Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AVG couldn't kill 3 infections - Virus or Malware?


  • Please log in to reply
10 replies to this topic

#1 Piumartian

Piumartian

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast
  • Local time:05:17 AM

Posted 23 March 2014 - 11:37 AM

An old friend came over last night with his Compaq laptop, running Vista 32bit, and begged for help.  While browsing, he saw a Norton popup saying he had to update Norton, and clicked it.  Next was a steady stream of popups with requests to update everything from Java to Video Codecs, etc.  He click a few before realizing that this must be a virus.  So,,,he hands me the laptop and says Help.   I downloaded MBAM from my personal notebook, and installed on his.  Mbam showed nothing.  Nada.  So then I downloaded AVG free and that found over 100 infections, and AVG handled all but 3.   Those were
NtMapViewOfSectionHook
NtCreateThreadEx hook
NtAlpcConnectPort hook
 
He was running Norton Security Suite,  Which I disabled to run AVG
He was using Firefox , I now installed chrome.  Still getting redirects with most mouse clicks in  the browser.
Happens in IE, Firefox and Chrome.
 
Trying to help out a friend.  Can Bleeping Computer help me help him?

Edit: Moved topic from Anti-Virus and Anti-Malware Software to the more appropriate forum.~ Animal

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:17 AM

Posted 24 March 2014 - 02:41 PM

Hello and welcome. lets look at these logs as you do have a rootkit.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Piumartian

Piumartian
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast
  • Local time:05:17 AM

Posted 06 April 2014 - 02:12 PM

Hello "To Insanity..."

Took a while to work these into my evenings, so thanks for the patience.

I think you're asking me to post the results of each scan into individual posts, so here goes:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Steve (administrator) on 04-04-2014 at 09:38:01
Running from "C:\Users\Steve\Desktop"
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is enabled.
ProxyServer: http=http://127.0.0.1:9880
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
::1             localhost
216.239.32.20 google.com www.google.com
216.239.32.20 google.com www.google.ad
216.239.32.20 google.com www.google.ae
216.239.32.20 google.com www.google.com.af
216.239.32.20 google.com www.google.com.ag
216.239.32.20 google.com www.google.com.ai
216.239.32.20 google.com www.google.al
216.239.32.20 google.com www.google.am
216.239.32.20 google.com www.google.co.ao
216.239.32.20 google.com www.google.com.ar 
216.239.32.20 google.com www.google.as 
216.239.32.20 google.com www.google.at 
216.239.32.20 google.com www.google.com.au
216.239.32.20 google.com www.google.az 
216.239.32.20 google.com www.google.ba 
216.239.32.20 google.com www.google.com.bd 
216.239.32.20 google.com www.google.be 
216.239.32.20 google.com www.google.bf 
216.239.32.20 google.com www.google.bg 
216.239.32.20 google.com www.google.com.bh 
216.239.32.20 google.com www.google.bi 
216.239.32.20 google.com www.google.bj 
216.239.32.20 google.com www.google.com.bn 
216.239.32.20 google.com www.google.com.bo 
216.239.32.20 google.com www.google.com.br 
216.239.32.20 google.com www.google.bs 
216.239.32.20 google.com www.google.bt 
216.239.32.20 google.com www.google.co.bw 
216.239.32.20 google.com www.google.by 
216.239.32.20 google.com www.google.com.bz 
216.239.32.20 google.com www.google.ca 
216.239.32.20 google.com www.google.cd 
216.239.32.20 google.com www.google.cf 
216.239.32.20 google.com www.google.cg 
216.239.32.20 google.com www.google.ch 
216.239.32.20 google.com www.google.ci 
216.239.32.20 google.com www.google.co.ck 
216.239.32.20 google.com www.google.cl 
216.239.32.20 google.com www.google.cm 
216.239.32.20 google.com www.google.cn 
216.239.32.20 google.com www.google.com.co 
216.239.32.20 google.com www.google.co.cr 
216.239.32.20 google.com www.google.com.cu 
216.239.32.20 google.com www.google.cv 
216.239.32.20 google.com www.google.com.cy 
216.239.32.20 google.com www.google.cz 
216.239.32.20 google.com www.google.de 
216.239.32.20 google.com www.google.dj 
216.239.32.20 google.com www.google.dk 
216.239.32.20 google.com www.google.dm 
216.239.32.20 google.com www.google.com.do 
216.239.32.20 google.com www.google.dz 
216.239.32.20 google.com www.google.com.ec 
216.239.32.20 google.com www.google.ee 
216.239.32.20 google.com www.google.com.eg 
216.239.32.20 google.com www.google.es 
216.239.32.20 google.com www.google.com.et 
216.239.32.20 google.com www.google.fi 
216.239.32.20 google.com www.google.com.fj 
216.239.32.20 google.com www.google.fm 
216.239.32.20 google.com www.google.fr 
216.239.32.20 google.com www.google.ga 
216.239.32.20 google.com www.google.ge 
216.239.32.20 google.com www.google.gg 
216.239.32.20 google.com www.google.com.gh 
216.239.32.20 google.com www.google.com.gi 
216.239.32.20 google.com www.google.gl 
216.239.32.20 google.com www.google.gm 
216.239.32.20 google.com www.google.gp
216.239.32.20 google.com www.google.gr
216.239.32.20 google.com www.google.com.gt
216.239.32.20 google.com www.google.gy 
216.239.32.20 google.com www.google.com.hk 
216.239.32.20 google.com www.google.hn 
216.239.32.20 google.com www.google.hr 
216.239.32.20 google.com www.google.ht 
216.239.32.20 google.com www.google.hu 
216.239.32.20 google.com www.google.co.id 
216.239.32.20 google.com www.google.ie 
216.239.32.20 google.com www.google.co.il 
216.239.32.20 google.com www.google.im 
216.239.32.20 google.com www.google.co.in 
216.239.32.20 google.com www.google.iq 
216.239.32.20 google.com www.google.is 
216.239.32.20 google.com www.google.it 
216.239.32.20 google.com www.google.je 
216.239.32.20 google.com www.google.com.jm 
216.239.32.20 google.com www.google.jo 
216.239.32.20 google.com www.google.co.jp 
216.239.32.20 google.com www.google.co.ke 
216.239.32.20 google.com www.google.com.kh 
216.239.32.20 google.com www.google.ki 
216.239.32.20 google.com www.google.kg 
216.239.32.20 google.com www.google.co.kr 
216.239.32.20 google.com www.google.com.kw 
216.239.32.20 google.com www.google.kz 
216.239.32.20 google.com www.google.la 
216.239.32.20 google.com www.google.com.lb 
216.239.32.20 google.com www.google.li 
216.239.32.20 google.com www.google.lk 
216.239.32.20 google.com www.google.co.ls 
216.239.32.20 google.com www.google.lt 
216.239.32.20 google.com www.google.lu 
216.239.32.20 google.com www.google.lv 
216.239.32.20 google.com www.google.com.ly 
216.239.32.20 google.com www.google.co.ma 
216.239.32.20 google.com www.google.md 
216.239.32.20 google.com www.google.me 
216.239.32.20 google.com www.google.mg 
216.239.32.20 google.com www.google.mk 
216.239.32.20 google.com www.google.ml 
216.239.32.20 google.com www.google.com.mm 
216.239.32.20 google.com www.google.mn 
216.239.32.20 google.com www.google.ms 
216.239.32.20 google.com www.google.com.mt 
216.239.32.20 google.com www.google.mu 
216.239.32.20 google.com www.google.mv 
216.239.32.20 google.com www.google.mw 
216.239.32.20 google.com www.google.com.mx 
216.239.32.20 google.com www.google.com.my 
216.239.32.20 google.com www.google.co.mz 
216.239.32.20 google.com www.google.com.na 
216.239.32.20 google.com www.google.com.nf 
216.239.32.20 google.com www.google.com.ng 
216.239.32.20 google.com www.google.com.ni 
216.239.32.20 google.com www.google.ne 
216.239.32.20 google.com www.google.nl 
216.239.32.20 google.com www.google.no 
216.239.32.20 google.com www.google.com.np 
216.239.32.20 google.com www.google.nr 
216.239.32.20 google.com www.google.nu 
216.239.32.20 google.com www.google.co.nz
216.239.32.20 google.com www.google.com.om
216.239.32.20 google.com www.google.com.pa
216.239.32.20 google.com www.google.com.pe
216.239.32.20 google.com www.google.com.pg
216.239.32.20 google.com www.google.com.ph 
216.239.32.20 google.com www.google.com.pk
216.239.32.20 google.com www.google.pl
216.239.32.20 google.com www.google.pn
216.239.32.20 google.com www.google.com.pr
216.239.32.20 google.com www.google.ps
216.239.32.20 google.com www.google.pt
216.239.32.20 google.com www.google.com.py 
216.239.32.20 google.com www.google.com.qa
216.239.32.20 google.com www.google.ro
216.239.32.20 google.com www.google.ru
216.239.32.20 google.com www.google.rw 
216.239.32.20 google.com www.google.com.sa
216.239.32.20 google.com www.google.com.sb
216.239.32.20 google.com www.google.sc
216.239.32.20 google.com www.google.se 
216.239.32.20 google.com www.google.com.sg
216.239.32.20 google.com www.google.sh
216.239.32.20 google.com www.google.si
216.239.32.20 google.com www.google.sk
216.239.32.20 google.com www.google.com.sl
216.239.32.20 google.com www.google.sn
216.239.32.20 google.com www.google.so
216.239.32.20 google.com www.google.sm
216.239.32.20 google.com www.google.st 
216.239.32.20 google.com www.google.com.sv
216.239.32.20 google.com www.google.td 
216.239.32.20 google.com www.google.tg
216.239.32.20 google.com www.google.co.th 
216.239.32.20 google.com www.google.com.tj 
216.239.32.20 google.com www.google.tk 
216.239.32.20 google.com www.google.tl
216.239.32.20 google.com www.google.tm
216.239.32.20 google.com www.google.tn
216.239.32.20 google.com www.google.to 
216.239.32.20 google.com www.google.com.tr 
216.239.32.20 google.com www.google.tt
216.239.32.20 google.com www.google.com.tw
216.239.32.20 google.com www.google.co.tz
216.239.32.20 google.com www.google.com.ua 
216.239.32.20 google.com www.google.co.ug 
216.239.32.20 google.com www.google.co.uk 
216.239.32.20 google.com www.google.com.uy 
216.239.32.20 google.com www.google.co.uz 
216.239.32.20 google.com www.google.com.vc 
216.239.32.20 google.com www.google.co.ve 
216.239.32.20 google.com www.google.vg
216.239.32.20 google.com www.google.co.vi
216.239.32.20 google.com www.google.com.vn
216.239.32.20 google.com www.google.vu 
216.239.32.20 google.com www.google.ws
216.239.32.20 google.com www.google.rs 
216.239.32.20 google.com www.google.co.za 
216.239.32.20 google.com www.google.co.zm 
216.239.32.20 google.com www.google.co.zw
216.239.32.20 google.com www.google.cat 
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0) = Local Area Connection (Media disconnected)
Atheros AR5007 802.11b/g WiFi Adapter = Wireless Network Connection (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Steve-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net.
   Description . . . . . . . . . . . : Atheros AR5007 802.11b/g WiFi Adapter
   Physical Address. . . . . . . . . : 00-23-4E-5C-F0-70
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.ca.comcast.net.
   Description . . . . . . . . . . . : Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
   Physical Address. . . . . . . . . : 00-1F-16-5F-64-14
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 7:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : isatap.hsd1.ca.comcast.net.
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 12:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 02-00-54-55-4E-01
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 13:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 14:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 15:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Local Area Connection* 16:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : 6TO4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host google.com. Please check the name and try again.Server:  UnKnown
Address:  127.0.0.1
 
Ping request could not find host yahoo.com. Please check the name and try again.Pinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
 11 ...00 23 4e 5c f0 70 ...... Atheros AR5007 802.11b/g WiFi Adapter
 10 ...00 1f 16 5f 64 14 ...... Realtek RTL8102E Family PCI-E Fast Ethernet NIC (NDIS 6.0)
  1 ........................... Software Loopback Interface 1
 18 ...00 00 00 00 00 00 00 e0  isatap.hsd1.ca.comcast.net.
 12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
 14 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 15 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 16 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
 17 ...00 00 00 00 00 00 00 e0  6TO4 Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
  1    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [19968] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [223232] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (04/04/2014 09:32:46 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/04/2014 09:32:12 AM) (Source: ConvertFilesforFree) (User: )
Description: Can't download info about new versions from: http://www.convertfilesforfree.com/w/updater/u.php?timestamp=1396629130&app_id=98370AB0A01942C9AC40FEDFD1DA2C06&version=7.12&updaterVersion=1.0.4&channel=Ironcore3, to local path: C:\Windows\TEMP\ConvertFilesforFreeUpdt_update.txt
 
Error: (04/04/2014 09:32:12 AM) (Source: ConvertFilesforFree) (User: )
Description: Send failed, code: 12029
 
Error: (04/04/2014 09:32:10 AM) (Source: ConvertFilesforFree) (User: )
Description: Send failed, code: 12007
 
