Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possibly Infected XP Pro machine after Windows Update??


  • Please log in to reply
9 replies to this topic

#1 Danstang

Danstang

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 PM

Posted 27 February 2014 - 10:38 PM

Hello and thank you to anyone who may be able to assist in this matter;

 

Summary;

 

Running Windows XP Pro 32 bit - AMD - Trend Micro Titanium internet Security - Older Custom Built machine

 

While this may sound initially like a software conflict, I have run Malware Bytes and it found 18 or 19 items - I googled a few and it doesn't look good to me. I have the log if you would like to see it.

 

Here is what started it all:

 

A few weeks ago, I let Windows update run as usual. With in a day or so after, I noticed that the Trend Micro icon was missing from the system tray in the lower left corner of the screen. I also noticed that I no longer showed the Sage ACT 2011 Pro Email Icon in the system Tray in the lower right hand corner. 

 

Upon restarting the machine, I began to encounter errors including Act has encountered a problem and needs to close. and also another about ACT Email needs to close etc...At the same time I noticed that I could no longer access spell check in outlook 2003. I could not and can not start ACT. 

 

I contacted Trend Micro, they instructed me to do a variety of things including re-installs of the a/v, system restores, etc.. it only made it worse.

 

I tried the knowledge base or Sage Act Pro 2011 - the SQL Server 2008 is also involved, with an add on called something like ACT7Incident - instructions to remove that failed.

 

I have also tried deleting ACT 2011 pro and re installing along with trying to erase any and all traced of it - 

 

I am now getting .net Framework Utility Encountered Problems errors along with .net Assemblyregistrationutility errors and NGEN.APP errors and Machineconfigupdater.exe errors

 

SO - That's the laundry list to start...

 

Please help...

 

Best regards,

 

Danstang


Edited by Danstang, 27 February 2014 - 10:58 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:40 PM

Posted 02 March 2014 - 09:00 PM

Hello.. Lets start here.

Download Malwarebytes Anti-Rootkit from HERE to your Desktop.
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • DO NOT click on the Cleanup button. Simply exit the program.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Danstang

Danstang
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 PM

Posted 02 March 2014 - 10:12 PM

Thank you and forgive me if I am replying to this the wrong way - it's been some time since I have had to access the collective knowledge here.

 

As I am currently attempting to back the My Docs and Outlook 2003, I am not sure if I should also download and run the MBAR until I have completed the previous. Please let me know.

 

I should also mention that the Trend Micro Icon has 'Magically" re-appeared, at least for the moment....

 

Please let me know if I should still proceed with the above or if other actions are needed.

 

And Thank You!



#4 Danstang

Danstang
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 PM

Posted 02 March 2014 - 10:13 PM

Should have mentioned backing up to a stand alone hard drive... not in the system



#5 Danstang

Danstang
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 PM

Posted 03 March 2014 - 09:35 AM

Here are the MBR and System logs as requested:

 

Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
 
Database version: v2014.03.03.04
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
 :: dan-back-up-sys [administrator]
 
3/3/2014 7:40:57 AM
mbar-log-2014-03-03 (07-40-57).txt
 
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 244156
Time elapsed: 27 minute(s), 24 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
Physical Sectors Detected: 0
(No malicious items detected)
 
(end)
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
 
© Malwarebytes Corporation 2011-2012
 
OS version: 5.1.2600 Windows XP Service Pack 3 x86
 
Account is Administrative
 
Internet Explorer version: 8.0.6001.18702
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 1.599000 GHz
Memory total: 2138161152, free: 1091858432
 
Downloaded database version: v2014.03.03.04
Downloaded database version: v2014.02.20.01
=======================================
Initializing...
------------ Kernel report ------------
     03/03/2014 07:40:43
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\system32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
pciide.sys
\WINDOWS\system32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
VolSnap.sys
TMEBC32.sys
atapi.sys
disk.sys
\WINDOWS\system32\DRIVERS\CLASSPNP.SYS
fltMgr.sys
sr.sys
KSecDD.sys
Ntfs.sys
NDIS.sys
Mup.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\ialmnt5.sys
\SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\l151x86.sys
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\fdc.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\system32\DRIVERS\redbook.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\audstub.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\psched.sys
\SystemRoot\system32\DRIVERS\msgpc.sys
\SystemRoot\system32\DRIVERS\ptilink.sys
\SystemRoot\system32\DRIVERS\raspti.sys
\SystemRoot\system32\DRIVERS\tunmp.sys
\SystemRoot\system32\DRIVERS\rdpdr.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\update.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\ADIHdAud.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\AEAudio.sys
\SystemRoot\system32\drivers\Senfilt.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\tmeext.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\system32\DRIVERS\tcpip.sys
\SystemRoot\system32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\ipnat.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\tmcomm.sys
\SystemRoot\system32\DRIVERS\tmevtmgr.sys
\SystemRoot\system32\DRIVERS\tmactmon.sys
\SystemRoot\system32\DRIVERS\tmtdi.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_WMILIB.SYS
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ialmdnt5.dll
\SystemRoot\System32\ialmrnt5.dll
\SystemRoot\System32\ialmdev5.DLL
\SystemRoot\System32\ialmdd5.DLL
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\DRIVERS\nwlnkipx.sys
\SystemRoot\system32\DRIVERS\nwlnknb.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\system32\DRIVERS\mrxdav.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\system32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\nwlnkspx.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\tmnciesc.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff89c01ab8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP2T0L0-e\
Lower Device Object: 0xffffffff89bf9b00
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff89c01ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff89b4b900, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff89c01ab8, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff89bf9b00, DeviceName: \Device\Ide\IdeDeviceP2T0L0-e\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 71697169
 
Partition information:
 
    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 156280257
    Partition file system is NTFS
    Partition is bootable
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
Disk Size: 80026361856 bytes
Sector size: 512 bytes
 
Scanning physical sectors of unpartitioned space on drive 0 (1-62-156281488-156301488)...
Done!
Read File: File "C:\Documents and Settings\Dan\Application Data\Microsoft\Outlook\Outlook.srs" is compressed (flags = 1)
Read File: File "C:\Documents and Settings\Dan\Cookies\index.dat" is compressed (flags = 1)
Read File: File "C:\Documents and Settings\LocalService\Cookies\index.dat" is compressed (flags = 1)
Read File: File "C:\Documents and Settings\NetworkService\Cookies\index.dat" is compressed (flags = 1)
Read File: File "C:\Documents and Settings\Dan\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Read File: File "C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Read File: File "C:\Documents and Settings\NetworkService\Local Settings\History\History.IE5\index.dat" is compressed (flags = 1)
Scan finished
=======================================
 
 
Removal queue found; removal started
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\VBR-0-0-63-i.mbam...
Removing C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
 


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:40 PM

Posted 03 March 2014 - 10:53 AM

Hi lets also run these and rule out malware.

