Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Virus found Win32/Patched


  • Please log in to reply
11 replies to this topic

#1 edc1521

edc1521

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 16 April 2014 - 01:13 PM

I have a Dell Inspiron 9400 Laptop running XP Media Center Edition. My AVG antivirus detected a threat that it says cannot be cleaned.

 

The flowing dialog box is displayed:

 

Virus found Win32/Patched

Cannot be cleaned. Remove manually.

 

Can someone help me remove this threat manually?



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:57 AM

Posted 16 April 2014 - 03:25 PM

Hello edc, lets run these next and see.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner
    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).

    .
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
    Now MBAM....
    • Download Malwarebytes Anti-Malware Free and save it to your desktop
    • Double click the desktop icon, click Run, then OK
    • Click Next
    • Select I accept the agreement then continue to click Next then finally click Install
    • Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
    • If you are notified the Database is out of date click Update Now
    • Click Scan Now >>
    ----------
    • Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
    • Click Start (Start, Search, All files and folders for Windows XP) then type mbam
    • Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

    mbam-chameleon.scr
    mbam-chameleon
    mbam-chameleon.exe
    mbam-chameleon.com

    ----------
    • When completed click the down arrow on Export Log and select Text file (*.txt)
    • Save the file to your desktop as MBAM
    • Click Apply Actions then restart your computer if requested
    • Copy and past the contents of MBAM.txt in your reply

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 edc1521

edc1521
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 16 April 2014 - 10:18 PM

Thank you for your response. I ran all the tools that you recommended and here are the results:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by mayers (administrator) on 16-04-2014 at 16:43:41
Running from "C:\Documents and Settings\mayers\Desktop\Malware Tools"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.type", 0
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
1394 Net Adapter = 1394 Connection (Disconnected)
Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Broadcom 440x 10/100 Integrated Controller = Local Area Connection (Media disconnected)
NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter = Wireless Network Connection 3 (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
# Interface IP Configuration for "Wireless Network Connection 3"
 
set address name="Wireless Network Connection 3" source=dhcp 
set dns name="Wireless Network Connection 3" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection 3" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : LT_E1705
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Hybrid
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : PWMS
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Broadcom 440x 10/100 Integrated Controller
 
        Physical Address. . . . . . . . . : 00-18-8B-B2-E0-8F
 
 
 
Ethernet adapter Wireless Network Connection:
 
 
 
        Connection-specific DNS Suffix  . : PWMS
 
        Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
 
        Physical Address. . . . . . . . . : 00-19-D2-47-EE-90
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.125.87
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.125.1
 
        DHCP Server . . . . . . . . . . . : 192.168.125.4
 
        DNS Servers . . . . . . . . . . . : 192.168.125.4
 
        Primary WINS Server . . . . . . . : 192.168.125.4
 
        Lease Obtained. . . . . . . . . . : Wednesday, April 16, 2014 11:34:17 AM
 
        Lease Expires . . . . . . . . . . : Saturday, April 19, 2014 11:34:17 AM
 
 
 
Ethernet adapter Wireless Network Connection 3:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter
 
        Physical Address. . . . . . . . . : 2C-B0-5D-70-AA-59
 
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  192.168.125.4
 
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
Ping request could not find host google.com. Please check the name and try again.
 
Server:  pwm3.pwms.com
Address:  192.168.125.4
 
Name:    yahoo.com
Addresses:  98.138.253.109, 206.190.36.45, 98.139.183.24
 
 
 
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
 
 
 
Reply from 206.190.36.45: bytes=32 time=189ms TTL=244
 
Reply from 206.190.36.45: bytes=32 time=330ms TTL=244
 
 
 
Ping statistics for 206.190.36.45:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 189ms, Maximum = 330ms, Average = 259ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 18 8b b2 e0 8f ...... Broadcom 440x 10/100 Integrated Controller - Packet Scheduler Miniport
0x3 ...00 19 d2 47 ee 90 ...... Intel® PRO/Wireless 3945ABG Network Connection - Packet Scheduler Miniport
0x10005 ...2c b0 5d 70 aa 59 ...... NETGEAR WNDA3100v2 N600 Wireless Dual Band USB Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.125.1  192.168.125.87  30
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
    192.168.125.0    255.255.255.0   192.168.125.87  192.168.125.87  30
   192.168.125.87  255.255.255.255        127.0.0.1       127.0.0.1  30
  192.168.125.255  255.255.255.255   192.168.125.87  192.168.125.87  30
        224.0.0.0        240.0.0.0   192.168.125.87  192.168.125.87  30
  255.255.255.255  255.255.255.255   192.168.125.87  192.168.125.87  1
  255.255.255.255  255.255.255.255   192.168.125.87               2  1
  255.255.255.255  255.255.255.255   192.168.125.87           10005  1
Default Gateway:     192.168.125.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 30 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 31 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (12/15/2013 02:31:46 PM) (Source: Application Hang) (User: )
Description: Hanging application tie00176c75.exe, version 1.12.12.13, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (12/04/2013 08:23:17 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (12/04/2013 08:23:17 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (09/02/2013 07:33:39 AM) (Source: Application Error) (User: )
Description: Faulting application avgmfapx.exe, version 13.0.0.3388, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [avgmfapx.exe!ws!]
 
Error: (07/25/2013 02:45:40 PM) (Source: Application Hang) (User: )
Description: Hanging application FlashUtil32_11_7_700_224_ActiveX.exe, version 11.7.700.224, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
 
Error: (06/07/2013 05:12:23 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1704. SA_Error1704: StandardAction(0xC00706A8): An installation for AVG 2012 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?
 
Error: (05/17/2013 02:49:06 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27013. CA_Error27013: CheckAvgLic(0xE0010406): Processing license failed
 
Error: (05/17/2013 02:49:06 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27013. CA_Error27013: ProcessAvgLicense(0xE0010406): Processing license failed
 
Error: (05/17/2013 02:40:51 PM) (Source: Application Error) (User: )
Description: Faulting application wnda3100v2.exe, version 1.0.3.13, faulting module wnda3100v2.exe, version 1.0.3.13, fault address 0x00093c4f.
Processing media-specific event for [wnda3100v2.exe!ws!]
 
Error: (05/17/2013 02:40:50 PM) (Source: Application Error) (User: )
Description: Faulting application wna1100.exe, version 1.1.3.21, faulting module wna1100.exe, version 1.1.3.21, fault address 0x00072682.
Processing media-specific event for [wna1100.exe!ws!]
 
 
System errors:
=============
Error: (04/16/2014 04:43:45 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
 to the user NT AUTHORITY\NETWORK SERVICE SID (S-1-5-20).  This security permission can be modified using the Component Services administrative tool.
 
Error: (04/16/2014 11:34:18 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the seclogon service.
 
Error: (04/16/2014 11:34:18 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the WZCSVC service.
 
Error: (04/16/2014 11:28:19 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2
 
Error: (04/16/2014 11:05:19 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the WSWNDA3100v2 service.
 
Error: (03/29/2014 08:51:15 PM) (Source: Service Control Manager) (User: )
Description: The ScRegSetValueExW call failed for FailureActions with the following error: 
%%5
 
Error: (03/11/2014 09:09:30 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 2CB05D70AA59.  The following error
occurred: 
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
 
Error: (03/11/2014 09:09:25 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address 2CB05D70AA59.  The following error
occurred: 
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.
 
Error: (03/11/2014 09:09:24 PM) (Source: Dhcp) (User: )
Description: The IP address lease 192.168.2.19 for the Network Card with network address 2CB05D70AA59 has been
denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
 
Error: (03/11/2014 09:09:09 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the WSWNDA3100v2 service.
 
 
Microsoft Office Sessions:
=========================
Error: (12/15/2013 02:31:46 PM) (Source: Application Hang)(User: )
Description: tie00176c75.exe1.12.12.13hungapp0.0.0.000000000
 
Error: (12/04/2013 08:23:17 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (12/04/2013 08:23:17 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (09/02/2013 07:33:39 AM) (Source: Application Error)(User: )
Description: avgmfapx.exe13.0.0.3388unknown0.0.0.000000000
 
Error: (07/25/2013 02:45:40 PM) (Source: Application Hang)(User: )
Description: FlashUtil32_11_7_700_224_ActiveX.exe11.7.700.224hungapp0.0.0.000000000
 
Error: (06/07/2013 05:12:23 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 1704. SA_Error1704: StandardAction(0xC00706A8): An installation for AVG 2012 is currently suspended. You must undo the changes made by that installation to continue. Do you want to undo those changes?(NULL)(NULL)(NULL)
 
Error: (05/17/2013 02:49:06 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27013. CA_Error27013: CheckAvgLic(0xE0010406): Processing license failed(NULL)(NULL)(NULL)
 
Error: (05/17/2013 02:49:06 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2012 -- Error 27013. CA_Error27013: ProcessAvgLicense(0xE0010406): Processing license failed(NULL)(NULL)(NULL)
 
Error: (05/17/2013 02:40:51 PM) (Source: Application Error)(User: )
Description: wnda3100v2.exe1.0.3.13wnda3100v2.exe1.0.3.1300093c4f
 
Error: (05/17/2013 02:40:50 PM) (Source: Application Error)(User: )
Description: wna1100.exe1.1.3.21wna1100.exe1.1.3.2100072682
 
