Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Flash Player Update needed - Possible Malware?


  • Please log in to reply
14 replies to this topic

#1 marrbsst

marrbsst

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:11:15 AM

Posted 04 May 2014 - 08:13 PM

Please help.  For over a week, when I go to  google.com, youtube.com, facebook.com, and such I get a message that reads "WARNING: your Flash Player may be out of date. Please update to continue."

I closed the pop-up, but then I instantly got redirected to a web page telling me to install their flash player. I knew this was a trick, and closed the window. 

 

I have also gotten the same thing on other computers on my network. However, it has not happened on my wired computer.

 

I also get to the point where the above mentioned sites won't even load.   "This web page is not available".  

 

I am even getting a pop up on this site:  "The page at www.facebook.com says WARNiNG! Your flash player may be out of date.  Please update to continue".

 

It appears that something is taking over those url's and redirecting them elsewhere.

 

Sometimes if I reset the browser (Google Chrome - reset browser settings), shut down the computer, power down the router and modem and then wait (sometimes several hours),..  I restart the devices in reverse order and everything is okay for sometimes several hours.  Then the symptoms will start again.

 

I have run a full scan using my Trend MIcro Titanium antivirus on all computers.  It is reporting no problems.

 

I am running Windows 8.1 on this computer.  The other computers on the network are running Windows 7.

 

I have screen shots of all the problems if needed.  I cannot see how to attach them here.  If I need to be in another forum, please let me know.

 

Thank you in advance.

 


BC AdBot (Login to Remove)

 


m

#2 Ste8546

Ste8546

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:15 PM

Posted 05 May 2014 - 02:54 AM

Hi i have the same problem. I have tried to scan computer with antivirus e malwerbytes, but nothing happened. The strange thing is that i connect my tablet and i have the SAME problem: no facebook, no google, no youtube. So i've thinked the problem is in the modem, i have connected the computer at my home's friend and i have the same problem again, i'm quite desperate.

 

I've found your topic on twitter search since i can't go yo google...

 

Sorry i can't help you, and sorry for my enghlish, i'm italian.

 

If you know something about the problem write me and i'll do the same.

 

Thank you in advance.



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 AM

Posted 05 May 2014 - 03:41 PM

Hello, First Look in Control Panel for Programs you did not install and uninstall them.

Then look in your Browsers addons and or extensions for some to disable.

Follow with these and let me know...

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 easypeesy

easypeesy

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:15 PM

Posted 07 May 2014 - 11:10 PM

Hello,

 

I am also experiencing the same/ similar situation, the differences is that it is on all wired and non-wired devices.

 

1. unable to access google.com; facebook.com; youtube.com (is wonky, more likely to work after I clear my cache, history, DNS) sometimes I will be able to get only youtube.com to work

2. "WARNING: your Flash Player may be out of date. Please update to continue." <-- I get this sometimes when I go to any of the sites above, sometimes the site won't load or it may load afterwards but can't do anything else

3. At times I would get this message "The page at www.facebook.com says WARNiNG! Your flash player may be out of date. Please update to continue" or from google.com; visiting unrelated websites.

 

The problem I am running into is this keeps on coming back, I can't seem to get rid of it.

 

The following are my logs:

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Theresa (administrator) on 07-05-2014 at 21:49:19
Running from "C:\Documents and Settings\Theresa\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

D-Link AirPlus G DWL-G510 Wireless PCI Card = Wireless Network Connection (Disconnected)
Generic Marvell Yukon Chipset based Ethernet Controller = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : computer-obe3cr

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Generic Marvell Yukon Chipset based Ethernet Controller

        Physical Address. . . . . . . . . : 00-15-58-55-72-B5

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.105

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 128.199.225.64

                                            8.8.8.8

        Lease Obtained. . . . . . . . . . : Wednesday, May 07, 2014 7:42:55 PM

        Lease Expires . . . . . . . . . . : Thursday, May 08, 2014 7:42:55 PM

Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    google.com
Addresses:  173.194.43.70, 173.194.43.68, 173.194.43.67, 173.194.43.66
      173.194.43.73, 173.194.43.65, 173.194.43.64, 173.194.43.78, 173.194.43.72
      173.194.43.69, 173.194.43.71



Pinging google.com [74.125.226.136] with 32 bytes of data:



Reply from 74.125.226.136: bytes=32 time=12ms TTL=57

Reply from 74.125.226.136: bytes=32 time=11ms TTL=57



Ping statistics for 74.125.226.136:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 11ms, Maximum = 12ms, Average = 11ms

Server:  google-public-dns-a.google.com
Address:  8.8.8.8

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=78ms TTL=50

Reply from 206.190.36.45: bytes=32 time=80ms TTL=50



Ping statistics for 206.190.36.45:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 78ms, Maximum = 80ms, Average = 79ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 15 58 55 72 b5 ...... Generic Marvell Yukon Chipset based Ethernet Controller
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1   192.168.0.105      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      169.254.0.0      255.255.0.0    192.168.0.105   192.168.0.105      20
      192.168.0.0    255.255.255.0    192.168.0.105   192.168.0.105      20
    192.168.0.105  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255    192.168.0.105   192.168.0.105      20
        224.0.0.0        240.0.0.0    192.168.0.105   192.168.0.105      20
  255.255.255.255  255.255.255.255    192.168.0.105   192.168.0.105      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/07/2014 04:06:11 PM) (Source: Avira AntiVir) (User: NT AUTHORITY)
Description: An error occurred during a resource request to the Windows NT system.
The resource <avgntflt> has not been allocated.
This could be due to an out-of-memory error or any other system failure.
Returned error code: 0xffffffff

Error: (05/07/2014 03:59:40 PM) (Source: Avira AntiVir) (User: NT AUTHORITY)
Description: An error occurred during a resource request to the Windows NT system.
The resource <avgntflt> has not been allocated.
This could be due to an out-of-memory error or any other system failure.
Returned error code: 0xffffffff

Error: (05/07/2014 01:08:43 PM) (Source: Avira AntiVir) (User: NT AUTHORITY)
Description: An error occurred during a resource request to the Windows NT system.
The resource <avgntflt> has not been allocated.
This could be due to an out-of-memory error or any other system failure.
Returned error code: 0xffffffff

Error: (05/07/2014 11:36:58 AM) (Source: Avira AntiVir) (User: NT AUTHORITY)
Description: An error occurred during a resource request to the Windows NT system.
The resource <avgntflt> has not been allocated.
This could be due to an out-of-memory error or any other system failure.
Returned error code: 0xffffffff

Error: (05/06/2014 03:06:33 PM) (Source: Avira AntiVir) (User: NT AUTHORITY)
Description: An error occurred during a resource request to the Windows NT system.
The resource <avgntflt> has not been allocated.
This could be due to an out-of-memory error or any other system failure.
Returned error code: 0xffffffff

Error: (05/06/2014 02:14:21 PM) (Source: Avira AntiVir) (User: NT AUTHORITY)
Description: An error occurred during a resource request to the Windows NT system.
The resource <avgntflt> has not been allocated.
This could be due to an out-of-memory error or any other system failure.
Returned error code: 0xffffffff

Error: (05/06/2014 02:13:03 PM) (Source: Avira AntiVir) (User: NT AUTHORITY)
Description: An error occurred during a resource request to the Windows NT system.
The resource <avgntflt> has not been allocated.
This could be due to an out-of-memory error or any other system failure.
Returned error code: 0xffffffff

Error: (05/03/2014 08:10:39 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 28.0.0.5186, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (05/01/2014 10:30:38 PM) (Source: ESENT) (User: )
Description: svchost (1200) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).

Error: (04/27/2014 00:46:52 AM) (Source: ESENT) (User: )
Description: svchost (1192) An attempt to open the file "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb" for read / write access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ".  The open file operation will fail with error -1032 (0xfffffbf8).


System errors:
=============
Error: (05/07/2014 07:42:58 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Citrix\ICA Client\MFC80.DLL.
Reference error message: The operation completed successfully.
.

Error: (05/07/2014 07:42:58 PM) (Source: SideBySide) (User: )
Description: Syntax error in manifest or policy file "The manifest file contains one or more syntax errors.
1" on line The manifest file contains one or more syntax errors.
2.

Error: (05/07/2014 07:42:58 PM) (Source: SideBySide) (User: )
Description: Component identity found in manifest does not match the identity of the component requested

Error: (05/07/2014 07:40:48 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume1

Error: (05/07/2014 07:40:37 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Citrix\ICA Client\MFC80.DLL.
Reference error message: The operation completed successfully.
.

Error: (05/07/2014 07:40:37 PM) (Source: SideBySide) (User: )
Description: Syntax error in manifest or policy file "The manifest file contains one or more syntax errors.
1" on line The manifest file contains one or more syntax errors.
2.

Error: (05/07/2014 07:40:37 PM) (Source: SideBySide) (User: )
Description: Component identity found in manifest does not match the identity of the component requested

Error: (05/07/2014 04:43:00 PM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Citrix\ICA Client\MFC80.DLL.
Reference error message: The operation completed successfully.
.

Error: (05/07/2014 04:43:00 PM) (Source: SideBySide) (User: )
Description: Syntax error in manifest or policy file "The manifest file contains one or more syntax errors.
1" on line The manifest file contains one or more syntax errors.
2.

Error: (05/07/2014 04:43:00 PM) (Source: SideBySide) (User: )
Description: Component identity found in manifest does not match the identity of the component requested


Microsoft Office Sessions:
=========================
Error: (05/07/2014 04:06:11 PM) (Source: Avira AntiVir)(User: NT AUTHORITY)
Description: avgntflt0xffffffff

Error: (05/07/2014 03:59:40 PM) (Source: Avira AntiVir)(User: NT AUTHORITY)
Description: avgntflt0xffffffff

Error: (05/07/2014 01:08:43 PM) (Source: Avira AntiVir)(User: NT AUTHORITY)
Description: avgntflt0xffffffff

Error: (05/07/2014 11:36:58 AM) (Source: Avira AntiVir)(User: NT AUTHORITY)
Description: avgntflt0xffffffff

Error: (05/06/2014 03:06:33 PM) (Source: Avira AntiVir)(User: NT AUTHORITY)
Description: avgntflt0xffffffff

Error: (05/06/2014 02:14:21 PM) (Source: Avira AntiVir)(User: NT AUTHORITY)
Description: avgntflt0xffffffff

Error: (05/06/2014 02:13:03 PM) (Source: Avira AntiVir)(User: NT AUTHORITY)
Description: avgntflt0xffffffff

Error: (05/03/2014 08:10:39 PM) (Source: Application Hang)(User: )
Description: firefox.exe28.0.0.5186hungapp0.0.0.000000000

Error: (05/01/2014 10:30:38 PM) (Source: ESENT)(User: )
Description: svchost1200C:\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.

Error: (04/27/2014 00:46:52 AM) (Source: ESENT)(User: )
Description: svchost1192C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb-1032 (0xfffffbf8)32 (0x00000020)The process cannot access the file because it is being used by another process.


=========================== Installed Programs ============================

Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Reader X (10.1.9) (Version: 10.1.9)
Apple Application Support (Version: 3.0.1)
Apple Mobile Device Support (Version: 7.1.1.3)
Apple Software Update (Version: 2.1.3.127)
Avira AntiVir Personal - Free Antivirus (Version: 10.2.0.2100)
Bonjour (Version: 3.0.0.10)
Citrix online plug-in - web (Version: 11.2.0.31560)
Citrix online plug-in (USB) (Version: 11.2.0.31560)
Citrix online plug-in (Web) (Version: 11.2.0.31560)
Combined Community Codec Pack 2010-10-10 (Version: 2010.10.10.0)
Cookienator (Version: 2.6.41)
DivX Setup (Version: 2.6.1.9)
ESET Online Scanner v3
Intuition training simulator 1.00
iTunes (Version: 11.1.5.5)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 37 (Version: 6.0.370)
Junk Mail filter update (Version: 14.0.8117.416)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Marvell Miniport Driver (Version: 8.51.5.3)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.8173.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.6.0)
Mozilla Firefox 28.0 (x86 en-US) (Version: 28.0)
Mozilla Maintenance Service (Version: 28.0)
MSVCRT (Version: 14.0.1468.721)
NTREGOPT 1.1j
NVIDIA Control Panel 260.99 (Version: 260.99)
NVIDIA Graphics Driver 260.99 (Version: 260.99)
NVIDIA Install Application (Version: 2.0.14.0)
NVIDIA nView 135.36 (Version: 135.36)
NVIDIA nView Desktop Manager (Version: 6.14.10.13065)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 2.06)
Segoe UI (Version: 14.0.4327.805)
Spybot - Search & Destroy (Version: 1.6.2)
StarCraft II (Version: 1.1.3.16939)
Steam (Version: 1.0.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB2934207) (Version: 1)
Update for Windows XP (KB898461) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
VeBest Numerology (Version: 4.2.0)
VNC Free Edition 4.1.3 (Version: 4.1.3)
Vuze (Version: 4.8.1.2)
WebFldrs XP (Version: 9.50.6513)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Photo Gallery (Version: 14.0.8117.416)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR 4.01 (32-bit) (Version: 4.01.0)
WinZip (Version:  8.1 SR-1  (5266))
Yahoo! Detect
YTD Video Downloader 4.6 (Version: 4.6)

========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 2046.41 MB
Available physical RAM: 1216.89 MB
Total Pagefile: 3939.46 MB
Available Pagefile: 3139.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1971.55 MB

 

 

 

I have 3 TDSkiller Logs

 

1

 