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • [/list] [/list]
  • [/list]
  • [/list]

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 Danstang

Danstang
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 PM

Posted 03 March 2014 - 04:01 PM

Here are the scans:

 

11:17:17.0562 0x2368  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
11:17:23.0750 0x2368  ============================================================
11:17:23.0750 0x2368  Current date / time: 2014/03/03 11:17:23.0750
11:17:23.0750 0x2368  SystemInfo:
11:17:23.0750 0x2368 
11:17:23.0750 0x2368  OS Version: 5.1.2600 ServicePack: 3.0
11:17:23.0750 0x2368  Product type: Workstation
11:17:23.0750 0x2368  ComputerName: dan-back-up-sys
11:17:23.0750 0x2368  UserName: Dan
11:17:23.0750 0x2368  Windows directory: C:\WINDOWS
11:17:23.0750 0x2368  System windows directory: C:\WINDOWS
11:17:23.0750 0x2368  Processor architecture: Intel x86
11:17:23.0750 0x2368  Number of processors: 1
11:17:23.0750 0x2368  Page size: 0x1000
11:17:23.0750 0x2368  Boot type: Normal boot
11:17:23.0750 0x2368  ============================================================
11:17:26.0796 0x2368  KLMD registered as C:\WINDOWS\system32\drivers\16643053.sys
11:17:27.0718 0x2368  System UUID: {75BCDB16-AB90-74E0-DD08-D4CC9B9B8604}
11:17:30.0437 0x2368  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
11:17:30.0437 0x2368  ============================================================
11:17:30.0437 0x2368  \Device\Harddisk0\DR0:
11:17:30.0437 0x2368  MBR partitions:
11:17:30.0437 0x2368  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
11:17:30.0437 0x2368  ============================================================
11:17:30.0468 0x2368  C: <-> \Device\Harddisk0\DR0\Partition1
11:17:30.0468 0x2368  ============================================================
11:17:30.0468 0x2368  Initialize success
11:17:30.0468 0x2368  ============================================================
11:17:39.0593 0x21d0  ============================================================
11:17:39.0593 0x21d0  Scan started
11:17:39.0593 0x21d0  Mode: Manual;
11:17:39.0593 0x21d0  ============================================================
11:17:39.0593 0x21d0  KSN ping started
11:18:02.0515 0x21d0  KSN ping finished: true
11:18:03.0734 0x21d0  ================ Scan system memory ========================
11:18:03.0750 0x21d0  System memory - ok
11:18:03.0750 0x21d0  ================ Scan services =============================
11:18:03.0843 0x21d0  Abiosdsk - ok
11:18:03.0859 0x21d0  abp480n5 - ok
11:18:03.0906 0x21d0  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
11:18:03.0921 0x21d0  ACPI - ok
11:18:04.0109 0x21d0  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
11:18:04.0109 0x21d0  ACPIEC - ok
11:18:04.0156 0x21d0  [ 70B64D0706D089466BDBC814F0FE6663, B3546B9C90523189F30E411F7C555F294E1C8E43D913B09FDC67BBA69F11E6A9 ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
11:18:04.0156 0x21d0  ADIHdAudAddService - ok
11:18:04.0265 0x21d0  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:18:04.0265 0x21d0  AdobeFlashPlayerUpdateSvc - ok
11:18:04.0281 0x21d0  adpu160m - ok
11:18:04.0296 0x21d0  [ F932A37FFF15D1B35289213089E9C78D, 84964908852BF6148DD5E209F8A07959FCD5D9168813FDB1950866B9C55721F5 ] AEAudioService  C:\WINDOWS\system32\drivers\AEAudio.sys
11:18:04.0296 0x21d0  AEAudioService - ok
11:18:04.0359 0x21d0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
11:18:04.0359 0x21d0  aec - ok
11:18:04.0406 0x21d0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
11:18:04.0421 0x21d0  AFD - ok
11:18:04.0421 0x21d0  Aha154x - ok
11:18:04.0437 0x21d0  aic78u2 - ok
11:18:04.0437 0x21d0  aic78xx - ok
11:18:04.0484 0x21d0  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
11:18:04.0484 0x21d0  Alerter - ok
11:18:04.0515 0x21d0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
11:18:04.0515 0x21d0  ALG - ok
11:18:04.0531 0x21d0  AliIde - ok
11:18:04.0531 0x21d0  amsint - ok
11:18:04.0656 0x21d0  [ 2DB42306C5F07D3619C875959E50E52C, 14250C5E7014585D91ECA7DF04071C091683466CFA8328E124D25DBC4A16C8CE ] Amsp            C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
11:18:04.0671 0x21d0  Amsp - ok
11:18:04.0703 0x21d0  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
11:18:04.0718 0x21d0  AppMgmt - ok
11:18:04.0718 0x21d0  asc - ok
11:18:04.0734 0x21d0  asc3350p - ok
11:18:04.0734 0x21d0  asc3550 - ok
11:18:04.0875 0x21d0  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:18:04.0875 0x21d0  aspnet_state - ok
11:18:04.0890 0x21d0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
11:18:04.0890 0x21d0  AsyncMac - ok
11:18:04.0937 0x21d0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
11:18:04.0937 0x21d0  atapi - ok
11:18:05.0000 0x21d0  [ 01C1550BA423C9813E829F566F598D60, 0B1188FECEE2EDDDE3D35DE093B4DB4D95B735A5CB6B2AF732A7D0455E80D6EC ] AtcL001         C:\WINDOWS\system32\DRIVERS\l151x86.sys
11:18:05.0000 0x21d0  AtcL001 - ok
11:18:05.0000 0x21d0  Atdisk - ok
11:18:05.0046 0x21d0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
11:18:05.0046 0x21d0  Atmarpc - ok
11:18:05.0078 0x21d0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
11:18:05.0093 0x21d0  AudioSrv - ok
11:18:05.0109 0x21d0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
11:18:05.0125 0x21d0  audstub - ok
11:18:05.0156 0x21d0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:18:05.0156 0x21d0  Beep - ok
11:18:05.0218 0x21d0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
11:18:05.0328 0x21d0  BITS - ok
11:18:05.0390 0x21d0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
11:18:05.0390 0x21d0  Browser - ok
11:18:05.0421 0x21d0  [ 248DFA5762DDE38DFDDBBD44149E9D7A, D696D5698B7B5B331A6ED39172015349685450D10F63B1E4D4112199198FA5C7 ] BVRPMPR5        C:\WINDOWS\system32\drivers\BVRPMPR5.SYS
11:18:05.0421 0x21d0  BVRPMPR5 - ok
11:18:05.0453 0x21d0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
11:18:05.0453 0x21d0  cbidf2k - ok
11:18:05.0484 0x21d0  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
11:18:05.0484 0x21d0  CCDECODE - ok
11:18:05.0500 0x21d0  cd20xrnt - ok
11:18:05.0515 0x21d0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
11:18:05.0531 0x21d0  Cdaudio - ok
11:18:05.0578 0x21d0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
11:18:05.0578 0x21d0  Cdfs - ok
11:18:05.0625 0x21d0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
11:18:05.0625 0x21d0  Cdrom - ok
11:18:05.0640 0x21d0  cerc6 - ok
11:18:05.0640 0x21d0  Changer - ok
11:18:05.0656 0x21d0  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] cisvc           C:\WINDOWS\system32\cisvc.exe
11:18:05.0671 0x21d0  cisvc - ok
11:18:05.0703 0x21d0  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
11:18:05.0703 0x21d0  ClipSrv - ok
11:18:05.0812 0x21d0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:18:05.0812 0x21d0  clr_optimization_v2.0.50727_32 - ok
11:18:05.0859 0x21d0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:18:05.0859 0x21d0  clr_optimization_v4.0.30319_32 - ok
11:18:05.0875 0x21d0  CmdIde - ok
11:18:05.0890 0x21d0  COMSysApp - ok
11:18:05.0890 0x21d0  Cpqarray - ok
11:18:06.0015 0x21d0  cpuz134 - ok
11:18:06.0062 0x21d0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
11:18:06.0078 0x21d0  CryptSvc - ok
11:18:06.0078 0x21d0  dac2w2k - ok
11:18:06.0093 0x21d0  dac960nt - ok
11:18:06.0156 0x21d0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:18:06.0187 0x21d0  DcomLaunch - ok
11:18:06.0234 0x21d0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
11:18:06.0250 0x21d0  Dhcp - ok
11:18:06.0312 0x21d0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