 
=========================== Installed Programs ============================
 
1310 (Version: 40.0.115.000)
1310_Help (Version: 40.0.115.000)
1310Tour (Version: 40.0.115.000)
1310Trb (Version: 40.0.115.000)
Adobe Flash Player 12 ActiveX (Version: 12.0.0.77)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Adobe SVG Viewer 3.0 (Version:  3.0)
AiO_Scan (Version: 43.0.217.000)
AIOMinimal (Version: 40.0.115.000)
AiOSoftware (Version: 40.0.115.000)
Andrea VoiceCenter
AOLIcon (Version: 1.00.0000)
ATI Catalyst Control Center (Version: 1.2.2334.37172)
ATI Display Driver (Version: 8.261-060523a1-033841C-Dell)
AVG (Version: 3466)
AVG 2013 (Version: 13.0.3466)
AVG 2013 (Version: 13.0.3722)
Banctec Service Agreement (Version: 1.11.0000)
Broadcom Management Programs (Version: 8.65.05)
CCleaner (Version: 3.26)
Citrix Online Launcher (Version: 1.0.168)
Conexant HDA D110 MDC V.92 Modem
Copy (Version: 5.35.0.065)
Creative Audio Pack
Creative MediaSource 5 (Version: 5.00)
CreativeProjects (Version: 5.35.0.059)
Dell System Restore (Version: 2.00.0000)
Digital Content Portal (Version: 1.00.0000)
Digital Line Detect (Version: 1.15)
Director (Version: 5.35.0.051)
DocProc (Version: 3.5.0.0)
Documentation & Support Launcher (Version: 1.00.0000)
EducateU (Version: 1.00.0000)
Fax (Version: 40.0.115.000)
Free DVD ISO Burner version 1.2 (Version: 1.2)
Games, Music, & Photos Launcher (Version: 1.00.0000)
GemMaster Mystic
Google Chrome (Version: 34.0.1847.116)
High Definition Audio Driver Package - KB835221 (Version: 20040219.000000)
HP Image Zone 4.2 (Version: 4.2)
HP PSC & OfficeJet 3.5 (Version: 3.5)
HP PSC & OfficeJet 4.2
HP Software Update (Version: 1.0.22.20030804)
HPSystemDiagnostics (Version: 1.5.0.0)
InGenius ASM v2.1 (Version: 2.0.264)
InstantShare (Version: 3.5.0.21)
Intel® PROSet/Wireless Software (Version: 10.1.1.4)
J2SE Runtime Environment 5.0 Update 6 (Version: 1.5.0.60)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Java™ 6 Update 35 (Version: 6.0.350)
Keyspan USB Serial Adapter (Version: 3.4)
KVH Flash Update Wizard (Version: 3.00.321)
Learn2 Player (Uninstall Only)
LightScribe  1.4.136.1 (Version: 1.4.136.1)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
mCore (Version: 5.74.0000)
MCU (Version: 1.00.0000)
mDrWiFi (Version: 5.74.0000)
MediaDirect (Version: 4.7)
mHlpDell (Version: 5.74.0000)
Microsoft .NET Framework 1.0 Hotfix (KB2572066)
Microsoft .NET Framework 1.0 Hotfix (KB953295)
Microsoft .NET Framework 1.0 Hotfix (KB979904)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
mIWA (Version: 5.74.0000)
mLogView (Version: 5.74.0000)
mMHouse (Version: 5.74.0000)
Modem Helper (Version: 3.01)
Mozilla Firefox 9.0.1 (x86 en-US) (Version: 9.0.1)
mPfMgr (Version: 5.74.0000)
mPfWiz (Version: 5.74.0000)
mProSafe (Version: 9.00.0000)
MSN
mSSO (Version: 5.74.0000)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
mWlsSafe (Version: 9.00.0000)
mWMI (Version: 5.74.0000)
mXML (Version: 5.74.0000)
mZConfig (Version: 5.74.0000)
Nero - Burning Rom (Version: 5.5.8.0)
Nero 7 Essentials (Version: 7.02.5017)
NETGEAR WNA1100 wireless USB 2.0 adapter (Version: 1.0.0.133)
NETGEAR WNDA3100v2 wireless USB 2.0 adapter (Version: 1.03.000)
NetWaiting (Version: 2.5.23)
Numus Disk Builder and Burner 2.2.7 (Version: 2.2.7)
Otto
OutlookAddinSetup (Version: 1.0.0)
Overland (Version: 2.1.4)
Photo Story 3 for Windows (Version: 3.0.1115.11)
PhotoGallery (Version: 40.0.111.000)
Picasa 3 (Version: 3.9)
PL-2303 USB-to-Serial
PrintScreen (Version: 5.35.0.035)
QFolder (Version: 1.00.0000)
QuickProjects (Version: 5.35.0.047)
QuickSet (Version: 7.1.12)
QuickTime
Readme (Version: 40.0.115.000)
Scan (Version: 4.1.0.0)
SearchAssist
SkinsHP1 (Version: 5.35.0.043)
SkinsHP2 (Version: 5.35.0.043)
Sonic DLA (Version: 4.98)
Sonic Encoders (Version: 1.00)
Sonic MyDVD LE (Version: 6.1.1)
Sonic RecordNow Audio (Version: 2.0.0)
Sonic RecordNow Copy (Version: 2.0.0)
Sonic RecordNow Data (Version: 2.0.0.1)
Sonic Update Manager (Version: 3.0.0)
Sound Blaster ADVANCED MB Drivers
Sound Blaster Audigy ADVANCED MB (Version: 1.0)
Sound Blaster Audigy ADVANCED MB Product Registration
Synaptics Pointing Device Driver (Version: 8.2.4.6)
TrayApp (Version: 5.35.0.035)
Unload (Version: 3.5.0)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Media Player 10 (KB910393)
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update Rollup 2 for Windows XP Media Center Edition 2005
URL Assistant
WebFldrs XP (Version: 9.50.7523)
WebReg (Version: 5.31.0.147)
WIDCOMM Bluetooth Software (Version: 5.0.1.2609)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (Version: 1.0)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7 (Version: 20061107.210142)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows Media Player 11
Windows XP Media Center Edition 2005 KB2502898
Windows XP Media Center Edition 2005 KB2619340
Windows XP Media Center Edition 2005 KB908246
Windows XP Media Center Edition 2005 KB925766
Windows XP Media Center Edition 2005 KB973768
Windows XP Service Pack 3 (Version: 20080414.031525)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 56%
Total physical RAM: 2046.37 MB
Available physical RAM: 884.62 MB
Total Pagefile: 3938.78 MB
Available Pagefile: 2899.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1976.39 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:105.09 GB) (Free:76.11 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\LT_E1705
 
Administrator            ecomitz                  Guest                    
HelpAssistant            mayers                   SUPPORT_388945a0         
 