16:26:45.0656 0x07c0  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
16:26:47.0187 0x07c0  ============================================================
16:26:47.0187 0x07c0  Current date / time: 2014/05/07 16:26:47.0187
16:26:47.0187 0x07c0  SystemInfo:
16:26:47.0187 0x07c0  
16:26:47.0187 0x07c0  OS Version: 5.1.2600 ServicePack: 3.0
16:26:47.0187 0x07c0  Product type: Workstation
16:26:47.0203 0x07c0  ComputerName: COMPUTER-OBE3CR
16:26:47.0203 0x07c0  UserName: Theresa
16:26:47.0203 0x07c0  Windows directory: C:\WINDOWS
16:26:47.0203 0x07c0  System windows directory: C:\WINDOWS
16:26:47.0203 0x07c0  Processor architecture: Intel x86
16:26:47.0203 0x07c0  Number of processors: 2
16:26:47.0203 0x07c0  Page size: 0x1000
16:26:47.0203 0x07c0  Boot type: Normal boot
16:26:47.0203 0x07c0  ============================================================
16:26:47.0203 0x07c0  BG loaded
16:26:47.0890 0x07c0  System UUID: {7CD290BA-F373-7E83-CA0E-0509F8E1CBD4}
16:26:48.0890 0x07c0  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:26:48.0890 0x07c0  ============================================================
16:26:48.0890 0x07c0  \Device\Harddisk0\DR0:
16:26:48.0890 0x07c0  MBR partitions:
16:26:48.0890 0x07c0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
16:26:48.0906 0x07c0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x3E503CF5
16:26:48.0906 0x07c0  ============================================================
16:26:48.0953 0x07c0  D: <-> \Device\Harddisk0\DR0\Partition2
16:26:49.0000 0x07c0  C: <-> \Device\Harddisk0\DR0\Partition1
16:26:49.0000 0x07c0  ============================================================
16:26:49.0000 0x07c0  Initialize success
16:26:49.0000 0x07c0  ============================================================
16:26:53.0843 0x019c  ============================================================
16:26:53.0843 0x019c  Scan started
16:26:53.0843 0x019c  Mode: Manual;
16:26:53.0843 0x019c  ============================================================
16:26:53.0843 0x019c  KSN ping started
16:26:58.0281 0x019c  KSN ping finished: true
16:27:00.0000 0x019c  ================ Scan system memory ========================
16:27:00.0000 0x019c  System memory - ok
16:27:00.0000 0x019c  ================ Scan services =============================
16:27:00.0015 0x019c  Suspicious service (NoAccess): 40f95ad09b5a314f
16:27:00.0171 0x019c  [ D22FE70D2A5495F3A1A14906D420AAD7, 334C6CF1A9332E67BF767F41C580160B9FF3EC27B70E3C4693A37BDEF4868E91 ] 40f95ad09b5a314f C:\WINDOWS\System32\Drivers\40f95ad09b5a314f.sys
16:27:00.0171 0x019c  Suspicious file ( NoAccess ): C:\WINDOWS\System32\Drivers\40f95ad09b5a314f.sys. md5: D22FE70D2A5495F3A1A14906D420AAD7, sha256: 334C6CF1A9332E67BF767F41C580160B9FF3EC27B70E3C4693A37BDEF4868E91
16:27:00.0703 0x019c  40f95ad09b5a314f - detected Rootkit.Win32.Necurs.gen ( 0 )
16:27:03.0875 0x019c  40f95ad09b5a314f ( Rootkit.Win32.Necurs.gen ) - infected
16:27:03.0875 0x019c  Force sending object to P2P due to detect: C:\WINDOWS\System32\Drivers\40f95ad09b5a314f.sys
16:27:06.0984 0x019c  Object send P2P result: true
16:27:09.0921 0x019c  Abiosdsk - ok
16:27:09.0921 0x019c  abp480n5 - ok
16:27:09.0953 0x019c  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:27:09.0968 0x019c  ACPI - ok
16:27:09.0984 0x019c  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
16:27:09.0984 0x019c  ACPIEC - ok
16:27:10.0031 0x019c  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:27:10.0046 0x019c  AdobeFlashPlayerUpdateSvc - ok
16:27:10.0046 0x019c  adpu160m - ok
16:27:10.0078 0x019c  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
16:27:10.0078 0x019c  aec - ok
16:27:10.0109 0x019c  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
16:27:10.0109 0x019c  AFD - ok
16:27:10.0125 0x019c  Aha154x - ok
16:27:10.0125 0x019c  aic78u2 - ok
16:27:10.0125 0x019c  aic78xx - ok
16:27:10.0140 0x019c  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
16:27:10.0156 0x019c  Alerter - ok
16:27:10.0156 0x019c  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
16:27:10.0156 0x019c  ALG - ok
16:27:10.0171 0x019c  AliIde - ok
16:27:10.0171 0x019c  amsint - ok
16:27:10.0250 0x019c  [ B4837FE56D76B2E9EA90E5365CF6A2BE, 4379A0BA850C787D6AD01F50D6FCEEA96E2F4800BAF1A0EEEC6BEFA6851762C1 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:27:10.0250 0x019c  AntiVirSchedulerService - ok
16:27:10.0281 0x019c  [ DF5A3016052755C910A206058B4A1729, 0E15807370B8EA28002D713490FD8DDD3E7FCFAE78477197CE2C0EFB5F176896 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:27:10.0296 0x019c  AntiVirService - ok
16:27:10.0375 0x019c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:27:10.0375 0x019c  Apple Mobile Device - ok
16:27:10.0421 0x019c  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
16:27:10.0437 0x019c  AppMgmt - ok
16:27:10.0453 0x019c  asc - ok
16:27:10.0453 0x019c  asc3350p - ok
16:27:10.0468 0x019c  asc3550 - ok
16:27:10.0515 0x019c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:27:10.0546 0x019c  aspnet_state - ok
16:27:10.0562 0x019c  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:27:10.0562 0x019c  AsyncMac - ok
16:27:10.0593 0x019c  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
16:27:10.0593 0x019c  atapi - ok
16:27:10.0593 0x019c  Atdisk - ok
16:27:10.0609 0x019c  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:27:10.0609 0x019c  Atmarpc - ok
16:27:10.0640 0x019c  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
16:27:10.0640 0x019c  AudioSrv - ok
16:27:10.0656 0x019c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
16:27:10.0656 0x019c  audstub - ok
16:27:10.0671 0x019c  [ 0B497C79824F8E1BF22FA6AACD3DE3A0, D9238EFCE3BD9C280B8EC0766C2E99940CB97B1FE5354E6D5B714C13097BAB70 ] avgio           C:\Program Files\Avira\AntiVir Desktop\avgio.sys
16:27:10.0671 0x019c  avgio - ok
16:27:10.0687 0x019c  [ 1E4114685DE1FFA9675E09C6A1FB3F4B, A9A558BBF5D1EFDC7C82D58307CE3C48FE41A0905A3C4010C3F24D083EC891AC ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:27:10.0687 0x019c  avgntflt - ok
16:27:10.0687 0x019c  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2, 0E06E5DE67BCFF8028311DE492279F9D8B3B11B68C49CA8B2AFA19FFFADCC18F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:27:10.0703 0x019c  avipbb - ok
16:27:10.0718 0x019c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:27:10.0718 0x019c  Beep - ok
16:27:10.0734 0x019c  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
16:27:10.0765 0x019c  BITS - ok
16:27:10.0812 0x019c  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:27:10.0812 0x019c  Bonjour Service - ok
16:27:10.0843 0x019c  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
16:27:10.0843 0x019c  Browser - ok
16:27:10.0859 0x019c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
16:27:10.0875 0x019c  cbidf2k - ok
16:27:10.0875 0x019c  cd20xrnt - ok
16:27:10.0890 0x019c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
16:27:10.0890 0x019c  Cdaudio - ok
16:27:10.0906 0x019c  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
16:27:10.0906 0x019c  Cdfs - ok
16:27:10.0937 0x019c  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:27:10.0937 0x019c  Cdrom - ok
16:27:10.0953 0x019c  Changer - ok
16:27:10.0968 0x019c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
16:27:10.0968 0x019c  CiSvc - ok
16:27:10.0984 0x019c  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
16:27:11.0000 0x019c  ClipSrv - ok
16:27:11.0015 0x019c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:27:11.0062 0x019c  clr_optimization_v2.0.50727_32 - ok
16:27:11.0062 0x019c  CmdIde - ok
16:27:11.0062 0x019c  COMSysApp - ok
16:27:11.0078 0x019c  Cpqarray - ok
16:27:11.0109 0x019c  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
16:27:11.0109 0x019c  CryptSvc - ok
16:27:11.0140 0x019c  [ CB6FF7012BB5D59D7C12350DB795CE1F, D0C614B206B69EBE735CFB158703730B42A72A46F6808D0D1C7385E3C1434AC5 ] ctxusbm         C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
16:27:11.0140 0x019c  ctxusbm - ok
16:27:11.0140 0x019c  dac2w2k - ok
16:27:11.0140 0x019c  dac960nt - ok
16:27:11.0187 0x019c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:27:11.0203 0x019c  DcomLaunch - ok
16:27:11.0218 0x019c  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
16:27:11.0218 0x019c  Dhcp - ok
16:27:11.0234 0x019c  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
16:27:11.0234 0x019c  Disk - ok
16:27:11.0234 0x019c  dmadmin - ok
16:27:11.0281 0x019c  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
16:27:11.0312 0x019c  dmboot - ok
16:27:11.0343 0x019c  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
16:27:11.0343 0x019c  dmio - ok
16:27:11.0343 0x019c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
16:27:11.0343 0x019c  dmload - ok
16:27:11.0359 0x019c  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
16:27:11.0359 0x019c  dmserver - ok
16:27:11.0390 0x019c  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
16:27:11.0390 0x019c  DMusic - ok
16:27:11.0421 0x019c  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:27:11.0421 0x019c  Dnscache - ok
16:27:11.0437 0x019c  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:27:11.0453 0x019c  Dot3svc - ok
16:27:11.0453 0x019c  dpti2o - ok
16:27:11.0468 0x019c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:27:11.0468 0x019c  drmkaud - ok
16:27:11.0500 0x019c  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
16:27:11.0500 0x019c  EapHost - ok
16:27:11.0515 0x019c  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
16:27:11.0515 0x019c  ERSvc - ok
16:27:11.0531 0x019c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
16:27:11.0546 0x019c  Eventlog - ok
16:27:11.0578 0x019c  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\System32\es.dll
16:27:11.0578 0x019c  EventSystem - ok
16:27:11.0593 0x019c  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
16:27:11.0593 0x019c  Fastfat - ok
16:27:11.0609 0x019c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:27:11.0625 0x019c  FastUserSwitchingCompatibility - ok
16:27:11.0640 0x019c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
16:27:11.0640 0x019c  Fdc - ok
16:27:11.0656 0x019c  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
16:27:11.0656 0x019c  Fips - ok
16:27:11.0671 0x019c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:27:11.0671 0x019c  Flpydisk - ok
16:27:11.0687 0x019c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:27:11.0687 0x019c  FltMgr - ok
16:27:11.0718 0x019c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:27:11.0734 0x019c  FontCache3.0.0.0 - ok
16:27:11.0750 0x019c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:27:11.0750 0x019c  Fs_Rec - ok
16:27:11.0750 0x019c  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:27:11.0765 0x019c  Ftdisk - ok
16:27:11.0781 0x019c  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:27:11.0781 0x019c  GEARAspiWDM - ok
16:27:11.0796 0x019c  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:27:11.0796 0x019c  Gpc - ok
16:27:11.0812 0x019c  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:27:11.0812 0x019c  HDAudBus - ok
16:27:11.0843 0x019c  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:27:11.0843 0x019c  helpsvc - ok
16:27:11.0859 0x019c  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
16:27:11.0859 0x019c  HidServ - ok
16:27:11.0859 0x019c  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:27:11.0859 0x019c  HidUsb - ok
16:27:11.0875 0x019c  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
16:27:11.0875 0x019c  hkmsvc - ok
16:27:11.0890 0x019c  hpn - ok
16:27:11.0921 0x019c  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
16:27:11.0921 0x019c  HTTP - ok
16:27:11.0937 0x019c  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
16:27:11.0937 0x019c  HTTPFilter - ok
16:27:11.0953 0x019c  i2omgmt - ok
16:27:11.0953 0x019c  i2omp - ok
16:27:11.0968 0x019c  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:27:11.0968 0x019c  i8042prt - ok
16:27:12.0015 0x019c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:27:12.0046 0x019c  idsvc - ok
16:27:12.0046 0x019c  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
16:27:12.0062 0x019c  Imapi - ok
16:27:12.0078 0x019c  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
16:27:12.0078 0x019c  ImapiService - ok
16:27:12.0078 0x019c  ini910u - ok
16:27:12.0250 0x019c  [ 2389F12F0ED506176B7C29C8144CEA09, 42ED6DA2F1B794E1887A4C6E8794660BD076FFB64287884342E78E3EAE10859C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:27:12.0359 0x019c  IntcAzAudAddService - ok
16:27:12.0375 0x019c  IntelIde - ok
16:27:12.0390 0x019c  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:27:12.0390 0x019c  intelppm - ok
16:27:12.0390 0x019c  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
16:27:12.0406 0x019c  ip6fw - ok
16:27:12.0421 0x019c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:27:12.0421 0x019c  IpFilterDriver - ok
16:27:12.0421 0x019c  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:27:12.0421 0x019c  IpInIp - ok
16:27:12.0453 0x019c  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:27:12.0453 0x019c  IpNat - ok
16:27:12.0531 0x019c  [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:27:12.0546 0x019c  iPod Service - ok
16:27:12.0578 0x019c  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:27:12.0578 0x019c  IPSec - ok
16:27:12.0593 0x019c  [ ACA5E7B54409F9CB5EED97ED0C81120E, 1E22F442EA77596F58D133F1A5887CDC4F3325DD0836D24A665E1D31287ABFF7 ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
16:27:12.0593 0x019c  irda - ok
16:27:12.0625 0x019c  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
16:27:12.0625 0x019c  IRENUM - ok
16:27:12.0625 0x019c  [ 49CC4533CE897CB2E93C1E84A818FDE5, F2AC81CDB971F630699616509748DCE133874EFC79B9D6230517B5A4DFBE193D ] Irmon           C:\WINDOWS\System32\irmon.dll
16:27:12.0625 0x019c  Irmon - ok
16:27:12.0640 0x019c  [ 0501F0B9AB08425F8C0EACBDCC04AA32, 7764734BCA35CFF4E60B9F05553DF7500F03CB6A5398826746705FD758AE4D0A ] irsir           C:\WINDOWS\system32\DRIVERS\irsir.sys
16:27:12.0640 0x019c  irsir - ok
16:27:12.0656 0x019c  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:27:12.0656 0x019c  isapnp - ok
16:27:12.0718 0x019c  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:27:12.0718 0x019c  JavaQuickStarterService - ok
16:27:12.0734 0x019c  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:27:12.0734 0x019c  Kbdclass - ok
16:27:12.0750 0x019c  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:27:12.0750 0x019c  kbdhid - ok
16:27:12.0765 0x019c  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
16:27:12.0765 0x019c  kmixer - ok
16:27:12.0781 0x019c  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
16:27:12.0796 0x019c  KSecDD - ok
16:27:12.0812 0x019c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
16:27:12.0812 0x019c  lanmanserver - ok
16:27:12.0828 0x019c  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:27:12.0843 0x019c  lanmanworkstation - ok
16:27:12.0843 0x019c  lbrtfdc - ok
16:27:12.0875 0x019c  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
16:27:12.0875 0x019c  LmHosts - ok
16:27:12.0890 0x019c  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
16:27:12.0906 0x019c  MBAMProtector - ok
16:27:12.0937 0x019c  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:27:12.0953 0x019c  MBAMScheduler - ok
16:27:13.0000 0x019c  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:27:13.0015 0x019c  MBAMService - ok
16:27:13.0062 0x019c  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:27:13.0078 0x019c  MDM - ok
16:27:13.0093 0x019c  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
16:27:13.0109 0x019c  Messenger - ok
16:27:13.0125 0x019c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
16:27:13.0125 0x019c  mnmdd - ok
16:27:13.0140 0x019c  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
16:27:13.0140 0x019c  mnmsrvc - ok
16:27:13.0156 0x019c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
16:27:13.0156 0x019c  Modem - ok
16:27:13.0171 0x019c  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:27:13.0171 0x019c  Mouclass - ok
16:27:13.0171 0x019c  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:27:13.0171 0x019c  mouhid - ok
16:27:13.0187 0x019c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
16:27:13.0187 0x019c  MountMgr - ok
16:27:13.0218 0x019c  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:27:13.0234 0x019c  MozillaMaintenance - ok
16:27:13.0234 0x019c  mraid35x - ok
16:27:13.0250 0x019c  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:27:13.0250 0x019c  MRxDAV - ok
16:27:13.0281 0x019c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:27:13.0296 0x019c  MRxSmb - ok
16:27:13.0312 0x019c  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:27:13.0312 0x019c  MSDTC - ok
16:27:13.0328 0x019c  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:27:13.0328 0x019c  Msfs - ok
16:27:13.0328 0x019c  MSIServer - ok
16:27:13.0359 0x019c  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:27:13.0359 0x019c  MSKSSRV - ok