11:18:06.0328 0x21d0  Disk - ok
11:18:06.0328 0x21d0  dmadmin - ok
11:18:06.0406 0x21d0  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
11:18:06.0468 0x21d0  dmboot - ok
11:18:06.0484 0x21d0  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
11:18:06.0500 0x21d0  dmio - ok
11:18:06.0515 0x21d0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
11:18:06.0531 0x21d0  dmload - ok
11:18:06.0546 0x21d0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
11:18:06.0546 0x21d0  dmserver - ok
11:18:06.0593 0x21d0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
11:18:06.0593 0x21d0  DMusic - ok
11:18:06.0625 0x21d0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:18:06.0625 0x21d0  Dnscache - ok
11:18:06.0656 0x21d0  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
11:18:06.0656 0x21d0  Dot3svc - ok
11:18:06.0671 0x21d0  dpti2o - ok
11:18:06.0687 0x21d0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
11:18:06.0687 0x21d0  drmkaud - ok
11:18:06.0703 0x21d0  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
11:18:06.0718 0x21d0  EapHost - ok
11:18:06.0734 0x21d0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
11:18:06.0750 0x21d0  ERSvc - ok
11:18:06.0796 0x21d0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
11:18:06.0796 0x21d0  Eventlog - ok
11:18:06.0859 0x21d0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
11:18:06.0875 0x21d0  EventSystem - ok
11:18:06.0921 0x21d0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
11:18:06.0921 0x21d0  Fastfat - ok
11:18:06.0953 0x21d0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
11:18:06.0984 0x21d0  FastUserSwitchingCompatibility - ok
11:18:07.0031 0x21d0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
11:18:07.0031 0x21d0  Fdc - ok
11:18:07.0046 0x21d0  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
11:18:07.0046 0x21d0  Fips - ok
11:18:07.0062 0x21d0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
11:18:07.0062 0x21d0  Flpydisk - ok
11:18:07.0093 0x21d0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
11:18:07.0109 0x21d0  FltMgr - ok
11:18:07.0156 0x21d0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
11:18:07.0156 0x21d0  FontCache3.0.0.0 - ok
11:18:07.0156 0x21d0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:18:07.0156 0x21d0  Fs_Rec - ok
11:18:07.0171 0x21d0  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
11:18:07.0187 0x21d0  Ftdisk - ok
11:18:07.0218 0x21d0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
11:18:07.0218 0x21d0  Gpc - ok
11:18:07.0312 0x21d0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:18:07.0312 0x21d0  gupdate - ok
11:18:07.0328 0x21d0  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:18:07.0328 0x21d0  gupdatem - ok
11:18:07.0375 0x21d0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
11:18:07.0390 0x21d0  gusvc - ok
11:18:07.0453 0x21d0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
11:18:07.0468 0x21d0  HDAudBus - ok
11:18:07.0531 0x21d0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
11:18:07.0546 0x21d0  helpsvc - ok
11:18:07.0593 0x21d0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
11:18:07.0593 0x21d0  HidServ - ok
11:18:07.0609 0x21d0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
11:18:07.0625 0x21d0  hidusb - ok
11:18:07.0656 0x21d0  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
11:18:07.0656 0x21d0  hkmsvc - ok
11:18:07.0671 0x21d0  hpn - ok
11:18:07.0828 0x21d0  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
11:18:07.0843 0x21d0  hpqcxs08 - ok
11:18:07.0890 0x21d0  [ 974A1F783ED34588B45FAD6375077BA6, 03AA0664E3C5A6CE0CA9BCE4EDB0FC11F70A6E3DD15124BDA5E2E659879230FF ] HPSupportSolutionsFrameworkService C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
11:18:07.0890 0x21d0  HPSupportSolutionsFrameworkService - ok
11:18:07.0921 0x21d0  [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
11:18:07.0921 0x21d0  HPZid412 - ok
11:18:07.0937 0x21d0  [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
11:18:07.0937 0x21d0  HPZipr12 - ok
11:18:07.0953 0x21d0  [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
11:18:07.0953 0x21d0  HPZius12 - ok
11:18:08.0031 0x21d0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
11:18:08.0031 0x21d0  HTTP - ok
11:18:08.0093 0x21d0  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
11:18:08.0109 0x21d0  HTTPFilter - ok
11:18:08.0109 0x21d0  i2omgmt - ok
11:18:08.0109 0x21d0  i2omp - ok
11:18:08.0171 0x21d0  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
11:18:08.0171 0x21d0  i8042prt - ok
11:18:08.0281 0x21d0  [ 0F0194C4B635C10C3F785E4FEE52D641, A450D84AF1E2ECC59046B7DFAEF04AD0E70043A57BB2C954E4D8596D59979B48 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
11:18:08.0359 0x21d0  ialm - ok
11:18:08.0453 0x21d0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:18:08.0500 0x21d0  idsvc - ok
11:18:08.0578 0x21d0  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] IISADMIN        C:\WINDOWS\system32\inetsrv\inetinfo.exe
11:18:08.0578 0x21d0  IISADMIN - ok
11:18:08.0593 0x21d0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
11:18:08.0593 0x21d0  Imapi - ok
11:18:08.0640 0x21d0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
11:18:08.0656 0x21d0  ImapiService - ok
11:18:08.0671 0x21d0  ini910u - ok
11:18:08.0671 0x21d0  IntelIde - ok
11:18:08.0718 0x21d0  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
11:18:08.0734 0x21d0  intelppm - ok
11:18:08.0750 0x21d0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
11:18:08.0765 0x21d0  Ip6Fw - ok
11:18:08.0781 0x21d0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:18:08.0781 0x21d0  IpFilterDriver - ok
11:18:08.0796 0x21d0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
11:18:08.0812 0x21d0  IpInIp - ok
11:18:08.0843 0x21d0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
11:18:08.0843 0x21d0  IpNat - ok
11:18:08.0906 0x21d0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
11:18:08.0906 0x21d0  IPSec - ok
11:18:08.0937 0x21d0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
11:18:08.0937 0x21d0  IRENUM - ok
11:18:08.0984 0x21d0  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
11:18:08.0984 0x21d0  isapnp - ok
11:18:09.0125 0x21d0  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
11:18:09.0140 0x21d0  JavaQuickStarterService - ok
11:18:09.0187 0x21d0  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
11:18:09.0203 0x21d0  Kbdclass - ok
11:18:09.0234 0x21d0  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
11:18:09.0250 0x21d0  kbdhid - ok
11:18:09.0312 0x21d0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
11:18:09.0312 0x21d0  kmixer - ok
11:18:09.0343 0x21d0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
11:18:09.0359 0x21d0  KSecDD - ok
11:18:09.0390 0x21d0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
11:18:09.0390 0x21d0  LanmanServer - ok
11:18:09.0468 0x21d0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
11:18:09.0468 0x21d0  lanmanworkstation - ok
11:18:09.0484 0x21d0  lbrtfdc - ok
11:18:09.0531 0x21d0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
11:18:09.0531 0x21d0  LmHosts - ok
11:18:09.0578 0x21d0  [ 32933B07FC16D9F778BEE12545FA1B1A, 73CCDD4EBA90138820624FFEFC629EFA3B15FF395D9F31CC4C4678713ECB1F23 ] LPDSVC          C:\WINDOWS\system32\tcpsvcs.exe
11:18:09.0578 0x21d0  LPDSVC - ok
11:18:09.0609 0x21d0  [ 6F0D0617310A677360B7EB6D2D59086E, 399358CFCE99EBCAE9874FDD44F634ED434CCE3C8821357EDC324046F7FEC68F ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys
11:18:09.0609 0x21d0  mbamchameleon - ok
11:18:09.0625 0x21d0  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
11:18:09.0625 0x21d0  Messenger - ok