 
**** End of log ****
 
 
17:27:04.0610 0x19a8  TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
17:27:11.0845 0x19a8  ============================================================
17:27:11.0845 0x19a8  Current date / time: 2014/04/16 17:27:11.0845
17:27:11.0845 0x19a8  SystemInfo:
17:27:11.0860 0x19a8  
17:27:11.0860 0x19a8  OS Version: 5.1.2600 ServicePack: 3.0
17:27:11.0860 0x19a8  Product type: Workstation
17:27:11.0860 0x19a8  ComputerName: LT_E1705
17:27:11.0860 0x19a8  UserName: mayers
17:27:11.0860 0x19a8  Windows directory: C:\WINDOWS
17:27:11.0860 0x19a8  System windows directory: C:\WINDOWS
17:27:11.0860 0x19a8  Processor architecture: Intel x86
17:27:11.0860 0x19a8  Number of processors: 2
17:27:11.0860 0x19a8  Page size: 0x1000
17:27:11.0860 0x19a8  Boot type: Normal boot
17:27:11.0860 0x19a8  ============================================================
17:27:14.0266 0x19a8  KLMD registered as C:\WINDOWS\system32\drivers\10201685.sys
17:27:14.0407 0x19a8  System UUID: {B0B2C05E-EA10-5905-5AC9-EDA65EC17441}
17:27:15.0298 0x19a8  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:27:15.0298 0x19a8  ============================================================
17:27:15.0298 0x19a8  \Device\Harddisk0\DR0:
17:27:15.0298 0x19a8  MBR partitions:
17:27:15.0298 0x19a8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x17886, BlocksNum 0xD22F8D7
17:27:15.0313 0x19a8  ============================================================
17:27:15.0360 0x19a8  C: <-> \Device\Harddisk0\DR0\Partition1
17:27:15.0360 0x19a8  ============================================================
17:27:15.0360 0x19a8  Initialize success
17:27:15.0360 0x19a8  ============================================================
17:27:17.0641 0x1504  ============================================================
17:27:17.0641 0x1504  Scan started
17:27:17.0641 0x1504  Mode: Manual; 
17:27:17.0641 0x1504  ============================================================
17:27:17.0641 0x1504  KSN ping started
17:27:25.0923 0x1504  KSN ping finished: true
17:27:27.0376 0x1504  ================ Scan system memory ========================
17:27:30.0141 0x1504  System memory - ok
17:27:30.0157 0x1504  ================ Scan services =============================
17:27:30.0235 0x1504  Abiosdsk - ok
17:27:30.0251 0x1504  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
17:27:30.0251 0x1504  abp480n5 - ok
17:27:30.0407 0x1504  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:27:30.0407 0x1504  ACPI - ok
17:27:30.0438 0x1504  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
17:27:30.0438 0x1504  ACPIEC - ok
17:27:30.0485 0x1504  [ 4ACF9052A6355D1530CF782E0919C5B4, A20B733010D29AB8F21A17D3FBD3C6354BA8F9D75D116348D93548ABA5F4E4BD ] ACS             C:\WINDOWS\system32\acs.exe
17:27:30.0501 0x1504  ACS - ok
17:27:30.0595 0x1504  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:27:30.0595 0x1504  AdobeFlashPlayerUpdateSvc - ok
17:27:30.0626 0x1504  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
17:27:30.0626 0x1504  adpu160m - ok
17:27:30.0657 0x1504  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
17:27:30.0657 0x1504  aec - ok
17:27:30.0704 0x1504  [ 91F3DF93F40A74D222CD166FE95DB633, 127F679DA148CFEB10C37E070F76F42E7A3D7893FF37E5D26195B74428F2CEA3 ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
17:27:30.0704 0x1504  AegisP - ok
17:27:30.0735 0x1504  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
17:27:30.0735 0x1504  AFD - ok
17:27:30.0782 0x1504  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
17:27:30.0782 0x1504  agp440 - ok
17:27:30.0813 0x1504  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
17:27:30.0813 0x1504  agpCPQ - ok
17:27:30.0829 0x1504  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
17:27:30.0829 0x1504  Aha154x - ok
17:27:30.0845 0x1504  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
17:27:30.0845 0x1504  aic78u2 - ok
17:27:30.0876 0x1504  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
17:27:30.0876 0x1504  aic78xx - ok
17:27:30.0938 0x1504  [ D5987B854A62867D399A3D3D744547E5, 0BF3DD6A423D9B6D348756FE12FA809F16FC34C1BCDB41581B2546932C2653D9 ] akshasp         C:\WINDOWS\system32\DRIVERS\akshasp.sys
17:27:30.0970 0x1504  akshasp - ok
17:27:30.0985 0x1504  [ 25C07DE96A774622001935E36693C9C2, 4155139B1CC4EA2333462E6E2D83CD26F09A36B3B5201151CD08E38BA9859D29 ] aksusb          C:\WINDOWS\system32\DRIVERS\aksusb.sys
17:27:30.0985 0x1504  aksusb - ok
17:27:31.0032 0x1504  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
17:27:31.0032 0x1504  Alerter - ok
17:27:31.0063 0x1504  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
17:27:31.0063 0x1504  ALG - ok
17:27:31.0095 0x1504  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
17:27:31.0110 0x1504  AliIde - ok
17:27:31.0126 0x1504  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
17:27:31.0126 0x1504  alim1541 - ok
17:27:31.0141 0x1504  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
17:27:31.0141 0x1504  amdagp - ok
17:27:31.0157 0x1504  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
17:27:31.0157 0x1504  amsint - ok
17:27:31.0188 0x1504  [ EC94E05B76D033B74394E7B2175103CF, 4F0993951B72478D87AD15A6FC33D3D18FEFAF2A08698CFC63BBD1EDB784B0FE ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
17:27:31.0188 0x1504  APPDRV - ok
17:27:31.0251 0x1504  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:27:31.0266 0x1504  AppMgmt - ok
17:27:31.0438 0x1504  [ 76FD2178F8D6CF804A37017F8E163B88, CE679B127E4F234FD0F0A5C56A476A29FC52B3EDE600E08B8DC994ACA00F6FF2 ] AR9271          C:\WINDOWS\system32\DRIVERS\athuw.sys
17:27:31.0548 0x1504  AR9271 - ok
17:27:31.0595 0x1504  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
17:27:31.0595 0x1504  Arp1394 - ok
17:27:31.0626 0x1504  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
17:27:31.0626 0x1504  asc - ok
17:27:31.0641 0x1504  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
17:27:31.0641 0x1504  asc3350p - ok
17:27:31.0657 0x1504  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
17:27:31.0673 0x1504  asc3550 - ok
17:27:31.0735 0x1504  [ E1A1206A4FB19B675E947B29CCD25FBA, A9855FAB141E327DBC05B845939304749175B78F883B7FEC24552D96DA15609F ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
17:27:31.0735 0x1504  aspnet_state - ok
17:27:31.0766 0x1504  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:27:31.0782 0x1504  AsyncMac - ok
17:27:31.0813 0x1504  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
17:27:31.0813 0x1504  atapi - ok
17:27:31.0813 0x1504  Atdisk - ok
17:27:31.0876 0x1504  [ 3B11BE07AF444314794372AF5D7C9A5A, A116728D575429E3F5FF2D28FE056E1CB21F520BA5F0265675DC914CD07F532D ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:27:31.0907 0x1504  Ati HotKey Poller - ok
17:27:32.0048 0x1504  [ 2573C08729DD52B7B4F18DF1592E0B37, 28F8566DC39714CD87A3EB67E552C4CC75D4F8D307530AB54E36A5D256C4C514 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:27:32.0126 0x1504  ati2mtag - ok
17:27:32.0157 0x1504  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:27:32.0173 0x1504  Atmarpc - ok
17:27:32.0188 0x1504  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
17:27:32.0204 0x1504  AudioSrv - ok
17:27:32.0235 0x1504  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
17:27:32.0235 0x1504  audstub - ok
17:27:32.0595 0x1504  [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
17:27:32.0860 0x1504  AVGIDSAgent - ok
17:27:32.0907 0x1504  [ 5BCAE36134162830ED283F4C3D88476A, A47EE816A88A8C18458BA721AB829E49D492128BA8D5BF6FF317C2B5A1FFA60F ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
17:27:32.0923 0x1504  AVGIDSDriver - ok
17:27:32.0938 0x1504  [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
17:27:32.0954 0x1504  AVGIDSHX - ok
17:27:32.0970 0x1504  [ F8D2E76EA51B3B4119DF3D6A7A6D99F3, 417E05BA987345ED48223404DEBC10043A18CBC749462186CC3EE9C20F47C86D ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
17:27:32.0970 0x1504  AVGIDSShim - ok
17:27:32.0985 0x1504  [ 2018C4E9A40B122408763A5635CF14D9, E0BF5D5C7CFDD078F8BBA9627F1F8E0434B38A23FA9E039B37A22D7E1AD4EFFA ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
17:27:32.0985 0x1504  Avgldx86 - ok
17:27:33.0016 0x1504  [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
17:27:33.0032 0x1504  Avglogx - ok
17:27:33.0032 0x1504  [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
17:27:33.0048 0x1504  Avgmfx86 - ok
17:27:33.0048 0x1504  [ 90FA3A4BB1039701D68FD1CC2ED3EE22, 5842AECBF76163BCAEE19DED708291DD8402E2D24DD48453E6067A9AE5BABB11 ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
17:27:33.0048 0x1504  Avgrkx86 - ok
17:27:33.0079 0x1504  [ E3AB4B3B2BD79B662FDF3A8042AE036E, 0689E7900B0BBCD81DBEBF7E637183C4A744EB948BDEB4DD7AC1D7A995704C11 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
17:27:33.0095 0x1504  Avgtdix - ok
17:27:33.0126 0x1504  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
17:27:33.0126 0x1504  avgwd - ok
17:27:33.0173 0x1504  [ 6489310D11971F6BA6C7F49BE0BAF6E0, 24FB7D3DA7F372C30258AB476F0FAF43A73FF97417E86B0646105BA60B71E2AF ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
17:27:33.0173 0x1504  bcm4sbxp - ok
17:27:33.0282 0x1504  [ BCDF72DCE41874B3AD9143D537B493B2, C048C773137DD94C980179E90FAE7D90A6902DA0153342B33E784DB04C16385A ] BCMH43XX        C:\WINDOWS\system32\DRIVERS\bcmwlhigh5.sys
17:27:33.0313 0x1504  BCMH43XX - ok
17:27:33.0360 0x1504  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:27:33.0360 0x1504  Beep - ok
17:27:33.0423 0x1504  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
17:27:33.0516 0x1504  BITS - ok
17:27:33.0548 0x1504  [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser         C:\WINDOWS\System32\browser.dll
17:27:33.0563 0x1504  Browser - ok
17:27:33.0610 0x1504  [ 8893AE0B6B9B60E0521A60E8B2160216, 993A9C0B76C1517DEBAFE6C312B22687691ED197B976E2FB4687260B0075405D ] btaudio         C:\WINDOWS\system32\drivers\btaudio.sys
17:27:33.0626 0x1504  btaudio - ok
17:27:33.0657 0x1504  [ FDE318E3569F57264AF74B7E431F60AE, 7B938D2019CA820A7437207C73913AC30DAFDC1F3B68AE14CD08773D7932D3DC ] BTDriver        C:\WINDOWS\system32\DRIVERS\btport.sys
17:27:33.0657 0x1504  BTDriver - ok
17:27:33.0735 0x1504  [ 9C3C8B9E2EDA516EB44B51DAB81DBD68, E1F6D1C3CE48D2C5B37DCC960E0087DA836BE6DD554875DC9949033E57A380E6 ] BTKRNL          C:\WINDOWS\system32\DRIVERS\btkrnl.sys
17:27:33.0782 0x1504  BTKRNL - ok
