0x015c  LmHosts - ok
14:13:46.0234 0x015c  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
14:13:46.0234 0x015c  MBAMProtector - ok
14:13:46.0312 0x015c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
14:13:46.0328 0x015c  MBAMScheduler - ok
14:13:46.0375 0x015c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
14:13:46.0390 0x015c  MBAMService - ok
14:13:46.0468 0x015c  [ 7E6932EEDA54C8EAF7DC6C2225261B85, AB5C73279B3506AF29EC8036D17E9CDAFD95BF429ED8049506F2E5D24A79C168 ] McAfee SiteAdvisor Service C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
14:13:46.0468 0x015c  McAfee SiteAdvisor Service - ok
14:13:46.0468 0x015c  McDetect.exe - ok
14:13:46.0484 0x015c  [ 7E6932EEDA54C8EAF7DC6C2225261B85, AB5C73279B3506AF29EC8036D17E9CDAFD95BF429ED8049506F2E5D24A79C168 ] McMPFSvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
14:13:46.0484 0x015c  McMPFSvc - ok
14:13:46.0531 0x015c  [ 7E6932EEDA54C8EAF7DC6C2225261B85, AB5C73279B3506AF29EC8036D17E9CDAFD95BF429ED8049506F2E5D24A79C168 ] mcmscsvc        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
14:13:46.0531 0x015c  mcmscsvc - ok
14:13:46.0546 0x015c  [ 7E6932EEDA54C8EAF7DC6C2225261B85, AB5C73279B3506AF29EC8036D17E9CDAFD95BF429ED8049506F2E5D24A79C168 ] McNaiAnn        C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
14:13:46.0546 0x015c  McNaiAnn - ok
14:13:46.0562 0x015c  [ 7E6932EEDA54C8EAF7DC6C2225261B85, AB5C73279B3506AF29EC8036D17E9CDAFD95BF429ED8049506F2E5D24A79C168 ] McNASvc         C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
14:13:46.0562 0x015c  McNASvc - ok
14:13:46.0625 0x015c  [ E8C5AAE17E8332F5F4F57935238CD5EB, 377F7D273BD93F41739FF6CA3B605FA27F00DF7761C980A4FB8523C6B4B3626E ] McODS           C:\Program Files\McAfee\VirusScan\mcods.exe
14:13:46.0625 0x015c  McODS - ok
14:13:46.0640 0x015c  [ 7E6932EEDA54C8EAF7DC6C2225261B85, AB5C73279B3506AF29EC8036D17E9CDAFD95BF429ED8049506F2E5D24A79C168 ] McProxy         C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
14:13:46.0640 0x015c  McProxy - ok
14:13:46.0671 0x015c  [ 000751813ECEF491689176E72B3A8BEE, 6642B98ECB6A40C05F15B3C0D4157A368CACC57EF0FFB5EA7DC47C6819856CCD ] McPvDrv         C:\WINDOWS\system32\drivers\McPvDrv.sys
14:13:46.0671 0x015c  McPvDrv - ok
14:13:46.0718 0x015c  [ BEC8D118490817F93FBE620B30EC7264, 011C622B6438F91F407C4224A23B7676E8FBA5BB07A8FB86197A835935442C49 ] McrdSvc         C:\WINDOWS\ehome\McrdSvc.exe
14:13:46.0718 0x015c  McrdSvc - ok
14:13:46.0750 0x015c  [ 151F3CA25B739B9CB0066ABD1523F064, 1AFC73E85BD2C98EFE2E2C562B0491AC7C8A1C6D4506BA2135948B3F11C4E490 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
14:13:46.0750 0x015c  McShield - ok
14:13:46.0828 0x015c  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
14:13:46.0843 0x015c  MDM - ok
14:13:46.0875 0x015c  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
14:13:46.0875 0x015c  Messenger - ok
14:13:46.0937 0x015c  [ 36B47B1E9C537F8F2B4481084B8F7D22, 2F46AE5628976977FB90EED08F036C729AC13914603791C2E5EB7981355549CB ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
14:13:46.0937 0x015c  mfeapfk - ok
14:13:46.0968 0x015c  [ CDE41293DB871A75CD99EB0CE781356B, 2BD00B7439D645AD7E7ECB1D7E64EC46E6EF3955949AEE4B74FE57D6ADD8F195 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
14:13:46.0984 0x015c  mfeavfk - ok
14:13:47.0000 0x015c  [ E22385F64BDF0AD81157479496E33C4A, 8BBEE7D3CF0647FA265B78E497D1EEC22F31BA89156D43759D132C6C47E7DAB4 ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
14:13:47.0000 0x015c  mfebopk - ok
14:13:47.0031 0x015c  [ 26BA2EEBCFF16F611CE1118FA0850810, 6605405C4B515A7C304E55B85068E78C7C2D86A16D088DB2B4B63336543B1348 ] mfefire         C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
14:13:47.0031 0x015c  mfefire - ok
14:13:47.0062 0x015c  [ 215666A8A85023EF019B510CBB67F678, 30526A8072B5D7910A66A4F871D1F02BD353C2E81DAE99593CB3AD700C81056F ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
14:13:47.0062 0x015c  mfefirek - ok
14:13:47.0125 0x015c  [ 56D330981866A72F061DD16CC5004513, 83D0D8D6248EDE31830AB9271E944CFF29D6830CF1154D8BA5B28AF01B88E53E ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
14:13:47.0140 0x015c  mfehidk - ok
14:13:47.0171 0x015c  [ 62ACDA4E958E2A392557BA3C6C754A58, 2CB929BE77060B6E308103BB0EAADC2F0F486912F654754CF0EB34314F853934 ] mfendisk        C:\WINDOWS\system32\DRIVERS\mfendisk.sys
14:13:47.0171 0x015c  mfendisk - ok
14:13:47.0171 0x015c  [ 62ACDA4E958E2A392557BA3C6C754A58, 2CB929BE77060B6E308103BB0EAADC2F0F486912F654754CF0EB34314F853934 ] mfendiskmp      C:\WINDOWS\system32\DRIVERS\mfendisk.sys
14:13:47.0171 0x015c  mfendiskmp - ok
14:13:47.0203 0x015c  [ 89B564D63C53FC0C6782AB07EEA63ACF, 0911A6CB77F111A1C358CFD0B624F20F41C71565A1C6F335D15C049F3670D015 ] mferkdet        C:\WINDOWS\system32\drivers\mferkdet.sys
14:13:47.0218 0x015c  mferkdet - ok
14:13:47.0234 0x015c  [ 922E64CA38E38106498FB3435A8E399D, 6FD7C89576FEDF5DF3382393273AE25E94FC3FA5A25B86C46DEB823DC60F2B13 ] mfetdi2k        C:\WINDOWS\system32\drivers\mfetdi2k.sys
14:13:47.0250 0x015c  mfetdi2k - ok