11:18:09.0656 0x21d0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
11:18:09.0656 0x21d0  mnmdd - ok
11:18:09.0671 0x21d0  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
11:18:09.0671 0x21d0  mnmsrvc - ok
11:18:09.0703 0x21d0  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
11:18:09.0703 0x21d0  Modem - ok
11:18:09.0734 0x21d0  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
11:18:09.0734 0x21d0  Mouclass - ok
11:18:09.0750 0x21d0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
11:18:09.0750 0x21d0  mouhid - ok
11:18:09.0765 0x21d0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
11:18:09.0765 0x21d0  MountMgr - ok
11:18:09.0781 0x21d0  mraid35x - ok
11:18:09.0796 0x21d0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
11:18:09.0796 0x21d0  MRxDAV - ok
11:18:09.0859 0x21d0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:18:09.0890 0x21d0  MRxSmb - ok
11:18:09.0937 0x21d0  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
11:18:09.0937 0x21d0  MSDTC - ok
11:18:09.0953 0x21d0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:18:09.0953 0x21d0  Msfs - ok
11:18:09.0953 0x21d0  MSIServer - ok
11:18:10.0000 0x21d0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:18:10.0000 0x21d0  MSKSSRV - ok
11:18:10.0031 0x21d0  [ 64E8B7C65EB4796939C0F64F8170821B, 60B7E473E0EC36CFE27E4173744B060ABCC4580E1B639FC04C72380534F592C9 ] msloop          C:\WINDOWS\system32\DRIVERS\loop.sys
11:18:10.0031 0x21d0  msloop - ok
11:18:10.0062 0x21d0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:18:10.0062 0x21d0  MSPCLOCK - ok
11:18:10.0078 0x21d0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
11:18:10.0093 0x21d0  MSPQM - ok
11:18:10.0109 0x21d0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
11:18:10.0109 0x21d0  mssmbios - ok
11:18:10.0203 0x21d0  MSSQL$ACT7 - ok
11:18:10.0312 0x21d0  [ 8E8E74C953EB0C4F8828D99D6F27FD6F, 94AFB1B09A6E92302D29B3C563B1744CECC5F5487418962BE537B7C57717CA42 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
11:18:10.0328 0x21d0  MSSQLServerADHelper100 - ok
11:18:10.0359 0x21d0  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
11:18:10.0359 0x21d0  MSTEE - ok
11:18:10.0406 0x21d0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
11:18:10.0406 0x21d0  Mup - ok
11:18:10.0437 0x21d0  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
11:18:10.0453 0x21d0  NABTSFEC - ok
11:18:10.0468 0x21d0  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
11:18:10.0484 0x21d0  napagent - ok
11:18:10.0515 0x21d0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
11:18:10.0531 0x21d0  NDIS - ok
11:18:10.0562 0x21d0  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
11:18:10.0578 0x21d0  NdisIP - ok
11:18:10.0609 0x21d0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:18:10.0609 0x21d0  NdisTapi - ok
11:18:10.0656 0x21d0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:18:10.0656 0x21d0  Ndisuio - ok
11:18:10.0671 0x21d0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:18:10.0671 0x21d0  NdisWan - ok
11:18:10.0718 0x21d0  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
11:18:10.0718 0x21d0  NDProxy - ok
11:18:10.0765 0x21d0  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
11:18:10.0765 0x21d0  Net Driver HPZ12 - ok
11:18:10.0812 0x21d0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
11:18:10.0812 0x21d0  NetBIOS - ok
11:18:10.0843 0x21d0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
11:18:10.0843 0x21d0  NetBT - ok
11:18:10.0875 0x21d0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
11:18:10.0875 0x21d0  NetDDE - ok
11:18:10.0890 0x21d0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
11:18:10.0890 0x21d0  NetDDEdsdm - ok
11:18:10.0937 0x21d0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:18:10.0937 0x21d0  Netlogon - ok
11:18:11.0000 0x21d0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
11:18:11.0000 0x21d0  Netman - ok
11:18:11.0062 0x21d0  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:18:11.0062 0x21d0  NetTcpPortSharing - ok
11:18:11.0125 0x21d0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
11:18:11.0140 0x21d0  Nla - ok
11:18:11.0140 0x21d0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:18:11.0140 0x21d0  Npfs - ok
11:18:11.0187 0x21d0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
11:18:11.0218 0x21d0  Ntfs - ok
11:18:11.0234 0x21d0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
11:18:11.0234 0x21d0  NtLmSsp - ok
11:18:11.0281 0x21d0  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
11:18:11.0312 0x21d0  NtmsSvc - ok
11:18:11.0328 0x21d0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:18:11.0328 0x21d0  Null - ok
11:18:11.0375 0x21d0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
11:18:11.0375 0x21d0  NwlnkFlt - ok
11:18:11.0390 0x21d0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
11:18:11.0390 0x21d0  NwlnkFwd - ok
11:18:11.0406 0x21d0  [ 8B8B1BE2DBA4025DA6786C645F77F123, E47D5EED2F3AF85E2332C325DA80AEF2C4EC989E38A175194EBBFA967BA8BF81 ] NwlnkIpx        C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
11:18:11.0421 0x21d0  NwlnkIpx - ok
11:18:11.0453 0x21d0  [ 56D34A67C05E94E16377C60609741FF8, ABE48D3E7D38DB20E9D4884FC6FE42FAE0C5FAFD3AC86F1E585A4BB17C6F09C5 ] NwlnkNb         C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
11:18:11.0453 0x21d0  NwlnkNb - ok
11:18:11.0468 0x21d0  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0, 899905C0EB182ABCDAE0D0D749C0BC39CD231B9FAEE733D5DFDAE86EB8BC755B ] NwlnkSpx        C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
11:18:11.0468 0x21d0  NwlnkSpx - ok
11:18:11.0546 0x21d0  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:18:11.0546 0x21d0  ose - ok
11:18:11.0578 0x21d0  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
11:18:11.0578 0x21d0  Parport - ok
11:18:11.0593 0x21d0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
11:18:11.0609 0x21d0  PartMgr - ok
11:18:11.0640 0x21d0  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
11:18:11.0640 0x21d0  ParVdm - ok
11:18:11.0671 0x21d0  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
11:18:11.0687 0x21d0  PCI - ok
11:18:11.0687 0x21d0  PCIDump - ok
11:18:11.0703 0x21d0  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
11:18:11.0703 0x21d0  PCIIde - ok
11:18:11.0718 0x21d0  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
11:18:11.0734 0x21d0  Pcmcia - ok
11:18:11.0734 0x21d0  PDCOMP - ok
11:18:11.0750 0x21d0  PDFRAME - ok
11:18:11.0750 0x21d0  PDRELI - ok
11:18:11.0765 0x21d0  PDRFRAME - ok
11:18:11.0765 0x21d0  perc2 - ok
11:18:11.0781 0x21d0  perc2hib - ok
11:18:11.0828 0x21d0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
11:18:11.0828 0x21d0  PlugPlay - ok
11:18:11.0859 0x21d0  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
11:18:11.0875 0x21d0  Pml Driver HPZ12 - ok
11:18:11.0875 0x21d0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
11:18:11.0875 0x21d0  PolicyAgent - ok
11:18:11.0906 0x21d0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
11:18:11.0906 0x21d0  PptpMiniport - ok
11:18:11.0921 0x21d0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
11:18:11.0921 0x21d0  ProtectedStorage - ok
11:18:11.0937 0x21d0  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
11:18:11.0937 0x21d0  PSched - ok
11:18:11.0953 0x21d0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
11:18:11.0953 0x21d0  Ptilink - ok
11:18:11.0953 0x21d0  ql1080 - ok
11:18:11.0968 0x21d0  Ql10wnt - ok
11:18:11.0968 0x21d0  ql12160 - ok
11:18:11.0984 0x21d0  ql1240 - ok
11:18:11.0984 0x21d0  ql1280 - ok
11:18:12.0046 0x21d0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:18:12.0046 0x21d0  RasAcd - ok