16:27:13.0359 0x019c  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:27:13.0359 0x019c  MSPCLOCK - ok
16:27:13.0375 0x019c  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:27:13.0375 0x019c  MSPQM - ok
16:27:13.0390 0x019c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:27:13.0390 0x019c  mssmbios - ok
16:27:13.0406 0x019c  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
16:27:13.0406 0x019c  Mup - ok
16:27:13.0437 0x019c  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
16:27:13.0453 0x019c  napagent - ok
16:27:13.0453 0x019c  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
16:27:13.0468 0x019c  NDIS - ok
16:27:13.0484 0x019c  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:27:13.0484 0x019c  NdisTapi - ok
16:27:13.0500 0x019c  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:27:13.0500 0x019c  Ndisuio - ok
16:27:13.0500 0x019c  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:27:13.0515 0x019c  NdisWan - ok
16:27:13.0515 0x019c  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:27:13.0515 0x019c  NDProxy - ok
16:27:13.0546 0x019c  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl.sys
16:27:13.0546 0x019c  Netaapl - ok
16:27:13.0546 0x019c  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:27:13.0546 0x019c  NetBIOS - ok
16:27:13.0562 0x019c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:27:13.0562 0x019c  NetBT - ok
16:27:13.0578 0x019c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
16:27:13.0593 0x019c  NetDDE - ok
16:27:13.0593 0x019c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
16:27:13.0593 0x019c  NetDDEdsdm - ok
16:27:13.0609 0x019c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:27:13.0609 0x019c  Netlogon - ok
16:27:13.0625 0x019c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
16:27:13.0625 0x019c  Netman - ok
16:27:13.0656 0x019c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:27:13.0656 0x019c  NetTcpPortSharing - ok
16:27:13.0687 0x019c  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
16:27:13.0687 0x019c  Nla - ok
16:27:13.0703 0x019c  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:27:13.0703 0x019c  Npfs - ok
16:27:13.0718 0x019c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:27:13.0734 0x019c  Ntfs - ok
16:27:13.0734 0x019c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
16:27:13.0750 0x019c  NtLmSsp - ok
16:27:13.0765 0x019c  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
16:27:13.0781 0x019c  NtmsSvc - ok
16:27:13.0796 0x019c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:27:13.0796 0x019c  Null - ok
16:27:14.0140 0x019c  [ B9B1BB146EB9A83DCF0F5635B09D3D43, 1A630E955811E9D317B1A23B6E18658AAE1696E709213A1FA25D8B7AD171EEAE ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:27:14.0359 0x019c  nv - ok
16:27:14.0406 0x019c  [ CC4F8220EAD1F6A38D51679708F435B9, 0A46901A282E6A8CCA5ED7CE1BE53315DBB29A9ABC590AB08625978B9AB35D17 ] nvsvc           C:\WINDOWS\system32\nvsvc32.exe
16:27:14.0421 0x019c  nvsvc - ok
16:27:14.0437 0x019c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:27:14.0437 0x019c  NwlnkFlt - ok
16:27:14.0453 0x019c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:27:14.0453 0x019c  NwlnkFwd - ok
16:27:14.0484 0x019c  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:27:14.0484 0x019c  ose - ok
16:27:14.0500 0x019c  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
16:27:14.0500 0x019c  Parport - ok
16:27:14.0500 0x019c  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
16:27:14.0500 0x019c  PartMgr - ok
16:27:14.0531 0x019c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
16:27:14.0531 0x019c  ParVdm - ok
16:27:14.0546 0x019c  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
16:27:14.0546 0x019c  PCI - ok
16:27:14.0562 0x019c  PCIDump - ok
16:27:14.0562 0x019c  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
16:27:14.0562 0x019c  PCIIde - ok
16:27:14.0578 0x019c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
16:27:14.0593 0x019c  Pcmcia - ok
16:27:14.0593 0x019c  PDCOMP - ok
16:27:14.0593 0x019c  PDFRAME - ok
16:27:14.0609 0x019c  PDRELI - ok
16:27:14.0609 0x019c  PDRFRAME - ok
16:27:14.0625 0x019c  perc2 - ok
16:27:14.0625 0x019c  perc2hib - ok
16:27:14.0656 0x019c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
16:27:14.0656 0x019c  PlugPlay - ok
16:27:14.0656 0x019c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
16:27:14.0671 0x019c  PolicyAgent - ok
16:27:14.0671 0x019c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:27:14.0671 0x019c  PptpMiniport - ok
16:27:14.0687 0x019c  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
16:27:14.0687 0x019c  Processor - ok
16:27:14.0687 0x019c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:27:14.0687 0x019c  ProtectedStorage - ok
16:27:14.0703 0x019c  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
16:27:14.0718 0x019c  PSched - ok
16:27:14.0718 0x019c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:27:14.0718 0x019c  Ptilink - ok
16:27:14.0734 0x019c  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:27:14.0734 0x019c  PxHelp20 - ok
16:27:14.0750 0x019c  ql1080 - ok
16:27:14.0750 0x019c  Ql10wnt - ok
16:27:14.0750 0x019c  ql12160 - ok
16:27:14.0765 0x019c  ql1240 - ok
16:27:14.0765 0x019c  ql1280 - ok
16:27:14.0781 0x019c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:27:14.0796 0x019c  RasAcd - ok
16:27:14.0812 0x019c  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:27:14.0812 0x019c  RasAuto - ok
16:27:14.0828 0x019c  [ 0207D26DDF796A193CCD9F83047BB5FC, 13613036BCB869FBD7229A0FE25D324710308385D8C35E5D990A40E52BE040DF ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
16:27:14.0828 0x019c  Rasirda - ok
16:27:14.0828 0x019c  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:27:14.0843 0x019c  Rasl2tp - ok
16:27:14.0859 0x019c  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:27:14.0875 0x019c  RasMan - ok
16:27:14.0875 0x019c  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:27:14.0875 0x019c  RasPppoe - ok
16:27:14.0890 0x019c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
16:27:14.0890 0x019c  Raspti - ok
16:27:14.0890 0x019c  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:27:14.0906 0x019c  Rdbss - ok
16:27:14.0906 0x019c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:27:14.0906 0x019c  RDPCDD - ok
16:27:14.0921 0x019c  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:27:14.0937 0x019c  rdpdr - ok
16:27:14.0968 0x019c  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
16:27:14.0968 0x019c  RDPWD - ok
16:27:14.0984 0x019c  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
16:27:15.0000 0x019c  RDSessMgr - ok
16:27:15.0000 0x019c  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
16:27:15.0000 0x019c  redbook - ok
16:27:15.0031 0x019c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:27:15.0031 0x019c  RemoteAccess - ok
16:27:15.0031 0x019c  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:27:15.0046 0x019c  RemoteRegistry - ok
16:27:15.0046 0x019c  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\System32\locator.exe
16:27:15.0062 0x019c  RpcLocator - ok
16:27:15.0078 0x019c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
16:27:15.0093 0x019c  RpcSs - ok
16:27:15.0109 0x019c  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\System32\rsvp.exe
16:27:15.0125 0x019c  RSVP - ok
16:27:15.0125 0x019c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:27:15.0125 0x019c  SamSs - ok
16:27:15.0140 0x019c  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
16:27:15.0140 0x019c  SCardSvr - ok
16:27:15.0171 0x019c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:27:15.0171 0x019c  Schedule - ok
16:27:15.0187 0x019c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:27:15.0187 0x019c  Secdrv - ok
16:27:15.0203 0x019c  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
16:27:15.0203 0x019c  seclogon - ok
16:27:15.0218 0x019c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
16:27:15.0218 0x019c  SENS - ok
16:27:15.0234 0x019c  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
16:27:15.0234 0x019c  serenum - ok
16:27:15.0234 0x019c  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
16:27:15.0234 0x019c  Serial - ok
16:27:15.0250 0x019c  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
16:27:15.0250 0x019c  Sfloppy - ok
16:27:15.0281 0x019c  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:27:15.0296 0x019c  SharedAccess - ok
16:27:15.0312 0x019c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:27:15.0312 0x019c  ShellHWDetection - ok
16:27:15.0312 0x019c  Simbad - ok
16:27:15.0328 0x019c  Sparrow - ok
16:27:15.0328 0x019c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
16:27:15.0328 0x019c  splitter - ok
16:27:15.0359 0x019c  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
16:27:15.0359 0x019c  Spooler - ok
16:27:15.0375 0x019c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
16:27:15.0375 0x019c  sr - ok
16:27:15.0406 0x019c  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
16:27:15.0406 0x019c  srservice - ok
16:27:15.0437 0x019c  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:27:15.0437 0x019c  Srv - ok
16:27:15.0468 0x019c  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:27:15.0484 0x019c  SSDPSRV - ok
16:27:15.0500 0x019c  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:27:15.0500 0x019c  ssmdrv - ok
16:27:15.0531 0x019c  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
16:27:15.0531 0x019c  stisvc - ok
16:27:15.0546 0x019c  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
16:27:15.0546 0x019c  swenum - ok
16:27:15.0562 0x019c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
16:27:15.0562 0x019c  swmidi - ok
16:27:15.0578 0x019c  SwPrv - ok
16:27:15.0593 0x019c  symc810 - ok
16:27:15.0593 0x019c  symc8xx - ok
16:27:15.0593 0x019c  sym_hi - ok
16:27:15.0609 0x019c  sym_u3 - ok
16:27:15.0609 0x019c  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
16:27:15.0625 0x019c  sysaudio - ok
16:27:15.0640 0x019c  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
16:27:15.0640 0x019c  SysmonLog - ok
16:27:15.0671 0x019c  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:27:15.0687 0x019c  TapiSrv - ok
16:27:15.0718 0x019c  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:27:15.0718 0x019c  Tcpip - ok
16:27:15.0734 0x019c  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
16:27:15.0734 0x019c  TDPIPE - ok
16:27:15.0750 0x019c  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
16:27:15.0750 0x019c  TDTCP - ok
16:27:15.0765 0x019c  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
16:27:15.0765 0x019c  TermDD - ok
16:27:15.0781 0x019c  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
16:27:15.0796 0x019c  TermService - ok
16:27:15.0796 0x019c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
16:27:15.0812 0x019c  Themes - ok
16:27:15.0843 0x019c  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
16:27:15.0843 0x019c  TlntSvr - ok
16:27:15.0843 0x019c  TosIde - ok
16:27:15.0859 0x019c  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
16:27:15.0875 0x019c  TrkWks - ok
16:27:15.0890 0x019c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
16:27:15.0890 0x019c  Udfs - ok
16:27:15.0890 0x019c  ultra - ok
16:27:15.0921 0x019c  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
16:27:15.0921 0x019c  Update - ok
16:27:15.0953 0x019c  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:27:15.0968 0x019c  upnphost - ok
16:27:15.0984 0x019c  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
16:27:15.0984 0x019c  UPS - ok
16:27:16.0000 0x019c  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
16:27:16.0000 0x019c  USBAAPL - ok
16:27:16.0015 0x019c  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:27:16.0015 0x019c  usbccgp - ok
16:27:16.0031 0x019c  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:27:16.0031 0x019c  usbehci - ok
16:27:16.0046 0x019c  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:27:16.0046 0x019c  usbhub - ok
16:27:16.0062 0x019c  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:27:16.0062 0x019c  usbscan - ok
16:27:16.0078 0x019c  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:27:16.0078 0x019c  USBSTOR - ok
16:27:16.0093 0x019c  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:27:16.0093 0x019c  usbuhci - ok
16:27:16.0125 0x019c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
16:27:16.0125 0x019c  VgaSave - ok
16:27:16.0125 0x019c  ViaIde - ok
16:27:16.0156 0x019c  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
16:27:16.0156 0x019c  VolSnap - ok
16:27:16.0187 0x019c  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
16:27:16.0203 0x019c  VSS - ok
16:27:16.0218 0x019c  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
16:27:16.0218 0x019c  W32Time - ok
16:27:16.0250 0x019c  [ BAD35D128DD4E7071B3C294EE92FFD65, 0C18442AD0C91C6E413D791C058F6E99411E2B323811D3B225846ECF945FB0DB ] W8100PCI        C:\WINDOWS\system32\DRIVERS\mrv8k51.sys
16:27:16.0250 0x019c  W8100PCI - ok
16:27:16.0281 0x019c  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:27:16.0281 0x019c  Wanarp - ok
16:27:16.0312 0x019c  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
16:27:16.0328 0x019c  Wdf01000 - ok
16:27:16.0328 0x019c  WDICA - ok
16:27:16.0343 0x019c  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
16:27:16.0343 0x019c  wdmaud - ok
16:27:16.0359 0x019c  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:27:16.0359 0x019c  WebClient - ok
16:27:16.0390 0x019c  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:27:16.0406 0x019c  winmgmt - ok
16:27:16.0437 0x019c  [ F3EDC9909A02E6BCA863EB702D37B505, 7C102302884825366DFA9B58FBC8A686185C7A9BD47F83B6698B886E57DF6218 ] WinVNC4         C:\Program Files\RealVNC\VNC4\WinVNC4.exe
16:27:16.0453 0x019c  WinVNC4 - ok
16:27:16.0468 0x019c  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\System32\mspmsnsv.dll
16:27:16.0484 0x019c  WmdmPmSN - ok
16:27:16.0500 0x019c  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
16:27:16.0531 0x019c  Wmi - ok
16:27:16.0546 0x019c  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
16:27:16.0546 0x019c  WmiApSrv - ok
16:27:16.0578 0x019c  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
16:27:16.0578 0x019c  wscsvc - ok
16:27:16.0609 0x019c  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
16:27:16.0609 0x019c  wuauserv - ok
16:27:16.0656 0x019c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
16:27:16.0671 0x019c  WZCSVC - ok
16:27:16.0703 0x019c  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
16:27:16.0703 0x019c  xmlprov - ok
16:27:16.0734 0x019c  [ 936A0E2D44ADF93CE0DF8E92AAB29C6E, BEC48289E9A8598589119398E2FE82F8017015DFD4463503197DC6CC5D096C35 ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys
16:27:16.0734 0x019c  yukonwxp - ok
16:27:16.0750 0x019c  ================ Scan global ===============================
16:27:16.0765 0x019c  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
16:27:16.0796 0x019c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
16:27:16.0828 0x019c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
16:27:16.0828 0x019c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
16:27:16.0843 0x019c  [ Global ] - ok
16:27:16.0843 0x019c  ================ Scan MBR ==================================
16:27:16.0859 0x019c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
16:27:17.0015 0x019c  \Device\Harddisk0\DR0 - ok
16:27:17.0015 0x019c  ================ Scan VBR ==================================
16:27:17.0015 0x019c  [ 19DE61F7E9992BD33843659294005725 ] \Device\Harddisk0\DR0\Partition1
16:27:17.0062 0x019c  \Device\Harddisk0\DR0\Partition1 - ok
16:27:17.0062 0x019c  [ 5B2C751555069A2B12A7E49E4EB6E6A1 ] \Device\Harddisk0\DR0\Partition2
16:27:17.0093 0x019c  \Device\Harddisk0\DR0\Partition2 - ok
16:27:17.0093 0x019c  Waiting for KSN requests completion. In queue: 231
16:27:18.0093 0x019c  Waiting for KSN requests completion. In queue: 231
16:27:19.0093 0x019c  Waiting for KSN requests completion. In queue: 231
16:27:20.0125 0x019c  AV detected via SS1: AntiVir Desktop, 10.0.1.59, disabled, updated
16:27:23.0093 0x019c  ============================================================
16:27:23.0093 0x019c  Scan finished
16:27:23.0093 0x019c  ============================================================
16:27:23.0093 0x0148  Detected object count: 1
16:27:23.0093 0x0148  Actual detected object count: 1
16:27:45.0515 0x0148  C:\WINDOWS\System32\Drivers\40f95ad09b5a314f.sys - copied to quarantine
16:27:45.0515 0x0148  HKLM\SYSTEM\ControlSet001\services\40f95ad09b5a314f - will be deleted on reboot
16:27:45.0531 0x0148  HKLM\SYSTEM\ControlSet003\services\40f95ad09b5a314f - will be deleted on reboot
16:27:45.0531 0x0148  C:\WINDOWS\System32\Drivers\40f95ad09b5a314f.sys - will be deleted on reboot
16:27:45.0531 0x0148  40f95ad09b5a314f ( Rootkit.Win32.Necurs.gen ) - User select action: Delete
16:27:46.0140 0x0148  KLMD registered as C:\WINDOWS\system32\drivers\18569345.sys
16:27:48.0625 0x06d4  Deinitialize success