14:13:47.0296 0x015c  [ E91C36E76E6395F233B3AE2EBC17251E, DC1B0601C4A49247E962414779250D1C1A35B448B2F0D68165C748B938D175C5 ] mfevtp          C:\WINDOWS\system32\mfevtps.exe
14:13:47.0296 0x015c  mfevtp - ok
14:13:47.0343 0x015c  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
14:13:47.0343 0x015c  MHN - ok
14:13:47.0359 0x015c  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
14:13:47.0359 0x015c  MHNDRV - ok
14:13:47.0390 0x015c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
14:13:47.0390 0x015c  mnmdd - ok
14:13:47.0437 0x015c  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
14:13:47.0437 0x015c  mnmsrvc - ok
14:13:47.0500 0x015c  [ 35176FA09A0FC58DB630991A81A0BA39, 190FCA6C60C8E8431BAC916D6190E7D68DCEA8ED42554A35F495143F6C7A85A6 ] MOBKbackup      C:\Program Files\McAfee Online Backup\MOBKbackup.exe
14:13:47.0500 0x015c  MOBKbackup - ok
14:13:47.0546 0x015c  [ E896775837A8BCE436348DF460522394, FF912F42CDF9FAB7BDF1C22B692201B707CF3A4DF7DD515AF8B9C4CCCE593CF8 ] MOBKFilter      C:\WINDOWS\system32\DRIVERS\MOBK.sys
14:13:47.0546 0x015c  MOBKFilter - ok
14:13:47.0578 0x015c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
14:13:47.0578 0x015c  Modem - ok
14:13:47.0640 0x015c  [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
14:13:47.0640 0x015c  MODEMCSA - ok
14:13:47.0734 0x015c  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] monfilt         C:\WINDOWS\system32\drivers\monfilt.sys
14:13:47.0828 0x015c  monfilt - ok
14:13:47.0859 0x015c  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
14:13:47.0875 0x015c  Mouclass - ok
14:13:47.0906 0x015c  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
14:13:47.0906 0x015c  mouhid - ok
14:13:47.0921 0x015c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
14:13:47.0921 0x015c  MountMgr - ok
14:13:47.0968 0x015c  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:13:47.0968 0x015c  MozillaMaintenance - ok
14:13:47.0984 0x015c  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
14:13:47.0984 0x015c  mraid35x - ok
14:13:48.0000 0x015c  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
14:13:48.0000 0x015c  MRxDAV - ok
14:13:48.0062 0x015c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
14:13:48.0078 0x015c  MRxSmb - ok
14:13:48.0156 0x015c  [ 641199534871783DD74138FE0BCFDAE7, 63F6BD6E5CF383D95917C544CF8EDB4F7DA961C7CA70FA7F960EA9C9FF48100A ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS32.exe
14:13:48.0156 0x015c  MSCamSvc - ok
14:13:48.0218 0x015c  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
14:13:48.0218 0x015c  MSDTC - ok
14:13:48.0218 0x015c  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
14:13:48.0218 0x015c  Msfs - ok
14:13:48.0234 0x015c  MSIServer - ok
14:13:48.0281 0x015c  [ 7E6932EEDA54C8EAF7DC6C2225261B85, AB5C73279B3506AF29EC8036D17E9CDAFD95BF429ED8049506F2E5D24A79C168 ] MSK80Service    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
14:13:48.0281 0x015c  MSK80Service - ok
14:13:48.0312 0x015c  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
14:13:48.0312 0x015c  MSKSSRV - ok
14:13:48.0328 0x015c  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
14:13:48.0328 0x015c  MSPCLOCK - ok
14:13:48.0359 0x015c  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
14:13:48.0359 0x015c  MSPQM - ok
14:13:48.0375 0x015c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
14:13:48.0375 0x015c  mssmbios - ok
14:13:48.0406 0x015c  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
14:13:48.0406 0x015c  MSTEE - ok
14:13:48.0437 0x015c  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
14:13:48.0437 0x015c  Mup - ok
14:13:48.0468 0x015c  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
14:13:48.0468 0x015c  NABTSFEC - ok
14:13:48.0500 0x015c  [ 1E59AAED42A5E3A5ED86EC403F9C0776, EB71AC4F94E0A86A192ED582DF978C79AA00F9B9A18A59244499B831DB4CB57C ] NAL             C:\WINDOWS\system32\Drivers\iqvw32.sys
14:13:48.0500 0x015c  NAL - ok
14:13:48.0562 0x015c  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
14:13:48.0578 0x015c  napagent - ok
14:13:48.0609 0x015c  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
14:13:48.0609 0x015c  NDIS - ok
14:13:48.0640 0x015c  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
14:13:48.0640 0x015c  NdisIP - ok
14:13:48.0671 0x015c  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
14:13:48.0671 0x015c  NdisTapi - ok
14:13:48.0703 0x015c  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
14:13:48.0703 0x015c  Ndisuio - ok
14:13:48.0703 0x015c  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
14:13:48.0718 0x015c  NdisWan - ok
14:13:48.0734 0x015c  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
14:13:48.0734 0x015c  NDProxy - ok
14:13:48.0750 0x015c  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
14:13:48.0750 0x015c  NetBIOS - ok
14:13:48.0796 0x015c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
14:13:48.0796 0x015c  NetBT - ok
14:13:48.0828 0x015c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
14:13:48.0843 0x015c  NetDDE - ok
14:13:48.0843 0x015c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