11:18:12.0078 0x21d0  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
11:18:12.0078 0x21d0  RasAuto - ok
11:18:12.0093 0x21d0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
11:18:12.0093 0x21d0  Rasl2tp - ok
11:18:12.0140 0x21d0  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:18:12.0140 0x21d0  RasMan - ok
11:18:12.0171 0x21d0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:18:12.0171 0x21d0  RasPppoe - ok
11:18:12.0171 0x21d0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
11:18:12.0187 0x21d0  Raspti - ok
11:18:12.0203 0x21d0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:18:12.0203 0x21d0  Rdbss - ok
11:18:12.0218 0x21d0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
11:18:12.0218 0x21d0  RDPCDD - ok
11:18:12.0265 0x21d0  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
11:18:12.0265 0x21d0  rdpdr - ok
11:18:12.0312 0x21d0  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
11:18:12.0328 0x21d0  RDPWD - ok
11:18:12.0343 0x21d0  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
11:18:12.0359 0x21d0  RDSessMgr - ok
11:18:12.0375 0x21d0  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
11:18:12.0390 0x21d0  redbook - ok
11:18:12.0406 0x21d0  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:18:12.0406 0x21d0  RemoteAccess - ok
11:18:12.0453 0x21d0  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
11:18:12.0453 0x21d0  RemoteRegistry - ok
11:18:12.0500 0x21d0  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:18:12.0500 0x21d0  RpcLocator - ok
11:18:12.0546 0x21d0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
11:18:12.0562 0x21d0  RpcSs - ok
11:18:12.0609 0x21d0  [ A95840A95A9FF74B0009E5D848CDDB39, 11A0EDAC60F231AEA5692623F26F6441FA2D5D8FA6291955743AA3A067E52BD1 ] RsFx0150        C:\WINDOWS\system32\DRIVERS\RsFx0150.sys
11:18:12.0625 0x21d0  RsFx0150 - ok
11:18:12.0656 0x21d0  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
11:18:12.0656 0x21d0  RSVP - ok
11:18:12.0828 0x21d0  Sage ACT! Scheduler - ok
11:18:12.0843 0x21d0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
11:18:12.0843 0x21d0  SamSs - ok
11:18:12.0890 0x21d0  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
11:18:12.0890 0x21d0  SCardSvr - ok
11:18:12.0937 0x21d0  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:18:12.0937 0x21d0  Schedule - ok
11:18:12.0984 0x21d0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
11:18:12.0984 0x21d0  Secdrv - ok
11:18:13.0031 0x21d0  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
11:18:13.0031 0x21d0  seclogon - ok
11:18:13.0062 0x21d0  [ 23228966244CDD9627BDE4141B3BE1F0, B7D55AD2AEC280FF10B8A76E4C360FADD99EE021103F4D1C39F1C3202FE1B171 ] SenFiltService  C:\WINDOWS\system32\drivers\Senfilt.sys
11:18:13.0093 0x21d0  SenFiltService - ok
11:18:13.0093 0x21d0  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
11:18:13.0109 0x21d0  SENS - ok
11:18:13.0140 0x21d0  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
11:18:13.0140 0x21d0  serenum - ok
11:18:13.0156 0x21d0  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
11:18:13.0156 0x21d0  Serial - ok
11:18:13.0187 0x21d0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
11:18:13.0187 0x21d0  Sfloppy - ok
11:18:13.0250 0x21d0  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:18:13.0265 0x21d0  SharedAccess - ok
11:18:13.0312 0x21d0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:18:13.0312 0x21d0  ShellHWDetection - ok
11:18:13.0328 0x21d0  Simbad - ok
11:18:13.0359 0x21d0  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
11:18:13.0375 0x21d0  SLIP - ok
11:18:13.0406 0x21d0  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] SMTPSVC         C:\WINDOWS\system32\inetsrv\inetinfo.exe
11:18:13.0406 0x21d0  SMTPSVC - ok
11:18:13.0437 0x21d0  [ 60C377BE6B3CC83F6A8584934B181D2E, 58F94CAD0149F634BE2F630A39561073F9399A904E3E3143C0D0BEC348A0C3B2 ] SNMP            C:\WINDOWS\System32\snmp.exe
11:18:13.0453 0x21d0  SNMP - ok
11:18:13.0468 0x21d0  [ 80A050795A107A76C2B1CD4CFBE010E6, DA5BFB0E8E990BE998F1ED5991CA3318A99E0F252669CE9FAE2EF67C535140B8 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
11:18:13.0468 0x21d0  SNMPTRAP - ok
11:18:13.0484 0x21d0  Sparrow - ok
11:18:13.0515 0x21d0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
11:18:13.0515 0x21d0  splitter - ok
11:18:13.0578 0x21d0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
11:18:13.0578 0x21d0  Spooler - ok
11:18:13.0640 0x21d0  [ 37761F6BE2EBAED72CC0D43BD4C8C2A6, 2743C87917472306648AA4E0241C766898DB8843A81F384F915C76D2B041B300 ] SQLAgent$ACT7   C:\Program Files\Microsoft SQL Server\MSSQL10_50.ACT7\MSSQL\Binn\SQLAGENT.EXE
11:18:13.0703 0x21d0  SQLAgent$ACT7 - ok
11:18:13.0796 0x21d0  [ 7D67C07C63796775CC5492BCFEAFF125, BAEFF806F656FA252D1DBC1E21603CF5F7D54C5AFB3FC91F2723729A7740DF8A ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
11:18:13.0812 0x21d0  SQLBrowser - ok
11:18:13.0859 0x21d0  [ 8E6E5CFA06769A417B03FD6FAA29E010, CFF4FF34C2E0D9DFB502FCDB99DF4A21D0DBC335B6AD46805DAB069E789ECF9E ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
11:18:13.0859 0x21d0  SQLWriter - ok
11:18:13.0906 0x21d0  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
11:18:13.0921 0x21d0  sr - ok
11:18:13.0937 0x21d0  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
11:18:13.0937 0x21d0  srservice - ok
11:18:13.0984 0x21d0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
11:18:14.0000 0x21d0  Srv - ok
11:18:14.0031 0x21d0  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
11:18:14.0046 0x21d0  SSDPSRV - ok
11:18:14.0109 0x21d0  [ A9573045BAA16EAB9B1085205B82F1ED, 6A4D68BCD4968C17451EB1C4AB420FFA844D089845520D222BC4A2BD14583C56 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
11:18:14.0109 0x21d0  StillCam - ok
11:18:14.0187 0x21d0  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
11:18:14.0203 0x21d0  stisvc - ok
11:18:14.0250 0x21d0  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
11:18:14.0250 0x21d0  streamip - ok
11:18:14.0250 0x21d0  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
11:18:14.0265 0x21d0  swenum - ok
11:18:14.0296 0x21d0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
11:18:14.0296 0x21d0  swmidi - ok
11:18:14.0312 0x21d0  SwPrv - ok
11:18:14.0312 0x21d0  symc810 - ok
11:18:14.0328 0x21d0  symc8xx - ok
11:18:14.0343 0x21d0  sym_hi - ok
11:18:14.0343 0x21d0  sym_u3 - ok
11:18:14.0375 0x21d0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
11:18:14.0375 0x21d0  sysaudio - ok
11:18:14.0390 0x21d0  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
11:18:14.0406 0x21d0  SysmonLog - ok
11:18:14.0437 0x21d0  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
11:18:14.0453 0x21d0  TapiSrv - ok
11:18:14.0515 0x21d0  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:18:14.0546 0x21d0  Tcpip - ok
11:18:14.0578 0x21d0  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
11:18:14.0578 0x21d0  TDPIPE - ok
11:18:14.0609 0x21d0  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
11:18:14.0609 0x21d0  TDTCP - ok
11:18:14.0640 0x21d0  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
11:18:14.0640 0x21d0  TermDD - ok
11:18:14.0703 0x21d0  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
11:18:14.0703 0x21d0  TermService - ok
11:18:14.0734 0x21d0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
11:18:14.0734 0x21d0  Themes - ok
11:18:14.0781 0x21d0  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
11:18:14.0781 0x21d0  TlntSvr - ok
11:18:14.0828 0x21d0  [ 7ABAC64FF22AFF5C407A20F742EADE03, 60E2EFBCA4E54CB657DCA2B409375C54A5B8CEEE7A41C973B6E003F20D5FEB45 ] tmactmon        C:\WINDOWS\system32\DRIVERS\tmactmon.sys
11:18:14.0828 0x21d0  tmactmon - ok