Error: (04/04/2014 09:32:10 AM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a value of the remote_log registry value, code: 2
 
Error: (04/04/2014 09:32:10 AM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a buffer size for the remote_log registry value, code: 2
 
Error: (04/04/2014 09:32:10 AM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a value of the remote_log registry value, code: 2
 
Error: (04/04/2014 09:32:10 AM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a buffer size for the remote_log registry value, code: 2
 
Error: (04/01/2014 07:13:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (04/01/2014 07:13:15 PM) (Source: ConvertFilesforFree) (User: )
Description: Can't query a value of the remote_log registry value, code: 2
 
 
System errors:
=============
Error: (04/04/2014 09:34:39 AM) (Source: Service Control Manager) (User: )
Description: WinRST
 
Error: (04/04/2014 09:34:39 AM) (Source: Service Control Manager) (User: )
Description: PirritUpdater
 
Error: (04/04/2014 09:34:38 AM) (Source: Service Control Manager) (User: )
Description: PirritDesktop
 
Error: (04/04/2014 09:32:46 AM) (Source: Service Control Manager) (User: )
Description: 30000Optimizer Pro Crash Monitor
 
Error: (04/04/2014 09:32:46 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
 
Error: (04/01/2014 07:20:46 PM) (Source: Service Control Manager) (User: )
Description: Windows Update
 
Error: (04/01/2014 07:15:13 PM) (Source: Service Control Manager) (User: )
Description: WinRST
 
Error: (04/01/2014 07:15:13 PM) (Source: Service Control Manager) (User: )
Description: PirritUpdater
 
Error: (04/01/2014 07:15:13 PM) (Source: Service Control Manager) (User: )
Description: PirritDesktop
 
Error: (04/01/2014 07:13:47 PM) (Source: Service Control Manager) (User: )
Description: 30000Optimizer Pro Crash Monitor
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-03-22 21:43:26.262
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:43:25.463
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:43:24.676
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:43:23.956
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:43:23.226
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:43:22.495
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.18000_none_b31e1252666640f6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:41:00.972
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:41:00.223
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:40:59.487
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-03-22 21:40:58.738
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\x86_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_b39feb737f8937a0\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer (Version: 7.1.8)
Acrobat.com (Version: 0.0.0)
Acrobat.com (Version: 1.1.377)
Activation Assistant for the 2007 Microsoft Office suites
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 1.0.4990)
Adobe AIR (Version: 1.0.8.4990)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Reader 9.4.3 (Version: 9.4.3)
Adobe Shockwave Player (Version: 11.0)
AnswerWorks 5.0 English Runtime (Version: 008.000.0003)
Ask Shopping Toolbar (Version: 12.10.3.24)
Atheros Driver Installation Program (Version: 9.0)
AVG 2014 (Version: 14.0.3722)
AVG 2014 (Version: 14.0.4336)
AVG 2014 (Version: 2014.0.4336)
BufferChm (Version: 130.0.331.000)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Comcast High-Speed Internet Install Wizard
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant HD Audio (Version: 4.58.0.0)
Convert Files for Free (Version: 7.12)
Copy (Version: 130.0.366.000)
CyberLink DVD Suite (Version: 6.0.2203)
D3DX10 (Version: 15.4.2368.0902)
DesktopWeatherAlerts (Version: 1.0.13.0)
Destinations (Version: 130.0.0.0)
DeviceDiscovery (Version: 130.0.372.000)
DJ_AIO_05_F4400_Software_Min (Version: 130.0.448.000)
DriverUpdate (Version: 2.2.35415)
ESU for Microsoft Vista (Version: 1.0.0)
Extended Update
F4400 (Version: 130.0.448.000)
Google Chrome (Version: 33.0.1750.154)
Google Earth Plug-in (Version: 7.1.2.2041)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4805.320)
Google Update Helper (Version: 1.3.22.5)
GPBaseService2 (Version: 130.0.371.000)
HDAUDIO Soft Data Fax Modem with SmartCP
HP Active Support Library (Version: 3.1.9.1)
HP Customer Experience Enhancements (Version: 5.7.0.2664)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F4400 Printer Driver Software 13.0 Rel .5 (Version: 13.0)
HP Doc Viewer (Version: 1.03.0001)
HP DVD Play 3.7 (Version: 3.7.0.5723)
HP Help and Support (Version: 2.1.1.0)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Print Projects 1.0 (Version: 1.0)
HP Quick Launch Buttons 6.40 H2 (Version: 6.40 H2)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Total Care Advisor (Version: 2.4.4941.2798)
HP Update (Version: 5.005.000.002)
HP User Guides 0118 (Version: 1.00.0000)
HP Wireless Assistant (Version: 3.00 K2)
HPAsset component for HP Active Support Library (Version: 3.0.2.2)
HPNetworkAssistant (Version: 1.1.70)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPTCSSetup (Version: 1.1.1963.2799)
hpWLPGInstaller (Version: 130.0.303.000)
Iminent Toolbar on IE and Chrome (Version: 1.8.28.3)
Intel® Graphics Media Accelerator Driver
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 7 (Version: 1.6.0.70)
Java™ 7 (Version: 7.0.0)
Junk Mail filter update (Version: 15.4.3502.0922)
Juno Preloader (Version: 1.0.0)
LabelPrint (Version: 2.5.0926)
LPT System Updater Service (Version: 1.0.0.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 130.0.374.000)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Live Search Toolbar (Version: 3.0.541.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Move Media Player
Mozilla Firefox 27.0.1 (x86 en-US) (Version: 27.0.1)
Mozilla Maintenance Service (Version: 27.0.1)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
My HP Games (Version: 1.0.0.62)
Mysearchdial
NetWaiting (Version: 2.5.52)
NetZero Preloader (Version: 1.0.0)
Norton Security Suite (Version: 21.1.0.18)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0)
Optimizer Pro v3.2
PlurPush (Version: 2014.02.26.051729)
Plus-HD-7.7 (Version: 1.34.1.29)
Power2Go (Version: 6.0.2202)
PowerDirector (Version: 7.0.2201)
PrimoPDF (Version: 4.1.0.9)
Quiknowledge (Version: 1.9.0.1)
Realtek 8169 8168 8101E 8102E Ethernet Driver (Version: 1.00.0000)
SaveSense (Version: 6.4.0.0)
Scan (Version: 13.0.0.0)
Search Protect (Version: 2.10.30.15)
Segoe UI (Version: 15.4.2271.0615)
Shopping Helper Smartbar (Version: 10.215.63.15249)
Shopping Helper Smartbar Engine (Version: 10.215.63.15249)
SmartWebPrinting (Version: 130.0.373.000)
SolutionCenter (Version: 130.0.373.000)
SPORE Creature Creator Trial Edition (Version: 1.00.0000)
Status (Version: 130.0.373.000)
Synaptics Pointing Device Driver (Version: 11.1.3.0)
Toolbox (Version: 130.0.648.000)
Tperffecatcouupon
TrayApp (Version: 130.0.376.000)
TurboTax 2008
TurboTax 2008 wcaiper (Version: 008.000.0141)
TurboTax 2008 WinPerFedFormset (Version: 008.000.0338)
TurboTax 2008 WinPerProgramHelp (Version: 008.000.0218)
TurboTax 2008 WinPerReleaseEngine (Version: 008.000.0190)
TurboTax 2008 WinPerTaxSupport (Version: 008.000.1000)
TurboTax 2008 WinPerUserEducation (Version: 008.000.0428)
TurboTax 2008 wrapper (Version: 008.000.0065)
TurboTax 2009
TurboTax 2009 wcaiper (Version: 009.000.0862)
TurboTax 2009 WinPerFedFormset (Version: 009.000.2163)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0328)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0238)
TurboTax 2009 wrapper (Version: 009.000.0145)
TurboTax 2010
TurboTax 2010 wcaiper (Version: 010.000.1393)
TurboTax 2010 WinPerFedFormset (Version: 010.000.4227)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0483)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0214)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 wcaiper (Version: 011.000.1647)
TurboTax 2011 WinPerFedFormset (Version: 011.000.2999)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0495)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0214)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 wcaiper (Version: 012.000.1430)
TurboTax 2012 WinPerFedFormset (Version: 012.000.2114)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0451)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0179)
TurboTax 2012 wrapper (Version: 012.000.0127)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
View Password
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VO Package (Version: 1.0.0.0)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Family Safety (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3502.0922)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3502.0922)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3502.0922)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Yahoo! Detect
 
**** End of log ****


#4 Piumartian

Piumartian
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast
  • Local time:05:17 AM

Posted 06 April 2014 - 02:14 PM

Here is the TDSSKiller report.

 