14:13:48.0843 0x015c  NetDDEdsdm - ok
14:13:48.0890 0x015c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
14:13:48.0890 0x015c  Netlogon - ok
14:13:48.0921 0x015c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
14:13:48.0921 0x015c  Netman - ok
14:13:48.0968 0x015c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:13:48.0968 0x015c  NetTcpPortSharing - ok
14:13:49.0015 0x015c  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
14:13:49.0015 0x015c  Nla - ok
14:13:49.0031 0x015c  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
14:13:49.0031 0x015c  Npfs - ok
14:13:49.0093 0x015c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
14:13:49.0109 0x015c  Ntfs - ok
14:13:49.0109 0x015c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
14:13:49.0109 0x015c  NtLmSsp - ok
14:13:49.0156 0x015c  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
14:13:49.0156 0x015c  NtmsSvc - ok
14:13:49.0203 0x015c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
14:13:49.0203 0x015c  Null - ok
14:13:49.0531 0x015c  [ 5950E6CC9FB3FABB61604D395DBC8550, CA35DBF701215CDA51E3B85F9378C932FAA429FA5D1DEE3BC4CC938259031F2E ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
14:13:49.0875 0x015c  nv - ok
14:13:49.0921 0x015c  [ 9FE764D5EECCA13B0932FAB81A4A5A6F, 7BAD68F79FFEDDA1FC6F657DBF930F955D37F66632CD54650ACA4FFEEBFDC1E4 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
14:13:49.0937 0x015c  NVSvc - ok
14:13:49.0968 0x015c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
14:13:49.0968 0x015c  NwlnkFlt - ok
14:13:49.0968 0x015c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
14:13:49.0984 0x015c  NwlnkFwd - ok
14:13:50.0015 0x015c  [ 103A9B117A7D9903111955CDAFE65AC6, 06060CA6036F757ABB6C9CFD8376D70996E80ACC7896896DD426AEA0786E2B15 ] ossrv           C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
14:13:50.0015 0x015c  ossrv - ok
14:13:50.0046 0x015c  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
14:13:50.0046 0x015c  Parport - ok
14:13:50.0078 0x015c  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
14:13:50.0078 0x015c  PartMgr - ok
14:13:50.0109 0x015c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
14:13:50.0109 0x015c  ParVdm - ok
14:13:50.0109 0x015c  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
14:13:50.0125 0x015c  PCI - ok
14:13:50.0125 0x015c  PCIDump - ok
14:13:50.0140 0x015c  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
14:13:50.0140 0x015c  PCIIde - ok
14:13:50.0156 0x015c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
14:13:50.0156 0x015c  Pcmcia - ok
14:13:50.0171 0x015c  PDCOMP - ok
14:13:50.0250 0x015c  [ C1C3BAF078BE5A14384A4BA2D730817D, 6E4D2F73A1CB250B3EE270CCE806A37EB2140E34EAF9F48C45CC12D2A451AA16 ] PDFProFiltSrvPP C:\Program Files\Nuance\PaperPort\PDFProFiltSrvPP.exe
14:13:50.0265 0x015c  PDFProFiltSrvPP - ok
14:13:50.0265 0x015c  PDFRAME - ok
14:13:50.0281 0x015c  PDRELI - ok
14:13:50.0281 0x015c  PDRFRAME - ok
14:13:50.0296 0x015c  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
14:13:50.0296 0x015c  perc2 - ok
14:13:50.0328 0x015c  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
14:13:50.0328 0x015c  perc2hib - ok
14:13:50.0359 0x015c  [ EDE8241B75DADEF090AADB6C81C8E1D7, A0FA3C3C8DD454F316D70188F9C054FFF4EFE24B049ABC85436E80D8BCC45A73 ] PfModNT         C:\WINDOWS\system32\drivers\PfModNT.sys
14:13:50.0359 0x015c  PfModNT - ok
14:13:50.0375 0x015c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
14:13:50.0375 0x015c  PlugPlay - ok
14:13:50.0390 0x015c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
14:13:50.0390 0x015c  PolicyAgent - ok
14:13:50.0421 0x015c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
14:13:50.0421 0x015c  PptpMiniport - ok
14:13:50.0421 0x015c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
14:13:50.0421 0x015c  ProtectedStorage - ok
14:13:50.0437 0x015c  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
14:13:50.0437 0x015c  PSched - ok
14:13:50.0484 0x015c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
14:13:50.0484 0x015c  Ptilink - ok
14:13:50.0515 0x015c  [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
14:13:50.0515 0x015c  PxHelp20 - ok
14:13:50.0546 0x015c  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
14:13:50.0546 0x015c  ql1080 - ok
14:13:50.0562 0x015c  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
14:13:50.0562 0x015c  Ql10wnt - ok
14:13:50.0578 0x015c  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
14:13:50.0578 0x015c  ql12160 - ok
14:13:50.0578 0x015c  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
14:13:50.0593 0x015c  ql1240 - ok
14:13:50.0593 0x015c  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
14:13:50.0593 0x015c  ql1280 - ok
14:13:50.0671 0x015c  [ D2EA58899FCF66539FAD12897B787216, 29BD5C385D734B37280D8CE8D2D55DDC6C6FA85E90B78ACC43E3F1D9C7F46B8C ] QWAVE           C:\WINDOWS\system32\qwave.dll
14:13:50.0671 0x015c  QWAVE - ok
14:13:50.0718 0x015c  [ 2BB1D2BAF3493362E5C1949C5F210D5F, 3788966D163FFB4BA4AD716C8112E7E5183A795395C827DF3AEB86EEB2010E7B ] QWAVEDRV        C:\WINDOWS\system32\DRIVERS\qwavedrv.sys