17:27:33.0813 0x1504  [ 089F7526FF41C17B0A43896D0553D5A2, 1821B1E06BAD0ABAAA30CD94120419B80D45007F6A9AD9F4970A0125730F6DA3 ] BTSERIAL        C:\WINDOWS\system32\drivers\btserial.sys
17:27:33.0813 0x1504  BTSERIAL - ok
17:27:33.0876 0x1504  [ 3A462EBA453D84D036046772104CFBCB, 4AE361F04B2FF7F6653834C7B57E573D84E83AE9036FA58151034F9236256ADA ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
17:27:33.0891 0x1504  btwdins - ok
17:27:33.0923 0x1504  [ 28531AB3183F498E58D93D585E6A6B70, B92CA5B4D75C9D344E88F1B9E2607D881BE494B40F36C38E1C49BECBF018FB0F ] BTWDNDIS        C:\WINDOWS\system32\DRIVERS\btwdndis.sys
17:27:33.0938 0x1504  BTWDNDIS - ok
17:27:33.0985 0x1504  [ C5C0E21C67089F053B964E0A8B8ADBAC, 1A2E34AFF514AE91E0255E79318F322B05560CD7DA2AB2E9A92DCD40C8ACB2D1 ] btwhid          C:\WINDOWS\system32\DRIVERS\btwhid.sys
17:27:33.0985 0x1504  btwhid - ok
17:27:33.0985 0x1504  [ 7D295223C172AB4D61DC256721B2F09E, E6703A1737D67A35D8A15D1821654EEF4BD2980AFA20B6E08BC8BF4AFF2FA711 ] btwmodem        C:\WINDOWS\system32\DRIVERS\btwmodem.sys
17:27:33.0985 0x1504  btwmodem - ok
17:27:34.0032 0x1504  [ 56C701580F2891952761362BA7594B3D, 815D09A2EEF5CEF2F629D6A4B7C8EF1445B82CC3622B6CB71E1428C566713B06 ] BTWUSB          C:\WINDOWS\system32\Drivers\btwusb.sys
17:27:34.0048 0x1504  BTWUSB - ok
17:27:34.0141 0x1504  catchme - ok
17:27:34.0173 0x1504  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
17:27:34.0173 0x1504  cbidf - ok
17:27:34.0173 0x1504  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
17:27:34.0173 0x1504  cbidf2k - ok
17:27:34.0204 0x1504  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
17:27:34.0204 0x1504  cd20xrnt - ok
17:27:34.0220 0x1504  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
17:27:34.0235 0x1504  Cdaudio - ok
17:27:34.0266 0x1504  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
17:27:34.0266 0x1504  Cdfs - ok
17:27:34.0282 0x1504  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:27:34.0282 0x1504  Cdrom - ok
17:27:34.0298 0x1504  Changer - ok
17:27:34.0329 0x1504  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
17:27:34.0345 0x1504  CiSvc - ok
17:27:34.0345 0x1504  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
17:27:34.0345 0x1504  ClipSrv - ok
17:27:34.0376 0x1504  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
17:27:34.0376 0x1504  CmBatt - ok
17:27:34.0407 0x1504  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
17:27:34.0407 0x1504  CmdIde - ok
17:27:34.0407 0x1504  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
17:27:34.0407 0x1504  Compbatt - ok
17:27:34.0423 0x1504  COMSysApp - ok
17:27:34.0454 0x1504  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
17:27:34.0470 0x1504  Cpqarray - ok
17:27:34.0516 0x1504  [ 7DB5E3F44D797BD38B8E336CCC2E49D5, C04F2EA8147FAA1646B15886D911D6656DA961F0F9C3515C62BDF8E63666F794 ] Creative Labs Licensing Service C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
17:27:34.0516 0x1504  Creative Labs Licensing Service - ok
17:27:34.0548 0x1504  [ 3C8B6609712F4FF78E521F6DCFC4032B, DFCFD5F2D35DDA25DD91B4D732BDF84D1526AB11084E22523D51ABB2A8608402 ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.exe
17:27:34.0548 0x1504  Creative Service for CDROM Access - ok
17:27:34.0563 0x1504  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
17:27:34.0563 0x1504  CryptSvc - ok
17:27:34.0595 0x1504  [ 8DB84DE3AAB34A8B4C2F644EFF41CD76, 02154E064651269EEF51BA6D68285A05E1552D3FFDCA97ED810EAEB26EAF4573 ] ctsfm2k         C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
17:27:34.0610 0x1504  ctsfm2k - ok
17:27:34.0626 0x1504  [ 4EE8822ADB764EDD28CE44E808097995, 0BCAFE9DD6B8ED9600C3C8D35AF01524B31B3061E8BE4513854CED2CED006A41 ] CTUSFSYN        C:\WINDOWS\system32\drivers\ctusfsyn.sys
17:27:34.0641 0x1504  CTUSFSYN - ok
17:27:34.0657 0x1504  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
17:27:34.0673 0x1504  dac2w2k - ok
17:27:34.0704 0x1504  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
17:27:34.0704 0x1504  dac960nt - ok
17:27:34.0751 0x1504  [ F113C167FD0F2D2B16EC1538BD72B504, 90EA12A7C0A013B7957598FA9762A34098CE3B2608EE89F7F18D2EA7E397EAE3 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:27:34.0766 0x1504  DcomLaunch - ok
17:27:34.0798 0x1504  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
17:27:34.0798 0x1504  Dhcp - ok
17:27:34.0813 0x1504  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
17:27:34.0813 0x1504  Disk - ok
17:27:34.0813 0x1504  dmadmin - ok
17:27:34.0891 0x1504  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
17:27:34.0907 0x1504  dmboot - ok
17:27:34.0923 0x1504  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
17:27:34.0923 0x1504  dmio - ok
17:27:34.0954 0x1504  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
17:27:34.0954 0x1504  dmload - ok
17:27:34.0985 0x1504  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
17:27:34.0985 0x1504  dmserver - ok
17:27:35.0016 0x1504  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
17:27:35.0016 0x1504  DMusic - ok
17:27:35.0048 0x1504  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:27:35.0063 0x1504  Dnscache - ok
17:27:35.0110 0x1504  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:27:35.0126 0x1504  Dot3svc - ok
17:27:35.0141 0x1504  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
17:27:35.0141 0x1504  dpti2o - ok
17:27:35.0157 0x1504  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:27:35.0157 0x1504  drmkaud - ok
17:27:35.0188 0x1504  [ 96BC8F872F0270C10EDC3931F1C03776, B2F835ED8E029F3F5DCE9C5F95C7DCBD3CAB4EC6006794E6D14DB0D71F22EA05 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
17:27:35.0188 0x1504  drvmcdb - ok
17:27:35.0204 0x1504  [ 5AFBEC7A6AC61B211633DFDB1D9E0C89, 0259139695FC681A8E70178A58BD7833168B6C83BB3DD650F566A445AA528C2E ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
17:27:35.0204 0x1504  drvnddm - ok
17:27:35.0204 0x1504  DSproct - ok
17:27:35.0235 0x1504  [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
17:27:35.0235 0x1504  E100B - ok
17:27:35.0266 0x1504  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:27:35.0266 0x1504  EapHost - ok
17:27:35.0329 0x1504  [ D039A0C347632622934906BD59A4E1EA, ED2C84C4F80295B1738FBF4CDF1C8D7E2EEF3312F6DF7099BF4FC7BF49C0E556 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
17:27:35.0345 0x1504  ehRecvr - ok
17:27:35.0360 0x1504  [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
17:27:35.0360 0x1504  ehSched - ok
17:27:35.0376 0x1504  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
17:27:35.0376 0x1504  ERSvc - ok
17:27:35.0407 0x1504  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
17:27:35.0423 0x1504  Eventlog - ok
17:27:35.0454 0x1504  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
17:27:35.0470 0x1504  EventSystem - ok
17:27:35.0516 0x1504  [ F96E450937BAD69FE4804D46829AA5C7, 45630321BBC8958262DF4EA63A708B3027798A8DCC179139DD5458B85F325D9C ] EvtEng          C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
17:27:35.0516 0x1504  EvtEng - ok
17:27:35.0563 0x1504  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
17:27:35.0579 0x1504  Fastfat - ok
17:27:35.0610 0x1504  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:27:35.0626 0x1504  FastUserSwitchingCompatibility - ok
17:27:35.0657 0x1504  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:27:35.0673 0x1504  Fax - ok
17:27:35.0704 0x1504  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
17:27:35.0704 0x1504  Fdc - ok
17:27:35.0735 0x1504  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
17:27:35.0735 0x1504  Fips - ok
17:27:35.0751 0x1504  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
17:27:35.0751 0x1504  Flpydisk - ok
17:27:35.0782 0x1504  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:27:35.0798 0x1504  FltMgr - ok
17:27:35.0813 0x1504  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:27:35.0813 0x1504  Fs_Rec - ok
17:27:35.0829 0x1504  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:27:35.0845 0x1504  Ftdisk - ok
17:27:35.0860 0x1504  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:27:35.0876 0x1504  Gpc - ok
17:27:35.0923 0x1504  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
17:27:35.0938 0x1504  gusvc - ok
17:27:36.0016 0x1504  [ C1CC0C9742B881C42F1CC628E6F9EBD1, 0F63B84B36E25BA208DFA6AD467EEAA20575519EFF1ED62F3A35010CB7CDB9D8 ] Hardlock        C:\WINDOWS\system32\drivers\hardlock.sys
17:27:36.0048 0x1504  Hardlock - ok
17:27:36.0095 0x1504  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:27:36.0095 0x1504  HDAudBus - ok
17:27:36.0157 0x1504  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:27:36.0157 0x1504  helpsvc - ok
17:27:36.0188 0x1504  [ BB1A6FB7D35A91E599973FA74A619056, 409C49D51E00060961ABCC5F821A7F2EBDE4F988E739EFA60A36020331C12A2E ] HidIr           C:\WINDOWS\system32\DRIVERS\hidir.sys
17:27:36.0188 0x1504  HidIr - ok
17:27:36.0220 0x1504  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
17:27:36.0220 0x1504  HidServ - ok
17:27:36.0251 0x1504  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
17:27:36.0251 0x1504  HidUsb - ok
17:27:36.0282 0x1504  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
17:27:36.0282 0x1504  hkmsvc - ok
17:27:36.0313 0x1504  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
17:27:36.0313 0x1504  hpn - ok
17:27:36.0345 0x1504  [ 5FABA4775D4C61E55EC669D643FFC71F, EDBC23F6079DC4F4492E3A3381D1DDABA2BDAD05BAF831BB9E92D55AEBEB3FDB ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
17:27:36.0360 0x1504  HPZid412 - ok
17:27:36.0376 0x1504  [ A3C43980EE1F1BEAC778B44EA65DBDD4, 404F5248FD7DB0AAF02F214FC6001D743EB61F579D250A87D06F58F9182F5DE4 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
17:27:36.0376 0x1504  HPZipr12 - ok
17:27:36.0407 0x1504  [ 2906949BD4E206F2BB0DD1896CE9F66F, F1EAE39571C2264163E1E080ED83225B6CD005FB2BAD0925430E7B1FE0654DAE ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
17:27:36.0423 0x1504  HPZius12 - ok
17:27:36.0516 0x1504  [ E8EC1767EA315A39A0DD8989952CA0E9, E7586CF0D4F2898E551E51035D7979B6EAF5E20B40FDDFA6297B84E171DB9016 ] HSF_DPV         C:\WINDOWS\system32\DRIVERS\HSX_DPV.sys
17:27:36.0563 0x1504  HSF_DPV - ok
17:27:36.0595 0x1504  [ 61478FA42EE04562E7F11F4DCA87E9C8, 3F54BE008E0D109B00BC2B069B5D509FE784D399B0F5E856E651B12021F0DBA0 ] HSXHWAZL        C:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys
17:27:36.0610 0x1504  HSXHWAZL - ok
17:27:36.0657 0x1504  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
17:27:36.0673 0x1504  HTTP - ok
17:27:36.0720 0x1504  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