09:43:48.0921 0x10d8  TDSS rootkit removing tool 3.0.0.28 Apr  4 2014 12:43:10
09:43:57.0023 0x10d8  ============================================================
09:43:57.0023 0x10d8  Current date / time: 2014/04/04 09:43:57.0023
09:43:57.0023 0x10d8  SystemInfo:
09:43:57.0024 0x10d8  
09:43:57.0024 0x10d8  OS Version: 6.0.6002 ServicePack: 2.0
09:43:57.0024 0x10d8  Product type: Workstation
09:43:57.0024 0x10d8  ComputerName: STEVE-PC
09:43:57.0024 0x10d8  UserName: Steve
09:43:57.0024 0x10d8  Windows directory: C:\Windows
09:43:57.0024 0x10d8  System windows directory: C:\Windows
09:43:57.0024 0x10d8  Processor architecture: Intel x86
09:43:57.0025 0x10d8  Number of processors: 2
09:43:57.0025 0x10d8  Page size: 0x1000
09:43:57.0025 0x10d8  Boot type: Normal boot
09:43:57.0025 0x10d8  ============================================================
09:44:02.0466 0x10d8  KLMD registered as C:\Windows\system32\drivers\78972008.sys
09:44:02.0908 0x10d8  System UUID: {E76C787C-56BD-6687-9681-B8DEFA854C20}
09:44:03.0962 0x10d8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:44:03.0968 0x10d8  Drive \Device\Harddisk1\DR2 - Size: 0x3C200000 (0.94 Gb), SectorSize: 0x200, Cylinders: 0x7A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
09:44:03.0970 0x10d8  ============================================================
09:44:03.0970 0x10d8  \Device\Harddisk0\DR0:
09:44:03.0970 0x10d8  MBR partitions:
09:44:03.0970 0x10d8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1BD147C1
09:44:03.0970 0x10d8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1BD14800, BlocksNum 0x14AF800
09:44:03.0970 0x10d8  \Device\Harddisk1\DR2:
09:44:03.0971 0x10d8  MBR partitions:
09:44:03.0971 0x10d8  \Device\Harddisk1\DR2\Partition1: MBR, Type 0x6, StartLBA 0x1F80, BlocksNum 0x1DF080
09:44:03.0971 0x10d8  ============================================================
09:44:04.0000 0x10d8  C: <-> \Device\Harddisk0\DR0\Partition1
09:44:04.0164 0x10d8  D: <-> \Device\Harddisk0\DR0\Partition2
09:44:04.0164 0x10d8  ============================================================
09:44:04.0164 0x10d8  Initialize success
09:44:04.0164 0x10d8  ============================================================
09:44:10.0541 0x0ec0  ============================================================
09:44:10.0541 0x0ec0  Scan started
09:44:10.0541 0x0ec0  Mode: Manual; 
09:44:10.0541 0x0ec0  ============================================================
09:44:10.0541 0x0ec0  KSN ping started
09:44:10.0589 0x0ec0  KSN ping finished: false
09:44:11.0701 0x0ec0  ================ Scan system memory ========================
09:44:11.0701 0x0ec0  System memory - ok
09:44:11.0702 0x0ec0  ================ Scan services =============================
09:44:12.0483 0x0ec0  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
09:44:12.0498 0x0ec0  ACPI - ok
09:44:12.0753 0x0ec0  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:44:12.0772 0x0ec0  AdobeFlashPlayerUpdateSvc - ok
09:44:12.0894 0x0ec0  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:44:12.0983 0x0ec0  adp94xx - ok
09:44:13.0014 0x0ec0  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:44:13.0034 0x0ec0  adpahci - ok
09:44:13.0072 0x0ec0  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
09:44:13.0080 0x0ec0  adpu160m - ok
09:44:13.0100 0x0ec0  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:44:13.0113 0x0ec0  adpu320 - ok
09:44:13.0227 0x0ec0  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:44:13.0230 0x0ec0  AeLookupSvc - ok
09:44:13.0410 0x0ec0  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys
09:44:13.0566 0x0ec0  AFD - ok
09:44:13.0859 0x0ec0  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys
09:44:13.0865 0x0ec0  agp440 - ok
09:44:13.0900 0x0ec0  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:44:13.0911 0x0ec0  aic78xx - ok
09:44:14.0116 0x0ec0  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
09:44:14.0140 0x0ec0  ALG - ok
09:44:14.0231 0x0ec0  [ 3D76FDA1A10ACC3DC84728F55C29B6D4, E6D0FF73C7041C4F889269B91EEF3BB35467691B6EAA244F3C2AC2F65EA23C72 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:44:14.0282 0x0ec0  aliide - ok
09:44:14.0430 0x0ec0  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:44:14.0436 0x0ec0  amdagp - ok
09:44:14.0447 0x0ec0  [ 5B92E7839F5A1FBC1B39DE67758AD6F8, 2672A666C8A2BADB01792EFFC09FCB295A3EDFFF4A2023C223F1ADBD4A8E77F2 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:44:14.0453 0x0ec0  amdide - ok
09:44:14.0491 0x0ec0  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
09:44:14.0498 0x0ec0  AmdK7 - ok
09:44:14.0528 0x0ec0  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:44:14.0535 0x0ec0  AmdK8 - ok
09:44:15.0055 0x0ec0  [ B342CD9AA44E4AE99E2368EBDBC2E17A, C3081358313A982F53CAD54C214AFECAD9660A59FB4A3DDFE068724E83041AF8 ] APNMCP          C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe
09:44:15.0063 0x0ec0  APNMCP - ok
09:44:15.0244 0x0ec0  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
09:44:15.0247 0x0ec0  Appinfo - ok
09:44:15.0368 0x0ec0  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys
09:44:15.0376 0x0ec0  arc - ok
09:44:15.0458 0x0ec0  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:44:15.0539 0x0ec0  arcsas - ok
09:44:15.0869 0x0ec0  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:44:15.0920 0x0ec0  aspnet_state - ok
09:44:16.0027 0x0ec0  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:44:16.0033 0x0ec0  AsyncMac - ok
09:44:16.0076 0x0ec0  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
09:44:16.0078 0x0ec0  atapi - ok
09:44:16.0434 0x0ec0  [ C8BB2E935A5D195692140E795EA9AC14, 09B6A049E6A45673E43F733C03B1CAAD9C87B040ABE00AABAF3F651CB3D5AFD7 ] athr            C:\Windows\system32\DRIVERS\athr.sys
09:44:16.0576 0x0ec0  athr - ok
09:44:16.0724 0x0ec0  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:44:16.0734 0x0ec0  AudioEndpointBuilder - ok
09:44:16.0757 0x0ec0  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:44:16.0767 0x0ec0  Audiosrv - ok
09:44:16.0871 0x0ec0  [ B4A79941AB02993E43A6C2248CE932FD, 250A4F35CC366FA65A918C9EDDA1E278CA20AC77412EDAD716A2BB1BF07DB7B8 ] Avgdiskx        C:\Windows\system32\DRIVERS\avgdiskx.sys
09:44:16.0958 0x0ec0  Avgdiskx - ok
09:44:17.0776 0x0ec0  [ 45982902C522F1883A2B403844CA9B07, 32BE4F3BC1B6E23469EB8E39057747E16F73168AFA9775D8785F18110BDBC1C7 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
09:44:18.0077 0x0ec0  AVGIDSAgent - ok
09:44:18.0169 0x0ec0  [ 92CA68E3361576420C43FC33C47DECF7, 33C566F5327737CA1EFBFC5369372AED088A103CE18CDD352D10DDF2841A40A2 ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
09:44:18.0278 0x0ec0  AVGIDSDriver - ok
09:44:18.0309 0x0ec0  [ 4D792ED58F49235704E580C34391CFF5, 368B882052B75B6FE147A3EC0873A50FC6A9E96E8298EAA50186FD259FEE5E34 ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
09:44:18.0407 0x0ec0  AVGIDSHX - ok
09:44:18.0465 0x0ec0  [ 18B3FFED808F032E037ED7F54A838053, 488FBA275B7B0B97E4372EA1BDFBB53238B0BF201DF004CC8FCDA82A0A0105DD ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
09:44:18.0483 0x0ec0  AVGIDSShim - ok
09:44:18.0624 0x0ec0  [ 578ECC3D911897B2C5B760EDAF8ED6CA, 99CAACB349C8629D4BE6070BDBFB0BDB4A13ABFFF738F04D723D2AFE7EA58894 ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
09:44:18.0629 0x0ec0  Avgldx86 - ok
09:44:18.0664 0x0ec0  [ BD1A440B9F126AFE52978A44952B0018, 83577249AACC3F0C655C27A471739113B2086BFC1FF15D0ED7E64B0215B739DB ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
09:44:18.0732 0x0ec0  Avglogx - ok
09:44:18.0774 0x0ec0  [ 7DC192EC714342E7C020C7CF42E394D8, 09F4CFFD93067E62B09C550A7A0588E90CAD190E49E1B7082FC5A949AF389781 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
09:44:18.0780 0x0ec0  Avgmfx86 - ok
09:44:18.0817 0x0ec0  [ E6322DF686CE1C59D7797FAEF0732454, 03534F19568B421F9BE9C99A7A5302D38FCABA26E95C49A492DA49E58A918B55 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
09:44:18.0821 0x0ec0  Avgrkx86 - ok
09:44:18.0875 0x0ec0  [ E98603F9D1F412F38ADF2F76053F9E5A, 1CE4668E0202ADD8C4C3D7D883DC837F7888F5D6E3B6FEE8338E15A86FE6AC22 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
09:44:18.0942 0x0ec0  Avgtdix - ok
09:44:19.0002 0x0ec0  [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
09:44:19.0014 0x0ec0  avgwd - ok
09:44:19.0102 0x0ec0  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:44:19.0181 0x0ec0  Beep - ok
09:44:19.0410 0x0ec0  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
09:44:19.0540 0x0ec0  BFE - ok
09:44:20.0301 0x0ec0  [ B7150272AADDCC6F0EFDB8BEF1CD7376, 9FA3E9AD868F48917BDDBEA7E57FED7DCA699DDC751936CD03864D6D01FB2F7A ] BHDrvx86        C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001_4b2\BHDrvx86.sys
09:44:20.0444 0x0ec0  BHDrvx86 - ok
09:44:20.0688 0x0ec0  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll
09:44:20.0727 0x0ec0  BITS - ok
09:44:20.0774 0x0ec0  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
09:44:20.0874 0x0ec0  blbdrive - ok
09:44:20.0914 0x0ec0  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:44:20.0919 0x0ec0  bowser - ok
09:44:21.0025 0x0ec0  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
09:44:21.0029 0x0ec0  BrFiltLo - ok
09:44:21.0076 0x0ec0  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
09:44:21.0080 0x0ec0  BrFiltUp - ok
09:44:21.0113 0x0ec0  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
09:44:21.0118 0x0ec0  Browser - ok
09:44:21.0243 0x0ec0  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
09:44:21.0311 0x0ec0  Brserid - ok
09:44:21.0335 0x0ec0  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
09:44:21.0343 0x0ec0  BrSerWdm - ok
09:44:21.0363 0x0ec0  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
09:44:21.0369 0x0ec0  BrUsbMdm - ok
09:44:21.0391 0x0ec0  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
09:44:21.0396 0x0ec0  BrUsbSer - ok
09:44:21.0473 0x0ec0  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:44:21.0478 0x0ec0  BTHMODEM - ok
09:44:21.0639 0x0ec0  [ 4B555106290BD117334E9A08761C035A, 8A3808FBC197040BF0C65084514E8441E35FFFF8E31980F9CE1F41ED65E08437 ] ca82e1a5        C:\Windows\system32\rundll32.exe
09:44:21.0646 0x0ec0  ca82e1a5 - ok
09:44:22.0218 0x0ec0  [ 56C2811FD0D7B727808A69407B5BFAE0, 5F84A29A9E6D8F566F95399F3B41A82DD128EA69678BBBCF75AD914DE70D9A74 ] ccSet_N360      C:\Windows\system32\drivers\N360\1501000.012\ccSetx86.sys
09:44:22.0224 0x0ec0  ccSet_N360 - ok
09:44:22.0331 0x0ec0  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:44:22.0343 0x0ec0  cdfs - ok
09:44:22.0463 0x0ec0  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
09:44:22.0471 0x0ec0  cdrom - ok
09:44:22.0623 0x0ec0  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
09:44:22.0625 0x0ec0  CertPropSvc - ok
09:44:22.0663 0x0ec0  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:44:22.0669 0x0ec0  circlass - ok
09:44:22.0738 0x0ec0  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
09:44:22.0748 0x0ec0  CLFS - ok
09:44:22.0774 0x0ec0  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:44:22.0780 0x0ec0  clr_optimization_v2.0.50727_32 - ok
09:44:22.0938 0x0ec0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:44:22.0945 0x0ec0  clr_optimization_v4.0.30319_32 - ok
09:44:23.0086 0x0ec0  [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
09:44:23.0089 0x0ec0  CmBatt - ok
09:44:23.0104 0x0ec0  [ D36372A6EA6805EFBE8884D10772313F, 243FCA697FEEBCB1F501C49DF75901C18F9BC301E693AA22EBB43F2B7CA26991 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:44:23.0138 0x0ec0  cmdide - ok
09:44:23.0381 0x0ec0  [ 1ADF6F4852E7D7E2E8AC481BDB970586, B5A89EE8E9BEE08FF99B9BEE2CC731FE023DA80DC52B575AE2B032F46445A65A ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT32.sys
09:44:23.0392 0x0ec0  CnxtHdAudService - ok
09:44:23.0612 0x0ec0  [ 7795F8CEBC284A426B53F541E538695F, 1A56B32CA26505D9B1899EF4C3E1E1A815D8A36CC476691DBCE8A41109208C87 ] Com4QLBEx       C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
09:44:23.0621 0x0ec0  Com4QLBEx - ok
09:44:23.0640 0x0ec0  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
09:44:23.0644 0x0ec0  Compbatt - ok
09:44:23.0652 0x0ec0  COMSysApp - ok
09:44:23.0883 0x0ec0  [ C434A814B0FE414BEBF0D087743E32D7, 40F315275A1C5BC77F11759E37DB7C20FD9A77F99A928543A1C119876197E2F4 ] ConvertFilesforFreeUpdt C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe
09:44:23.0896 0x0ec0  ConvertFilesforFreeUpdt - ok
09:44:23.0953 0x0ec0  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:44:23.0957 0x0ec0  crcdisk - ok
09:44:24.0036 0x0ec0  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
09:44:24.0042 0x0ec0  Crusoe - ok
09:44:24.0290 0x0ec0  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:44:24.0298 0x0ec0  CryptSvc - ok
09:44:24.0526 0x0ec0  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:44:24.0555 0x0ec0  DcomLaunch - ok
09:44:24.0624 0x0ec0  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:44:24.0628 0x0ec0  DfsC - ok
09:44:25.0112 0x0ec0  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
09:44:25.0414 0x0ec0  DFSR - ok
09:44:25.0577 0x0ec0  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
09:44:25.0584 0x0ec0  Dhcp - ok
09:44:25.0751 0x0ec0  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
09:44:25.0753 0x0ec0  disk - ok
09:44:25.0840 0x0ec0  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:44:25.0844 0x0ec0  Dnscache - ok
09:44:25.0884 0x0ec0  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
09:44:25.0891 0x0ec0  dot3svc - ok
09:44:26.0065 0x0ec0  [ 4F59C172C094E1A1D46463A8DC061CBD, CE09A4ED1F8BA6242E152C384AFF5C3C95FBB8556DAE23765272F13BF158D8F9 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
09:44:26.0073 0x0ec0  Dot4 - ok
09:44:26.0139 0x0ec0  [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5, 69BB5B07D03FA9F28591012F2AA4A583D3F086644C136D63A56D1A827121CC19 ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
09:44:26.0143 0x0ec0  Dot4Print - ok
09:44:26.0230 0x0ec0  [ C55004CA6B419B6695970DFE849B122F, 6E0C4A9E24DD09E9389E097AF63E7F5040A0658DDCEBBE963968B7118CFE9AB8 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
09:44:26.0234 0x0ec0  dot4usb - ok
09:44:26.0361 0x0ec0  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
09:44:26.0369 0x0ec0  DPS - ok
09:44:26.0471 0x0ec0  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:44:26.0475 0x0ec0  drmkaud - ok
09:44:26.0616 0x0ec0  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:44:26.0662 0x0ec0  DXGKrnl - ok
09:44:26.0693 0x0ec0  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
09:44:26.0704 0x0ec0  E1G60 - ok
09:44:26.0796 0x0ec0  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
09:44:26.0801 0x0ec0  EapHost - ok
09:44:26.0900 0x0ec0  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
09:44:26.0912 0x0ec0  Ecache - ok