 

2

 

16:29:46.0796 0x07cc  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
16:29:48.0359 0x07cc  ============================================================
16:29:48.0359 0x07cc  Current date / time: 2014/05/07 16:29:48.0359
16:29:48.0359 0x07cc  SystemInfo:
16:29:48.0359 0x07cc  
16:29:48.0359 0x07cc  OS Version: 5.1.2600 ServicePack: 3.0
16:29:48.0359 0x07cc  Product type: Workstation
16:29:48.0359 0x07cc  ComputerName: COMPUTER-OBE3CR
16:29:48.0359 0x07cc  UserName: Theresa
16:29:48.0359 0x07cc  Windows directory: C:\WINDOWS
16:29:48.0359 0x07cc  System windows directory: C:\WINDOWS
16:29:48.0359 0x07cc  Processor architecture: Intel x86
16:29:48.0359 0x07cc  Number of processors: 2
16:29:48.0359 0x07cc  Page size: 0x1000
16:29:48.0359 0x07cc  Boot type: Normal boot
16:29:48.0359 0x07cc  ============================================================
16:29:48.0375 0x07cc  BG loaded
16:29:49.0140 0x07cc  System UUID: {7CD290BA-F373-7E83-CA0E-0509F8E1CBD4}
16:29:51.0265 0x07cc  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
16:29:51.0281 0x07cc  ============================================================
16:29:51.0281 0x07cc  \Device\Harddisk0\DR0:
16:29:51.0281 0x07cc  MBR partitions:
16:29:51.0281 0x07cc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
16:29:51.0281 0x07cc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x3E503CF5
16:29:51.0281 0x07cc  ============================================================
16:29:51.0343 0x07cc  D: <-> \Device\Harddisk0\DR0\Partition2
16:29:51.0406 0x07cc  C: <-> \Device\Harddisk0\DR0\Partition1
16:29:51.0406 0x07cc  ============================================================
16:29:51.0406 0x07cc  Initialize success
16:29:51.0406 0x07cc  ============================================================
16:30:24.0234 0x0e24  ============================================================
16:30:24.0234 0x0e24  Scan started
16:30:24.0234 0x0e24  Mode: Manual;
16:30:24.0234 0x0e24  ============================================================
16:30:24.0234 0x0e24  KSN ping started
16:30:27.0812 0x0e24  KSN ping finished: true
16:30:30.0468 0x0e24  ================ Scan system memory ========================
16:30:30.0468 0x0e24  System memory - ok
16:30:30.0468 0x0e24  ================ Scan services =============================
16:30:30.0687 0x0e24  Abiosdsk - ok
16:30:30.0687 0x0e24  abp480n5 - ok
16:30:30.0718 0x0e24  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:30:30.0765 0x0e24  ACPI - ok
16:30:30.0906 0x0e24  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
16:30:30.0921 0x0e24  ACPIEC - ok
16:30:31.0000 0x0e24  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:30:31.0046 0x0e24  AdobeFlashPlayerUpdateSvc - ok
16:30:31.0046 0x0e24  adpu160m - ok
16:30:31.0156 0x0e24  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
16:30:31.0171 0x0e24  aec - ok
16:30:31.0218 0x0e24  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
16:30:31.0234 0x0e24  AFD - ok
16:30:31.0234 0x0e24  Aha154x - ok
16:30:31.0250 0x0e24  aic78u2 - ok
16:30:31.0250 0x0e24  aic78xx - ok
16:30:31.0328 0x0e24  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
16:30:31.0390 0x0e24  Alerter - ok
16:30:31.0406 0x0e24  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
16:30:31.0406 0x0e24  ALG - ok
16:30:31.0406 0x0e24  AliIde - ok
16:30:31.0406 0x0e24  amsint - ok
16:30:31.0578 0x0e24  [ B4837FE56D76B2E9EA90E5365CF6A2BE, 4379A0BA850C787D6AD01F50D6FCEEA96E2F4800BAF1A0EEEC6BEFA6851762C1 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
16:30:31.0593 0x0e24  AntiVirSchedulerService - ok
16:30:31.0625 0x0e24  [ DF5A3016052755C910A206058B4A1729, 0E15807370B8EA28002D713490FD8DDD3E7FCFAE78477197CE2C0EFB5F176896 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
16:30:31.0625 0x0e24  AntiVirService - ok
16:30:31.0703 0x0e24  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:30:31.0718 0x0e24  Apple Mobile Device - ok
16:30:31.0781 0x0e24  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
16:30:31.0828 0x0e24  AppMgmt - ok
16:30:31.0843 0x0e24  asc - ok
16:30:31.0843 0x0e24  asc3350p - ok
16:30:31.0843 0x0e24  asc3550 - ok
16:30:32.0000 0x0e24  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:30:32.0046 0x0e24  aspnet_state - ok
16:30:32.0078 0x0e24  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:30:32.0093 0x0e24  AsyncMac - ok
16:30:32.0125 0x0e24  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
16:30:32.0140 0x0e24  atapi - ok
16:30:32.0140 0x0e24  Atdisk - ok
16:30:32.0171 0x0e24  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:30:32.0187 0x0e24  Atmarpc - ok
16:30:32.0203 0x0e24  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
16:30:32.0218 0x0e24  AudioSrv - ok
16:30:32.0234 0x0e24  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
16:30:32.0234 0x0e24  audstub - ok
16:30:32.0265 0x0e24  [ 0B497C79824F8E1BF22FA6AACD3DE3A0, D9238EFCE3BD9C280B8EC0766C2E99940CB97B1FE5354E6D5B714C13097BAB70 ] avgio           C:\Program Files\Avira\AntiVir Desktop\avgio.sys
16:30:32.0265 0x0e24  avgio - ok
16:30:32.0281 0x0e24  [ 1E4114685DE1FFA9675E09C6A1FB3F4B, A9A558BBF5D1EFDC7C82D58307CE3C48FE41A0905A3C4010C3F24D083EC891AC ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:30:32.0281 0x0e24  avgntflt - ok
16:30:32.0312 0x0e24  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2, 0E06E5DE67BCFF8028311DE492279F9D8B3B11B68C49CA8B2AFA19FFFADCC18F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:30:32.0328 0x0e24  avipbb - ok
16:30:32.0343 0x0e24  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:30:32.0343 0x0e24  Beep - ok
16:30:32.0390 0x0e24  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
16:30:32.0453 0x0e24  BITS - ok
16:30:32.0500 0x0e24  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:30:32.0531 0x0e24  Bonjour Service - ok
16:30:32.0687 0x0e24  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
16:30:32.0703 0x0e24  Browser - ok
16:30:32.0750 0x0e24  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
16:30:32.0781 0x0e24  cbidf2k - ok
16:30:32.0781 0x0e24  cd20xrnt - ok
16:30:32.0812 0x0e24  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
16:30:32.0812 0x0e24  Cdaudio - ok
16:30:32.0843 0x0e24  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
16:30:32.0843 0x0e24  Cdfs - ok
16:30:32.0875 0x0e24  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:30:32.0875 0x0e24  Cdrom - ok
16:30:32.0890 0x0e24  Changer - ok
16:30:32.0921 0x0e24  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
16:30:32.0937 0x0e24  CiSvc - ok
16:30:32.0953 0x0e24  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
16:30:32.0984 0x0e24  ClipSrv - ok
16:30:33.0015 0x0e24  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:30:33.0187 0x0e24  clr_optimization_v2.0.50727_32 - ok
16:30:33.0187 0x0e24  CmdIde - ok
16:30:33.0203 0x0e24  COMSysApp - ok
16:30:33.0203 0x0e24  Cpqarray - ok
16:30:33.0234 0x0e24  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
16:30:33.0250 0x0e24  CryptSvc - ok
16:30:33.0265 0x0e24  [ CB6FF7012BB5D59D7C12350DB795CE1F, D0C614B206B69EBE735CFB158703730B42A72A46F6808D0D1C7385E3C1434AC5 ] ctxusbm         C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
16:30:33.0281 0x0e24  ctxusbm - ok
16:30:33.0281 0x0e24  dac2w2k - ok
16:30:33.0281 0x0e24  dac960nt - ok
16:30:33.0328 0x0e24  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:30:33.0343 0x0e24  DcomLaunch - ok
16:30:33.0375 0x0e24  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
16:30:33.0375 0x0e24  Dhcp - ok
16:30:33.0390 0x0e24  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
16:30:33.0421 0x0e24  Disk - ok
16:30:33.0421 0x0e24  dmadmin - ok
16:30:33.0515 0x0e24  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
16:30:33.0640 0x0e24  dmboot - ok
16:30:33.0703 0x0e24  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
16:30:33.0734 0x0e24  dmio - ok
16:30:33.0750 0x0e24  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
16:30:33.0765 0x0e24  dmload - ok
16:30:33.0781 0x0e24  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
16:30:33.0812 0x0e24  dmserver - ok
16:30:33.0828 0x0e24  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
16:30:33.0843 0x0e24  DMusic - ok
16:30:33.0859 0x0e24  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:30:33.0890 0x0e24  Dnscache - ok
16:30:33.0953 0x0e24  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:30:34.0015 0x0e24  Dot3svc - ok
16:30:34.0015 0x0e24  dpti2o - ok
16:30:34.0046 0x0e24  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:30:34.0062 0x0e24  drmkaud - ok
16:30:34.0093 0x0e24  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
16:30:34.0187 0x0e24  EapHost - ok
16:30:34.0203 0x0e24  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
16:30:34.0234 0x0e24  ERSvc - ok
16:30:34.0250 0x0e24  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
16:30:34.0343 0x0e24  Eventlog - ok
16:30:34.0375 0x0e24  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\System32\es.dll
16:30:34.0437 0x0e24  EventSystem - ok
16:30:34.0468 0x0e24  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
16:30:34.0484 0x0e24  Fastfat - ok
16:30:34.0531 0x0e24  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:30:34.0609 0x0e24  FastUserSwitchingCompatibility - ok
16:30:34.0640 0x0e24  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
16:30:34.0640 0x0e24  Fdc - ok
16:30:34.0656 0x0e24  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
16:30:34.0671 0x0e24  Fips - ok
16:30:34.0703 0x0e24  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:30:34.0718 0x0e24  Flpydisk - ok
16:30:34.0734 0x0e24  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:30:34.0796 0x0e24  FltMgr - ok
16:30:34.0921 0x0e24  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:30:34.0937 0x0e24  FontCache3.0.0.0 - ok
16:30:34.0968 0x0e24  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:30:34.0968 0x0e24  Fs_Rec - ok
16:30:34.0984 0x0e24  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:30:35.0031 0x0e24  Ftdisk - ok
16:30:35.0125 0x0e24  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
16:30:35.0125 0x0e24  GEARAspiWDM - ok
16:30:35.0156 0x0e24  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:30:35.0156 0x0e24  Gpc - ok
16:30:35.0203 0x0e24  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
16:30:35.0234 0x0e24  HDAudBus - ok
16:30:35.0296 0x0e24  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:30:35.0296 0x0e24  helpsvc - ok
16:30:35.0328 0x0e24  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
16:30:35.0343 0x0e24  HidServ - ok
16:30:35.0359 0x0e24  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:30:35.0359 0x0e24  HidUsb - ok
16:30:35.0375 0x0e24  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
16:30:35.0406 0x0e24  hkmsvc - ok
16:30:35.0406 0x0e24  hpn - ok
16:30:35.0437 0x0e24  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
16:30:35.0453 0x0e24  HTTP - ok
16:30:35.0453 0x0e24  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
16:30:35.0453 0x0e24  HTTPFilter - ok
16:30:35.0468 0x0e24  i2omgmt - ok
16:30:35.0468 0x0e24  i2omp - ok
16:30:35.0484 0x0e24  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:30:35.0515 0x0e24  i8042prt - ok
16:30:35.0593 0x0e24  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:30:35.0890 0x0e24  idsvc - ok
16:30:35.0906 0x0e24  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
16:30:35.0921 0x0e24  Imapi - ok
16:30:35.0953 0x0e24  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
16:30:35.0968 0x0e24  ImapiService - ok
16:30:35.0968 0x0e24  ini910u - ok
16:30:36.0140 0x0e24  [ 2389F12F0ED506176B7C29C8144CEA09, 42ED6DA2F1B794E1887A4C6E8794660BD076FFB64287884342E78E3EAE10859C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
16:30:36.0250 0x0e24  IntcAzAudAddService - ok
16:30:36.0265 0x0e24  IntelIde - ok
16:30:36.0296 0x0e24  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:30:36.0296 0x0e24  intelppm - ok
16:30:36.0312 0x0e24  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
16:30:36.0328 0x0e24  ip6fw - ok
16:30:36.0343 0x0e24  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:30:36.0343 0x0e24  IpFilterDriver - ok
16:30:36.0359 0x0e24  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:30:36.0359 0x0e24  IpInIp - ok
16:30:36.0390 0x0e24  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:30:36.0390 0x0e24  IpNat - ok
16:30:36.0453 0x0e24  [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:30:36.0468 0x0e24  iPod Service - ok
16:30:36.0500 0x0e24  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:30:36.0515 0x0e24  IPSec - ok
16:30:36.0531 0x0e24  [ ACA5E7B54409F9CB5EED97ED0C81120E, 1E22F442EA77596F58D133F1A5887CDC4F3325DD0836D24A665E1D31287ABFF7 ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
16:30:36.0546 0x0e24  irda - ok
16:30:36.0546 0x0e24  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
16:30:36.0562 0x0e24  IRENUM - ok
16:30:36.0578 0x0e24  [ 49CC4533CE897CB2E93C1E84A818FDE5, F2AC81CDB971F630699616509748DCE133874EFC79B9D6230517B5A4DFBE193D ] Irmon           C:\WINDOWS\System32\irmon.dll
16:30:36.0578 0x0e24  Irmon - ok
16:30:36.0593 0x0e24  [ 0501F0B9AB08425F8C0EACBDCC04AA32, 7764734BCA35CFF4E60B9F05553DF7500F03CB6A5398826746705FD758AE4D0A ] irsir           C:\WINDOWS\system32\DRIVERS\irsir.sys
16:30:36.0593 0x0e24  irsir - ok
16:30:36.0625 0x0e24  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:30:36.0625 0x0e24  isapnp - ok
16:30:36.0671 0x0e24  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:30:36.0703 0x0e24  JavaQuickStarterService - ok
16:30:36.0703 0x0e24  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:30:36.0703 0x0e24  Kbdclass - ok
16:30:36.0718 0x0e24  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:30:36.0734 0x0e24  kbdhid - ok
16:30:36.0750 0x0e24  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
16:30:36.0765 0x0e24  kmixer - ok
16:30:36.0781 0x0e24  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
16:30:36.0781 0x0e24  KSecDD - ok
16:30:36.0796 0x0e24  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
16:30:36.0812 0x0e24  lanmanserver - ok
16:30:36.0828 0x0e24  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:30:36.0843 0x0e24  lanmanworkstation - ok
16:30:36.0859 0x0e24  lbrtfdc - ok
16:30:36.0859 0x0e24  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
16:30:36.0875 0x0e24  LmHosts - ok
16:30:36.0890 0x0e24  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
16:30:36.0906 0x0e24  MBAMProtector - ok
16:30:36.0953 0x0e24  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:30:36.0968 0x0e24  MBAMScheduler - ok
16:30:37.0031 0x0e24  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:30:37.0046 0x0e24  MBAMService - ok
16:30:37.0093 0x0e24  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
16:30:37.0125 0x0e24  MDM - ok
16:30:37.0140 0x0e24  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
16:30:37.0156 0x0e24  Messenger - ok
16:30:37.0171 0x0e24  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
16:30:37.0171 0x0e24  mnmdd - ok
16:30:37.0187 0x0e24  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
16:30:37.0203 0x0e24  mnmsrvc - ok
16:30:37.0203 0x0e24  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
16:30:37.0218 0x0e24  Modem - ok
16:30:37.0218 0x0e24  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:30:37.0218 0x0e24  Mouclass - ok
16:30:37.0234 0x0e24  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:30:37.0234 0x0e24  mouhid - ok
16:30:37.0234 0x0e24  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
16:30:37.0250 0x0e24  MountMgr - ok
16:30:37.0281 0x0e24  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:30:37.0296 0x0e24  MozillaMaintenance - ok
16:30:37.0296 0x0e24  mraid35x - ok
16:30:37.0312 0x0e24  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:30:37.0328 0x0e24  MRxDAV - ok
16:30:37.0343 0x0e24  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:30:37.0375 0x0e24  MRxSmb - ok
16:30:37.0390 0x0e24  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:30:37.0390 0x0e24  MSDTC - ok
16:30:37.0390 0x0e24  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:30:37.0406 0x0e24  Msfs - ok
16:30:37.0406 0x0e24  MSIServer - ok
16:30:37.0421 0x0e24  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:30:37.0437 0x0e24  MSKSSRV - ok
16:30:37.0453 0x0e24  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:30:37.0453 0x0e24  MSPCLOCK - ok
16:30:37.0468 0x0e24  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:30:37.0468 0x0e24  MSPQM - ok
16:30:37.0484 0x0e24  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:30:37.0484 0x0e24  mssmbios - ok
16:30:37.0515 0x0e24  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
16:30:37.0531 0x0e24  Mup - ok
16:30:37.0593 0x0e24  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
16:30:37.0625 0x0e24  napagent - ok
16:30:37.0625 0x0e24  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
16:30:37.0656 0x0e24  NDIS - ok
16:30:37.0671 0x0e24  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:30:37.0671 0x0e24  NdisTapi - ok
16:30:37.0687 0x0e24  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:30:37.0687 0x0e24  Ndisuio - ok
16:30:37.0687 0x0e24  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:30:37.0703 0x0e24  NdisWan - ok
16:30:37.0718 0x0e24  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:30:37.0734 0x0e24  NDProxy - ok
16:30:37.0750 0x0e24  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl.sys
16:30:37.0750 0x0e24  Netaapl - ok
16:30:37.0765 0x0e24  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:30:37.0765 0x0e24  NetBIOS - ok
16:30:37.0781 0x0e24  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:30:37.0796 0x0e24  NetBT - ok
16:30:37.0812 0x0e24  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
16:30:37.0812 0x0e24  NetDDE - ok
16:30:37.0828 0x0e24  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
16:30:37.0828 0x0e24  NetDDEdsdm - ok
16:30:37.0859 0x0e24  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:30:37.0859 0x0e24  Netlogon - ok
16:30:37.0875 0x0e24  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
16:30:37.0890 0x0e24  Netman - ok
16:30:37.0921 0x0e24  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:30:37.0937 0x0e24  NetTcpPortSharing - ok
16:30:37.0953 0x0e24  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
16:30:37.0968 0x0e24  Nla - ok
16:30:37.0968 0x0e24  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:30:37.0984 0x0e24  Npfs - ok
16:30:38.0000 0x0e24  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:30:38.0046 0x0e24  Ntfs - ok
16:30:38.0046 0x0e24  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
16:30:38.0046 0x0e24  NtLmSsp - ok
16:30:38.0093 0x0e24  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
16:30:38.0140 0x0e24  NtmsSvc - ok
16:30:38.0140 0x0e24  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:30:38.0156 0x0e24  Null - ok
16:30:39.0359 0x0e24  [ B9B1BB146EB9A83DCF0F5635B09D3D43, 1A630E955811E9D317B1A23B6E18658AAE1696E709213A1FA25D8B7AD171EEAE ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
16:30:39.0687 0x0e24  nv - ok
16:30:39.0765 0x0e24  [ CC4F8220EAD1F6A38D51679708F435B9, 0A46901A282E6A8CCA5ED7CE1BE53315DBB29A9ABC590AB08625978B9AB35D17 ] nvsvc           C:\WINDOWS\system32\nvsvc32.exe
16:30:39.0781 0x0e24  nvsvc - ok
16:30:39.0796 0x0e24  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:30:39.0828 0x0e24  NwlnkFlt - ok
16:30:39.0843 0x0e24  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:30:39.0875 0x0e24  NwlnkFwd - ok
16:30:39.0906 0x0e24  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:30:39.0937 0x0e24  ose - ok
16:30:39.0984 0x0e24  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
16:30:40.0000 0x0e24  Parport - ok
16:30:40.0000 0x0e24  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
16:30:40.0031 0x0e24  PartMgr - ok
16:30:40.0046 0x0e24  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
16:30:40.0078 0x0e24  ParVdm - ok
16:30:40.0109 0x0e24  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
16:30:40.0156 0x0e24  PCI - ok
16:30:40.0156 0x0e24  PCIDump - ok
16:30:40.0156 0x0e24  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
16:30:40.0171 0x0e24  PCIIde - ok
16:30:40.0187 0x0e24  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
16:30:40.0234 0x0e24  Pcmcia - ok
16:30:40.0234 0x0e24  PDCOMP - ok
16:30:40.0250 0x0e24  PDFRAME - ok
16:30:40.0250 0x0e24  PDRELI - ok
16:30:40.0265 0x0e24  PDRFRAME - ok
16:30:40.0265 0x0e24  perc2 - ok
16:30:40.0265 0x0e24  perc2hib - ok
16:30:40.0296 0x0e24  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
16:30:40.0312 0x0e24  PlugPlay - ok
16:30:40.0312 0x0e24  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
16:30:40.0312 0x0e24  PolicyAgent - ok
16:30:40.0328 0x0e24  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:30:40.0328 0x0e24  PptpMiniport - ok
16:30:40.0343 0x0e24  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
16:30:40.0375 0x0e24  Processor - ok
16:30:40.0375 0x0e24  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:30:40.0375 0x0e24  ProtectedStorage - ok
16:30:40.0390 0x0e24  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
16:30:40.0406 0x0e24  PSched - ok
16:30:40.0421 0x0e24  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:30:40.0437 0x0e24  Ptilink - ok
16:30:40.0453 0x0e24  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
16:30:40.0468 0x0e24  PxHelp20 - ok
16:30:40.0484 0x0e24  ql1080 - ok
16:30:40.0484 0x0e24  Ql10wnt - ok
16:30:40.0484 0x0e24  ql12160 - ok
16:30:40.0500 0x0e24  ql1240 - ok
16:30:40.0500 0x0e24  ql1280 - ok
16:30:40.0515 0x0e24  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:30:40.0531 0x0e24  RasAcd - ok
16:30:40.0546 0x0e24  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:30:40.0578 0x0e24  RasAuto - ok
16:30:40.0593 0x0e24  [ 0207D26DDF796A193CCD9F83047BB5FC, 13613036BCB869FBD7229A0FE25D324710308385D8C35E5D990A40E52BE040DF ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
16:30:40.0593 0x0e24  Rasirda - ok
16:30:40.0609 0x0e24  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:30:40.0609 0x0e24  Rasl2tp - ok
16:30:40.0640 0x0e24  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:30:40.0656 0x0e24  RasMan - ok
16:30:40.0671 0x0e24  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:30:40.0671 0x0e24  RasPppoe - ok
16:30:40.0687 0x0e24  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
16:30:40.0687 0x0e24  Raspti - ok
16:30:40.0703 0x0e24  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:30:40.0734 0x0e24  Rdbss - ok
16:30:40.0750 0x0e24  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:30:40.0750 0x0e24  RDPCDD - ok
16:30:40.0781 0x0e24  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:30:40.0796 0x0e24  rdpdr - ok
16:30:40.0828 0x0e24  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
16:30:40.0843 0x0e24  RDPWD - ok
16:30:40.0859 0x0e24  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
16:30:40.0875 0x0e24  RDSessMgr - ok
16:30:40.0890 0x0e24  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
16:30:40.0890 0x0e24  redbook - ok
16:30:40.0921 0x0e24  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:30:40.0921 0x0e24  RemoteAccess - ok
16:30:40.0937 0x0e24  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:30:40.0953 0x0e24  RemoteRegistry - ok
16:30:40.0953 0x0e24  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\System32\locator.exe
16:30:40.0968 0x0e24  RpcLocator - ok
16:30:41.0000 0x0e24  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
16:30:41.0000 0x0e24  RpcSs - ok
16:30:41.0031 0x0e24  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\System32\rsvp.exe
16:30:41.0046 0x0e24  RSVP - ok
16:30:41.0046 0x0e24  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:30:41.0046 0x0e24  SamSs - ok
16:30:41.0062 0x0e24  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
16:30:41.0078 0x0e24  SCardSvr - ok
16:30:41.0093 0x0e24  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:30:41.0125 0x0e24  Schedule - ok
16:30:41.0140 0x0e24  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:30:41.0140 0x0e24  Secdrv - ok
16:30:41.0156 0x0e24  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
16:30:41.0156 0x0e24  seclogon - ok
16:30:41.0171 0x0e24  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
16:30:41.0171 0x0e24  SENS - ok
16:30:41.0187 0x0e24  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
16:30:41.0187 0x0e24  serenum - ok
16:30:41.0203 0x0e24  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
16:30:41.0203 0x0e24  Serial - ok
16:30:41.0218 0x0e24  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
16:30:41.0218 0x0e24  Sfloppy - ok
16:30:41.0281 0x0e24  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:30:41.0296 0x0e24  SharedAccess - ok
16:30:41.0312 0x0e24  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:30:41.0312 0x0e24  ShellHWDetection - ok
16:30:41.0312 0x0e24  Simbad - ok
16:30:41.0328 0x0e24  Sparrow - ok
16:30:41.0328 0x0e24  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
16:30:41.0328 0x0e24  splitter - ok
16:30:41.0359 0x0e24  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
16:30:41.0359 0x0e24  Spooler - ok
16:30:41.0375 0x0e24  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
16:30:41.0390 0x0e24  sr - ok
16:30:41.0406 0x0e24  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
16:30:41.0421 0x0e24  srservice - ok
16:30:41.0437 0x0e24  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:30:41.0453 0x0e24  Srv - ok
16:30:41.0468 0x0e24  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:30:41.0468 0x0e24  SSDPSRV - ok
16:30:41.0484 0x0e24  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
16:30:41.0500 0x0e24  ssmdrv - ok
16:30:41.0515 0x0e24  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
16:30:41.0531 0x0e24  stisvc - ok
16:30:41.0546 0x0e24  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
16:30:41.0546 0x0e24  swenum - ok
16:30:41.0562 0x0e24  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
16:30:41.0562 0x0e24  swmidi - ok
16:30:41.0578 0x0e24  SwPrv - ok
16:30:41.0578 0x0e24  symc810 - ok
16:30:41.0593 0x0e24  symc8xx - ok
16:30:41.0593 0x0e24  sym_hi - ok
16:30:41.0593 0x0e24  sym_u3 - ok
16:30:41.0609 0x0e24  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
16:30:41.0609 0x0e24  sysaudio - ok
16:30:41.0640 0x0e24  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
16:30:41.0656 0x0e24  SysmonLog - ok
16:30:41.0671 0x0e24  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:30:41.0687 0x0e24  TapiSrv - ok
16:30:41.0718 0x0e24  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:30:41.0750 0x0e24  Tcpip - ok
16:30:41.0765 0x0e24  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
16:30:41.0781 0x0e24  TDPIPE - ok
16:30:41.0796 0x0e24  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
16:30:41.0796 0x0e24  TDTCP - ok
16:30:41.0812 0x0e24  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
16:30:41.0812 0x0e24  TermDD - ok
16:30:41.0843 0x0e24  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
16:30:41.0875 0x0e24  TermService - ok
16:30:41.0937 0x0e24  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
16:30:41.0937 0x0e24  Themes - ok
16:30:41.0968 0x0e24  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
16:30:42.0000 0x0e24  TlntSvr - ok
16:30:42.0000 0x0e24  TosIde - ok
16:30:42.0015 0x0e24  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
16:30:42.0062 0x0e24  TrkWks - ok
16:30:42.0062 0x0e24  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
16:30:42.0078 0x0e24  Udfs - ok
16:30:42.0093 0x0e24  ultra - ok
16:30:42.0109 0x0e24  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
16:30:42.0140 0x0e24  Update - ok
16:30:42.0156 0x0e24  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:30:42.0203 0x0e24  upnphost - ok
16:30:42.0203 0x0e24  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
16:30:42.0203 0x0e24  UPS - ok
16:30:42.0234 0x0e24  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
16:30:42.0234 0x0e24  USBAAPL - ok
16:30:42.0265 0x0e24  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:30:42.0265 0x0e24  usbccgp - ok
16:30:42.0281 0x0e24  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:30:42.0281 0x0e24  usbehci - ok
16:30:42.0296 0x0e24  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:30:42.0296 0x0e24  usbhub - ok
16:30:42.0312 0x0e24  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:30:42.0328 0x0e24  usbscan - ok
16:30:42.0328 0x0e24  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:30:42.0343 0x0e24  USBSTOR - ok
16:30:42.0359 0x0e24  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:30:42.0375 0x0e24  usbuhci - ok
16:30:42.0390 0x0e24  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
16:30:42.0390 0x0e24  VgaSave - ok
16:30:42.0390 0x0e24  ViaIde - ok
16:30:42.0421 0x0e24  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
16:30:42.0437 0x0e24  VolSnap - ok
16:30:42.0453 0x0e24  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
16:30:42.0484 0x0e24  VSS - ok
16:30:42.0500 0x0e24  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
16:30:42.0515 0x0e24  W32Time - ok
16:30:42.0562 0x0e24  [ BAD35D128DD4E7071B3C294EE92FFD65, 0C18442AD0C91C6E413D791C058F6E99411E2B323811D3B225846ECF945FB0DB ] W8100PCI        C:\WINDOWS\system32\DRIVERS\mrv8k51.sys
16:30:42.0578 0x0e24  W8100PCI - ok
16:30:42.0593 0x0e24  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:30:42.0593 0x0e24  Wanarp - ok
16:30:42.0640 0x0e24  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
16:30:42.0687 0x0e24  Wdf01000 - ok
16:30:42.0703 0x0e24  WDICA - ok
16:30:42.0703 0x0e24  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
16:30:42.0718 0x0e24  wdmaud - ok
16:30:42.0734 0x0e24  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:30:42.0750 0x0e24  WebClient - ok
16:30:42.0781 0x0e24  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:30:42.0796 0x0e24  winmgmt - ok
16:30:42.0828 0x0e24  [ F3EDC9909A02E6BCA863EB702D37B505, 7C102302884825366DFA9B58FBC8A686185C7A9BD47F83B6698B886E57DF6218 ] WinVNC4         C:\Program Files\RealVNC\VNC4\WinVNC4.exe
16:30:42.0843 0x0e24  WinVNC4 - ok
16:30:42.0859 0x0e24  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\System32\mspmsnsv.dll
16:30:42.0875 0x0e24  WmdmPmSN - ok
16:30:42.0906 0x0e24  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
16:30:42.0921 0x0e24  Wmi - ok
16:30:42.0937 0x0e24  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
16:30:42.0953 0x0e24  WmiApSrv - ok
16:30:42.0984 0x0e24  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
16:30:43.0000 0x0e24  wscsvc - ok
16:30:43.0015 0x0e24  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
16:30:43.0031 0x0e24  wuauserv - ok
16:30:43.0062 0x0e24  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
16:30:43.0078 0x0e24  WZCSVC - ok
16:30:43.0109 0x0e24  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
16:30:43.0125 0x0e24  xmlprov - ok
16:30:43.0156 0x0e24  [ 936A0E2D44ADF93CE0DF8E92AAB29C6E, BEC48289E9A8598589119398E2FE82F8017015DFD4463503197DC6CC5D096C35 ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys
16:30:43.0171 0x0e24  yukonwxp - ok
16:30:43.0187 0x0e24  ================ Scan global ===============================
16:30:43.0203 0x0e24  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
16:30:43.0234 0x0e24  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
16:30:43.0281 0x0e24  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
16:30:43.0296 0x0e24  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
16:30:43.0296 0x0e24  [ Global ] - ok
16:30:43.0296 0x0e24  ================ Scan MBR ==================================
16:30:43.0312 0x0e24  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
16:30:43.0468 0x0e24  \Device\Harddisk0\DR0 - ok
16:30:43.0468 0x0e24  ================ Scan VBR ==================================
16:30:43.0468 0x0e24  [ 19DE61F7E9992BD33843659294005725 ] \Device\Harddisk0\DR0\Partition1
16:30:43.0515 0x0e24  \Device\Harddisk0\DR0\Partition1 - ok
16:30:43.0515 0x0e24  [ 5B2C751555069A2B12A7E49E4EB6E6A1 ] \Device\Harddisk0\DR0\Partition2
16:30:43.0546 0x0e24  \Device\Harddisk0\DR0\Partition2 - ok
16:30:43.0546 0x0e24  Waiting for KSN requests completion. In queue: 173
16:30:44.0546 0x0e24  Waiting for KSN requests completion. In queue: 173
16:30:45.0546 0x0e24  Waiting for KSN requests completion. In queue: 173
16:30:46.0546 0x0e24  Waiting for KSN requests completion. In queue: 173
16:30:47.0578 0x0e24  AV detected via SS1: AntiVir Desktop, 10.0.1.59, enabled, updated
16:30:47.0578 0x0e24  Win FW state via NFM: disabled
16:30:50.0531 0x0e24  ============================================================
16:30:50.0531 0x0e24  Scan finished
16:30:50.0531 0x0e24  ============================================================
16:30:50.0531 0x0e1c  Detected object count: 0
16:30:50.0531 0x0e1c  Actual detected object count: 0
16:33:49.0343 0x06a4  Deinitialize success
 