11:18:14.0906 0x21d0  [ D726A6C73C6C0C0AD0482DAD4EC767E3, 1D2A579CB4D6D9C2155F03EA332C217FA53842D4A39FB6285EC34464FED9E872 ] tmcomm          C:\WINDOWS\system32\DRIVERS\tmcomm.sys
11:18:14.0906 0x21d0  tmcomm - ok
11:18:14.0953 0x21d0  [ 35D33B2E928DFEBB175E599BC1F9CE7F, 7545E1D273F371BF691BDD9038AA3D364C19D52881485297C8A0E40B3E523FD9 ] TMEBC           C:\WINDOWS\system32\DRIVERS\TMEBC32.sys
11:18:14.0953 0x21d0  TMEBC - ok
11:18:15.0031 0x21d0  [ 02DE2A9D06CAD95EF5F0BBAA70A26755, 9D267738E2D5ADF49091059218074B1A56FA9F14D1AD7F57482C049A4A295409 ] tmeext          C:\WINDOWS\system32\DRIVERS\tmeext.sys
11:18:15.0031 0x21d0  tmeext - ok
11:18:15.0046 0x21d0  [ 3807851E763D9B8472174B5D82384EF5, 21EDD62DB05BC70013EE7BB570768420A3B463D475DE39217052C977078A830E ] tmevtmgr        C:\WINDOWS\system32\DRIVERS\tmevtmgr.sys
11:18:15.0046 0x21d0  tmevtmgr - ok
11:18:15.0078 0x21d0  [ 1D27CB331BB29BF1F18E4DE677D6C922, F3DE760955932915C041A42BEBFD643B4541FF663049C4DEF7C87A19C77CEE01 ] tmnciesc        C:\WINDOWS\system32\DRIVERS\tmnciesc.sys
11:18:15.0093 0x21d0  tmnciesc - ok
11:18:15.0109 0x21d0  [ 43C1B7C778B296D492AF6D2ABB2ECF7F, A816762F35A30140E5E8952AFFC4D58903A7CA1BA940542AF98329A1F957C2F7 ] tmtdi           C:\WINDOWS\system32\DRIVERS\tmtdi.sys
11:18:15.0109 0x21d0  tmtdi - ok
11:18:15.0125 0x21d0  TosIde - ok
11:18:15.0156 0x21d0  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
11:18:15.0171 0x21d0  TrkWks - ok
11:18:15.0187 0x21d0  [ 8F861EDA21C05857EB8197300A92501C, 374FF9464F273610A051B9220C8D20F01FD4DD029095A7BE37244E20C5C8B5BB ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys
11:18:15.0187 0x21d0  tunmp - ok
11:18:15.0218 0x21d0  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
11:18:15.0218 0x21d0  Udfs - ok
11:18:15.0234 0x21d0  ultra - ok
11:18:15.0296 0x21d0  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
11:18:15.0343 0x21d0  Update - ok
11:18:15.0390 0x21d0  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:18:15.0406 0x21d0  upnphost - ok
11:18:15.0421 0x21d0  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
11:18:15.0437 0x21d0  UPS - ok
11:18:15.0468 0x21d0  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
11:18:15.0468 0x21d0  usbaudio - ok
11:18:15.0500 0x21d0  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
11:18:15.0500 0x21d0  usbccgp - ok
11:18:15.0531 0x21d0  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
11:18:15.0531 0x21d0  usbehci - ok
11:18:15.0578 0x21d0  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
11:18:15.0578 0x21d0  usbhub - ok
11:18:15.0640 0x21d0  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
11:18:15.0640 0x21d0  usbprint - ok
11:18:15.0671 0x21d0  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
11:18:15.0671 0x21d0  usbscan - ok
11:18:15.0718 0x21d0  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
11:18:15.0718 0x21d0  USBSTOR - ok
11:18:15.0781 0x21d0  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
11:18:15.0781 0x21d0  usbuhci - ok
11:18:15.0812 0x21d0  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
11:18:15.0812 0x21d0  usbvideo - ok
11:18:15.0828 0x21d0  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
11:18:15.0828 0x21d0  VgaSave - ok
11:18:15.0843 0x21d0  ViaIde - ok
11:18:15.0875 0x21d0  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
11:18:15.0875 0x21d0  VolSnap - ok
11:18:15.0921 0x21d0  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
11:18:15.0937 0x21d0  VSS - ok
11:18:15.0984 0x21d0  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
11:18:16.0000 0x21d0  W32Time - ok
11:18:16.0031 0x21d0  [ DB3C22745C0DA4666F3BE31F1AF36B2F, 2FE9A0F157AF9FB3CA03B8D4E706213E63E388206A8C04EF4A84E0D7A364A3A6 ] W3SVC           C:\WINDOWS\system32\inetsrv\inetinfo.exe
11:18:16.0031 0x21d0  W3SVC - ok
11:18:16.0046 0x21d0  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
11:18:16.0046 0x21d0  Wanarp - ok
11:18:16.0062 0x21d0  WDICA - ok
11:18:16.0093 0x21d0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
11:18:16.0093 0x21d0  wdmaud - ok
11:18:16.0156 0x21d0  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
11:18:16.0156 0x21d0  WebClient - ok
11:18:16.0265 0x21d0  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
11:18:16.0281 0x21d0  winmgmt - ok
11:18:16.0375 0x21d0  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
11:18:16.0437 0x21d0  WinRM - ok
11:18:16.0484 0x21d0  [ 051B1BDECD6DEE18C771B5D5EC7F044D, E9D4870C7E4E6119B274CF788D564BE9C48EA63790F5D6A2E987EB6DF7C93200 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
11:18:16.0484 0x21d0  WmdmPmSN - ok
11:18:16.0546 0x21d0  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
11:18:16.0578 0x21d0  Wmi - ok
11:18:16.0625 0x21d0  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
11:18:16.0625 0x21d0  WmiApSrv - ok
11:18:16.0734 0x21d0  [ 6BAB4DC65515A098505F8B3D01FB6FE5, 52AA14777920753A8AF76072216A266F5D0036F112F671E7104E1F4C04AE499E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
11:18:16.0781 0x21d0  WMPNetworkSvc - ok
11:18:16.0859 0x21d0  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
11:18:16.0890 0x21d0  WPFFontCache_v0400 - ok
11:18:16.0937 0x21d0  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
11:18:16.0953 0x21d0  wscsvc - ok
11:18:16.0953 0x21d0  WSearch - ok
11:18:17.0015 0x21d0  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
11:18:17.0015 0x21d0  WSTCODEC - ok
11:18:17.0062 0x21d0  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
11:18:17.0062 0x21d0  wuauserv - ok
11:18:17.0093 0x21d0  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
11:18:17.0109 0x21d0  WudfPf - ok
11:18:17.0125 0x21d0  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
11:18:17.0140 0x21d0  WudfRd - ok
11:18:17.0156 0x21d0  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
11:18:17.0156 0x21d0  WudfSvc - ok
11:18:17.0218 0x21d0  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
11:18:17.0250 0x21d0  WZCSVC - ok
11:18:17.0296 0x21d0  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
11:18:17.0296 0x21d0  xmlprov - ok
11:18:17.0312 0x21d0  ================ Scan global ===============================
11:18:17.0359 0x21d0  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
11:18:17.0406 0x21d0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
11:18:17.0437 0x21d0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
11:18:17.0484 0x21d0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
11:18:17.0484 0x21d0  [ Global ] - ok
11:18:17.0484 0x21d0  ================ Scan MBR ==================================
11:18:17.0500 0x21d0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
11:18:17.0671 0x21d0  \Device\Harddisk0\DR0 - ok
11:18:17.0687 0x21d0  ================ Scan VBR ==================================
11:18:17.0687 0x21d0  [ 8DDE09DF59534F1B1CAF4EE41EE64487 ] \Device\Harddisk0\DR0\Partition1
11:18:17.0687 0x21d0  \Device\Harddisk0\DR0\Partition1 - ok
11:18:17.0687 0x21d0  Waiting for KSN requests completion. In queue: 201
11:18:18.0687 0x21d0  Waiting for KSN requests completion. In queue: 201
11:18:19.0687 0x21d0  Waiting for KSN requests completion. In queue: 201
11:18:20.0781 0x21d0  AV detected via SS1: Trend Micro Titanium Internet Security, 3.0, enabled, updated
11:18:20.0843 0x21d0  Win FW state via NFM: enabled
11:18:23.0343 0x21d0  ============================================================
11:18:23.0343 0x21d0  Scan finished
11:18:23.0343 0x21d0  ============================================================
11:18:23.0343 0x2540  Detected object count: 0
11:18:23.0343 0x2540  Actual detected object count: 0
11:22:58.0687 0x25d4  Deinitialize success
 