09:44:27.0048 0x0ec0  [ 08EE8892FD19A6A951F40254E97F6EF3, 76F19B49DDC7B1CD7839BF0DF6A417F2DD756C924931F39291BC1D25A3C6077D ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
09:44:27.0125 0x0ec0  eeCtrl - ok
09:44:27.0238 0x0ec0  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:44:27.0306 0x0ec0  elxstor - ok
09:44:27.0373 0x0ec0  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
09:44:27.0401 0x0ec0  EMDMgmt - ok
09:44:27.0517 0x0ec0  [ 050D136C61DBCF36C257206ADBBEC009, 0FD13A4B43534ABF84B637F0749AED30CAF8EB2A50C0ABE70B76608AEE925A30 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
09:44:27.0529 0x0ec0  EraserUtilRebootDrv - ok
09:44:27.0575 0x0ec0  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:44:27.0579 0x0ec0  ErrDev - ok
09:44:27.0662 0x0ec0  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
09:44:27.0676 0x0ec0  EventSystem - ok
09:44:27.0795 0x0ec0  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:44:27.0871 0x0ec0  exfat - ok
09:44:27.0908 0x0ec0  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:44:27.0997 0x0ec0  fastfat - ok
09:44:28.0095 0x0ec0  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
09:44:28.0105 0x0ec0  fdc - ok
09:44:28.0194 0x0ec0  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
09:44:28.0197 0x0ec0  fdPHost - ok
09:44:28.0286 0x0ec0  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:44:28.0289 0x0ec0  FDResPub - ok
09:44:28.0380 0x0ec0  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:44:28.0387 0x0ec0  FileInfo - ok
09:44:28.0414 0x0ec0  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:44:28.0420 0x0ec0  Filetrace - ok
09:44:28.0444 0x0ec0  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
09:44:28.0450 0x0ec0  flpydisk - ok
09:44:28.0484 0x0ec0  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:44:28.0494 0x0ec0  FltMgr - ok
09:44:28.0702 0x0ec0  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll
09:44:28.0740 0x0ec0  FontCache - ok
09:44:28.0818 0x0ec0  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:44:28.0823 0x0ec0  FontCache3.0.0.0 - ok
09:44:28.0906 0x0ec0  [ D909075FA72C090F27AA926C32CB4612, F8610C20C4DD499D5B4ACEBD7107E52E25B6449AEED58D1A203F7D654B55C4DF ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
09:44:28.0911 0x0ec0  fssfltr - ok
09:44:29.0169 0x0ec0  [ 4CE9DAC1518FF7E77BD213E6394B9D77, D7D0D29DF93AC7DC5F85E385EEB45306C7BD87ACA7AAC5A8D47893D120C32C03 ] fsssvc          C:\Program Files\Windows Live\Family Safety\fsssvc.exe
09:44:29.0540 0x0ec0  fsssvc - ok
09:44:29.0627 0x0ec0  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:44:29.0644 0x0ec0  Fs_Rec - ok
09:44:29.0693 0x0ec0  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:44:29.0705 0x0ec0  gagp30kx - ok
09:44:29.0796 0x0ec0  [ 4FBCCBDD99A75C9EFBC90392CF32AF61, 221E71D0CE1793B8F0F7D8A2D7B205BBF53B518A45E2116A5882BCAB88B870E1 ] GameConsoleService C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
09:44:29.0897 0x0ec0  GameConsoleService - ok
09:44:29.0973 0x0ec0  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:44:29.0976 0x0ec0  GEARAspiWDM - ok
09:44:30.0066 0x0ec0  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
09:44:30.0095 0x0ec0  gpsvc - ok
09:44:30.0338 0x0ec0  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
09:44:30.0343 0x0ec0  gupdate - ok
09:44:30.0438 0x0ec0  [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
09:44:30.0442 0x0ec0  gupdatem - ok
09:44:30.0550 0x0ec0  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
09:44:30.0556 0x0ec0  gusvc - ok
09:44:30.0680 0x0ec0  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:44:30.0747 0x0ec0  HdAudAddService - ok
09:44:30.0788 0x0ec0  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:44:30.0993 0x0ec0  HDAudBus - ok
09:44:31.0008 0x0ec0  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:44:31.0014 0x0ec0  HidBth - ok
09:44:31.0038 0x0ec0  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:44:31.0116 0x0ec0  HidIr - ok
09:44:31.0178 0x0ec0  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
09:44:31.0189 0x0ec0  hidserv - ok
09:44:31.0257 0x0ec0  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:44:31.0266 0x0ec0  HidUsb - ok
09:44:31.0337 0x0ec0  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:44:31.0343 0x0ec0  hkmsvc - ok
09:44:31.0466 0x0ec0  [ A19B0BB5A7EB6DF2DD4A0711D36955EE, 307648CAFB3DDCD76FD730CA623945ED71D4276715A38D8CBB203C157C45F691 ] HP Health Check Service c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
09:44:31.0471 0x0ec0  HP Health Check Service - ok
09:44:31.0520 0x0ec0  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
09:44:31.0609 0x0ec0  HpCISSs - ok
09:44:31.0857 0x0ec0  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
09:44:31.0880 0x0ec0  hpqcxs08 - ok
09:44:31.0906 0x0ec0  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
09:44:31.0917 0x0ec0  hpqddsvc - ok
09:44:31.0946 0x0ec0  [ 35956140E686D53BF676CF0C778880FC, AFFE1CC956E75AF1DE87F19A58CB03C861907C48DCA03F7454EF7762DEB46F2D ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
09:44:32.0013 0x0ec0  HpqKbFiltr - ok
09:44:32.0058 0x0ec0  [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex        C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
09:44:32.0140 0x0ec0  hpqwmiex - ok
09:44:32.0487 0x0ec0  [ CC267848CB3508E72762BE65734E764D, E7E39607A48E77544EE286EA678FC2ED8A6C20C9DCB8C901BC70140ECB2E7C2F ] HSF_DPV         C:\Windows\system32\DRIVERS\HSX_DPV.sys
09:44:32.0847 0x0ec0  HSF_DPV - ok
09:44:32.0905 0x0ec0  [ A2882945CC4B6E3E4E9E825590438888, C0B7E695BBFFB927A3A7122BCA41B454B27F285A0A380E82CEDF87CE573A5C60 ] HSXHWAZL        C:\Windows\system32\DRIVERS\HSXHWAZL.sys
09:44:32.0917 0x0ec0  HSXHWAZL - ok
09:44:33.0141 0x0ec0  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:44:33.0156 0x0ec0  HTTP - ok
09:44:33.0200 0x0ec0  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
09:44:33.0204 0x0ec0  i2omp - ok
09:44:33.0314 0x0ec0  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
09:44:33.0404 0x0ec0  i8042prt - ok
09:44:33.0440 0x0ec0  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
09:44:33.0487 0x0ec0  iaStorV - ok
09:44:33.0687 0x0ec0  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
09:44:33.0743 0x0ec0  IDriverT - ok
09:44:33.0837 0x0ec0  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:44:34.0053 0x0ec0  idsvc - ok
09:44:34.0229 0x0ec0  [ 8C7DA84BFFDB7CBE7CC77D0495F5137B, 913C6B52B32939A0D72AD27026D3D270DD586A2132F3291935AA8CA801B91CF8 ] IDSVix86        C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140321.001\IDSvix86.sys
09:44:34.0244 0x0ec0  IDSVix86 - ok
09:44:34.0852 0x0ec0  [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
09:44:35.0979 0x0ec0  igfx - ok
09:44:36.0100 0x0ec0  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:44:36.0109 0x0ec0  iirsp - ok
09:44:36.0235 0x0ec0  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll
09:44:36.0250 0x0ec0  IKEEXT - ok
09:44:36.0288 0x0ec0  [ C7E7E43CBD34D3B0A0156B51B917DFCC, 8F40D053D1AF89E0739D798D41F92801F95AB55CA0109386C426AB57784DD540 ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
09:44:36.0298 0x0ec0  IntcHdmiAddService - ok
09:44:36.0330 0x0ec0  [ DD512A049BD7B4BCE8A83554C5EFF2C1, FBC44A9EBFCCE0EF4F6D007590158F7852340D3056298A0C1708E3AC30AB6CA9 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:44:36.0333 0x0ec0  intelide - ok
09:44:36.0429 0x0ec0  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:44:36.0431 0x0ec0  intelppm - ok
09:44:36.0643 0x0ec0  [ 3DC635B66DD7412E1C9C3A77B8D78F25, D3894065DA2D08744863ECC5EE9027A0E39711A6A56AAB599F1CAF4BB996F42A ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
09:44:36.0644 0x0ec0  IntuitUpdateService - ok
09:44:36.0817 0x0ec0  [ D9DA7B3117BF5EFF921C0CDED4D58050, D51A2AFC0E310C5A0EE1540A9E6353F5F7C9E76711187FAD91EEB0B3254EE935 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
09:44:36.0818 0x0ec0  IntuitUpdateServiceV4 - ok
09:44:36.0921 0x0ec0  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:44:36.0927 0x0ec0  IPBusEnum - ok
09:44:36.0996 0x0ec0  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:44:37.0004 0x0ec0  IpFilterDriver - ok
09:44:37.0100 0x0ec0  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:44:37.0112 0x0ec0  iphlpsvc - ok
09:44:37.0121 0x0ec0  IpInIp - ok
09:44:37.0176 0x0ec0  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
09:44:37.0354 0x0ec0  IPMIDRV - ok
09:44:37.0390 0x0ec0  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
09:44:37.0399 0x0ec0  IPNAT - ok
09:44:37.0428 0x0ec0  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:44:37.0433 0x0ec0  IRENUM - ok
09:44:37.0461 0x0ec0  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:44:37.0471 0x0ec0  isapnp - ok
09:44:37.0605 0x0ec0  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
09:44:37.0611 0x0ec0  iScsiPrt - ok
09:44:37.0623 0x0ec0  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
09:44:37.0625 0x0ec0  iteatapi - ok
09:44:37.0642 0x0ec0  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
09:44:37.0644 0x0ec0  iteraid - ok
09:44:37.0684 0x0ec0  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:44:37.0688 0x0ec0  kbdclass - ok
09:44:37.0768 0x0ec0  [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:44:37.0774 0x0ec0  kbdhid - ok
09:44:37.0895 0x0ec0  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe
09:44:37.0898 0x0ec0  KeyIso - ok
09:44:38.0043 0x0ec0  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:44:38.0074 0x0ec0  KSecDD - ok
09:44:38.0167 0x0ec0  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:44:38.0189 0x0ec0  KtmRm - ok
09:44:38.0228 0x0ec0  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:44:38.0233 0x0ec0  LanmanServer - ok
09:44:38.0289 0x0ec0  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:44:38.0295 0x0ec0  LanmanWorkstation - ok
09:44:38.0412 0x0ec0  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:44:38.0414 0x0ec0  lltdio - ok
09:44:38.0697 0x0ec0  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:44:38.0719 0x0ec0  lltdsvc - ok
09:44:38.0736 0x0ec0  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:44:38.0739 0x0ec0  lmhosts - ok
09:44:38.0894 0x0ec0  [ 1E39A4999B45591477D4F04EACD2BFD8, 04647F599506FBA438B823767C2ECFB1580FB07D4A802A10BEBACE695CD2757B ] LPTSystemUpdater C:\Program Files\LPT\srpts.exe
09:44:38.0896 0x0ec0  LPTSystemUpdater - ok
09:44:38.0966 0x0ec0  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:44:39.0025 0x0ec0  LSI_FC - ok
09:44:39.0068 0x0ec0  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:44:39.0073 0x0ec0  LSI_SAS - ok
09:44:39.0126 0x0ec0  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:44:39.0132 0x0ec0  LSI_SCSI - ok
09:44:39.0140 0x0ec0  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
09:44:39.0142 0x0ec0  luafv - ok
09:44:39.0341 0x0ec0  [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk         C:\Windows\system32\DRIVERS\mdmxsdk.sys
09:44:39.0347 0x0ec0  mdmxsdk - ok
09:44:39.0407 0x0ec0  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys
09:44:39.0410 0x0ec0  megasas - ok
09:44:39.0600 0x0ec0  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
09:44:39.0678 0x0ec0  MegaSR - ok
09:44:39.0700 0x0ec0  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
09:44:39.0703 0x0ec0  MMCSS - ok
09:44:39.0722 0x0ec0  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
09:44:39.0726 0x0ec0  Modem - ok
09:44:39.0748 0x0ec0  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:44:39.0750 0x0ec0  monitor - ok
09:44:39.0773 0x0ec0  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:44:39.0777 0x0ec0  mouclass - ok
09:44:39.0802 0x0ec0  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:44:39.0804 0x0ec0  mouhid - ok
09:44:39.0829 0x0ec0  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
09:44:39.0833 0x0ec0  MountMgr - ok
09:44:39.0933 0x0ec0  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:44:39.0937 0x0ec0  MozillaMaintenance - ok
09:44:39.0971 0x0ec0  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:44:39.0978 0x0ec0  mpio - ok
09:44:40.0000 0x0ec0  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:44:40.0002 0x0ec0  mpsdrv - ok
09:44:40.0135 0x0ec0  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:44:40.0146 0x0ec0  MpsSvc - ok
09:44:40.0461 0x0ec0  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
09:44:40.0472 0x0ec0  Mraid35x - ok
09:44:40.0557 0x0ec0  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:44:40.0561 0x0ec0  MRxDAV - ok
09:44:40.0599 0x0ec0  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:44:40.0602 0x0ec0  mrxsmb - ok
09:44:40.0749 0x0ec0  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:44:40.0754 0x0ec0  mrxsmb10 - ok
09:44:40.0772 0x0ec0  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:44:40.0775 0x0ec0  mrxsmb20 - ok
09:44:40.0878 0x0ec0  [ 5457DCFA7C0DA43522F4D9D4049C1472, C8B0FD8F96E4FC5CB4B74D5968E808F44B4371F0A797B1D368E6A6080CB862FD ] msahci          C:\Windows\system32\drivers\msahci.sys
09:44:40.0888 0x0ec0  msahci - ok
09:44:41.0015 0x0ec0  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:44:41.0020 0x0ec0  msdsm - ok
09:44:41.0046 0x0ec0  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
09:44:41.0063 0x0ec0  MSDTC - ok
09:44:41.0086 0x0ec0  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:44:41.0089 0x0ec0  Msfs - ok
09:44:41.0299 0x0ec0  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:44:41.0560 0x0ec0  msisadrv - ok
09:44:41.0585 0x0ec0  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:44:41.0601 0x0ec0  MSiSCSI - ok
09:44:41.0606 0x0ec0  msiserver - ok
09:44:41.0691 0x0ec0  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:44:41.0694 0x0ec0  MSKSSRV - ok
09:44:41.0716 0x0ec0  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:44:41.0719 0x0ec0  MSPCLOCK - ok
09:44:41.0740 0x0ec0  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:44:41.0743 0x0ec0  MSPQM - ok
09:44:41.0788 0x0ec0  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:44:41.0877 0x0ec0  MsRPC - ok
09:44:41.0909 0x0ec0  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:44:41.0911 0x0ec0  mssmbios - ok
09:44:41.0974 0x0ec0  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:44:41.0978 0x0ec0  MSTEE - ok
09:44:42.0042 0x0ec0  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:44:42.0045 0x0ec0  Mup - ok
09:44:42.0818 0x0ec0  [ D57EC83468C328E2C3029A0BAA722072, 71714FCCDF625A0959FDB4E70FCCBCF184345537BE9509987F798837B392653E ] N360            C:\Program Files\Norton Security Suite\Engine\21.1.0.18\N360.exe
09:44:42.0830 0x0ec0  N360 - ok
09:44:42.0938 0x0ec0  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
09:44:42.0975 0x0ec0  napagent - ok
09:44:43.0082 0x0ec0  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:44:43.0087 0x0ec0  NativeWifiP - ok
09:44:43.0553 0x0ec0  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140322.002\NAVENG.SYS