3

 

16:24:15.0609 0x0fd8  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
16:24:21.0796 0x0fd8  ============================================================
16:24:21.0796 0x0fd8  Current date / time: 2014/05/07 16:24:21.0796
16:24:21.0796 0x0fd8  SystemInfo:
16:24:21.0796 0x0fd8  
16:24:21.0796 0x0fd8  OS Version: 5.1.2600 ServicePack: 3.0
16:24:21.0796 0x0fd8  Product type: Workstation
16:24:21.0796 0x0fd8  ComputerName: COMPUTER-OBE3CR
16:24:21.0796 0x0fd8  UserName: Theresa
16:24:21.0796 0x0fd8  Windows directory: C:\WINDOWS
16:24:21.0796 0x0fd8  System windows directory: C:\WINDOWS
16:24:21.0796 0x0fd8  Processor architecture: Intel x86
16:24:21.0796 0x0fd8  Number of processors: 2
16:24:21.0796 0x0fd8  Page size: 0x1000
16:24:21.0796 0x0fd8  Boot type: Normal boot
16:24:21.0796 0x0fd8  ============================================================
16:24:23.0250 0x0fd8  KLMD registered as C:\WINDOWS\system32\drivers\87663055.sys
16:25:14.0750 0x0fd8  KLMD registered as C:\WINDOWS\system32\drivers\79139379.sys
16:25:15.0531 0x0fc4  Deinitialize success
 

JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Theresa on Wed 05/07/2014 at 21:52:11.20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 05/07/2014 at 21:56:37.53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

AdwCleaner - 2 logs

 

1

# AdwCleaner v3.207 - Report created 07/05/2014 at 16:35:34
# Updated 05/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Theresa - COMPUTER-OBE3CR
# Running from : C:\Documents and Settings\Theresa\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Theresa\Application Data\Mozilla\Firefox\Profiles\zeop9z0d.default\user.js
Folder Found : C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
Folder Found : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Found : C:\Documents and Settings\Theresa\Local Settings\Application Data\Conduit
Folder Found : C:\Program Files\Vuze

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2966884
Key Found : HKLM\Software\Conduit
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Key Found : HKLM\Software\ImInstaller
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\Trymedia Systems
Value Found : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Value Found : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Vuze\Azureus.exe]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\Theresa\Application Data\Mozilla\Firefox\Profiles\zeop9z0d.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2249 octets] - [07/05/2014 16:35:34]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [2309 octets] ##########
 

2.

# AdwCleaner v3.207 - Report created 07/05/2014 at 16:40:21
# Updated 05/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Theresa - COMPUTER-OBE3CR
# Running from : C:\Documents and Settings\Theresa\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Alawar Stargaze
[x] Not Deleted : C:\Program Files\Vuze
Folder Deleted : C:\Documents and Settings\Theresa\Local Settings\Application Data\Conduit
File Deleted : C:\Documents and Settings\Theresa\Application Data\Mozilla\Firefox\Profiles\zeop9z0d.default\user.js

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Value Deleted : HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel [Homepage]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2966884
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Vuze\Azureus.exe]
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\ImInstaller
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Documents and Settings\Theresa\Application Data\Mozilla\Firefox\Profiles\zeop9z0d.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2389 octets] - [07/05/2014 16:35:34]
AdwCleaner[S0].txt - [2351 octets] - [07/05/2014 16:40:21]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2411 octets] ##########
 

Eset

C:\Program Files\Avira\AntiVir Desktop\ApnIC.dll    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted (after the next restart) - quarantined
C:\Program Files\Avira\AntiVir Desktop\ApnToolbarInstaller.exe    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted (after the next restart) - quarantined
C:\System Volume Information\_restore{0EA68F51-0B8D-4265-9082-540D3D91491E}\RP555\A0041003.dll    Win32/OpenCandy potentially unsafe application    deleted - quarantined
 

 

Thank you in advance for your help!



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 AM

Posted 08 May 2014 - 10:49 AM

Hello, the end of the TDSS log was cut off... can you repost the last 12 - 20 lines

next go into Control Panel, Add/ Remove and uninstall these...
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 37 (Version: 6.0.370)

Now.... Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
Now open Malwarebytes and update it to version 2.0.. Run ,post the log and tell me how it is.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 easypeesy

easypeesy

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:15 PM

Posted 08 May 2014 - 08:13 PM

Hello,

I assume that you are speaking of the 3rd log

This is all I have in the particular file, I have run an additional log from TDSS, just in case. 

 

3rd Log.

16:24:15.0609 0x0fd8  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
16:24:21.0796 0x0fd8  ============================================================
16:24:21.0796 0x0fd8  Current date / time: 2014/05/07 16:24:21.0796
16:24:21.0796 0x0fd8  SystemInfo:
16:24:21.0796 0x0fd8  
16:24:21.0796 0x0fd8  OS Version: 5.1.2600 ServicePack: 3.0
16:24:21.0796 0x0fd8  Product type: Workstation
16:24:21.0796 0x0fd8  ComputerName: COMPUTER-OBE3CR
16:24:21.0796 0x0fd8  UserName: Theresa
16:24:21.0796 0x0fd8  Windows directory: C:\WINDOWS
16:24:21.0796 0x0fd8  System windows directory: C:\WINDOWS
16:24:21.0796 0x0fd8  Processor architecture: Intel x86
16:24:21.0796 0x0fd8  Number of processors: 2
16:24:21.0796 0x0fd8  Page size: 0x1000
16:24:21.0796 0x0fd8  Boot type: Normal boot
16:24:21.0796 0x0fd8  ============================================================
16:24:23.0250 0x0fd8  KLMD registered as C:\WINDOWS\system32\drivers\87663055.sys
16:25:14.0750 0x0fd8  KLMD registered as C:\WINDOWS\system32\drivers\79139379.sys
16:25:15.0531 0x0fc4  Deinitialize success

 