14:13:50.0718 0x015c  QWAVEDRV - ok
14:13:50.0750 0x015c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
14:13:50.0750 0x015c  RasAcd - ok
14:13:50.0781 0x015c  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
14:13:50.0796 0x015c  RasAuto - ok
14:13:50.0812 0x015c  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
14:13:50.0812 0x015c  Rasl2tp - ok
14:13:50.0859 0x015c  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
14:13:50.0859 0x015c  RasMan - ok
14:13:50.0859 0x015c  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
14:13:50.0859 0x015c  RasPppoe - ok
14:13:50.0906 0x015c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
14:13:50.0906 0x015c  Raspti - ok
14:13:50.0921 0x015c  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
14:13:50.0921 0x015c  Rdbss - ok
14:13:50.0968 0x015c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
14:13:50.0968 0x015c  RDPCDD - ok
14:13:50.0984 0x015c  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
14:13:50.0984 0x015c  rdpdr - ok
14:13:51.0031 0x015c  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
14:13:51.0046 0x015c  RDPWD - ok
14:13:51.0093 0x015c  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
14:13:51.0093 0x015c  RDSessMgr - ok
14:13:51.0171 0x015c  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
14:13:51.0171 0x015c  redbook - ok
14:13:51.0218 0x015c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
14:13:51.0218 0x015c  RemoteAccess - ok
14:13:51.0250 0x015c  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
14:13:51.0250 0x015c  RemoteRegistry - ok
14:13:51.0296 0x015c  [ 4F4A4C09CC5BE58A76CAC1C337E004E6, 5DFFB1C60709A80DAC46BCBB9BA76408332A681EFA6ABB330CD74236109F4296 ] RimUsb          C:\WINDOWS\system32\Drivers\RimUsb.sys
14:13:51.0296 0x015c  RimUsb - ok
14:13:51.0343 0x015c  [ 3A5633AD615E2B15291BD0B1B97CCD8A, 17E6FE788E8FBC6CB84B68F49FAFB4F63398EA97D89AACF677B338464B68E2AD ] RimVSerPort     C:\WINDOWS\system32\DRIVERS\RimSerial.sys
14:13:51.0343 0x015c  RimVSerPort - ok
14:13:51.0375 0x015c  [ 868E6C58E9B301A768AE50E2A8E3C5D5, 17ABF304795B1B3B7102CA5CDC7D9B9C01E8BEB9AF45AFB1B6E2FA98B1498910 ] RMSvc           C:\WINDOWS\ehome\RMSvc.exe
14:13:51.0375 0x015c  RMSvc - ok
14:13:51.0453 0x015c  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
14:13:51.0453 0x015c  ROOTMODEM - ok
14:13:51.0531 0x015c  RoxLiveShare10 - ok
14:13:51.0593 0x015c  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
14:13:51.0593 0x015c  RpcLocator - ok
14:13:51.0625 0x015c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
14:13:51.0640 0x015c  RpcSs - ok
14:13:51.0687 0x015c  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
14:13:51.0687 0x015c  RSVP - ok
14:13:51.0703 0x015c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
14:13:51.0718 0x015c  SamSs - ok
14:13:51.0812 0x015c  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
14:13:51.0812 0x015c  SASDIFSV - ok
14:13:51.0828 0x015c  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
14:13:51.0828 0x015c  SASKUTIL - ok
14:13:51.0843 0x015c  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
14:13:51.0859 0x015c  SCardSvr - ok
14:13:51.0906 0x015c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
14:13:51.0906 0x015c  Schedule - ok
14:13:51.0953 0x015c  [ 8EDD7B9E4A4B4C16E2DAB9188CAA861B, EBECA68AF8B609F015FA1B2BBFAE65288D1452908DB6D031D1BD6CEA780A0C47 ] SDDMI2          C:\WINDOWS\system32\DDMI2.sys
14:13:51.0953 0x015c  SDDMI2 - ok
14:13:51.0984 0x015c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
14:13:51.0984 0x015c  Secdrv - ok
14:13:52.0031 0x015c  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
14:13:52.0031 0x015c  seclogon - ok
14:13:52.0062 0x015c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
14:13:52.0062 0x015c  SENS - ok
14:13:52.0093 0x015c  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
14:13:52.0093 0x015c  serenum - ok
14:13:52.0125 0x015c  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
14:13:52.0125 0x015c  Serial - ok
14:13:52.0265 0x015c  SessionLauncher - ok
14:13:52.0281 0x015c  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
14:13:52.0312 0x015c  Sfloppy - ok
14:13:52.0343 0x015c  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
14:13:52.0359 0x015c  SharedAccess - ok
14:13:52.0375 0x015c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
14:13:52.0375 0x015c  ShellHWDetection - ok
14:13:52.0390 0x015c  Simbad - ok
14:13:52.0421 0x015c  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
14:13:52.0437 0x015c  sisagp - ok
14:13:52.0484 0x015c  [ 3E587DBBDFF938DDE5D4CE4047BE9041, CA13B2C50FB09365362077AEC4B25120CF09F8C35702F645922D618FE57B5E05 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
14:13:52.0484 0x015c  SkypeUpdate - ok
14:13:52.0515 0x015c  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
14:13:52.0515 0x015c  SLIP - ok
14:13:52.0609 0x015c  [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
14:13:52.0609 0x015c  Sony PC Companion - ok
14:13:52.0656 0x015c  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