09:44:43.0558 0x0ec0  NAVENG - ok
09:44:44.0091 0x0ec0  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\Program Files\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140322.002\NAVEX15.SYS
09:44:44.0288 0x0ec0  NAVEX15 - ok
09:44:44.0510 0x0ec0  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:44:44.0647 0x0ec0  NDIS - ok
09:44:44.0718 0x0ec0  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:44:44.0723 0x0ec0  NdisTapi - ok
09:44:44.0786 0x0ec0  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:44:44.0789 0x0ec0  Ndisuio - ok
09:44:44.0826 0x0ec0  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:44:44.0836 0x0ec0  NdisWan - ok
09:44:44.0906 0x0ec0  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:44:44.0911 0x0ec0  NDProxy - ok
09:44:45.0009 0x0ec0  [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
09:44:45.0015 0x0ec0  Net Driver HPZ12 - ok
09:44:45.0033 0x0ec0  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:44:45.0038 0x0ec0  NetBIOS - ok
09:44:45.0074 0x0ec0  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
09:44:45.0087 0x0ec0  netbt - ok
09:44:45.0136 0x0ec0  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe
09:44:45.0140 0x0ec0  Netlogon - ok
09:44:45.0241 0x0ec0  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
09:44:45.0257 0x0ec0  Netman - ok
09:44:45.0309 0x0ec0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:44:45.0324 0x0ec0  NetMsmqActivator - ok
09:44:45.0339 0x0ec0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:44:45.0347 0x0ec0  NetPipeActivator - ok
09:44:45.0473 0x0ec0  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
09:44:45.0508 0x0ec0  netprofm - ok
09:44:45.0530 0x0ec0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:44:45.0539 0x0ec0  NetTcpActivator - ok
09:44:45.0553 0x0ec0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:44:45.0561 0x0ec0  NetTcpPortSharing - ok
09:44:45.0916 0x0ec0  [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32        C:\Windows\system32\DRIVERS\NETw3v32.sys
09:44:46.0015 0x0ec0  NETw3v32 - ok
09:44:46.0069 0x0ec0  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:44:46.0074 0x0ec0  nfrd960 - ok
09:44:46.0155 0x0ec0  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:44:46.0160 0x0ec0  NlaSvc - ok
09:44:46.0356 0x0ec0  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:44:46.0434 0x0ec0  Npfs - ok
09:44:46.0446 0x0ec0  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
09:44:46.0450 0x0ec0  nsi - ok
09:44:46.0471 0x0ec0  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:44:46.0475 0x0ec0  nsiproxy - ok
09:44:46.0551 0x0ec0  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:44:46.0960 0x0ec0  Ntfs - ok
09:44:47.0017 0x0ec0  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
09:44:47.0022 0x0ec0  ntrigdigi - ok
09:44:47.0116 0x0ec0  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
09:44:47.0120 0x0ec0  Null - ok
09:44:47.0193 0x0ec0  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:44:47.0210 0x0ec0  nvraid - ok
09:44:47.0233 0x0ec0  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:44:47.0236 0x0ec0  nvstor - ok
09:44:47.0254 0x0ec0  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:44:47.0260 0x0ec0  nv_agp - ok
09:44:47.0266 0x0ec0  NwlnkFlt - ok
09:44:47.0273 0x0ec0  NwlnkFwd - ok
09:44:47.0428 0x0ec0  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:44:47.0505 0x0ec0  odserv - ok
09:44:47.0638 0x0ec0  [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
09:44:47.0643 0x0ec0  ohci1394 - ok
09:44:47.0731 0x0ec0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:44:47.0738 0x0ec0  ose - ok
09:44:47.0829 0x0ec0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
09:44:47.0920 0x0ec0  p2pimsvc - ok
09:44:47.0966 0x0ec0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:44:47.0990 0x0ec0  p2psvc - ok
09:44:48.0039 0x0ec0  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
09:44:48.0044 0x0ec0  Parport - ok
09:44:48.0077 0x0ec0  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:44:48.0082 0x0ec0  partmgr - ok
09:44:48.0103 0x0ec0  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:44:48.0136 0x0ec0  Parvdm - ok
09:44:48.0225 0x0ec0  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:44:48.0229 0x0ec0  PcaSvc - ok
09:44:48.0306 0x0ec0  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
09:44:48.0313 0x0ec0  pci - ok
09:44:48.0376 0x0ec0  [ 1D8B3D8DF8EB7FCF2F0AC02F9F947802, E50E68A105B4A2C554B9EC169D404A51566F2010BECB9452BC1B2AC1A77283B0 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:44:48.0466 0x0ec0  pciide - ok
09:44:48.0498 0x0ec0  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:44:48.0507 0x0ec0  pcmcia - ok
09:44:48.0651 0x0ec0  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:44:48.0706 0x0ec0  PEAUTH - ok
09:44:48.0941 0x0ec0  [ AF312DBE00F2210800373E64EF2804BD, B5F89A63FFB8781FB74284A3565DC5FDE77EB6148841695B77C4F17750F1EC24 ] PirritDesktop   C:\Users\Steve\AppData\Local\PirritSuggestor\PirritService.exe
09:44:48.0995 0x0ec0  PirritDesktop - ok
09:44:49.0216 0x0ec0  [ F660D12105DB68684762BE0E8581026A, E5504EB4A4FAB15D300E8B2E42DAF3BDB4D53F6DAACA1B074501C16DC9DEE46E ] PirritUpdater   C:\Program Files\Pirrit\AutoUpdater.exe
09:44:49.0221 0x0ec0  PirritUpdater - ok
09:44:49.0329 0x0ec0  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
09:44:49.0661 0x0ec0  pla - ok
09:44:49.0763 0x0ec0  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:44:49.0770 0x0ec0  PlugPlay - ok
09:44:49.0816 0x0ec0  [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
09:44:49.0820 0x0ec0  Pml Driver HPZ12 - ok
09:44:49.0946 0x0ec0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
09:44:49.0962 0x0ec0  PNRPAutoReg - ok
09:44:50.0079 0x0ec0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
09:44:50.0096 0x0ec0  PNRPsvc - ok
09:44:50.0133 0x0ec0  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:44:50.0254 0x0ec0  PolicyAgent - ok
09:44:50.0437 0x0ec0  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:44:50.0444 0x0ec0  PptpMiniport - ok
09:44:50.0520 0x0ec0  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys
09:44:50.0524 0x0ec0  Processor - ok
09:44:50.0557 0x0ec0  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
09:44:50.0563 0x0ec0  ProfSvc - ok
09:44:50.0576 0x0ec0  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
09:44:50.0578 0x0ec0  ProtectedStorage - ok
09:44:50.0696 0x0ec0  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
09:44:50.0699 0x0ec0  PSched - ok
09:44:50.0850 0x0ec0  [ 516C2B75D2129A9DABC3E4C20B9BA5D0, 50CA7C601F678C9F5A8D09662AF30930256F7C8684E88047F99D8EFC5C9D701A ] qknfd           C:\Windows\system32\drivers\qknfd.sys
09:44:50.0888 0x0ec0  qknfd - ok
09:44:51.0084 0x0ec0  [ 1039A5D44D065220C79B7AA1D6DA48E0, 4BB6AA6D5DD815540EA88ACD92A939983B1FB2A4DCDCE1A0DF4729A8B161AEE4 ] qksvc           C:\Program Files\Quiknowledge\Service\qksvc.exe
09:44:51.0199 0x0ec0  qksvc - ok
09:44:51.0440 0x0ec0  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:44:51.0562 0x0ec0  ql2300 - ok
09:44:51.0589 0x0ec0  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:44:51.0594 0x0ec0  ql40xx - ok
09:44:51.0702 0x0ec0  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
09:44:51.0926 0x0ec0  QWAVE - ok
09:44:51.0985 0x0ec0  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:44:51.0986 0x0ec0  QWAVEdrv - ok
09:44:52.0009 0x0ec0  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:44:52.0013 0x0ec0  RasAcd - ok
09:44:52.0028 0x0ec0  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
09:44:52.0037 0x0ec0  RasAuto - ok
09:44:52.0119 0x0ec0  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:44:52.0126 0x0ec0  Rasl2tp - ok
09:44:52.0167 0x0ec0  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
09:44:52.0179 0x0ec0  RasMan - ok
09:44:52.0211 0x0ec0  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:44:52.0217 0x0ec0  RasPppoe - ok
09:44:52.0292 0x0ec0  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:44:52.0299 0x0ec0  RasSstp - ok
09:44:52.0333 0x0ec0  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:44:52.0347 0x0ec0  rdbss - ok
09:44:52.0392 0x0ec0  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:44:52.0396 0x0ec0  RDPCDD - ok
09:44:52.0484 0x0ec0  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
09:44:52.0564 0x0ec0  rdpdr - ok
09:44:52.0574 0x0ec0  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:44:52.0578 0x0ec0  RDPENCDD - ok
09:44:52.0639 0x0ec0  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:44:52.0662 0x0ec0  RDPWD - ok
09:44:52.0795 0x0ec0  [ 0D362785BEF9BDF5A6E1F4628D06716D, DFB22D15BFE57988915C46EA366ECA8B47F663AFC87FD45F7BB2B1C966CCD34A ] Recovery Service for Windows C:\Program Files\SMINST\BLService.exe
09:44:52.0895 0x0ec0  Recovery Service for Windows - ok
09:44:53.0010 0x0ec0  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:44:53.0018 0x0ec0  RemoteAccess - ok
09:44:53.0069 0x0ec0  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:44:53.0081 0x0ec0  RemoteRegistry - ok
09:44:53.0353 0x0ec0  [ 805AE1F90C64758D19AAA001CF8CBA12, 28E389FD9D8106D922AAD0FF93107C4C2900565480ACD9E909D8C134E39E39A1 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
09:44:54.0056 0x0ec0  RichVideo - ok
09:44:54.0126 0x0ec0  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
09:44:54.0130 0x0ec0  RpcLocator - ok
09:44:54.0295 0x0ec0  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll
09:44:54.0407 0x0ec0  RpcSs - ok
09:44:54.0453 0x0ec0  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:44:54.0582 0x0ec0  rspndr - ok
09:44:54.0679 0x0ec0  [ 125C504A34D0A2E152517E342E7E432C, 78E8B42B80B267602336C0164EC56DDF0FC634C5E57C63998EEDA79B372A0863 ] RTL8169         C:\Windows\system32\DRIVERS\Rtlh86.sys
09:44:54.0690 0x0ec0  RTL8169 - ok
09:44:54.0729 0x0ec0  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe
09:44:54.0733 0x0ec0  SamSs - ok
09:44:54.0783 0x0ec0  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:44:54.0795 0x0ec0  sbp2port - ok
09:44:55.0018 0x0ec0  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:44:55.0029 0x0ec0  SCardSvr - ok
09:44:55.0160 0x0ec0  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
09:44:55.0190 0x0ec0  Schedule - ok
09:44:55.0236 0x0ec0  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:44:55.0239 0x0ec0  SCPolicySvc - ok
09:44:55.0428 0x0ec0  [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
09:44:55.0437 0x0ec0  sdbus - ok
09:44:55.0509 0x0ec0  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:44:55.0521 0x0ec0  SDRSVC - ok
09:44:55.0586 0x0ec0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:44:55.0597 0x0ec0  secdrv - ok
09:44:55.0666 0x0ec0  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
09:44:55.0672 0x0ec0  seclogon - ok
09:44:55.0745 0x0ec0  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll
09:44:55.0752 0x0ec0  SENS - ok
09:44:55.0831 0x0ec0  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:44:55.0840 0x0ec0  Serenum - ok
09:44:55.0935 0x0ec0  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
09:44:55.0944 0x0ec0  Serial - ok
09:44:55.0970 0x0ec0  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:44:55.0976 0x0ec0  sermouse - ok
09:44:56.0020 0x0ec0  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:44:56.0034 0x0ec0  SessionEnv - ok
09:44:56.0073 0x0ec0  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:44:56.0078 0x0ec0  sffdisk - ok
09:44:56.0100 0x0ec0  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:44:56.0113 0x0ec0  sffp_mmc - ok
09:44:56.0333 0x0ec0  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:44:56.0338 0x0ec0  sffp_sd - ok
09:44:56.0363 0x0ec0  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:44:56.0369 0x0ec0  sfloppy - ok
09:44:56.0416 0x0ec0  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:44:56.0435 0x0ec0  SharedAccess - ok
09:44:56.0529 0x0ec0  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:44:56.0544 0x0ec0  ShellHWDetection - ok
09:44:56.0566 0x0ec0  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:44:56.0573 0x0ec0  sisagp - ok
09:44:56.0600 0x0ec0  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
09:44:56.0606 0x0ec0  SiSRaid2 - ok
09:44:56.0628 0x0ec0  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:44:56.0636 0x0ec0  SiSRaid4 - ok
09:44:57.0493 0x0ec0  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
09:44:57.0694 0x0ec0  slsvc - ok
09:44:57.0853 0x0ec0  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
09:44:57.0858 0x0ec0  SLUINotify - ok
09:44:57.0911 0x0ec0  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:44:57.0999 0x0ec0  Smb - ok
09:44:58.0222 0x0ec0  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:44:58.0226 0x0ec0  SNMPTRAP - ok
09:44:58.0572 0x0ec0  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:44:58.0629 0x0ec0  spldr - ok
09:44:58.0771 0x0ec0  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
09:44:58.0781 0x0ec0  Spooler - ok
09:44:59.0170 0x0ec0  [ 40714B1C586AF7E61BED7AE1D5113280, 383B555211E742359CCAECB14A5517E0DB5819043BE8D8B7F2FD4AE4500093E2 ] SRTSP           C:\Windows\System32\Drivers\N360\1501000.012\SRTSP.SYS
09:44:59.0453 0x0ec0  SRTSP - ok
09:44:59.0609 0x0ec0  [ 1B6D68043F488F70E889276E1585B7AA, 574925053F0EB2DED6DA03D0720A8E1588590948DFF1E2C6DE84EA5B6856E3DB ] SRTSPX          C:\Windows\system32\drivers\N360\1501000.012\SRTSPX.SYS
09:44:59.0660 0x0ec0  SRTSPX - ok
09:44:59.0749 0x0ec0  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:44:59.0757 0x0ec0  srv - ok
09:45:00.0005 0x0ec0  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:45:00.0009 0x0ec0  srv2 - ok
09:45:00.0120 0x0ec0  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:45:00.0179 0x0ec0  srvnet - ok
09:45:00.0700 0x0ec0  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:45:00.0709 0x0ec0  SSDPSRV - ok
09:45:00.0886 0x0ec0  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:45:00.0896 0x0ec0  SstpSvc - ok
09:45:01.0162 0x0ec0  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
09:45:01.0187 0x0ec0  stisvc - ok
09:45:01.0412 0x0ec0  [ FFB311EE7FA581E15FB002884575F068, CA6BC70C8C49BDB7815FE4DD2E0402D315F0BF7D3D81AC97BB3A00BA09CDFC13 ] SWDUMon         C:\Windows\system32\DRIVERS\SWDUMon.sys
09:45:01.0433 0x0ec0  SWDUMon - ok
09:45:01.0706 0x0ec0  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:45:01.0709 0x0ec0  swenum - ok
09:45:01.0920 0x0ec0  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
09:45:01.0997 0x0ec0  swprv - ok
09:45:02.0069 0x0ec0  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
09:45:02.0076 0x0ec0  Symc8xx - ok
09:45:02.0288 0x0ec0  [ 4C3DEF736D3857570166DE5C858600F5, 45613D3F1935AFDDB1DFE3A427222A0B38430ABF15F9110A35E7C55CDADF1D43 ] SymDS           C:\Windows\system32\drivers\N360\1501000.012\SYMDS.SYS