New Log

18:10:24.0031 0x0e4c  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
18:10:29.0500 0x0e4c  ============================================================
18:10:29.0500 0x0e4c  Current date / time: 2014/05/08 18:10:29.0500
18:10:29.0500 0x0e4c  SystemInfo:
18:10:29.0500 0x0e4c  
18:10:29.0500 0x0e4c  OS Version: 5.1.2600 ServicePack: 3.0
18:10:29.0500 0x0e4c  Product type: Workstation
18:10:29.0500 0x0e4c  ComputerName: COMPUTER-OBE3CR
18:10:29.0500 0x0e4c  UserName: Theresa
18:10:29.0500 0x0e4c  Windows directory: C:\WINDOWS
18:10:29.0500 0x0e4c  System windows directory: C:\WINDOWS
18:10:29.0500 0x0e4c  Processor architecture: Intel x86
18:10:29.0500 0x0e4c  Number of processors: 2
18:10:29.0500 0x0e4c  Page size: 0x1000
18:10:29.0500 0x0e4c  Boot type: Normal boot
18:10:29.0500 0x0e4c  ============================================================
18:10:30.0921 0x0e4c  KLMD registered as C:\WINDOWS\system32\drivers\71521223.sys
18:10:31.0031 0x0e4c  System UUID: {7CD290BA-F373-7E83-CA0E-0509F8E1CBD4}
18:10:31.0578 0x0e4c  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:10:31.0593 0x0e4c  ============================================================
18:10:31.0593 0x0e4c  \Device\Harddisk0\DR0:
18:10:31.0593 0x0e4c  MBR partitions:
18:10:31.0593 0x0e4c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xC34F28D
18:10:31.0609 0x0e4c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC34F30B, BlocksNum 0x3E503CF5
18:10:31.0609 0x0e4c  ============================================================
18:10:31.0625 0x0e4c  D: <-> \Device\Harddisk0\DR0\Partition2
18:10:31.0640 0x0e4c  C: <-> \Device\Harddisk0\DR0\Partition1
18:10:31.0640 0x0e4c  ============================================================
18:10:31.0640 0x0e4c  Initialize success
18:10:31.0640 0x0e4c  ============================================================
18:10:37.0593 0x0fb0  ============================================================
18:10:37.0593 0x0fb0  Scan started
18:10:37.0593 0x0fb0  Mode: Manual;
18:10:37.0593 0x0fb0  ============================================================
18:10:37.0593 0x0fb0  KSN ping started
18:10:40.0796 0x0fb0  KSN ping finished: true
18:10:41.0312 0x0fb0  ================ Scan system memory ========================
18:10:41.0312 0x0fb0  System memory - ok
18:10:41.0312 0x0fb0  ================ Scan services =============================
18:10:41.0484 0x0fb0  Abiosdsk - ok
18:10:41.0484 0x0fb0  abp480n5 - ok
18:10:41.0515 0x0fb0  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
18:10:41.0515 0x0fb0  ACPI - ok
18:10:41.0640 0x0fb0  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
18:10:41.0640 0x0fb0  ACPIEC - ok
18:10:41.0687 0x0fb0  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:10:41.0703 0x0fb0  AdobeFlashPlayerUpdateSvc - ok
18:10:41.0703 0x0fb0  adpu160m - ok
18:10:41.0734 0x0fb0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
18:10:41.0750 0x0fb0  aec - ok
18:10:41.0781 0x0fb0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
18:10:41.0812 0x0fb0  AFD - ok
18:10:41.0828 0x0fb0  Aha154x - ok
18:10:41.0828 0x0fb0  aic78u2 - ok
18:10:41.0828 0x0fb0  aic78xx - ok
18:10:41.0859 0x0fb0  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
18:10:41.0875 0x0fb0  Alerter - ok
18:10:41.0890 0x0fb0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
18:10:41.0890 0x0fb0  ALG - ok
18:10:41.0890 0x0fb0  AliIde - ok
18:10:41.0906 0x0fb0  amsint - ok
18:10:41.0953 0x0fb0  [ B4837FE56D76B2E9EA90E5365CF6A2BE, 4379A0BA850C787D6AD01F50D6FCEEA96E2F4800BAF1A0EEEC6BEFA6851762C1 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
18:10:41.0984 0x0fb0  AntiVirSchedulerService - ok
18:10:42.0015 0x0fb0  [ DF5A3016052755C910A206058B4A1729, 0E15807370B8EA28002D713490FD8DDD3E7FCFAE78477197CE2C0EFB5F176896 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
18:10:42.0015 0x0fb0  AntiVirService - ok
18:10:42.0062 0x0fb0  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:10:42.0078 0x0fb0  Apple Mobile Device - ok
18:10:42.0109 0x0fb0  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
18:10:42.0125 0x0fb0  AppMgmt - ok
18:10:42.0140 0x0fb0  asc - ok
18:10:42.0140 0x0fb0  asc3350p - ok
18:10:42.0156 0x0fb0  asc3550 - ok
18:10:42.0218 0x0fb0  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
18:10:42.0265 0x0fb0  aspnet_state - ok
18:10:42.0281 0x0fb0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:10:42.0296 0x0fb0  AsyncMac - ok
18:10:42.0328 0x0fb0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
18:10:42.0328 0x0fb0  atapi - ok
18:10:42.0343 0x0fb0  Atdisk - ok
18:10:42.0359 0x0fb0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
18:10:42.0359 0x0fb0  Atmarpc - ok
18:10:42.0390 0x0fb0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
18:10:42.0406 0x0fb0  AudioSrv - ok
18:10:42.0406 0x0fb0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
18:10:42.0421 0x0fb0  audstub - ok
18:10:42.0437 0x0fb0  [ 0B497C79824F8E1BF22FA6AACD3DE3A0, D9238EFCE3BD9C280B8EC0766C2E99940CB97B1FE5354E6D5B714C13097BAB70 ] avgio           C:\Program Files\Avira\AntiVir Desktop\avgio.sys
18:10:42.0453 0x0fb0  avgio - ok
18:10:42.0468 0x0fb0  [ 1E4114685DE1FFA9675E09C6A1FB3F4B, A9A558BBF5D1EFDC7C82D58307CE3C48FE41A0905A3C4010C3F24D083EC891AC ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
18:10:42.0468 0x0fb0  avgntflt - ok
18:10:42.0500 0x0fb0  [ 0F78D3DAE6DEDD99AE54C9491C62ADF2, 0E06E5DE67BCFF8028311DE492279F9D8B3B11B68C49CA8B2AFA19FFFADCC18F ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
18:10:42.0515 0x0fb0  avipbb - ok
18:10:42.0531 0x0fb0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:10:42.0546 0x0fb0  Beep - ok
18:10:42.0578 0x0fb0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
18:10:42.0625 0x0fb0  BITS - ok
18:10:42.0687 0x0fb0  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:10:42.0718 0x0fb0  Bonjour Service - ok
18:10:42.0734 0x0fb0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
18:10:42.0765 0x0fb0  Browser - ok
18:10:42.0781 0x0fb0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
18:10:42.0796 0x0fb0  cbidf2k - ok
18:10:42.0796 0x0fb0  cd20xrnt - ok
18:10:42.0828 0x0fb0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
18:10:42.0843 0x0fb0  Cdaudio - ok
18:10:42.0843 0x0fb0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
18:10:42.0859 0x0fb0  Cdfs - ok
18:10:42.0875 0x0fb0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
18:10:42.0890 0x0fb0  Cdrom - ok
18:10:42.0890 0x0fb0  Changer - ok
18:10:42.0921 0x0fb0  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
18:10:42.0937 0x0fb0  CiSvc - ok
18:10:42.0953 0x0fb0  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
18:10:42.0968 0x0fb0  ClipSrv - ok
18:10:42.0984 0x0fb0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:10:43.0015 0x0fb0  clr_optimization_v2.0.50727_32 - ok
18:10:43.0031 0x0fb0  CmdIde - ok
18:10:43.0031 0x0fb0  COMSysApp - ok
18:10:43.0046 0x0fb0  Cpqarray - ok
18:10:43.0062 0x0fb0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
18:10:43.0078 0x0fb0  CryptSvc - ok
18:10:43.0109 0x0fb0  [ CB6FF7012BB5D59D7C12350DB795CE1F, D0C614B206B69EBE735CFB158703730B42A72A46F6808D0D1C7385E3C1434AC5 ] ctxusbm         C:\WINDOWS\system32\DRIVERS\ctxusbm.sys
18:10:43.0109 0x0fb0  ctxusbm - ok
18:10:43.0125 0x0fb0  dac2w2k - ok
18:10:43.0125 0x0fb0  dac960nt - ok
18:10:43.0156 0x0fb0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:10:43.0171 0x0fb0  DcomLaunch - ok
18:10:43.0203 0x0fb0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
18:10:43.0203 0x0fb0  Dhcp - ok
18:10:43.0218 0x0fb0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
18:10:43.0218 0x0fb0  Disk - ok
18:10:43.0218 0x0fb0  dmadmin - ok
18:10:43.0265 0x0fb0  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
18:10:43.0328 0x0fb0  dmboot - ok
18:10:43.0343 0x0fb0  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
18:10:43.0343 0x0fb0  dmio - ok
18:10:43.0359 0x0fb0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
18:10:43.0359 0x0fb0  dmload - ok
18:10:43.0375 0x0fb0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
18:10:43.0390 0x0fb0  dmserver - ok
18:10:43.0406 0x0fb0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
18:10:43.0421 0x0fb0  DMusic - ok
18:10:43.0453 0x0fb0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:10:43.0468 0x0fb0  Dnscache - ok
18:10:43.0500 0x0fb0  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:10:43.0515 0x0fb0  Dot3svc - ok
18:10:43.0531 0x0fb0  dpti2o - ok
18:10:43.0546 0x0fb0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:10:43.0562 0x0fb0  drmkaud - ok
18:10:43.0578 0x0fb0  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
18:10:43.0609 0x0fb0  EapHost - ok
18:10:43.0609 0x0fb0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
18:10:43.0625 0x0fb0  ERSvc - ok
18:10:43.0640 0x0fb0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
18:10:43.0671 0x0fb0  Eventlog - ok
18:10:43.0687 0x0fb0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\System32\es.dll
18:10:43.0734 0x0fb0  EventSystem - ok
18:10:43.0750 0x0fb0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
18:10:43.0765 0x0fb0  Fastfat - ok
18:10:43.0796 0x0fb0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
18:10:43.0828 0x0fb0  FastUserSwitchingCompatibility - ok
18:10:43.0828 0x0fb0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
18:10:43.0828 0x0fb0  Fdc - ok
18:10:43.0859 0x0fb0  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
18:10:43.0875 0x0fb0  Fips - ok
18:10:43.0875 0x0fb0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
18:10:43.0890 0x0fb0  Flpydisk - ok
18:10:43.0921 0x0fb0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:10:43.0921 0x0fb0  FltMgr - ok
18:10:43.0953 0x0fb0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:10:43.0984 0x0fb0  FontCache3.0.0.0 - ok
18:10:44.0000 0x0fb0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:10:44.0000 0x0fb0  Fs_Rec - ok
18:10:44.0015 0x0fb0  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
18:10:44.0015 0x0fb0  Ftdisk - ok
18:10:44.0031 0x0fb0  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:10:44.0046 0x0fb0  GEARAspiWDM - ok
18:10:44.0062 0x0fb0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
18:10:44.0078 0x0fb0  Gpc - ok
18:10:44.0078 0x0fb0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
18:10:44.0093 0x0fb0  HDAudBus - ok
18:10:44.0125 0x0fb0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:10:44.0140 0x0fb0  helpsvc - ok
18:10:44.0156 0x0fb0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
18:10:44.0171 0x0fb0  HidServ - ok
18:10:44.0203 0x0fb0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
18:10:44.0218 0x0fb0  HidUsb - ok
18:10:44.0234 0x0fb0  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
18:10:44.0250 0x0fb0  hkmsvc - ok
18:10:44.0265 0x0fb0  hpn - ok
18:10:44.0281 0x0fb0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
18:10:44.0296 0x0fb0  HTTP - ok
18:10:44.0312 0x0fb0  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
18:10:44.0312 0x0fb0  HTTPFilter - ok
18:10:44.0328 0x0fb0  i2omgmt - ok
18:10:44.0328 0x0fb0  i2omp - ok
18:10:44.0343 0x0fb0  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
18:10:44.0359 0x0fb0  i8042prt - ok
18:10:44.0406 0x0fb0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:10:44.0500 0x0fb0  idsvc - ok
18:10:44.0531 0x0fb0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
18:10:44.0546 0x0fb0  Imapi - ok
18:10:44.0593 0x0fb0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
18:10:44.0593 0x0fb0  ImapiService - ok
18:10:44.0609 0x0fb0  ini910u - ok
18:10:44.0859 0x0fb0  [ 2389F12F0ED506176B7C29C8144CEA09, 42ED6DA2F1B794E1887A4C6E8794660BD076FFB64287884342E78E3EAE10859C ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
18:10:45.0000 0x0fb0  IntcAzAudAddService - ok
18:10:45.0015 0x0fb0  IntelIde - ok
18:10:45.0031 0x0fb0  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
18:10:45.0046 0x0fb0  intelppm - ok
18:10:45.0062 0x0fb0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
18:10:45.0062 0x0fb0  ip6fw - ok
18:10:45.0093 0x0fb0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:10:45.0109 0x0fb0  IpFilterDriver - ok
18:10:45.0125 0x0fb0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
18:10:45.0125 0x0fb0  IpInIp - ok
18:10:45.0156 0x0fb0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
18:10:45.0156 0x0fb0  IpNat - ok
18:10:45.0187 0x0fb0  [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:10:45.0218 0x0fb0  iPod Service - ok
18:10:45.0234 0x0fb0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
18:10:45.0250 0x0fb0  IPSec - ok
18:10:45.0265 0x0fb0  [ ACA5E7B54409F9CB5EED97ED0C81120E, 1E22F442EA77596F58D133F1A5887CDC4F3325DD0836D24A665E1D31287ABFF7 ] irda            C:\WINDOWS\system32\DRIVERS\irda.sys
18:10:45.0281 0x0fb0  irda - ok
18:10:45.0296 0x0fb0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
18:10:45.0296 0x0fb0  IRENUM - ok
18:10:45.0328 0x0fb0  [ 49CC4533CE897CB2E93C1E84A818FDE5, F2AC81CDB971F630699616509748DCE133874EFC79B9D6230517B5A4DFBE193D ] Irmon           C:\WINDOWS\System32\irmon.dll
18:10:45.0359 0x0fb0  Irmon - ok
18:10:45.0359 0x0fb0  [ 0501F0B9AB08425F8C0EACBDCC04AA32, 7764734BCA35CFF4E60B9F05553DF7500F03CB6A5398826746705FD758AE4D0A ] irsir           C:\WINDOWS\system32\DRIVERS\irsir.sys
18:10:45.0375 0x0fb0  irsir - ok
18:10:45.0406 0x0fb0  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
18:10:45.0406 0x0fb0  isapnp - ok
18:10:45.0453 0x0fb0  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:10:45.0468 0x0fb0  JavaQuickStarterService - ok
18:10:45.0484 0x0fb0  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
18:10:45.0500 0x0fb0  Kbdclass - ok
18:10:45.0515 0x0fb0  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
18:10:45.0531 0x0fb0  kbdhid - ok
18:10:45.0546 0x0fb0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
18:10:45.0546 0x0fb0  kmixer - ok
18:10:45.0562 0x0fb0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
18:10:45.0562 0x0fb0  KSecDD - ok
18:10:45.0578 0x0fb0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
18:10:45.0593 0x0fb0  lanmanserver - ok
18:10:45.0609 0x0fb0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
18:10:45.0640 0x0fb0  lanmanworkstation - ok
18:10:45.0640 0x0fb0  lbrtfdc - ok
18:10:45.0687 0x0fb0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
18:10:45.0703 0x0fb0  LmHosts - ok
18:10:45.0734 0x0fb0  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
18:10:45.0734 0x0fb0  MBAMProtector - ok
18:10:45.0781 0x0fb0  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:10:45.0812 0x0fb0  MBAMScheduler - ok
18:10:45.0859 0x0fb0  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:10:45.0921 0x0fb0  MBAMService - ok
18:10:45.0953 0x0fb0  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
18:10:45.0984 0x0fb0  MDM - ok
18:10:46.0000 0x0fb0  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
18:10:46.0015 0x0fb0  Messenger - ok
18:10:46.0031 0x0fb0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
18:10:46.0046 0x0fb0  mnmdd - ok
18:10:46.0062 0x0fb0  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
18:10:46.0078 0x0fb0  mnmsrvc - ok
18:10:46.0093 0x0fb0  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
18:10:46.0109 0x0fb0  Modem - ok
18:10:46.0125 0x0fb0  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
18:10:46.0140 0x0fb0  Mouclass - ok
18:10:46.0140 0x0fb0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
18:10:46.0156 0x0fb0  mouhid - ok
18:10:46.0171 0x0fb0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
18:10:46.0171 0x0fb0  MountMgr - ok
18:10:46.0218 0x0fb0  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:10:46.0234 0x0fb0  MozillaMaintenance - ok
18:10:46.0234 0x0fb0  mraid35x - ok
18:10:46.0250 0x0fb0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
18:10:46.0250 0x0fb0  MRxDAV - ok
18:10:46.0296 0x0fb0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:10:46.0312 0x0fb0  MRxSmb - ok
18:10:46.0328 0x0fb0  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:10:46.0343 0x0fb0  MSDTC - ok
18:10:46.0343 0x0fb0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:10:46.0343 0x0fb0  Msfs - ok
18:10:46.0359 0x0fb0  MSIServer - ok
18:10:46.0375 0x0fb0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:10:46.0390 0x0fb0  MSKSSRV - ok
18:10:46.0406 0x0fb0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:10:46.0406 0x0fb0  MSPCLOCK - ok
18:10:46.0421 0x0fb0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:10:46.0437 0x0fb0  MSPQM - ok