14:13:52.0656 0x015c  Sparrow - ok
14:13:52.0703 0x015c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
14:13:52.0703 0x015c  splitter - ok
14:13:52.0718 0x015c  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
14:13:52.0734 0x015c  Spooler - ok
14:13:52.0734 0x015c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
14:13:52.0734 0x015c  sr - ok
14:13:52.0781 0x015c  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
14:13:52.0796 0x015c  srservice - ok
14:13:52.0843 0x015c  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
14:13:52.0843 0x015c  Srv - ok
14:13:52.0890 0x015c  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
14:13:52.0906 0x015c  SSDPSRV - ok
14:13:52.0968 0x015c  [ 797FCC1D859B203958E915BB82528DA9, CF2BB15ED03322323CEFAD2D9600959ADB41B22E22D78D81E79969C784F09A66 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
14:13:53.0031 0x015c  STHDA - ok
14:13:53.0093 0x015c  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
14:13:53.0093 0x015c  stisvc - ok
14:13:53.0156 0x015c  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
14:13:53.0156 0x015c  streamip - ok
14:13:53.0187 0x015c  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
14:13:53.0187 0x015c  swenum - ok
14:13:53.0203 0x015c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
14:13:53.0203 0x015c  swmidi - ok
14:13:53.0203 0x015c  SwPrv - ok
14:13:53.0250 0x015c  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
14:13:53.0250 0x015c  symc810 - ok
14:13:53.0265 0x015c  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
14:13:53.0265 0x015c  symc8xx - ok
14:13:53.0265 0x015c  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
14:13:53.0265 0x015c  sym_hi - ok
14:13:53.0281 0x015c  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
14:13:53.0281 0x015c  sym_u3 - ok
14:13:53.0312 0x015c  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
14:13:53.0312 0x015c  sysaudio - ok
14:13:53.0343 0x015c  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
14:13:53.0343 0x015c  SysmonLog - ok
14:13:53.0390 0x015c  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
14:13:53.0390 0x015c  TapiSrv - ok
14:13:53.0437 0x015c  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
14:13:53.0453 0x015c  Tcpip - ok
14:13:53.0484 0x015c  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
14:13:53.0484 0x015c  TDPIPE - ok
14:13:53.0484 0x015c  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
14:13:53.0484 0x015c  TDTCP - ok
14:13:53.0515 0x015c  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
14:13:53.0515 0x015c  TermDD - ok
14:13:53.0562 0x015c  [ 7A014D2211FF90C76F20B776822B332E, D9A589B08F672EB8B30515B7CB0E675F1A8794A6DDBAB853C69BAC10119726C2 ] TermService     C:\WINDOWS\System32\termsrv.dll
14:13:53.0562 0x015c  TermService - ok
14:13:53.0593 0x015c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
14:13:53.0593 0x015c  Themes - ok
14:13:53.0640 0x015c  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
14:13:53.0640 0x015c  TlntSvr - ok
14:13:53.0656 0x015c  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
14:13:53.0656 0x015c  TosIde - ok
14:13:53.0687 0x015c  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
14:13:53.0687 0x015c  TrkWks - ok
14:13:53.0718 0x015c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
14:13:53.0718 0x015c  Udfs - ok
14:13:53.0734 0x015c  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
14:13:53.0734 0x015c  ultra - ok
14:13:53.0796 0x015c  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
14:13:53.0812 0x015c  Update - ok
14:13:53.0859 0x015c  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
14:13:53.0859 0x015c  upnphost - ok
14:13:53.0890 0x015c  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
14:13:53.0906 0x015c  UPS - ok
14:13:53.0953 0x015c  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
14:13:53.0953 0x015c  USBAAPL - ok
14:13:53.0984 0x015c  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
14:13:53.0984 0x015c  usbaudio - ok
14:13:54.0015 0x015c  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
14:13:54.0015 0x015c  usbccgp - ok
14:13:54.0031 0x015c  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
14:13:54.0031 0x015c  usbehci - ok
14:13:54.0046 0x015c  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
14:13:54.0062 0x015c  usbhub - ok
14:13:54.0093 0x015c  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
14:13:54.0093 0x015c  usbprint - ok
14:13:54.0125 0x015c  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
14:13:54.0125 0x015c  usbscan - ok
14:13:54.0140 0x015c  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
14:13:54.0140 0x015c  USBSTOR - ok
14:13:54.0156 0x015c  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
14:13:54.0156 0x015c  usbuhci - ok
14:13:54.0218 0x015c  [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E, CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ] usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
14:13:54.0234 0x015c  usb_rndisx - ok