09:45:02.0411 0x0ec0  SymDS - ok
09:45:02.0621 0x0ec0  [ 68762EF9ED8A8D4A07112B3E3590EA29, 1D07F12351F5CC0D296841D7084159BB547CB76209F10E7117E851750B66497A ] SymEFA          C:\Windows\system32\drivers\N360\1501000.012\SYMEFA.SYS
09:45:02.0733 0x0ec0  SymEFA - ok
09:45:02.0807 0x0ec0  [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS
09:45:02.0818 0x0ec0  SymEvent - ok
09:45:02.0864 0x0ec0  SYMFW - ok
09:45:02.0926 0x0ec0  [ 33BC55817D91C409C6BB85C0EA8802AE, 79C0A03A64195D9459430F2CFBC985B177739F4A7F311A1A7378073D123DFE91 ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys
09:45:02.0937 0x0ec0  SymIM - ok
09:45:03.0143 0x0ec0  [ E3A3CA230C7547364BB3D9DA0C301A36, 8F173DE08BAF81A7BE7F2D306DC595D60E6537D95AFE32A39E521E43C35AB629 ] SymIRON         C:\Windows\system32\drivers\N360\1501000.012\Ironx86.SYS
09:45:03.0156 0x0ec0  SymIRON - ok
09:45:03.0165 0x0ec0  SYMNDISV - ok
09:45:03.0373 0x0ec0  [ 9E5268E02EFB03B5C30CAE9B45DB11B8, C1DADF547789D54F826DB4DE734E69361194FACDEBF5B96171F72A54EC44FC42 ] SYMTDIv         C:\Windows\System32\Drivers\N360\1501000.012\SYMTDIV.SYS
09:45:03.0407 0x0ec0  SYMTDIv - ok
09:45:03.0480 0x0ec0  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
09:45:03.0571 0x0ec0  Sym_hi - ok
09:45:03.0602 0x0ec0  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
09:45:03.0612 0x0ec0  Sym_u3 - ok
09:45:03.0733 0x0ec0  [ 00B19F27858F56181EDB58B71A7C67A0, 50810EAD2234F61310A234DC20B7306E6E809CFFE72F7C71FDE89D4068A29853 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
09:45:03.0748 0x0ec0  SynTP - ok
09:45:03.0955 0x0ec0  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
09:45:03.0985 0x0ec0  SysMain - ok
09:45:04.0115 0x0ec0  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:45:04.0124 0x0ec0  TabletInputService - ok
09:45:04.0265 0x0ec0  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:45:04.0281 0x0ec0  TapiSrv - ok
09:45:04.0340 0x0ec0  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
09:45:04.0397 0x0ec0  TBS - ok
09:45:04.0633 0x0ec0  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:45:04.0820 0x0ec0  Tcpip - ok
09:45:04.0899 0x0ec0  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
09:45:04.0918 0x0ec0  Tcpip6 - ok
09:45:04.0944 0x0ec0  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:45:04.0987 0x0ec0  tcpipreg - ok
09:45:05.0056 0x0ec0  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:45:05.0060 0x0ec0  TDPIPE - ok
09:45:05.0073 0x0ec0  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:45:05.0078 0x0ec0  TDTCP - ok
09:45:05.0108 0x0ec0  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:45:05.0468 0x0ec0  tdx - ok
09:45:05.0547 0x0ec0  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:45:05.0581 0x0ec0  TermDD - ok
09:45:05.0742 0x0ec0  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
09:45:05.0754 0x0ec0  TermService - ok
09:45:05.0850 0x0ec0  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
09:45:05.0858 0x0ec0  Themes - ok
09:45:05.0983 0x0ec0  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
09:45:05.0987 0x0ec0  THREADORDER - ok
09:45:06.0447 0x0ec0  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
09:45:06.0454 0x0ec0  TrkWks - ok
09:45:06.0526 0x0ec0  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:45:06.0528 0x0ec0  TrustedInstaller - ok
09:45:06.0646 0x0ec0  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:45:06.0654 0x0ec0  tssecsrv - ok
09:45:06.0685 0x0ec0  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
09:45:06.0690 0x0ec0  tunmp - ok
09:45:06.0837 0x0ec0  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:45:06.0880 0x0ec0  tunnel - ok
09:45:06.0954 0x0ec0  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:45:06.0961 0x0ec0  uagp35 - ok
09:45:07.0005 0x0ec0  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:45:07.0105 0x0ec0  udfs - ok
09:45:07.0212 0x0ec0  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:45:07.0219 0x0ec0  UI0Detect - ok
09:45:07.0271 0x0ec0  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:45:07.0316 0x0ec0  uliagpkx - ok
09:45:07.0393 0x0ec0  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
09:45:07.0411 0x0ec0  uliahci - ok
09:45:07.0469 0x0ec0  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
09:45:07.0477 0x0ec0  UlSata - ok
09:45:07.0515 0x0ec0  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
09:45:07.0523 0x0ec0  ulsata2 - ok
09:45:07.0580 0x0ec0  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:45:07.0593 0x0ec0  umbus - ok
09:45:07.0655 0x0ec0  [ 88BD96A1BAEED33EE8BDF9499C07A841, 1C4DA1B34FE52B8022AB23CBF18D6B16635283625BB2D08E6524292E6009773A ] UMPass          C:\Windows\system32\DRIVERS\umpass.sys
09:45:07.0659 0x0ec0  UMPass - ok
09:45:07.0791 0x0ec0  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
09:45:07.0807 0x0ec0  upnphost - ok
09:45:08.0009 0x0ec0  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:45:08.0021 0x0ec0  usbccgp - ok
09:45:08.0128 0x0ec0  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:45:08.0136 0x0ec0  usbcir - ok
09:45:08.0224 0x0ec0  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
09:45:08.0234 0x0ec0  usbehci - ok
09:45:08.0317 0x0ec0  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:45:08.0358 0x0ec0  usbhub - ok
09:45:08.0459 0x0ec0  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:45:08.0530 0x0ec0  usbohci - ok
09:45:08.0592 0x0ec0  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
09:45:08.0598 0x0ec0  usbprint - ok
09:45:08.0674 0x0ec0  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
09:45:08.0681 0x0ec0  usbscan - ok
09:45:08.0822 0x0ec0  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:45:08.0826 0x0ec0  USBSTOR - ok
09:45:08.0904 0x0ec0  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
09:45:08.0908 0x0ec0  usbuhci - ok
09:45:08.0930 0x0ec0  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
09:45:08.0937 0x0ec0  UxSms - ok
09:45:09.0275 0x0ec0  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
09:45:09.0297 0x0ec0  vds - ok
09:45:09.0399 0x0ec0  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:45:09.0404 0x0ec0  vga - ok
09:45:09.0445 0x0ec0  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:45:09.0450 0x0ec0  VgaSave - ok
09:45:09.0508 0x0ec0  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:45:09.0515 0x0ec0  viaagp - ok
09:45:09.0531 0x0ec0  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:45:09.0537 0x0ec0  ViaC7 - ok
09:45:09.0555 0x0ec0  [ EA1AA6E3ABB3C194FEBA12A46DE8CF2C, 5D395C20D9121EA3970980703D8692380B4D8CFDAAC4FA8A2B352209F49318B7 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:45:09.0559 0x0ec0  viaide - ok
09:45:09.0744 0x0ec0  [ A85E8D6D797B162963194F79A71F6B06, 105301F38F8CE992F68E8C562CC17E237A3EF1F8B1CFFD33D3A4AF5F293DAF47 ] ViewPassword    C:\Program Files\View-Password\ViewPassword154.exe
09:45:09.0832 0x0ec0  ViewPassword - ok
09:45:09.0868 0x0ec0  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:45:09.0873 0x0ec0  volmgr - ok
09:45:09.0943 0x0ec0  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:45:09.0988 0x0ec0  volmgrx - ok
09:45:10.0015 0x0ec0  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:45:10.0029 0x0ec0  volsnap - ok
09:45:10.0287 0x0ec0  [ 77E1EE3A9BA1A7AA1744C2C869D51380, 698E7A0119E0C9B8067667DCDC7D123D1536D1C88347F5FACA3859449D8FA40C ] VOsrv           C:\Users\Steve\AppData\Roaming\VOPackage\VOsrv.exe
09:45:10.0321 0x0ec0  VOsrv - ok
09:45:10.0476 0x0ec0  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:45:10.0489 0x0ec0  vsmraid - ok
09:45:10.0747 0x0ec0  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
09:45:10.0848 0x0ec0  VSS - ok
09:45:10.0891 0x0ec0  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
09:45:10.0909 0x0ec0  W32Time - ok
09:45:10.0969 0x0ec0  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:45:10.0976 0x0ec0  WacomPen - ok
09:45:11.0007 0x0ec0  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
09:45:11.0015 0x0ec0  Wanarp - ok
09:45:11.0036 0x0ec0  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:45:11.0040 0x0ec0  Wanarpv6 - ok
09:45:11.0206 0x0ec0  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:45:11.0230 0x0ec0  wcncsvc - ok
09:45:11.0290 0x0ec0  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:45:11.0298 0x0ec0  WcsPlugInService - ok
09:45:11.0322 0x0ec0  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys
09:45:11.0328 0x0ec0  Wd - ok
09:45:11.0436 0x0ec0  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:45:11.0460 0x0ec0  Wdf01000 - ok
09:45:11.0555 0x0ec0  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:45:11.0564 0x0ec0  WdiServiceHost - ok
09:45:11.0589 0x0ec0  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:45:11.0598 0x0ec0  WdiSystemHost - ok
09:45:11.0845 0x0ec0  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
09:45:11.0859 0x0ec0  WebClient - ok
09:45:11.0919 0x0ec0  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:45:11.0933 0x0ec0  Wecsvc - ok
09:45:12.0008 0x0ec0  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:45:12.0017 0x0ec0  wercplsupport - ok
09:45:12.0062 0x0ec0  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:45:12.0074 0x0ec0  WerSvc - ok
09:45:12.0143 0x0ec0  [ 0ACD399F5DB3DF1B58903CF4949AB5A8, F8FA0A8F631AA8F34A0506F1E5E09DFB6CDA1E9E92207A73A74F1A0E7768C49A ] winachsf        C:\Windows\system32\DRIVERS\HSX_CNXT.sys
09:45:12.0232 0x0ec0  winachsf - ok
09:45:12.0341 0x0ec0  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:45:12.0354 0x0ec0  WinDefend - ok
09:45:12.0372 0x0ec0  WinHttpAutoProxySvc - ok
09:45:12.0670 0x0ec0  [ 04614DC12E77338F55775349EB90C26C, 92F69480AED5D77753168479D2518419967E06F6340067767ACA8D1EBEA51F92 ] WinkHandler     C:\Program Files\Iminent\WinkHandler.exe
09:45:12.0711 0x0ec0  WinkHandler - ok
09:45:12.0906 0x0ec0  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:45:12.0916 0x0ec0  Winmgmt - ok
09:45:13.0174 0x0ec0  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
09:45:13.0356 0x0ec0  WinRM - ok
09:45:13.0461 0x0ec0  [ 3F918D0A7AEEEBDECFCB28C4A1B8FC65, 14A3C8B9C5E1CD3155C94C7D701F7C645C2F302428F0DFC294882222F6E3BA73 ] WinRST          C:\Program Files\WinRST\WinRST.exe
09:45:13.0467 0x0ec0  WinRST - ok
09:45:13.0546 0x0ec0  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:45:13.0575 0x0ec0  Wlansvc - ok
09:45:13.0742 0x0ec0  [ 6067ACEF367E79914AF628FA1E9B5330, 491A705267B48C103E00B26BBD21FA8829DB03A88343CBC27264CEE5DE8C8DEF ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
09:45:13.0752 0x0ec0  wlcrasvc - ok
09:45:14.0240 0x0ec0  [ 0A70F4022EC2E14C159EFC4F69AA2477, FF248136576F9803762C54DE5439D3411B52DCBC95B93176A5DAB857967D9AC4 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
09:45:14.0937 0x0ec0  wlidsvc - ok
09:45:14.0996 0x0ec0  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
09:45:14.0998 0x0ec0  WmiAcpi - ok
09:45:15.0086 0x0ec0  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:45:15.0093 0x0ec0  wmiApSrv - ok
09:45:15.0320 0x0ec0  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:45:15.0360 0x0ec0  WMPNetworkSvc - ok
09:45:15.0412 0x0ec0  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:45:15.0426 0x0ec0  WPCSvc - ok
09:45:15.0485 0x0ec0  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:45:15.0494 0x0ec0  WPDBusEnum - ok
09:45:15.0726 0x0ec0  [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
09:45:15.0760 0x0ec0  WPFFontCache_v0400 - ok
09:45:15.0883 0x0ec0  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:45:15.0889 0x0ec0  ws2ifsl - ok
09:45:15.0928 0x0ec0  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:45:15.0936 0x0ec0  wscsvc - ok
09:45:15.0946 0x0ec0  WSearch - ok
09:45:16.0223 0x0ec0  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:45:16.0418 0x0ec0  wuauserv - ok
09:45:16.0465 0x0ec0  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:45:16.0467 0x0ec0  WudfPf - ok
09:45:16.0583 0x0ec0  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:45:16.0589 0x0ec0  WUDFRd - ok
09:45:16.0619 0x0ec0  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:45:16.0623 0x0ec0  wudfsvc - ok
09:45:16.0704 0x0ec0  [ DAB33CFA9DD24251AAA389FF36B64D4B, 1C5D7C3D6C3552BDD52EB7E76031746D7DAAF64CA2432CC23329DA72BE7252D0 ] XAudio          C:\Windows\system32\DRIVERS\xaudio.sys
09:45:16.0709 0x0ec0  XAudio - ok
09:45:16.0810 0x0ec0  [ CD5F291A1161F15896D1A4D63DAFF5DF, 4F30DC454F255249431FCD14DE17858A79A088A4084F2CEDD0CF25382D427285 ] XAudioService   C:\Windows\system32\DRIVERS\xaudio.exe
09:45:16.0901 0x0ec0  XAudioService - ok
09:45:16.0999 0x0ec0  [ 7D1F3B131D503EF43EE594B5A2B9B427, 307DEC572FBC171D68ED098D73CB6F06754F26E51F8F7DB48035A8CF97AB37D0 ] yukonwlh        C:\Windows\system32\DRIVERS\yk60x86.sys
09:45:17.0134 0x0ec0  yukonwlh - ok
09:45:17.0235 0x0ec0  ================ Scan global ===============================
09:45:17.0446 0x0ec0  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
09:45:17.0632 0x0ec0  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
09:45:17.0713 0x0ec0  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
09:45:17.0880 0x0ec0  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
09:45:17.0897 0x0ec0  [ Global ] - ok
09:45:17.0898 0x0ec0  ================ Scan MBR ==================================
09:45:17.0948 0x0ec0  [ 588AE8F0C685C02BA11F30D9CD7E61A0 ] \Device\Harddisk0\DR0
09:45:19.0128 0x0ec0  \Device\Harddisk0\DR0 - ok
09:45:19.0137 0x0ec0  [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR2
09:45:19.0144 0x0ec0  \Device\Harddisk1\DR2 - ok
09:45:19.0145 0x0ec0  ================ Scan VBR ==================================
09:45:19.0159 0x0ec0  [ F6E123BDA25E4BD074AF9ABBAA732560 ] \Device\Harddisk0\DR0\Partition1
09:45:19.0216 0x0ec0  \Device\Harddisk0\DR0\Partition1 - ok
09:45:19.0358 0x0ec0  [ 591F69BAB7E83C2AFE7A9137680597C2 ] \Device\Harddisk0\DR0\Partition2
09:45:19.0455 0x0ec0  \Device\Harddisk0\DR0\Partition2 - ok
09:45:19.0462 0x0ec0  [ 8C51707E8D54A2F5AA9B19526F5F33B9 ] \Device\Harddisk1\DR2\Partition1
09:45:19.0465 0x0ec0  \Device\Harddisk1\DR2\Partition1 - ok
09:45:19.0713 0x0ec0  AV detected via SS2: AVG AntiVirus 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x41000 ( enabled : updated )
09:45:19.0718 0x0ec0  AV detected via SS2: Norton Security Suite, C:\Program Files\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled : outofdate )
09:45:19.0726 0x0ec0  FW detected via SS2: Norton Security Suite, C:\Program Files\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
09:45:19.0728 0x0ec0  ============================================================
09:45:19.0729 0x0ec0  Scan finished
09:45:19.0729 0x0ec0  ============================================================
09:45:19.0746 0x1368  Detected object count: 0
09:45:19.0747 0x1368  Actual detected object count: 0
09:46:46.0260 0x0d5c  Deinitialize success