18:10:46.0437 0x0fb0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
18:10:46.0453 0x0fb0  mssmbios - ok
18:10:46.0468 0x0fb0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
18:10:46.0468 0x0fb0  Mup - ok
18:10:46.0484 0x0fb0  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
18:10:46.0515 0x0fb0  napagent - ok
18:10:46.0531 0x0fb0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
18:10:46.0546 0x0fb0  NDIS - ok
18:10:46.0562 0x0fb0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:10:46.0578 0x0fb0  NdisTapi - ok
18:10:46.0593 0x0fb0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:10:46.0609 0x0fb0  Ndisuio - ok
18:10:46.0609 0x0fb0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:10:46.0625 0x0fb0  NdisWan - ok
18:10:46.0656 0x0fb0  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:10:46.0671 0x0fb0  NDProxy - ok
18:10:46.0703 0x0fb0  [ 1352E1648213551923A0A822E441553C, F9BCA299249D8E1ADF88F54554F72428E267E39911143F4C99DFF562F0EE4E70 ] Netaapl         C:\WINDOWS\system32\DRIVERS\netaapl.sys
18:10:46.0703 0x0fb0  Netaapl - ok
18:10:46.0718 0x0fb0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:10:46.0718 0x0fb0  NetBIOS - ok
18:10:46.0750 0x0fb0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:10:46.0796 0x0fb0  NetBT - ok
18:10:46.0828 0x0fb0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
18:10:46.0843 0x0fb0  NetDDE - ok
18:10:46.0843 0x0fb0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
18:10:46.0843 0x0fb0  NetDDEdsdm - ok
18:10:46.0875 0x0fb0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:10:46.0890 0x0fb0  Netlogon - ok
18:10:46.0906 0x0fb0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
18:10:46.0906 0x0fb0  Netman - ok
18:10:46.0937 0x0fb0  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:10:46.0968 0x0fb0  NetTcpPortSharing - ok
18:10:46.0984 0x0fb0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
18:10:47.0000 0x0fb0  Nla - ok
18:10:47.0015 0x0fb0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:10:47.0015 0x0fb0  Npfs - ok
18:10:47.0031 0x0fb0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:10:47.0062 0x0fb0  Ntfs - ok
18:10:47.0062 0x0fb0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
18:10:47.0062 0x0fb0  NtLmSsp - ok
18:10:47.0093 0x0fb0  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
18:10:47.0125 0x0fb0  NtmsSvc - ok
18:10:47.0140 0x0fb0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:10:47.0156 0x0fb0  Null - ok
18:10:47.0484 0x0fb0  [ B9B1BB146EB9A83DCF0F5635B09D3D43, 1A630E955811E9D317B1A23B6E18658AAE1696E709213A1FA25D8B7AD171EEAE ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
18:10:47.0843 0x0fb0  nv - ok
18:10:47.0890 0x0fb0  [ CC4F8220EAD1F6A38D51679708F435B9, 0A46901A282E6A8CCA5ED7CE1BE53315DBB29A9ABC590AB08625978B9AB35D17 ] nvsvc           C:\WINDOWS\system32\nvsvc32.exe
18:10:47.0906 0x0fb0  nvsvc - ok
18:10:47.0937 0x0fb0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
18:10:47.0937 0x0fb0  NwlnkFlt - ok
18:10:47.0953 0x0fb0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
18:10:47.0968 0x0fb0  NwlnkFwd - ok
18:10:48.0000 0x0fb0  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:10:48.0015 0x0fb0  ose - ok
18:10:48.0046 0x0fb0  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
18:10:48.0062 0x0fb0  Parport - ok
18:10:48.0078 0x0fb0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
18:10:48.0078 0x0fb0  PartMgr - ok
18:10:48.0093 0x0fb0  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
18:10:48.0093 0x0fb0  ParVdm - ok
18:10:48.0109 0x0fb0  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
18:10:48.0125 0x0fb0  PCI - ok
18:10:48.0125 0x0fb0  PCIDump - ok
18:10:48.0125 0x0fb0  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
18:10:48.0125 0x0fb0  PCIIde - ok
18:10:48.0156 0x0fb0  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
18:10:48.0187 0x0fb0  Pcmcia - ok
18:10:48.0187 0x0fb0  PDCOMP - ok
18:10:48.0187 0x0fb0  PDFRAME - ok
18:10:48.0203 0x0fb0  PDRELI - ok
18:10:48.0203 0x0fb0  PDRFRAME - ok
18:10:48.0218 0x0fb0  perc2 - ok
18:10:48.0218 0x0fb0  perc2hib - ok
18:10:48.0250 0x0fb0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
18:10:48.0250 0x0fb0  PlugPlay - ok
18:10:48.0250 0x0fb0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
18:10:48.0250 0x0fb0  PolicyAgent - ok
18:10:48.0265 0x0fb0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:10:48.0281 0x0fb0  PptpMiniport - ok
18:10:48.0296 0x0fb0  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
18:10:48.0312 0x0fb0  Processor - ok
18:10:48.0328 0x0fb0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
18:10:48.0328 0x0fb0  ProtectedStorage - ok
18:10:48.0328 0x0fb0  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
18:10:48.0343 0x0fb0  PSched - ok
18:10:48.0359 0x0fb0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
18:10:48.0375 0x0fb0  Ptilink - ok
18:10:48.0406 0x0fb0  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
18:10:48.0406 0x0fb0  PxHelp20 - ok
18:10:48.0406 0x0fb0  ql1080 - ok
18:10:48.0421 0x0fb0  Ql10wnt - ok
18:10:48.0421 0x0fb0  ql12160 - ok
18:10:48.0437 0x0fb0  ql1240 - ok
18:10:48.0437 0x0fb0  ql1280 - ok
18:10:48.0437 0x0fb0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:10:48.0453 0x0fb0  RasAcd - ok
18:10:48.0468 0x0fb0  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:10:48.0484 0x0fb0  RasAuto - ok
18:10:48.0500 0x0fb0  [ 0207D26DDF796A193CCD9F83047BB5FC, 13613036BCB869FBD7229A0FE25D324710308385D8C35E5D990A40E52BE040DF ] Rasirda         C:\WINDOWS\system32\DRIVERS\rasirda.sys
18:10:48.0515 0x0fb0  Rasirda - ok
18:10:48.0531 0x0fb0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:10:48.0546 0x0fb0  Rasl2tp - ok
18:10:48.0578 0x0fb0  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:10:48.0593 0x0fb0  RasMan - ok
18:10:48.0609 0x0fb0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:10:48.0625 0x0fb0  RasPppoe - ok
18:10:48.0625 0x0fb0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
18:10:48.0640 0x0fb0  Raspti - ok
18:10:48.0640 0x0fb0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:10:48.0656 0x0fb0  Rdbss - ok
18:10:48.0656 0x0fb0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
18:10:48.0671 0x0fb0  RDPCDD - ok
18:10:48.0703 0x0fb0  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
18:10:48.0718 0x0fb0  rdpdr - ok
18:10:48.0765 0x0fb0  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:10:48.0781 0x0fb0  RDPWD - ok
18:10:48.0796 0x0fb0  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:10:48.0828 0x0fb0  RDSessMgr - ok
18:10:48.0828 0x0fb0  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
18:10:48.0859 0x0fb0  redbook - ok
18:10:48.0890 0x0fb0  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:10:48.0890 0x0fb0  RemoteAccess - ok
18:10:48.0921 0x0fb0  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:10:48.0953 0x0fb0  RemoteRegistry - ok
18:10:48.0968 0x0fb0  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\System32\locator.exe
18:10:49.0000 0x0fb0  RpcLocator - ok
18:10:49.0015 0x0fb0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll
18:10:49.0031 0x0fb0  RpcSs - ok
18:10:49.0062 0x0fb0  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\System32\rsvp.exe
18:10:49.0093 0x0fb0  RSVP - ok
18:10:49.0109 0x0fb0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
18:10:49.0109 0x0fb0  SamSs - ok
18:10:49.0125 0x0fb0  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
18:10:49.0140 0x0fb0  SCardSvr - ok
18:10:49.0171 0x0fb0  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:10:49.0203 0x0fb0  Schedule - ok
18:10:49.0218 0x0fb0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
18:10:49.0234 0x0fb0  Secdrv - ok
18:10:49.0250 0x0fb0  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
18:10:49.0265 0x0fb0  seclogon - ok
18:10:49.0281 0x0fb0  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
18:10:49.0281 0x0fb0  SENS - ok
18:10:49.0296 0x0fb0  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
18:10:49.0312 0x0fb0  serenum - ok
18:10:49.0343 0x0fb0  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
18:10:49.0359 0x0fb0  Serial - ok
18:10:49.0375 0x0fb0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
18:10:49.0375 0x0fb0  Sfloppy - ok
18:10:49.0406 0x0fb0  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:10:49.0421 0x0fb0  SharedAccess - ok
18:10:49.0437 0x0fb0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:10:49.0437 0x0fb0  ShellHWDetection - ok
18:10:49.0437 0x0fb0  Simbad - ok
18:10:49.0453 0x0fb0  Sparrow - ok
18:10:49.0468 0x0fb0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
18:10:49.0484 0x0fb0  splitter - ok
18:10:49.0500 0x0fb0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
18:10:49.0515 0x0fb0  Spooler - ok
18:10:49.0515 0x0fb0  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
18:10:49.0515 0x0fb0  sr - ok
18:10:49.0546 0x0fb0  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
18:10:49.0562 0x0fb0  srservice - ok
18:10:49.0593 0x0fb0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:10:49.0609 0x0fb0  Srv - ok
18:10:49.0640 0x0fb0  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:10:49.0640 0x0fb0  SSDPSRV - ok
18:10:49.0656 0x0fb0  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
18:10:49.0671 0x0fb0  ssmdrv - ok
18:10:49.0718 0x0fb0  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
18:10:49.0734 0x0fb0  stisvc - ok
18:10:49.0750 0x0fb0  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
18:10:49.0750 0x0fb0  swenum - ok
18:10:49.0765 0x0fb0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
18:10:49.0796 0x0fb0  swmidi - ok
18:10:49.0796 0x0fb0  SwPrv - ok
18:10:49.0812 0x0fb0  symc810 - ok
18:10:49.0812 0x0fb0  symc8xx - ok
18:10:49.0828 0x0fb0  sym_hi - ok
18:10:49.0828 0x0fb0  sym_u3 - ok
18:10:49.0843 0x0fb0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
18:10:49.0859 0x0fb0  sysaudio - ok
18:10:49.0890 0x0fb0  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
18:10:49.0906 0x0fb0  SysmonLog - ok
18:10:49.0921 0x0fb0  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:10:49.0921 0x0fb0  TapiSrv - ok
18:10:49.0968 0x0fb0  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:10:50.0000 0x0fb0  Tcpip - ok
18:10:50.0015 0x0fb0  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
18:10:50.0031 0x0fb0  TDPIPE - ok
18:10:50.0062 0x0fb0  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
18:10:50.0078 0x0fb0  TDTCP - ok
18:10:50.0078 0x0fb0  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
18:10:50.0093 0x0fb0  TermDD - ok
18:10:50.0109 0x0fb0  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:10:50.0140 0x0fb0  TermService - ok
18:10:50.0156 0x0fb0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
18:10:50.0156 0x0fb0  Themes - ok
18:10:50.0187 0x0fb0  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
18:10:50.0218 0x0fb0  TlntSvr - ok
18:10:50.0234 0x0fb0  TosIde - ok
18:10:50.0234 0x0fb0  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
18:10:50.0265 0x0fb0  TrkWks - ok
18:10:50.0281 0x0fb0  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
18:10:50.0296 0x0fb0  Udfs - ok
18:10:50.0296 0x0fb0  ultra - ok
18:10:50.0312 0x0fb0  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
18:10:50.0343 0x0fb0  Update - ok
18:10:50.0359 0x0fb0  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:10:50.0390 0x0fb0  upnphost - ok
18:10:50.0406 0x0fb0  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
18:10:50.0406 0x0fb0  UPS - ok
18:10:50.0437 0x0fb0  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
18:10:50.0437 0x0fb0  USBAAPL - ok
18:10:50.0468 0x0fb0  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
18:10:50.0484 0x0fb0  usbccgp - ok
18:10:50.0484 0x0fb0  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
18:10:50.0500 0x0fb0  usbehci - ok
18:10:50.0515 0x0fb0  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
18:10:50.0531 0x0fb0  usbhub - ok
18:10:50.0562 0x0fb0  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
18:10:50.0578 0x0fb0  usbscan - ok
18:10:50.0593 0x0fb0  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
18:10:50.0609 0x0fb0  USBSTOR - ok
18:10:50.0625 0x0fb0  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
18:10:50.0640 0x0fb0  usbuhci - ok
18:10:50.0656 0x0fb0  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
18:10:50.0671 0x0fb0  VgaSave - ok
18:10:50.0687 0x0fb0  ViaIde - ok
18:10:50.0718 0x0fb0  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
18:10:50.0718 0x0fb0  VolSnap - ok
18:10:50.0734 0x0fb0  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
18:10:50.0765 0x0fb0  VSS - ok
18:10:50.0781 0x0fb0  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
18:10:50.0812 0x0fb0  W32Time - ok
18:10:50.0843 0x0fb0  [ BAD35D128DD4E7071B3C294EE92FFD65, 0C18442AD0C91C6E413D791C058F6E99411E2B323811D3B225846ECF945FB0DB ] W8100PCI        C:\WINDOWS\system32\DRIVERS\mrv8k51.sys
18:10:50.0875 0x0fb0  W8100PCI - ok
18:10:50.0890 0x0fb0  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:10:50.0906 0x0fb0  Wanarp - ok
18:10:50.0937 0x0fb0  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
18:10:50.0984 0x0fb0  Wdf01000 - ok
18:10:50.0984 0x0fb0  WDICA - ok
18:10:51.0015 0x0fb0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
18:10:51.0031 0x0fb0  wdmaud - ok
18:10:51.0046 0x0fb0  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:10:51.0062 0x0fb0  WebClient - ok
18:10:51.0093 0x0fb0  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:10:51.0109 0x0fb0  winmgmt - ok
18:10:51.0171 0x0fb0  [ F3EDC9909A02E6BCA863EB702D37B505, 7C102302884825366DFA9B58FBC8A686185C7A9BD47F83B6698B886E57DF6218 ] WinVNC4         C:\Program Files\RealVNC\VNC4\WinVNC4.exe
18:10:51.0187 0x0fb0  WinVNC4 - ok
18:10:51.0203 0x0fb0  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\System32\mspmsnsv.dll
18:10:51.0218 0x0fb0  WmdmPmSN - ok
18:10:51.0250 0x0fb0  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
18:10:51.0281 0x0fb0  Wmi - ok
18:10:51.0296 0x0fb0  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
18:10:51.0312 0x0fb0  WmiApSrv - ok
18:10:51.0359 0x0fb0  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
18:10:51.0375 0x0fb0  wscsvc - ok
18:10:51.0390 0x0fb0  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
18:10:51.0390 0x0fb0  wuauserv - ok
18:10:51.0421 0x0fb0  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
18:10:51.0437 0x0fb0  WZCSVC - ok
18:10:51.0468 0x0fb0  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
18:10:51.0484 0x0fb0  xmlprov - ok
18:10:51.0515 0x0fb0  [ 936A0E2D44ADF93CE0DF8E92AAB29C6E, BEC48289E9A8598589119398E2FE82F8017015DFD4463503197DC6CC5D096C35 ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys
18:10:51.0531 0x0fb0  yukonwxp - ok
18:10:51.0546 0x0fb0  ================ Scan global ===============================
18:10:51.0562 0x0fb0  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
18:10:51.0609 0x0fb0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:10:51.0656 0x0fb0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
18:10:51.0656 0x0fb0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
18:10:51.0671 0x0fb0  [ Global ] - ok
18:10:51.0671 0x0fb0  ================ Scan MBR ==================================
18:10:51.0671 0x0fb0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
18:10:51.0828 0x0fb0  \Device\Harddisk0\DR0 - ok
18:10:51.0828 0x0fb0  ================ Scan VBR ==================================
18:10:51.0843 0x0fb0  [ 19DE61F7E9992BD33843659294005725 ] \Device\Harddisk0\DR0\Partition1
18:10:51.0875 0x0fb0  \Device\Harddisk0\DR0\Partition1 - ok
18:10:51.0875 0x0fb0  [ 5B2C751555069A2B12A7E49E4EB6E6A1 ] \Device\Harddisk0\DR0\Partition2
18:10:51.0921 0x0fb0  \Device\Harddisk0\DR0\Partition2 - ok
18:10:51.0921 0x0fb0  Waiting for KSN requests completion. In queue: 146
18:10:52.0921 0x0fb0  Waiting for KSN requests completion. In queue: 146
18:10:53.0921 0x0fb0  Waiting for KSN requests completion. In queue: 146
18:10:54.0921 0x0fb0  Waiting for KSN requests completion. In queue: 146
18:10:55.0953 0x0fb0  AV detected via SS1: AntiVir Desktop, 10.0.1.59, enabled, updated
18:10:55.0953 0x0fb0  Win FW state via NFM: disabled
18:10:58.0984 0x0fb0  ============================================================
18:10:58.0984 0x0fb0  Scan finished
18:10:58.0984 0x0fb0  ============================================================
18:10:58.0984 0x086c  Detected object count: 0
18:10:58.0984 0x086c  Actual detected object count: 0