17:27:36.0720 0x1504  HTTPFilter - ok
17:27:36.0751 0x1504  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
17:27:36.0751 0x1504  i2omgmt - ok
17:27:36.0766 0x1504  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
17:27:36.0766 0x1504  i2omp - ok
17:27:36.0782 0x1504  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:27:36.0782 0x1504  i8042prt - ok
17:27:36.0876 0x1504  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:27:36.0891 0x1504  IDriverT - ok
17:27:36.0891 0x1504  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
17:27:36.0891 0x1504  Imapi - ok
17:27:36.0954 0x1504  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
17:27:36.0954 0x1504  ImapiService - ok
17:27:36.0970 0x1504  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
17:27:36.0985 0x1504  ini910u - ok
17:27:36.0985 0x1504  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
17:27:36.0985 0x1504  IntelIde - ok
17:27:37.0032 0x1504  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:27:37.0032 0x1504  intelppm - ok
17:27:37.0048 0x1504  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
17:27:37.0048 0x1504  Ip6Fw - ok
17:27:37.0095 0x1504  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:27:37.0095 0x1504  IpFilterDriver - ok
17:27:37.0110 0x1504  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:27:37.0110 0x1504  IpInIp - ok
17:27:37.0141 0x1504  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:27:37.0141 0x1504  IpNat - ok
17:27:37.0173 0x1504  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:27:37.0173 0x1504  IPSec - ok
17:27:37.0188 0x1504  [ B43B36B382AEA10861F7C7A37F9D4AE2, CF2A8F5F36FC95EA6E7773D03DC8B7BCED3D02253CB25CEC32CB52C74A3B7673 ] IrBus           C:\WINDOWS\system32\DRIVERS\IrBus.sys
17:27:37.0204 0x1504  IrBus - ok
17:27:37.0235 0x1504  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
17:27:37.0235 0x1504  IRENUM - ok
17:27:37.0251 0x1504  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:27:37.0251 0x1504  isapnp - ok
17:27:37.0345 0x1504  [ 9ECF00E19736054E019C532AED8228FC, F5A64A8269EA3655BBD4850298F335C0BD30535258928ED7CE62A32A3363E60B ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
17:27:37.0345 0x1504  JavaQuickStarterService - ok
17:27:37.0423 0x1504  [ AD7C73C72480EECB7675C90EB565E7CB, 3975739F539F153F3FF83F04CF146F4ED72EEB18978209D0D5ACE24197BD5879 ] jswpsapi        C:\Program Files\NETGEAR\WNA1100\jswpsapi.exe
17:27:37.0438 0x1504  jswpsapi - ok
17:27:37.0485 0x1504  [ AD67795900AA8C05CC4570F5349E0639, D74DEDC8E88504C1D81108B561F9109B6D9583028280089B17DF38EDB04DBBBC ] JSWSCIMD        C:\WINDOWS\system32\DRIVERS\jswscimd.sys
17:27:37.0501 0x1504  JSWSCIMD - ok
17:27:37.0516 0x1504  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:27:37.0516 0x1504  Kbdclass - ok
17:27:37.0532 0x1504  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
17:27:37.0532 0x1504  kbdhid - ok
17:27:37.0579 0x1504  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
17:27:37.0579 0x1504  kmixer - ok
17:27:37.0626 0x1504  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
17:27:37.0626 0x1504  KSecDD - ok
17:27:37.0657 0x1504  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
17:27:37.0673 0x1504  lanmanserver - ok
17:27:37.0704 0x1504  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:27:37.0720 0x1504  lanmanworkstation - ok
17:27:37.0720 0x1504  lbrtfdc - ok
17:27:37.0782 0x1504  [ 559C9B7800FAC92FC515CD0003D7C631, 1A2C2C3C8E1B862224267462EA3A3BE5A02FE3D0626B292A663CB1EBC8A1B2C5 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
17:27:37.0782 0x1504  LightScribeService - ok
17:27:37.0798 0x1504  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
17:27:37.0798 0x1504  LmHosts - ok
17:27:37.0845 0x1504  [ 32933B07FC16D9F778BEE12545FA1B1A, 73CCDD4EBA90138820624FFEFC629EFA3B15FF395D9F31CC4C4678713ECB1F23 ] LPDSVC          C:\WINDOWS\system32\tcpsvcs.exe
17:27:37.0845 0x1504  LPDSVC - ok
17:27:37.0891 0x1504  [ 0C6EA0109CFEDF441F06D031E9A8D1A9, 61C18F1DD1DC5719252564A60F9E0CBD0AD275C065C5B95F330921C582EA532F ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
17:27:37.0891 0x1504  MBAMProtector - ok
17:27:38.0063 0x1504  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
17:27:38.0110 0x1504  MBAMScheduler - ok
17:27:38.0188 0x1504  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
17:27:38.0220 0x1504  MBAMService - ok
17:27:38.0251 0x1504  [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A67394769E9C0044529B6C ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
17:27:38.0251 0x1504  McrdSvc - ok
17:27:38.0329 0x1504  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
17:27:38.0345 0x1504  MDM - ok
17:27:38.0360 0x1504  [ E246A32C445056996074A397DA56E815, 5CD5B22840151CAC1FC990C3E468E5382DCC3F89EFD8CE422B9B10B5BEB6F990 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
17:27:38.0376 0x1504  mdmxsdk - ok
17:27:38.0407 0x1504  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
17:27:38.0423 0x1504  Messenger - ok
17:27:38.0454 0x1504  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
17:27:38.0454 0x1504  MHN - ok
17:27:38.0485 0x1504  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
17:27:38.0485 0x1504  MHNDRV - ok
17:27:38.0501 0x1504  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
17:27:38.0516 0x1504  mnmdd - ok
17:27:38.0548 0x1504  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
17:27:38.0563 0x1504  mnmsrvc - ok
17:27:38.0579 0x1504  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
17:27:38.0579 0x1504  Modem - ok
17:27:38.0704 0x1504  [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] monfilt         C:\WINDOWS\system32\drivers\monfilt.sys
17:27:38.0798 0x1504  monfilt - ok
17:27:38.0813 0x1504  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:27:38.0813 0x1504  Mouclass - ok
17:27:38.0845 0x1504  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
17:27:38.0845 0x1504  mouhid - ok
17:27:38.0860 0x1504  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
17:27:38.0860 0x1504  MountMgr - ok
17:27:38.0891 0x1504  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
17:27:38.0891 0x1504  mraid35x - ok
17:27:38.0891 0x1504  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:27:38.0907 0x1504  MRxDAV - ok
17:27:38.0970 0x1504  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:27:38.0985 0x1504  MRxSmb - ok
17:27:39.0016 0x1504  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
17:27:39.0016 0x1504  MSDTC - ok
17:27:39.0032 0x1504  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:27:39.0032 0x1504  Msfs - ok
17:27:39.0032 0x1504  MSIServer - ok
17:27:39.0048 0x1504  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:27:39.0048 0x1504  MSKSSRV - ok
17:27:39.0079 0x1504  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:27:39.0079 0x1504  MSPCLOCK - ok
17:27:39.0095 0x1504  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:27:39.0095 0x1504  MSPQM - ok
17:27:39.0110 0x1504  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:27:39.0126 0x1504  mssmbios - ok
17:27:39.0141 0x1504  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
17:27:39.0141 0x1504  Mup - ok
17:27:39.0188 0x1504  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
17:27:39.0188 0x1504  napagent - ok
17:27:39.0220 0x1504  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
17:27:39.0235 0x1504  NDIS - ok
17:27:39.0251 0x1504  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:27:39.0251 0x1504  NdisTapi - ok
17:27:39.0266 0x1504  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:27:39.0266 0x1504  Ndisuio - ok
17:27:39.0282 0x1504  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:27:39.0282 0x1504  NdisWan - ok
17:27:39.0313 0x1504  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:27:39.0313 0x1504  NDProxy - ok
17:27:39.0329 0x1504  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:27:39.0329 0x1504  NetBIOS - ok
17:27:39.0345 0x1504  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:27:39.0360 0x1504  NetBT - ok
17:27:39.0407 0x1504  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
17:27:39.0423 0x1504  NetDDE - ok
17:27:39.0423 0x1504  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
17:27:39.0438 0x1504  NetDDEdsdm - ok
17:27:39.0485 0x1504  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:27:39.0485 0x1504  Netlogon - ok
17:27:39.0501 0x1504  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
17:27:39.0516 0x1504  Netman - ok
17:27:39.0548 0x1504  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
17:27:39.0548 0x1504  NIC1394 - ok
17:27:39.0595 0x1504  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
17:27:39.0610 0x1504  Nla - ok
17:27:39.0704 0x1504  [ C4EBBBD7165BE535F0BFD06B80601D91, BA8C8A42081E3F87690CC8312B106A9297F3D25F29E3C3F84F460B98FC18C201 ] NMIndexingService C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
17:27:39.0720 0x1504  NMIndexingService - ok
17:27:39.0735 0x1504  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:27:39.0751 0x1504  Npfs - ok
17:27:39.0782 0x1504  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:27:39.0813 0x1504  Ntfs - ok
17:27:39.0829 0x1504  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
17:27:39.0829 0x1504  NtLmSsp - ok
17:27:39.0891 0x1504  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
17:27:39.0923 0x1504  NtmsSvc - ok
17:27:39.0954 0x1504  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:27:39.0954 0x1504  Null - ok
17:27:40.0110 0x1504  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
17:27:40.0220 0x1504  nv - ok
17:27:40.0251 0x1504  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:27:40.0251 0x1504  NwlnkFlt - ok
17:27:40.0266 0x1504  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:27:40.0266 0x1504  NwlnkFwd - ok
17:27:40.0282 0x1504  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
17:27:40.0282 0x1504  ohci1394 - ok
17:27:40.0298 0x1504  [ B17228142CEC9B3C222239FD935A37CA, 862498084CBF4579FCC12807F30BACDAAC16115CC6DB56274B7C49796B62A5CC ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
17:27:40.0298 0x1504  omci - ok
17:27:40.0345 0x1504  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:27:40.0345 0x1504  ose - ok
17:27:40.0376 0x1504  [ 103A9B117A7D9903111955CDAFE65AC6, 06060CA6036F757ABB6C9CFD8376D70996E80ACC7896896DD426AEA0786E2B15 ] ossrv           C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
17:27:40.0391 0x1504  ossrv - ok
17:27:40.0438 0x1504  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