14:13:54.0265 0x015c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
14:13:54.0265 0x015c  VgaSave - ok
14:13:54.0296 0x015c  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
14:13:54.0296 0x015c  viaagp - ok
14:13:54.0312 0x015c  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
14:13:54.0312 0x015c  ViaIde - ok
14:13:54.0343 0x015c  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
14:13:54.0343 0x015c  VolSnap - ok
14:13:54.0390 0x015c  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
14:13:54.0406 0x015c  VSS - ok
14:13:54.0562 0x015c  [ 13ACFED0E6ADCA97440169DFD127EBCF, ACDA4D2916C9697D4987ACE71B8C5DB4BC6F3D3B4B4DAD4E955CDC1B61DA8331 ] VX3000          C:\WINDOWS\system32\DRIVERS\VX3000.sys
14:13:54.0656 0x015c  VX3000 - ok
14:13:54.0687 0x015c  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
14:13:54.0703 0x015c  w32time - ok
14:13:54.0718 0x015c  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
14:13:54.0718 0x015c  Wanarp - ok
14:13:54.0718 0x015c  wanatw - ok
14:13:54.0750 0x015c  [ 56242D5BE3BFC8F2A212E6D1F9A16697, 2ACA5991FED8E7D4D44F00157BC4B6404E595C2BFB4A58FF745B8C973E58C210 ] wceusbsh        C:\WINDOWS\system32\DRIVERS\wceusbsh.sys
14:13:54.0750 0x015c  wceusbsh - ok
14:13:54.0812 0x015c  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
14:13:54.0828 0x015c  Wdf01000 - ok
14:13:54.0828 0x015c  WDICA - ok
14:13:54.0843 0x015c  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
14:13:54.0843 0x015c  wdmaud - ok
14:13:54.0890 0x015c  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
14:13:54.0890 0x015c  WebClient - ok
14:13:54.0968 0x015c  [ F45DD1E1365D857DD08BC23563370D0E, D95AEBB2095579D716C62152C8B805E119812FD2E40F14F9A5BA2EFDE133303B ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
14:13:54.0968 0x015c  WinDefend - ok
14:13:55.0046 0x015c  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
14:13:55.0046 0x015c  winmgmt - ok
14:13:55.0109 0x015c  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
14:13:55.0109 0x015c  WmdmPmSN - ok
14:13:55.0171 0x015c  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
14:13:55.0203 0x015c  Wmi - ok
14:13:55.0234 0x015c  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
14:13:55.0234 0x015c  WmiApSrv - ok
14:13:55.0406 0x015c  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
14:13:55.0453 0x015c  WMPNetworkSvc - ok
14:13:55.0500 0x015c  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
14:13:55.0500 0x015c  WpdUsb - ok
14:13:55.0515 0x015c  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
14:13:55.0515 0x015c  WS2IFSL - ok
14:13:55.0546 0x015c  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
14:13:55.0562 0x015c  wscsvc - ok
14:13:55.0593 0x015c  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
14:13:55.0593 0x015c  WSTCODEC - ok
14:13:55.0625 0x015c  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
14:13:55.0625 0x015c  wuauserv - ok
14:13:55.0671 0x015c  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
14:13:55.0671 0x015c  WudfPf - ok
14:13:55.0718 0x015c  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
14:13:55.0718 0x015c  WudfRd - ok
14:13:55.0750 0x015c  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
14:13:55.0750 0x015c  WudfSvc - ok
14:13:55.0828 0x015c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
14:13:55.0843 0x015c  WZCSVC - ok
14:13:55.0875 0x015c  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
14:13:55.0875 0x015c  xmlprov - ok
14:13:55.0890 0x015c  ================ Scan global ===============================
14:13:55.0937 0x015c  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
14:13:55.0984 0x015c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
14:13:56.0000 0x015c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
14:13:56.0046 0x015c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
14:13:56.0046 0x015c  [ Global ] - ok
14:13:56.0046 0x015c  ================ Scan MBR ==================================
14:13:56.0078 0x015c  [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
14:13:56.0296 0x015c  \Device\Harddisk0\DR0 - ok
14:13:56.0296 0x015c  ================ Scan VBR ==================================
14:13:56.0296 0x015c  [ 22578B201AFF8F847B639D4D48547B6F ] \Device\Harddisk0\DR0\Partition1
14:13:56.0328 0x015c  \Device\Harddisk0\DR0\Partition1 - ok
14:13:56.0328 0x015c  Waiting for KSN requests completion. In queue: 279
14:13:57.0328 0x015c  Waiting for KSN requests completion. In queue: 279
14:13:58.0328 0x015c  Waiting for KSN requests completion. In queue: 279
14:13:59.0328 0x015c  Waiting for KSN requests completion. In queue: 279
14:14:00.0343 0x015c  AV detected via SS1: McAfee Anti-Virus and Anti-Spyware, , disabled, updated
14:14:00.0343 0x015c  FW detected via SS1: McAfee Firewall, , enabled
14:14:03.0609 0x015c  ============================================================
14:14:03.0609 0x015c  Scan finished
14:14:03.0609 0x015c  ============================================================
14:14:03.0609 0x06b4  Detected object count: 0
14:14:03.0609 0x06b4  Actual detected object count: 0