 

# AdwCleaner v3.020 - Report created 03/03/2014 at 11:44:14
# Updated 27/02/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Dan - dan-back-up-sys
# Running from : C:\Documents and Settings\Dan\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Ask
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\OApps
Folder Deleted : C:\WINDOWS\system32\AI_RecycleBin
Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\PackageAware
Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\visi_coupon
[!] Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\heoldelcflnigdllmlopiefhkkobendj
[!] Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[!] Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej
[!] Folder Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej
File Deleted : C:\alotserviceruntime.log
File Deleted : C:\END
File Deleted : C:\DOCUME~1\Dan\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\heoldelcflnigdllmlopiefhkkobendj
Key Deleted : HKCU\Software\Google\Chrome\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{090ACFA1-1580-11D1-8AC0-00C0F00910F9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B4E90801-B83C-11D0-8B40-00C0F00AE35A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{44ED99E2-16A6-4B89-80D6-5B21CF42E78B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449B-83DA-872725C6D0ED}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DynConIE
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v33.0.1750.117

[ File : C:\Documents and Settings\Dan\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [12525 octets] - [03/03/2014 11:25:27]
AdwCleaner[S0].txt - [12553 octets] - [03/03/2014 11:44:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12614 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Microsoft Windows XP x86
Ran by Dan on Mon 03/03/2014 at 13:46:04.51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{1D45B3F3-3CC0-4818-9251-A5649F94B38F}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D6F7C158-26C0-4E8A-A1F0-8FFCB2524FAF}