17:27:40.0438 0x1504  Parport - ok
17:27:40.0454 0x1504  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
17:27:40.0454 0x1504  PartMgr - ok
17:27:40.0470 0x1504  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
17:27:40.0470 0x1504  ParVdm - ok
17:27:40.0485 0x1504  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
17:27:40.0485 0x1504  PCI - ok
17:27:40.0501 0x1504  PCIDump - ok
17:27:40.0501 0x1504  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
17:27:40.0501 0x1504  PCIIde - ok
17:27:40.0532 0x1504  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
17:27:40.0548 0x1504  Pcmcia - ok
17:27:40.0548 0x1504  PDCOMP - ok
17:27:40.0548 0x1504  PDFRAME - ok
17:27:40.0563 0x1504  PDRELI - ok
17:27:40.0563 0x1504  PDRFRAME - ok
17:27:40.0579 0x1504  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
17:27:40.0579 0x1504  perc2 - ok
17:27:40.0610 0x1504  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
17:27:40.0610 0x1504  perc2hib - ok
17:27:40.0641 0x1504  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
17:27:40.0641 0x1504  PlugPlay - ok
17:27:40.0673 0x1504  [ 5C1CADD1CB67C0B9D8A84EC6E4D6B5CC, 33FDA381846B5E3BDC17F726C512A60A9FEC0D40BECE3D13712E87459FC8F4C2 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
17:27:40.0688 0x1504  Pml Driver HPZ12 - ok
17:27:40.0720 0x1504  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
17:27:40.0720 0x1504  PolicyAgent - ok
17:27:40.0751 0x1504  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:27:40.0751 0x1504  PptpMiniport - ok
17:27:40.0766 0x1504  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:27:40.0766 0x1504  ProtectedStorage - ok
17:27:40.0782 0x1504  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
17:27:40.0782 0x1504  PSched - ok
17:27:40.0813 0x1504  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:27:40.0813 0x1504  Ptilink - ok
17:27:40.0845 0x1504  [ 7C81AE3C9B82BA2DA437ED4D31BC56CF, 42407981358C3D27851442441C9A9692A747390469F03C3E89483F85BFCB797B ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
17:27:40.0845 0x1504  PxHelp20 - ok
17:27:40.0876 0x1504  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
17:27:40.0876 0x1504  ql1080 - ok
17:27:40.0891 0x1504  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
17:27:40.0891 0x1504  Ql10wnt - ok
17:27:40.0923 0x1504  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
17:27:40.0923 0x1504  ql12160 - ok
17:27:40.0954 0x1504  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
17:27:40.0954 0x1504  ql1240 - ok
17:27:40.0970 0x1504  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
17:27:40.0970 0x1504  ql1280 - ok
17:27:40.0985 0x1504  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:27:40.0985 0x1504  RasAcd - ok
17:27:41.0016 0x1504  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:27:41.0032 0x1504  RasAuto - ok
17:27:41.0063 0x1504  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:27:41.0063 0x1504  Rasl2tp - ok
17:27:41.0095 0x1504  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:27:41.0110 0x1504  RasMan - ok
17:27:41.0110 0x1504  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:27:41.0110 0x1504  RasPppoe - ok
17:27:41.0126 0x1504  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
17:27:41.0126 0x1504  Raspti - ok
17:27:41.0141 0x1504  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:27:41.0141 0x1504  Rdbss - ok
17:27:41.0141 0x1504  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:27:41.0157 0x1504  RDPCDD - ok
17:27:41.0173 0x1504  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:27:41.0188 0x1504  rdpdr - ok
17:27:41.0235 0x1504  [ FC105DD312ED64EB66BFF111E8EC6EAC, 1B29D928DDD43A1929D5A788648536603EA60AF6D4EC9BF0B20AD7F71BD88ACB ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:27:41.0235 0x1504  RDPWD - ok
17:27:41.0266 0x1504  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
17:27:41.0266 0x1504  RDSessMgr - ok
17:27:41.0298 0x1504  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
17:27:41.0298 0x1504  redbook - ok
17:27:41.0329 0x1504  [ 6210679582240D54CC7FCC6278CA8B04, 6D08BED028BD16ECFFF8CF5573999B53619829DDD145DA3CB8370DB5CCFBC3C4 ] RegSrvc         C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
17:27:41.0329 0x1504  RegSrvc - ok
17:27:41.0360 0x1504  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:27:41.0376 0x1504  RemoteAccess - ok
17:27:41.0391 0x1504  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:27:41.0391 0x1504  RemoteRegistry - ok
17:27:41.0423 0x1504  [ 24ED7AF20651F9FA1F249482E7C1F165, 6F7BD68CBA0CACDCB6B43A401887A190FD825B4EE1974D07271224CB225A8DC2 ] rimmptsk        C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
17:27:41.0438 0x1504  rimmptsk - ok
17:27:41.0438 0x1504  [ 1BDBA2D2D402415A78A4BA766DFE0F7B, 894EB6956B8F28DE96B846AC87E4FDD9614240871D6A326CEFB7F99184BC3E79 ] rimsptsk        C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
17:27:41.0438 0x1504  rimsptsk - ok
17:27:41.0454 0x1504  [ F774ECD11A064F0DEBB2D4395418153C, 053CBC85E40C6D8D1FC2968A2B7FD43445E6B0FDEED5905A905F953A236052C9 ] rismxdp         C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
17:27:41.0470 0x1504  rismxdp - ok
17:27:41.0516 0x1504  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:27:41.0516 0x1504  RpcLocator - ok
17:27:41.0563 0x1504  [ F113C167FD0F2D2B16EC1538BD72B504, 90EA12A7C0A013B7957598FA9762A34098CE3B2608EE89F7F18D2EA7E397EAE3 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
17:27:41.0563 0x1504  RpcSs - ok
17:27:41.0595 0x1504  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
17:27:41.0595 0x1504  RSVP - ok
17:27:41.0641 0x1504  [ 99647323602BE0E77A9737E6EADA65BA, 090293BDD0C4EC9E96A9E7CB6816238ACD18A3F0A53885F43EEE4F7B41BE1E64 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
17:27:41.0673 0x1504  S24EventMonitor - ok
17:27:41.0688 0x1504  [ 2C0E9E777AB1849B43494626C1F308B5, 4B2249CB61CC0F54C7DB36DE35B885B066B9287E9AC5B74A76614A6D9E9578C8 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
17:27:41.0704 0x1504  s24trans - ok
17:27:41.0720 0x1504  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:27:41.0720 0x1504  SamSs - ok
17:27:41.0751 0x1504  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
17:27:41.0766 0x1504  SCardSvr - ok
17:27:41.0813 0x1504  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:27:41.0829 0x1504  Schedule - ok
17:27:41.0860 0x1504  [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus           C:\WINDOWS\system32\DRIVERS\sdbus.sys
17:27:41.0860 0x1504  sdbus - ok
17:27:41.0907 0x1504  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:27:41.0907 0x1504  Secdrv - ok
17:27:41.0923 0x1504  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
17:27:41.0923 0x1504  seclogon - ok
17:27:41.0938 0x1504  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
17:27:41.0938 0x1504  SENS - ok
17:27:42.0001 0x1504  [ 2EC41A96D0DC98BD119BF325E0B9F392, B77BE15FE662BBCE83AC117B1FF5D5B316B41932D15C941BF10E32021EBA822E ] Ser2pl          C:\WINDOWS\system32\DRIVERS\ser2pl.sys
17:27:42.0001 0x1504  Ser2pl - ok
17:27:42.0032 0x1504  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
17:27:42.0032 0x1504  serenum - ok
17:27:42.0048 0x1504  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
17:27:42.0063 0x1504  Serial - ok
17:27:42.0079 0x1504  [ 1F16931C722C69E4A7866244796C66A0, 11C35DF2DAEBE949873B3B5534B9AB0CF293127870AF483ECE40DD8D719FC536 ] sermouse        C:\WINDOWS\system32\DRIVERS\sermouse.sys
17:27:42.0079 0x1504  sermouse - ok
17:27:42.0110 0x1504  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
17:27:42.0110 0x1504  Sfloppy - ok
17:27:42.0157 0x1504  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:27:42.0173 0x1504  SharedAccess - ok
17:27:42.0204 0x1504  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:27:42.0204 0x1504  ShellHWDetection - ok
17:27:42.0220 0x1504  Simbad - ok
17:27:42.0251 0x1504  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
17:27:42.0251 0x1504  sisagp - ok
17:27:42.0282 0x1504  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
17:27:42.0282 0x1504  Sparrow - ok
17:27:42.0313 0x1504  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
17:27:42.0329 0x1504  splitter - ok
17:27:42.0360 0x1504  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
17:27:42.0360 0x1504  Spooler - ok
17:27:42.0407 0x1504  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
17:27:42.0423 0x1504  sr - ok
17:27:42.0454 0x1504  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
17:27:42.0470 0x1504  srservice - ok
17:27:42.0532 0x1504  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:27:42.0548 0x1504  Srv - ok
17:27:42.0563 0x1504  [ 98625722AD52B40305E74AAA83C93086, 1A022CE84C1F3522C15A23885B3154CB0477512F4E4C95C89BEDB61B3F76B9DF ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
17:27:42.0563 0x1504  sscdbhk5 - ok
17:27:42.0595 0x1504  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:27:42.0595 0x1504  SSDPSRV - ok
17:27:42.0626 0x1504  [ D79412E3942C8A257253487536D5A994, 09A5AB33E4EB49006FD22CCC2535BB8052E8FB617DB842B1F6A0F0B4D520FAF2 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
17:27:42.0626 0x1504  ssrtln - ok
17:27:42.0735 0x1504  [ 3AD78E22210D3FBD9F76DE84A8DF19B5, 4C3BA26DE5A5567F958EC8173191E0B3CE3438AD0AD6115BDED28A7B5A0DA0B8 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
17:27:42.0798 0x1504  STHDA - ok
17:27:42.0860 0x1504  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
17:27:42.0891 0x1504  stisvc - ok
17:27:42.0923 0x1504  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
17:27:42.0923 0x1504  swenum - ok
17:27:42.0938 0x1504  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
17:27:42.0954 0x1504  swmidi - ok
17:27:42.0954 0x1504  SwPrv - ok
17:27:42.0985 0x1504  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
17:27:42.0985 0x1504  symc810 - ok
17:27:43.0001 0x1504  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
17:27:43.0001 0x1504  symc8xx - ok
17:27:43.0016 0x1504  SymIM - ok
17:27:43.0016 0x1504  SymIMMP - ok
17:27:43.0032 0x1504  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
17:27:43.0032 0x1504  sym_hi - ok
17:27:43.0063 0x1504  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
17:27:43.0063 0x1504  sym_u3 - ok
17:27:43.0126 0x1504  [ FA2DAA32BED908023272A0F77D625DAE, 7A9A38360D694229BB8B9D3F4C0BEDCD6872F7F074CA81F1425E36C85F602B59 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:27:43.0126 0x1504  SynTP - ok