 

 

 

 

Here is the ADWCLEANER log:

 

 

# AdwCleaner v3.019 - Report created 17/02/2014 at 15:10:25
# Updated 17/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - ZHENYA
# Running from : C:\Documents and Settings\Administrator\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\AlawarWrapper
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\keyscrambler@qfx.software.corporation
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\piclens@cooliris.com
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\player@online.fm
Folder Deleted : C:\Documents and Settings\Tanyushka\Application Data\Mozilla\Firefox\Profiles\mlu2h32t.default\Extensions\player@online.fm
Folder Deleted : C:\Documents and Settings\Nikita & Vanya\Application Data\Mozilla\Firefox\Profiles\ckprhooe.default\Extensions\player@online.fm
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\rotateimage@minisystems.de
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\{152455DE-7B40-4bcf-B5B4-C68A1BE85A91}
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
Folder Deleted : C:\Documents and Settings\Tanyushka\Application Data\Mozilla\Firefox\Profiles\mlu2h32t.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
Folder Deleted : C:\Documents and Settings\SOFIIKA\Application Data\Mozilla\Firefox\Profiles\f3zeypf1.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
Folder Deleted : C:\Documents and Settings\Nikita & Vanya\Application Data\Mozilla\Firefox\Profiles\ckprhooe.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
Folder Deleted : C:\Documents and Settings\MCX1\Application Data\Mozilla\Firefox\Profiles\6zj9vulu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
Folder Deleted : C:\Documents and Settings\Tanyushka\Application Data\Mozilla\Firefox\Profiles\mlu2h32t.default\Extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
Folder Deleted : C:\Documents and Settings\SOFIIKA\Application Data\Mozilla\Firefox\Profiles\f3zeypf1.default\Extensions\{6614d11d-d21d-b211-ae23-815234e1ebb5}
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
Folder Deleted : C:\Documents and Settings\Tanyushka\Application Data\Mozilla\Firefox\Profiles\mlu2h32t.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
Folder Deleted : C:\Documents and Settings\SOFIIKA\Application Data\Mozilla\Firefox\Profiles\f3zeypf1.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
Folder Deleted : C:\Documents and Settings\Nikita & Vanya\Application Data\Mozilla\Firefox\Profiles\ckprhooe.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
Folder Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
Folder Deleted : C:\Documents and Settings\Tanyushka\Application Data\Mozilla\Firefox\Profiles\mlu2h32t.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
Folder Deleted : C:\Documents and Settings\Nikita & Vanya\Application Data\Mozilla\Firefox\Profiles\ckprhooe.default\Extensions\{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}
Folder Deleted : C:\Documents and Settings\Tanyushka\Application Data\Mozilla\Firefox\Profiles\mlu2h32t.default\Extensions\moveplayer@movenetworks.com
Folder Deleted : C:\Documents and Settings\Tanyushka\Application Data\Mozilla\Firefox\Profiles\mlu2h32t.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}
Folder Deleted : C:\Documents and Settings\SOFIIKA\Application Data\Mozilla\Firefox\Profiles\f3zeypf1.default\Extensions\2020Player_IKEA@2020Technologies.com
Folder Deleted : C:\Documents and Settings\Nikita & Vanya\Application Data\Mozilla\Firefox\Profiles\ckprhooe.default\Extensions\en-US@dictionaries.addons.mozilla.org
Folder Deleted : C:\Documents and Settings\MCX1\Application Data\Mozilla\Firefox\Profiles\6zj9vulu.default\Extensions\staged-xpis
File Deleted : C:\Documents and Settings\MCX1\Application Data\Mozilla\Firefox\Profiles\6zj9vulu.default\.autoreg
File Deleted : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\user.js
File Deleted : C:\Documents and Settings\Nikita & Vanya\Application Data\Mozilla\Firefox\Profiles\ckprhooe.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{20a82645-c095-46ed-80e3-08825760534b}]
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Key Deleted : HKLM\Software\Viewpoint

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v27.0.1 (ru)

[ File : C:\Documents and Settings\Shane\Application Data\Mozilla\Firefox\Profiles\ahkwag3w.default\prefs.js ]


[ File : C:\Documents and Settings\Tanyushka\Application Data\Mozilla\Firefox\Profiles\mlu2h32t.default\prefs.js ]


[ File : C:\Documents and Settings\SOFIIKA\Application Data\Mozilla\Firefox\Profiles\f3zeypf1.default\prefs.js ]


[ File : C:\Documents and Settings\Nikita & Vanya\Application Data\Mozilla\Firefox\Profiles\ckprhooe.default\prefs.js ]


[ File : C:\Documents and Settings\MCX1\Application Data\Mozilla\Firefox\Profiles\6zj9vulu.default\prefs.js ]


[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\ab9ljrf9.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [15136 octets] - [17/02/2014 14:33:23]
AdwCleaner[R1].txt - [15197 octets] - [17/02/2014 14:43:37]
AdwCleaner[R2].txt - [15258 octets] - [17/02/2014 15:03:26]
AdwCleaner[S0].txt - [6993 octets] - [17/02/2014 15:10:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7053 octets] ##########
 

 

 

Here is the JRT log:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Microsoft Windows XP x86
Ran by Administrator on Mon 02/17/2014 at 15:40:03.07
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 02/17/2014 at 15:43:48.76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


Edited by jollyroger623, 17 February 2014 - 05:59 PM.


#4 jollyroger623

jollyroger623
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 17 February 2014 - 06:54 PM

Hi Boopme,

 

I tried to login after running all these programs and the user account login screen is still frozen.  So, I am eagerly awaiting your newest orders.  Many thanks!



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:32 AM

Posted 17 February 2014 - 09:07 PM

Ok we need to look s this now.

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 jollyroger623

jollyroger623
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 17 February 2014 - 11:25 PM

Boopme,

 

Here is the FARBAR SERVICE SCANNER log:

 

 

Farbar Service Scanner Version: 16-02-2014
Ran by Administrator (administrator) on 17-02-2014 at 21:21:03
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is OK.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) mfetdi2k(8) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:32 AM

Posted 18 February 2014 - 01:46 PM

Download the ESET ServicesRepair utility

Run it,restart the PC

Post the new FSS log
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 jollyroger623

jollyroger623
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 18 February 2014 - 10:09 PM

Hey Boopme,

 

I am very grateful for all your time and help in solving this mystery with my computer.  I hope that you are able to get in some R&R too while helping all of us out here in the 4 corners of the globe! Your talents are very much appreciated.