#5 Piumartian

Piumartian
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast
  • Local time:05:17 AM

Posted 06 April 2014 - 02:16 PM

Here is the ADware result:

 

# AdwCleaner v3.023 - Report created 04/04/2014 at 11:13:40
# Updated 01/04/2014 by Xplode
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : Steve - STEVE-PC
# Running from : C:\Users\Steve\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : APNMCP
[#] Service Deleted : ca82e1a5
Service Deleted : LPTSystemUpdater
[#] Service Deleted : PirritDesktop
[#] Service Deleted : PirritUpdater
Service Deleted : VOsrv
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\SaveSenseLive
Folder Deleted : C:\ProgramData\Tperffecatcouupon
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\File Type Helper
Folder Deleted : C:\Program Files\Iminent
Folder Deleted : C:\Program Files\LPT
Folder Deleted : C:\Program Files\Mysearchdial
Folder Deleted : C:\Program Files\Optimizer Pro
Folder Deleted : C:\Program Files\Pirrit
Folder Deleted : C:\Program Files\SaveSenseLive
Folder Deleted : C:\Program Files\Plus-HD-7.7
Folder Deleted : C:\Program Files\Common Files\Umbrella
Folder Deleted : C:\Users\Steve\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Steve\AppData\Local\LPT
Folder Deleted : C:\Users\Steve\AppData\Local\PirritSuggestor
Folder Deleted : C:\Users\Steve\AppData\Local\SaveSense
Folder Deleted : C:\Users\Steve\AppData\Local\SaveSenseLive
Folder Deleted : C:\Users\Steve\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Steve\AppData\Local\Smartbar
Folder Deleted : C:\Users\Steve\AppData\LocalLow\Mysearchdial
Folder Deleted : C:\Users\Steve\AppData\LocalLow\Smartbar
Folder Deleted : C:\Users\Steve\AppData\Roaming\Mysearchdial
Folder Deleted : C:\Users\Steve\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Steve\AppData\Roaming\Pirrit
Folder Deleted : C:\Users\Steve\AppData\Roaming\SaveSense
Folder Deleted : C:\Users\Steve\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Steve\AppData\Roaming\UpdaterEX
Folder Deleted : C:\Users\Steve\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\Steve\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
Folder Deleted : C:\Users\Steve\Documents\Optimizer Pro
Folder Deleted : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\hjfpz6go.default-1395006372398\Extensions\szxuu.vvaj@hvjvfkfrquiaya.org
File Deleted : C:\END
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\system32\roboot.exe
File Deleted : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\hjfpz6go.default-1395006372398\searchplugins\Web Search.xml
File Deleted : C:\Windows\Tasks\MySearchDial.job
File Deleted : C:\Windows\System32\Tasks\MySearchDial
File Deleted : C:\Windows\Tasks\SaveSense.job
File Deleted : C:\Windows\System32\Tasks\SaveSense
File Deleted : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
File Deleted : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
File Deleted : C:\Windows\Tasks\UpdaterEX.job
File Deleted : C:\Windows\System32\Tasks\UpdaterEX
File Deleted : C:\Windows\Tasks\View Password Update.job
File Deleted : C:\Windows\System32\Tasks\View Password Update
File Deleted : C:\Windows\Tasks\View Password_wd.job
File Deleted : C:\Windows\System32\Tasks\View Password_wd
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5F907418-ECBA-47F3-A82F-52EE150940B0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5F907418-ECBA-47F3-A82F-52EE150940B0}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CAE07123-750A-44ED-AD23-90EF5E68B643}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{301EAD1E-587E-48D1-8EC7-47D5E16F1933}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A51D7EC5-4F07-4C96-9E70-669DE178FD0F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CAE07123-750A-44ED-AD23-90EF5E68B643}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{A51D7EC5-4F07-4C96-9E70-669DE178FD0F}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D367528-B404-45C1-804D-F95D3E3E45A8}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D367528-B404-45C1-804D-F95D3E3E45A8}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5CF09BC8-0455-480C-8E61-5A439E9375F5}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CF09BC8-0455-480C-8E61-5A439E9375F5}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2BAD4DC1-763A-495A-B008-260779D8F783}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BAD4DC1-763A-495A-B008-260779D8F783}
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.mysearchdialesrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bho
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialdskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr
Key Deleted : HKLM\SOFTWARE\Classes\mysearchdial.mysearchdialHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0E4B2CAB-B859-4C57-B96E-63DDEC692BC4}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99E71BF1-5F51-4AF9-830B-67015D59640D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FD0C1D9-180B-4834-B80B-4B7325AF90E1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2CC3C46-143B-4142-9D5A-B8543F0A6F55}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555075580}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566076680}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{5563BEFE-3B03-43B1-8041-64A9745DAA56}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E9F2D02-6B06-4EBA-92C2-68438EADED28}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9945959C-AAD8-4312-8B57-2DE11927E770}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544074480}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{112BA211-334C-4A90-90EC-2AD1CDAB287C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3004627E-F8E9-4E8B-909D-316753CBA923}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{71E129FF-6C2A-4984-818C-7E2C998B8D99}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D40C654D-7C51-4EB3-95B2-1E23905C2A2D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{208D4124-3895-4974-B293-A159BD306078}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57ec8740-3e32-4c85-ac76-b01d0200fc96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66def745-479b-4469-9ba3-97a6859921cf}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{1FAFD711-ABF9-4F6A-8130-5166C7371427}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : HKCU\Software\Iminent
Key Deleted : HKCU\Software\IminentToolbar
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\installedbrowserextensions
Key Deleted : HKCU\Software\mysearchdial
Key Deleted : HKCU\Software\mysearchdial.com
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\SaveSenseLive
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smartbarbackup
Key Deleted : HKCU\Software\smartbarlog
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\UpdaterEX
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\ViewPassword
Key Deleted : HKCU\Software\AppDataLow\Software\Plus-HD-7.7
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\DealPlyLive
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\IminentToolbar
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\Pirrit
Key Deleted : HKLM\Software\SaveSenseLive
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Umbrella
Key Deleted : HKLM\Software\Plus-HD-7.7
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.7
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IMBoosterARP
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Iminent
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Optimizer Pro_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\UpdaterEX
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Plus-HD-7.7
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\searchprotect\searchprotect\bin\spvc32loader.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\optimi~1\optpro~1.dll
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.19507
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\hjfpz6go.default-1395006372398\prefs.js ]
 