17:27:43.0173 0x1504  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
17:27:43.0188 0x1504  sysaudio - ok
17:27:43.0235 0x1504  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
17:27:43.0235 0x1504  SysmonLog - ok
17:27:43.0282 0x1504  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:27:43.0282 0x1504  TapiSrv - ok
17:27:43.0329 0x1504  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:27:43.0345 0x1504  Tcpip - ok
17:27:43.0360 0x1504  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
17:27:43.0360 0x1504  TDPIPE - ok
17:27:43.0376 0x1504  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
17:27:43.0391 0x1504  TDTCP - ok
17:27:43.0407 0x1504  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
17:27:43.0407 0x1504  TermDD - ok
17:27:43.0454 0x1504  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:27:43.0470 0x1504  TermService - ok
17:27:43.0532 0x1504  [ D0177776E11B0B3F272EEBD262A69661, E826ADC7381AD5891C6DD514ED48E8F74A804A9C4BE6E6555CDCCF60286BE898 ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
17:27:43.0532 0x1504  tfsnboio - ok
17:27:43.0532 0x1504  [ 599804BC938B8305A5422319774DA871, C0B450D71A0FD36A9358C241D6CDA2CB3392F2A8182401B4DC44BF5CF93847C8 ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
17:27:43.0532 0x1504  tfsncofs - ok
17:27:43.0548 0x1504  [ A1902C00ADC11C4D83F8E3ED947A6A32, 5B05B8BF4C0EF5E86ABEE4C7EACD976427699061520A6CCB04EEEDDA3F6FFF56 ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
17:27:43.0548 0x1504  tfsndrct - ok
17:27:43.0563 0x1504  [ D8DDB3F2B1BEF15CFF6728D89C042C61, 61E1EE3CEB5B1B2234E1187086CDAD7450E6B69058264F3C30F73F65E05C0F05 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
17:27:43.0563 0x1504  tfsndres - ok
17:27:43.0579 0x1504  [ C4F2DEA75300971CDAEE311007DE138D, 9B1DE826445672C2F4CC73E99843CCC53918B9622C2709ED611086A817958B10 ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
17:27:43.0579 0x1504  tfsnifs - ok
17:27:43.0579 0x1504  [ 272925BE0EA919F08286D2EE6F102B0F, EE4B7AB9061C6202166C9B947AE1431DB12B9A898C1F20C7E05A0E3531BBA65F ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
17:27:43.0579 0x1504  tfsnopio - ok
17:27:43.0595 0x1504  [ 7B7D955E5CEBC2FB88B03EF875D52A2F, 53E1595BAC6C508B389AB695CC954FE739EA4014C8EF2FD6C2ABC1492732BB25 ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
17:27:43.0595 0x1504  tfsnpool - ok
17:27:43.0595 0x1504  [ E3D01263109D800C1967C12C10A0B018, 96FBD863C1EC1C603203EA425B5891D7CE1D0D04BBA29B68E8654CD40AD70B09 ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
17:27:43.0595 0x1504  tfsnudf - ok
17:27:43.0610 0x1504  [ B9E9C377906E3A65BC74598FFF7F7458, F2B175EB5FCF8F19E765A01B5289F158E07F8698F8A35171E7767F084C503512 ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
17:27:43.0610 0x1504  tfsnudfa - ok
17:27:43.0626 0x1504  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
17:27:43.0641 0x1504  Themes - ok
17:27:43.0673 0x1504  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
17:27:43.0688 0x1504  TlntSvr - ok
17:27:43.0735 0x1504  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
17:27:43.0735 0x1504  TosIde - ok
17:27:43.0782 0x1504  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
17:27:43.0782 0x1504  TrkWks - ok
17:27:43.0813 0x1504  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
17:27:43.0813 0x1504  Udfs - ok
17:27:43.0829 0x1504  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
17:27:43.0829 0x1504  ultra - ok
17:27:43.0876 0x1504  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
17:27:43.0891 0x1504  Update - ok
17:27:43.0923 0x1504  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:27:43.0938 0x1504  upnphost - ok
17:27:43.0970 0x1504  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
17:27:43.0970 0x1504  UPS - ok
17:27:44.0048 0x1504  [ 7B26EAEC7D6AC6302BA62CA5FC25077D, DE7056C27AAC2A3C2AFA59DBDD0FEE1001597D9B3868CA3990DDA8B81BFE71E3 ] USA19H          C:\WINDOWS\system32\DRIVERS\USA19H2k.sys
17:27:44.0063 0x1504  USA19H - ok
17:27:44.0079 0x1504  [ 83224EE0942360255E82A21C80E1D4DF, 3B591617F45AE5F3037D70D6306AD1AF37B1C2EC30F80954E9A2BD30306E1F06 ] USA19H2KP       C:\WINDOWS\system32\DRIVERS\USA19H2kp.SYS
17:27:44.0079 0x1504  USA19H2KP - ok
17:27:44.0110 0x1504  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
17:27:44.0110 0x1504  usbccgp - ok
17:27:44.0157 0x1504  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:27:44.0157 0x1504  usbehci - ok
17:27:44.0173 0x1504  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:27:44.0173 0x1504  usbhub - ok
17:27:44.0173 0x1504  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
17:27:44.0188 0x1504  usbprint - ok
17:27:44.0188 0x1504  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
17:27:44.0188 0x1504  usbscan - ok
17:27:44.0220 0x1504  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
17:27:44.0220 0x1504  USBSTOR - ok
17:27:44.0235 0x1504  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:27:44.0235 0x1504  usbuhci - ok
17:27:44.0235 0x1504  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
17:27:44.0235 0x1504  VgaSave - ok
17:27:44.0266 0x1504  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
17:27:44.0266 0x1504  viaagp - ok
17:27:44.0282 0x1504  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
17:27:44.0282 0x1504  ViaIde - ok
17:27:44.0298 0x1504  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
17:27:44.0298 0x1504  VolSnap - ok
17:27:44.0345 0x1504  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
17:27:44.0360 0x1504  VSS - ok
17:27:44.0376 0x1504  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
17:27:44.0391 0x1504  w32time - ok
17:27:44.0501 0x1504  [ 95C7421F8BAFC85BA09D33364058937D, DD77094301CFCBD1421CE972A1045E432BACD735352BBFC34B98600E24718457 ] w39n51          C:\WINDOWS\system32\DRIVERS\w39n51.sys
17:27:44.0548 0x1504  w39n51 - ok
17:27:44.0579 0x1504  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:27:44.0595 0x1504  Wanarp - ok
17:27:44.0595 0x1504  wanatw - ok
17:27:44.0595 0x1504  WDICA - ok
17:27:44.0626 0x1504  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
17:27:44.0626 0x1504  wdmaud - ok
17:27:44.0673 0x1504  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:27:44.0673 0x1504  WebClient - ok
17:27:44.0751 0x1504  [ BA6B6FB242A6BA4068C8B763063BEB63, 424324919D018033D93A19F30C8CACF4F88808A79EA17B35284EA02BA8A7DD27 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys
17:27:44.0766 0x1504  winachsf - ok
17:27:44.0845 0x1504  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:27:44.0845 0x1504  winmgmt - ok
17:27:44.0891 0x1504  [ E876C33293AA5FFA81A1AA28D594712E, 22B69D94BD5D4D9939EB5016943269DC734E7C1C47BEE57DF0C8B522540B9AAF ] WLANKEEPER      C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
17:27:44.0907 0x1504  WLANKEEPER - ok
17:27:44.0954 0x1504  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
17:27:44.0954 0x1504  WmdmPmSN - ok
17:27:45.0016 0x1504  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
17:27:45.0032 0x1504  Wmi - ok
17:27:45.0048 0x1504  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
17:27:45.0048 0x1504  WmiAcpi - ok
17:27:45.0095 0x1504  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:27:45.0095 0x1504  WmiApSrv - ok
17:27:45.0235 0x1504  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
17:27:45.0251 0x1504  WMPNetworkSvc - ok
17:27:45.0282 0x1504  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
17:27:45.0298 0x1504  WS2IFSL - ok
17:27:45.0313 0x1504  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
17:27:45.0329 0x1504  wscsvc - ok
17:27:45.0360 0x1504  [ 7A36F3083E28405D6C5ECDB942513C3B, 83C67779DE0CF43C9CCDC61A3827DCC550004F7F322E31563BEC7654519D95A3 ] WSIMD           C:\WINDOWS\system32\DRIVERS\wsimd.sys
17:27:45.0360 0x1504  WSIMD - ok
17:27:45.0407 0x1504  [ 3E366F57CBB540C965BAB1F2BE6D7998, 4C7DB6F02DBA9D20D1A4F326CBF23B88AE9E8DE8B11C48CC85761C08D5128805 ] WSWNA1100       C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
17:27:45.0407 0x1504  WSWNA1100 - ok
17:27:45.0470 0x1504  [ D161D62AE8D3F3EC1197B012D5E47431, 9D89B5C4B74231F41C039E142E69F4E8060259F1897E7077FE0EE94D58D4A1BA ] WSWNDA3100v2    C:\Program Files\NETGEAR\WNDA3100v2\WifiSvc.exe
17:27:45.0485 0x1504  WSWNDA3100v2 - ok
17:27:45.0501 0x1504  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
17:27:45.0516 0x1504  wuauserv - ok
17:27:45.0548 0x1504  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:27:45.0548 0x1504  WudfPf - ok
17:27:45.0563 0x1504  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:27:45.0563 0x1504  WudfRd - ok
17:27:45.0579 0x1504  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
17:27:45.0595 0x1504  WudfSvc - ok
17:27:45.0641 0x1504  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
17:27:45.0657 0x1504  WZCSVC - ok
17:27:45.0688 0x1504  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
17:27:45.0688 0x1504  xmlprov - ok
17:27:45.0704 0x1504  ================ Scan global ===============================
17:27:45.0751 0x1504  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
17:27:45.0782 0x1504  [ 95CF3446911A6E25EE4086DF8A45B2AA, A68F49D17F9F6B19FC9670C67806C40FFF2ED8281267B753CBE08CC7DC307D54 ] C:\WINDOWS\system32\winsrv.dll
17:27:45.0798 0x1504  [ 95CF3446911A6E25EE4086DF8A45B2AA, A68F49D17F9F6B19FC9670C67806C40FFF2ED8281267B753CBE08CC7DC307D54 ] C:\WINDOWS\system32\winsrv.dll
17:27:45.0829 0x1504  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
17:27:45.0829 0x1504  [ Global ] - ok
17:27:45.0829 0x1504  ================ Scan MBR ==================================
17:27:45.0845 0x1504  [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
17:27:46.0095 0x1504  \Device\Harddisk0\DR0 - ok
17:27:46.0095 0x1504  ================ Scan VBR ==================================
17:27:46.0095 0x1504  [ 221BEEC0D7778448E11E64658C1B36F0 ] \Device\Harddisk0\DR0\Partition1
17:27:46.0141 0x1504  \Device\Harddisk0\DR0\Partition1 - ok
17:27:46.0141 0x1504  Waiting for KSN requests completion. In queue: 32
17:27:47.0173 0x1504  AV detected via SS1: AVG AntiVirus Business Edition, 2013.0, disabled, updated
17:27:47.0173 0x1504  Win FW state via NFM: enabled
17:27:47.0173 0x1504  ============================================================
17:27:47.0173 0x1504  Scan finished
17:27:47.0173 0x1504  ============================================================
17:27:47.0188 0x1a7c  Detected object count: 0
17:27:47.0188 0x1a7c  Actual detected object count: 0
 