 

Here is the updated (Feb. 18th, 2014) FSS log:

 

Farbar Service Scanner Version: 16-02-2014
Ran by Administrator (administrator) on 18-02-2014 at 19:41:49
Running from "C:\Documents and Settings\Administrator\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=DWORD:0


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv: "C:\WINDOWS\system32\wuauserv.dll".

BITS Service is not running. Checking service configuration:
The start type of BITS service is set to Demand. The default start type is Auto.
The ImagePath of BITS service is OK.
The ServiceDll of BITS: "C:\WINDOWS\system32\qmgr.dll".

EventSystem Service is not running. Checking service configuration:
The start type of EventSystem service is OK.
The ImagePath of EventSystem: "C:\WINDOWS\system32\svchost.exe -k netsvcs".
The ServiceDll of EventSystem: "C:\WINDOWS\system32\es.dll".


Windows Autoupdate Disabled Policy:
============================


Other Services:
==============


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) mfetdi2k(8) NetBT(5) PSched(7) Tcpip(3)
0x080000000400000001000000020000000300000008000000050000000600000007000000
IpSec Tag value is correct.

**** End of log ****

 

 

 

 

I tried after the reboot to login via the user account login screen but it still freezes up.

 

 

Hey Boopme, I always keep an uptodate version of dr.web cureit on my desktop, would you suggest that I run it.

 

 

Boopme, the member that referred me to bleepingcomputer suggested that I ask you about:

 

sfcfix.exe

McAfeeStinger.exe

Combofix.exe

Rootrepeal.exe

Hijackthis.exe

Roguekiller.exe

dds.exe

panda/sophos.exe

 

 

 

Awaiting your further orders!



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:32 AM

Posted 18 February 2014 - 10:25 PM

I am hitting the hay after this, thanks..

sfcfix.exe, the tool I will run next does this also

McAfeeStinger.exe, can be run like DrWeb or the others after ......

Combofix.exe ,Do not run  these on your own

Rootrepeal.exe

Hijackthis.exe ,don't use this any more,dds is better

Roguekiller.exe ,Do not run  these on your own

dds.exe, we may do this later
 
 
 
Download Windows Repair (All in One) from this site Install the program then run it. NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator". NOTE 2. Disable your antivirus program before running Windows Repair. Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed. If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk. In that case make sure you restart computer. p22004342.gif Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button: p22004343.gif Go to Step 4 and under "System Restore" click on Create button: p22004346.gif Go to Start Repairs tab and click Start button. Leave all checkmarks as they're. NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design. Click on Start button. p22004347.gifPost Windows Repair log which is located in the following folder: 64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs 32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs

panda/sophos.exe
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 jollyroger623

jollyroger623
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 20 February 2014 - 11:33 PM

Boopme,

 

I have to apologize but i can't find my Windows cd so I have to wait until tomorrow so I can run the Tweaking.com Windows Repair. My friend who referred me to Bleepingcomputer.com is going to bring his XP disc over to my place tomorrow. I will run the Windows Repair and post the log right away.  Many many thanks for your help and patience!


Edited by jollyroger623, 21 February 2014 - 01:32 AM.


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:32 AM

Posted 21 February 2014 - 11:00 AM

No problem..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 jollyroger623

jollyroger623
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 21 February 2014 - 11:57 PM

Hi Boopme!

 

I just finished running Tweaking.com

 

I tried to login through the user account login page before I posted this log but... it didn't work, the page is still frozen.  It seemed promising at first as the hourglass appeared and it looked as if it were going to load but didn't.

 

Boopme, I just attempted to post the logs from the Tweaking.com program but the post said that, "the post was too long" to post (a tongue twister for sure). Is there anything specific that I need to give you? Or do you need the whole thing? Is there another way around this length issue? 

 

 

All the same, looking forward to hearing from you Boopme and trying another round of treatment for this down and out patient of mine! Have a great weekend!



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:32 AM

Posted 22 February 2014 - 09:32 PM

Lets run Rogue killer now.

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Scan

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 jollyroger623

jollyroger623
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:10:32 AM

Posted 23 February 2014 - 10:59 AM

Good Morning Boopme!

 

Hope the weekend has been treating you good!

 

 

Here is the RogueKiller.exe log:

 

 

 

RogueKiller V8.8.8 [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Safe mode with network support
User : Administrator [Admin rights]
Mode : Scan -- Date : 02/23/2014 08:51:50
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x2] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) ST3250824AS +++++
--- User ---
[MBR] b7656a44366756ed8821e7abfd5d00e8
[BSP] 3efdd157322bc54deb4f0f8435ac64f6 : MBR Code unknown
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 233483 Mo
2 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 478287180 | Size: 4871 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_02232014_085150.txt >>



Hope this help shed some light on the problem, very much looking forward to hearing from you!!



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,538 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:32 AM

Posted 23 February 2014 - 03:54 PM

Hope your well also Roger

Found some baddies there in your boot code so lets fix that and see.
  • Close all programs and disconnect any USB or external drives before running the tool.
  • Double-click RogueKiller.exe to run the tool again (Vista or 7 users: Right-click and select Run As Administrator).
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", this time click the Delete button.
  • Copy and paste the report that opens into your next reply.
    • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
    • The highest number of [X], is the most recent Delete

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users