Line Deleted : user_pref("browser.startup.homepage", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwW2G9kJ78gdKENkgtGGlDA1rtA8Q9HYYslrXFIdJ5VsLcTdcWojr-6bVYLHdOeScQg1kXeAm65Fs9d5usXOqRMcr-s[...]
Line Deleted : user_pref("extensions.vXFnQZV9gpnc.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||ur[...]
Line Deleted : user_pref("browser.search.selectedEngine", "Web Search");
Line Deleted : user_pref("keyword.URL", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwW2G9kJ78gdKENkgtGGlDA1rtA8Q9HYYslrXFIdJ5VsLcTdcWojr-6bVYLHdOeScQg1kXeAm65Fs9d5usXOqRMcr-sKDIxzcqCLGZsT[...]
Line Deleted : user_pref("browser.newtab.url", "hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnwW2G9kJ78gdKENkgtGGlDA1rtA8Q9HYYslrXFIdJ5VsLcTdcWojr-6bVYLHdOeScQg1kXeAm65Fs9d5usXOqRMcr-sKBiY6X[...]
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [23962 octets] - [04/04/2014 09:54:15]
AdwCleaner[S0].txt - [21784 octets] - [04/04/2014 11:13:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21845 octets] ##########
# AdwCleaner v3.023 - Report created 04/04/2014 at 14:44:00
# Updated 01/04/2014 by Xplode
# Operating System : Windows Vista ™ Home Basic Service Pack 2 (32 bits)
# Username : Steve - STEVE-PC
# Running from : C:\Users\Steve\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\AppDataLow\Software\ViewPassword
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.19507
 
 
-\\ Mozilla Firefox v27.0.1 (en-US)
 
[ File : C:\Users\Steve\AppData\Roaming\Mozilla\Firefox\Profiles\hjfpz6go.default-1395006372398\prefs.js ]
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [25005 octets] - [04/04/2014 09:54:15]
AdwCleaner[S0].txt - [22830 octets] - [04/04/2014 11:13:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [22891 octets] ##########


#6 Piumartian

Piumartian
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast
  • Local time:05:17 AM

Posted 06 April 2014 - 02:18 PM

HEre is the JRT result

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows Vista ™ Home Basic x86
Ran by Steve on Fri 04/04/2014 at 14:55:39.45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
Failed to stop: [Service] qknfd 
Successfully stopped: [Service] qksvc 
Successfully deleted: [Service] qksvc 
 
 
 
~~~ Registry Values
 
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323C6E6D-1621-470F-8A52-4FDEC4E75E40}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Windows\Tasks\driverupdate startup.job"
Successfully deleted: [File] C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
Successfully deleted: [File] "C:\Windows\system32\drivers\qknfd.sys"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Steve\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files\quiknowledge"
 
 
 
~~~ FireFox
 
Successfully deleted: [Folder] "C:\Program Files\Mozilla Firefox\extensions\quiknowledge@quiknowledge.com"
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions\\quiknowledge@quiknowledge.com
Successfully deleted the following from C:\Users\Steve\AppData\Roaming\mozilla\firefox\profiles\hjfpz6go.default-1395006372398\prefs.js
 
user_pref("extensions.vXFnQZV9gpnc.epoch", "1395640004");
user_pref("extensions.vXFnQZV9gpnc.url", "hxxp://toolkitsetusa.info/sync2/?q=hfZ9ofqZCzsMCyVUojwMg708BNmGWj8lkGhGheDUojw9rdrGrja9qdrHpchIC7n0rjnErHsHrdk9qTnGtNhVCT94tMVKhd9Fqj
Emptied folder: C:\Users\Steve\AppData\Roaming\mozilla\firefox\profiles\hjfpz6go.default-1395006372398\minidumps [4 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 04/04/2014 at 15:02:46.05
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 Piumartian

Piumartian
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast
  • Local time:05:17 AM

Posted 06 April 2014 - 02:21 PM

Here is the ESET result.

Hope all of this helps.  Amazing amount of data.

 

C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$R1H1T76.part a variant of Win32/DomaIQ.BA potentially unwanted application deleted - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$R3CUGKX.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$R55QMI3.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$R6EHKID.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$R7I5XD6.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RAXVNCV.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RBVG17M.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RCWPWCL.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RDF1V3O.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RDMCMTB.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RE741JX.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RKHU393.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RNGDK22.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RO2Z6T6.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RPBBUOF.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RPONY92.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RQ9OCFR.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RUXED8U.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RVJ0LI1.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RYHN8DI.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\$RECYCLE.BIN\S-1-5-21-786523150-3215169777-68691507-1000\$RYOXYKW.tmp a variant of Win32/Injected.F trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe.vir a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\LPT\srbs.dll.vir a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.7\50780.crx.vir JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.7\50780.xpi.vir JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Plus-HD-7.7\utils.exe.vir Win32/Packed.VMDetector.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\LPT\srbs.dll.vir a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\BrowserHelper.exe.vir a variant of MSIL/Toolbar.Linkury.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\Smartbar.exe.vir a variant of Win32/Toolbar.Linkury.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll.vir a variant of Win32/Toolbar.Linkury.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO2.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir a variant of MSIL/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension2.dll.vir a variant of MSIL/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\SmartbarVersionsHelper.exe.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\srbs.dll.vir a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\ar\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\es\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\fr\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\he\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_22.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_23.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\it\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\nl\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\pt\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\ru\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Local\Smartbar\Application\tr\Smartbar.Resources.LanguageSettings.resources.dll.vir a variant of MSIL/Toolbar.Linkury.E potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Roaming\Mysearchdial\UpdateProc\UpdateTask.exe.vir a variant of Win32/DealPly.O potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe.vir a variant of Win32/DealPly.O potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe.vir a variant of Win32/DealPly.O potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Roaming\VOPackage\Uninstall.exe.vir Win32/VOPackage.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Roaming\VOPackage\VOPackage.exe.vir Win32/VOPackage.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Steve\AppData\Roaming\VOPackage\VOsrv.exe.vir a variant of Win32/VOPackage.A potentially unwanted application deleted - quarantined
C:\Program Files\PlurPush\PlurPushUninstall.exe Win32/BrowseFox.C potentially unwanted application deleted - quarantined
C:\Program Files\View-Password\View-Password.exe a variant of Win32/AdWare.AddLyrics.AF application cleaned by deleting - quarantined
C:\Program Files\View-Password\ViewPassword154.exe a variant of Win32/AdWare.AD150.A application cleaned by deleting (after the next restart) - quarantined
C:\Users\Steve\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe a variant of MSIL/Adware.StrongVault.A application cleaned by deleting - quarantined
C:\Users\Steve\Desktop\Old Firefox Data\tkabc92o.default\extensions\29abb661-0efc-4f64-8a89-b11430d434c4@9678608e-dc95-42b0-8db0-4ce126239776.com\extensionData\plugins\91_monetizationLoader.js.js JS/Toolbar.Crossrider.B potentially unwanted application deleted - quarantined
C:\Users\Steve\Desktop\Old Firefox Data\tkabc92o.default\extensions\{06842cb0-3251-37f7-db2d-dfe26f3e87ed}\components\SmartbarFireFoxRemotePlugin_22.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\Users\Steve\Desktop\Old Firefox Data\tkabc92o.default\extensions\{06842cb0-3251-37f7-db2d-dfe26f3e87ed}\components\SmartbarFireFoxRemotePlugin_23.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\Users\Steve\Desktop\Old Firefox Data\tkabc92o.default\extensions\{06842cb0-3251-37f7-db2d-dfe26f3e87ed}\components\SmartbarFireFoxRemotePlugin_24.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\Users\Steve\Desktop\Old Firefox Data\tkabc92o.default\extensions\{06842cb0-3251-37f7-db2d-dfe26f3e87ed}\components\SmartbarFireFoxRemotePlugin_25.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\Users\Steve\Desktop\Old Firefox Data\tkabc92o.default\extensions\{06842cb0-3251-37f7-db2d-dfe26f3e87ed}\components\SmartbarFireFoxRemotePlugin_26.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\Users\Steve\Desktop\Old Firefox Data\tkabc92o.default\extensions\{06842cb0-3251-37f7-db2d-dfe26f3e87ed}\components\SmartbarFireFoxRemotePlugin_27.dll a variant of Win32/Toolbar.Linkury.D potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\ComcastTB_3.0(7).exe a variant of Win32/Toolbar.Visicom.B potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\ComcastTB_3.5(1).exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\ComcastTB_3.5(2).exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\ComcastTB_3.5.exe a variant of Win32/Toolbar.Visicom.B potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\Setup(2).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\Setup(3).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\setup.exe(1).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\setup.exe(2).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\setup.exe(3).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\setup.exe.exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\SoftwareUpdate.exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\UpdaterSetup(1).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\UpdaterSetup(2).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\UpdaterSetup(3).exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Users\Steve\Downloads\UpdaterSetup.exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
C:\Windows\Installer\b75049.msi a variant of MSIL/Toolbar.Linkury.C potentially unwanted application deleted - quarantined


#8 Piumartian

Piumartian
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast
  • Local time:05:17 AM

Posted 06 April 2014 - 02:26 PM

Thanks for everything Bleeping and "To Insanity"...

I've used BC for a few years, but never posted.  This time it really helped.

Hope to hear from you soon.



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:17 AM

Posted 07 April 2014 - 02:11 PM

Ok you sure had your share of uglies..
Win32/Inject. is a worm that spreads via removable media. The worm contains a backdoor. It can be controlled remotely.
These concern me...
You connected a Flash drive or something and that item is infected and will infect the next one. It needs to get cleaned.

One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Piumartian

Piumartian
  • Topic Starter

  • Members
  • 31 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Coast
  • Local time:05:17 AM

Posted 07 April 2014 - 03:45 PM

Boopme, C.R.A.P.!  Of course, i used my work laptop to download your files, then transfered them by USB drive  over to the infected laptop this weekend.

Later,  I inserted the USB drives back to my work laptop.   is Win32/inject automatic?  By simply inserting it into my work laptop, does it execute automatically?

 

finally,  can I run all the same diagnostics for my buddy Steve's laptop on my laptop to find the same infection?  Can't hurt.  

Thanks guys.  I'll post to this same topic the results of my work computer.

CRAPP!   But thanks so much for everything and the strong heads up!

 

Piumartian



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,912 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:17 AM

Posted 07 April 2014 - 08:09 PM

It really can .. Holding the SHIFT key down when inserting the drive will prevent that.. But using this will fix the drive so it wont happen again.

Please download Flash_Disinfector.exe by sUBs and save it to your desktop.
  • Double-click Flash_Disinfector.exe to run it and follow any prompts that may appear.
  • The utility may ask you to insert your flash drive and/or other removable drives. Please do so and allow the utility to clean up those drives as well.
  • Hold down the Shift key when inserting the drive until Windows detects it to keep autorun.inf from executing if it is present.
  • Wait until it has finished scanning and then exit the program.
  • Reboot your computer when done.
  • Note: As part of its routine, Flash_Disinfector will create a hidden folder named autorun.inf in each partition and every USB drive that was plugged in when you ran it. Do not delete this folder...it will help protect your drives from future infection by keeping the autorun file from being installed on the root drive and running other malicious files.


    Run this now on this machine.

    Please download aswMBR ( 4.5MB ) to your desktop.
    • Double click the aswMBR.exe icon, and click Run.
    • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
    • Click the Scan button to start the scan.
    • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.
    Yes these can and should be run on the other machine

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users