 
**********
 
# AdwCleaner v3.023 - Report created 16/04/2014 at 17:38:31
# Updated 01/04/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : mayers - LT_E1705
# Running from : C:\Documents and Settings\mayers\Desktop\Adwcleaner\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v9.0.1 (en-US)
 
[ File : C:\Documents and Settings\mayers\Application Data\Mozilla\Firefox\Profiles\brifupjg.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Documents and Settings\mayers\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1189 octets] - [16/04/2014 17:35:14]
AdwCleaner[S0].txt - [1114 octets] - [16/04/2014 17:38:31]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1174 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Microsoft Windows XP x86
Ran by mayers on Wed 04/16/2014 at 22:37:36.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 04/16/2014 at 22:43:46.90
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 4/16/2014
Scan Time: 11:02:10 PM
Logfile: MBAM.txt
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.04.16.11
Rootkit Database: v2014.03.27.01
License: Premium
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled
 
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: mayers
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 290002
Time Elapsed: 15 min, 34 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:57 AM

Posted 17 April 2014 - 11:33 AM

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 edc1521

edc1521
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 17 April 2014 - 12:01 PM

 
 
Here are the results of the scan.
Thank you,
Ed
 
aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-04-17 12:47:28
-----------------------------
12:47:28.453    OS Version: Windows 5.1.2600 Service Pack 3
12:47:28.453    Number of processors: 2 586 0xF06
12:47:28.453    ComputerName: LT_E1705  UserName: mayers
12:47:49.328    Initialize success
12:50:20.438    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
12:50:20.438    Disk 0 Vendor: Hitachi_HTS541612J9SA00 SBDOC74P Size: 114473MB BusType: 3
12:50:20.609    Disk 0 MBR read successfully
12:50:20.609    Disk 0 MBR scan
12:50:20.609    Disk 0 unknown MBR code
12:50:20.609    Disk 0 Partition 1 00     DE Dell Utility Dell 8.0       47 MB offset 63
12:50:20.609    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       107615 MB offset 96390
12:50:20.609    Disk 0 Partition - 00     0F Extended LBA              2047 MB offset 220508190
12:50:20.641    Disk 0 Partition 3 00     DB  CP/M / CTOS Dell 8.0     4753 MB offset 224701155
12:50:20.750    Disk 0 Partition 4 00     DD              MSDOS5.0     2047 MB offset 220508253
12:50:21.016    Disk 0 scanning sectors +234436545
12:50:21.109    Disk 0 scanning C:\WINDOWS\system32\drivers
12:51:27.859    Service scanning
12:52:36.734    Modules scanning
12:54:05.891    Disk 0 trace - called modules:
12:54:06.047    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys 
12:54:06.047    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a8c0ab8]
12:54:06.047    3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000084[0x8a84ca98]
12:54:06.047    5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a851940]
12:54:06.047    Scan finished successfully
12:54:53.250    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\mayers\Desktop\ASWMBR\MBR.dat"
12:54:53.266    The log file has been saved successfully to "C:\Documents and Settings\mayers\Desktop\ASWMBR\aswMBR.txt"


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:57 AM

Posted 18 April 2014 - 02:04 PM

Ok ... Update your AVG and scan again.. you are using AVG2013
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 edc1521

edc1521
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 18 April 2014 - 08:59 PM

I updated my AVG antivirus to 2014 and it is still coming up with this:

Object Name: c:\windows\system32\rpcss.dll
Removing of threat has failed
Access Denied

#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:57 AM

Posted 18 April 2014 - 10:28 PM

Hi, I believe this is a corrupted file and needs replacing.

Lets try to fix this.

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool that the Check Disk is needed click on Do It button next to 2. Check Disk.
In that case make sure you restart computer.

p22004342.gif


Once the above is done go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22004343.gif


Go to Step 4 and under "System Restore" click on Create button:

p22004346.gif


Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22004347.gif

Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 edc1521

edc1521
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 19 April 2014 - 10:24 AM

I have no OS media for my laptop. It was not supplied by Dell when I purchased it in 2007 so I was not able to successfully complete the System File Check step.

 

Here is the Windows Repair Log:

 

 
System Variables
--------------------------------------------------------------------------------
OS: Microsoft Windows XP
OS Architecture: 32-bit
OS Version: 5.1.2600
OS Service Pack: Service Pack 3
Computer Name: LT_E1705
Windows Drive: C:\
Windows Path: C:\WINDOWS
Current Profile: C:\Documents and Settings\mayers
Current Profile SID: S-1-5-21-460088890-3907293197-1222024523-1007
Current Profile Classes: S-1-5-21-460088890-3907293197-1222024523-1007_Classes
Profiles Location: C:\Documents and Settings
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Documents and Settings\mayers\Local Settings\Application Data
--------------------------------------------------------------------------------
 
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:12:18
 
Process Count: 75
Commit Total: 569.72 MB
Commit Limit: 3.85 GB
Commit Peak: 857.16 MB
Handle Count: 17549
Kernel Total: 85.65 MB
Kernel Paged: 45.21 MB
Kernel Non Paged: 40.44 MB
System Cache: 1.15 GB
Thread Count: 716
--------------------------------------------------------------------------------
 
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.00 GB
Memory Used: 581.51 MB(28.4168%)
Memory Avail.: 1.43 GB
--------------------------------------------------------------------------------
 
Cleaning Memory Before Starting Repairs...
 
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.00 GB
Memory Used: 522.12 MB(25.5145%)
Memory Avail.: 1.49 GB
--------------------------------------------------------------------------------
 
Starting Repairs...
   Start (4/19/2014 10:05:23 AM)
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (4/19/2014 10:05:28 AM)
   Running Repair Under Current User Account
   Done (4/19/2014 10:05:34 AM)
 
01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (4/19/2014 10:05:34 AM)
   Running Repair Under System Account
   Done (4/19/2014 10:06:43 AM)
 
01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (4/19/2014 10:06:43 AM)
   Running Repair Under System Account
   Done (4/19/2014 10:07:25 AM)
 
03 - Register System Files
   Start (4/19/2014 10:07:25 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:11:08 AM)
 
04 - Repair WMI
   Start (4/19/2014 10:11:08 AM)
 
   Starting Security Center So We Can Export The Security Info.
 
   Exporting Antivirus Info...
   AVG AntiVirus 2014 Exported.
 
   Exporting 3rd Party Firewall Info...
   ZoneAlarm Free Firewall Firewall Exported.
 
   Running Repair Under Current User Account
   Done (4/19/2014 10:18:19 AM)
 
05 - Repair Windows Firewall
   Start (4/19/2014 10:18:19 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:18:34 AM)
 
06 - Repair Internet Explorer
   Start (4/19/2014 10:18:34 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:21:36 AM)
 
07 - Repair MDAC/MS Jet
   Start (4/19/2014 10:21:36 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:21:51 AM)
 
08 - Repair Hosts File
   Start (4/19/2014 10:21:51 AM)
   Running Repair Under System Account
   Done (4/19/2014 10:21:53 AM)
 
09 - Remove Policies Set By Infections
   Start (4/19/2014 10:21:53 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:21:58 AM)
 
10 - Repair Start Menu Icons Removed By Infections
   Start (4/19/2014 10:21:58 AM)
   Running Repair Under System Account
   Done (4/19/2014 10:22:00 AM)
 
11 - Repair Icons
   Start (4/19/2014 10:22:00 AM)
   Running Repair Under Current User Account
   Done (4/19/2014 10:22:02 AM)
 
12 - Repair Winsock & DNS Cache
   Start (4/19/2014 10:22:03 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:22:17 AM)
 
14 - Repair Proxy Settings
   Start (4/19/2014 10:22:17 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:22:22 AM)
 
16 - Repair Windows Updates
   Start (4/19/2014 10:22:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:23:02 AM)
 
17 - Repair CD/DVD Missing/Not Working
   Start (4/19/2014 10:23:02 AM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (4/19/2014 10:23:02 AM)
 
18 - Repair Volume Shadow Copy Service
   Start (4/19/2014 10:23:02 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:23:25 AM)
 
20 - Repair MSI (Windows Installer)
   Start (4/19/2014 10:23:25 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:23:40 AM)
 
22.01 - Repair bat Association
   Start (4/19/2014 10:23:40 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:23:45 AM)
 
22.02 - Repair cmd Association
   Start (4/19/2014 10:23:45 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:23:49 AM)
 
22.03 - Repair com Association
   Start (4/19/2014 10:23:49 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:23:54 AM)
 
22.04 - Repair Directory Association
   Start (4/19/2014 10:23:54 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:23:59 AM)
 
22.05 - Repair Drive Association
   Start (4/19/2014 10:23:59 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:03 AM)
 
22.06 - Repair exe Association
   Start (4/19/2014 10:24:03 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:08 AM)
 
22.07 - Repair Folder Association
   Start (4/19/2014 10:24:08 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:13 AM)
 
22.08 - Repair inf Association
   Start (4/19/2014 10:24:13 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:17 AM)
 
22.09 - Repair lnk (Shortcuts) Association
   Start (4/19/2014 10:24:17 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:22 AM)
 
22.10 - Repair msc Association
   Start (4/19/2014 10:24:22 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:27 AM)
 
22.11 - Repair reg Association
   Start (4/19/2014 10:24:27 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:31 AM)
 
22.12 - Repair scr Association
   Start (4/19/2014 10:24:31 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:36 AM)
 
23 - Repair Windows Safe Mode
   Start (4/19/2014 10:24:36 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:41 AM)
 
24 - Repair Print Spooler
   Start (4/19/2014 10:24:41 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:24:57 AM)
 
25 - Restore Important Windows Services
   Start (4/19/2014 10:24:57 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:25:12 AM)
 
26 - Set Windows Services To Default Startup
   Start (4/19/2014 10:25:12 AM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (4/19/2014 10:25:27 AM)
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1
 
   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1
 
Cleaning up empty logs...
 
All Selected Repairs Done.
   Done (4/19/2014 10:25:27 AM)
   Total Repair Time: 00:20:05
 
 
...YOU MUST RESTART YOUR SYSTEM...
   Running Repair Under Current User Account


#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:57 AM

Posted 19 April 2014 - 08:09 PM

It appears to have run all repairs

 

I guess you have to run AVG again.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 edc1521

edc1521
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 20 April 2014 - 01:05 AM

I ran the AVG again and it still comes up with the same warning. AVG is unable to remove the threat.

 

Virus found Win32/patched

C:\WINDOWS\system32\rpcss.dll
Status: Infected


#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,331 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:57 AM

Posted 20 April 2014 - 10:51 PM

I guess we need to get a deeper look and use stronger tools.
You have to star a new topic named " Can't remove infection, Win32/patched ... here's how.


Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users