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Dan\Local Settings\Application Data\cre"
Successfully deleted: [Folder] "C:\Program Files\coupons"

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/03/2014 at 13:51:52.93
Computer was rebooted

 

 

C:\AdwCleaner\Quarantine\C\Documents and Settings\Dan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej\10.26.7.519_0\APISupport\APISupport.dll.vir a variant of Win32/Toolbar.Conduit.Z potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Documents and Settings\Dan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\afbcibndhffhhbokgpbpecjmejjcgcej\10.26.9.505_0\APISupport\APISupport.dll.vir a variant of Win32/Toolbar.Conduit.Z potentially unwanted application deleted - quarantined
C:\Documents and Settings\Dan\Desktop\ReimageRepair.exe Win32/Toolbar.Babylon.T potentially unwanted application deleted - quarantined
C:\Documents and Settings\Dan\My Documents\Downloads\Setup.exe Win32/ExFriendAlert.A potentially unwanted application deleted - quarantined
 

End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:40 PM

Posted 03 March 2014 - 10:31 PM

Good, tell me how it is after running ... Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 Danstang

Danstang
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:40 PM

Posted 04 March 2014 - 11:38 PM

Boopme;

 

Thanks for your help so far! Please give me at least until this weekend to run your next solution. 

 

Thank you!



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:40 PM

Posted 05 March 2014 - 10:53 AM

Take your time.. there's no rush... we all volunteer so we know about having other things to do. :)
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users