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org


Scan Date: 5/8/2014
Scan Time: 8:27:21 PM
Logfile:
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.05.08.13
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Disabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: Theresa

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 236108
Time Elapsed: 7 min, 13 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

 

Everything seems to be in order, google is working, youtube works, facebook is functioning.

 


Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

Everything seems to be in order: google, youtube, facebook.

Hopefully it is really gone.

Is there anything else that needs or could be done, at the momemt?

If not, I shall report back in a week, unless otherwise or this comes back.

 

Thank you for your help.

 

 



#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 AM

Posted 08 May 2014 - 09:04 PM

Good!

s0me maintenance
In Control Panel, Add/Remove..remove these
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Java™ 6 Update 37 (Version: 6.0.370)

Now update to Adobe Reader XI



Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Ste8546

Ste8546

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:15 PM

Posted 09 May 2014 - 11:49 AM

Hi,i have used adwcleaner, then reset my modem, i have canceled the cache of chrome and i reset brower setting, both on my pc/tablet.

Now they work properly. Do you think i had to post the report you asked anyway?

 

Thanks for your answers and your time.

 

# AdwCleaner v3.207 - Rapporto creato 05/05/2014 in 11:45:25
# Aggiornato 05/05/2014 di Xplode
# Sistema operativo : Windows 7 Home Premium Service Pack 1 (64 bits)
# Nome utente : Stefano - STEFANO-PC
# In esecuzione da : C:\Users\Stefano\Desktop\adwcleaner.exe
# Opzione : Pulisci
 
***** [ Servizi ] *****
 
 
***** [ File / Cartelle ] *****
 
Cartella Eliminato : C:\Program Files (x86)\ChatZum Toolbar
Cartella Eliminato : C:\Program Files (x86)\Mobogenie
Cartella Eliminato : C:\Users\Stefano\AppData\Local\apn
Cartella Eliminato : C:\Users\Stefano\AppData\Local\FilesFrog Update Checker
Cartella Eliminato : C:\Users\Stefano\AppData\Local\Mobogenie
Cartella Eliminato : C:\Users\Stefano\Documents\Mobogenie
File Eliminato : C:\Users\Stefano\daemonprocess.txt
 
***** [ Collegamenti ] *****
 
 
***** [ Registro ] *****
 
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\chatzum_nt_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\chatzum_nt_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Valore Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_atube-catcher_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_atube-catcher_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_poweriso_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_poweriso_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_tagscanner_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_tagscanner_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{CD4D7B0F-45C6-4bb2-A1E7-54D1754E7FC5}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Chiave Eliminati : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Valore Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Chiave Eliminati : HKCU\Software\APN PIP
Chiave Eliminati : HKCU\Software\ChatZum Toolbar
Chiave Eliminati : HKCU\Software\PIP
Chiave Eliminati : HKCU\Software\Softonic
Chiave Eliminati : HKCU\Software\Somoto
Chiave Eliminati : HKLM\Software\ChatZum Toolbar
Chiave Eliminati : HKLM\Software\PIP
 
***** [ Browser ] *****
 
-\\ Internet Explorer v10.0.9200.16720
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Stefano\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Eliminati [Search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=ATU2&o=14670&locale=it_IT&apn_uid=83ab1432-9ee9-4055-aa86-61990938cff0&apn_ptnrs=T8&apn_sauid=55966100-A6A1-411C-B7B7-1058895B2830&apn_dtid=YYYYYYYYIT&q={searchTerms}
Eliminati [Search Provider] : hxxp://www.softonic.it/s/{searchTerms}
Eliminati [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [4297 octets] - [03/05/2014 21:23:20]
AdwCleaner[R1].txt - [4297 octets] - [03/05/2014 21:29:00]
AdwCleaner[R2].txt - [4583 octets] - [05/05/2014 11:35:14]
AdwCleaner[R3].txt - [4974 octets] - [05/05/2014 11:40:40]
AdwCleaner[S0].txt - [4616 octets] - [05/05/2014 11:45:25]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4676 octets] ##########

Edited by Ste8546, 09 May 2014 - 11:51 AM.


#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 AM

Posted 09 May 2014 - 01:36 PM

No, I think you are good to go now>
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 easypeesy

easypeesy

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:15 PM

Posted 09 May 2014 - 06:05 PM

FYI

my problems are back.

 

I will reset my router, modem, and then run all of the above and report back.

 

boopme; would you like me to

1. run all the test post it before I reset the modem and router and then run the test and post

or

2. reset them and run the test and see if they work

 

I would most likely post all of this tomorrow afternoon or in about 2 days.


 

Have a great weekend. everyone

 

Thank you for all of your help



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 AM

Posted 09 May 2014 - 07:56 PM

I would like to run this

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", click the Delete button.
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Delete

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 easypeesy

easypeesy

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:15 PM

Posted 10 May 2014 - 11:03 PM

i ran the software and scan

 

here is the report

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Theresa [Admin rights]
Mode : Remove -- Date : 05/11/2014 00:01:58
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 4 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤
[Address] SSDT[25] : NtClose @ 0x805BC564 -> HOOKED (Unknown @ 0xB877816C)
[Address] SSDT[41] : NtCreateKey @ 0x8062426A -> HOOKED (Unknown @ 0xB8778126)
[Address] SSDT[50] : NtCreateSection @ 0x805AB3FC -> HOOKED (Unknown @ 0xB8778176)
[Address] SSDT[53] : NtCreateThread @ 0x805D1068 -> HOOKED (Unknown @ 0xB877811C)
[Address] SSDT[63] : NtDeleteKey @ 0x80624706 -> HOOKED (Unknown @ 0xB877812B)
[Address] SSDT[65] : NtDeleteValueKey @ 0x806248D6 -> HOOKED (Unknown @ 0xB8778135)
[Address] SSDT[68] : NtDuplicateObject @ 0x805BE03C -> HOOKED (Unknown @ 0xB8778167)
[Address] SSDT[98] : NtLoadKey @ 0x8062648E -> HOOKED (Unknown @ 0xB877813A)
[Address] SSDT[122] : NtOpenProcess @ 0x805CB486 -> HOOKED (Unknown @ 0xB8778108)
[Address] SSDT[128] : NtOpenThread @ 0x805CB712 -> HOOKED (Unknown @ 0xB877810D)
[Address] SSDT[193] : NtReplaceKey @ 0x8062633E -> HOOKED (Unknown @ 0xB8778144)
[Address] SSDT[204] : NtRestoreKey @ 0x80625C4A -> HOOKED (Unknown @ 0xB877813F)
[Address] SSDT[213] : NtSetContextThread @ 0x805D2C4A -> HOOKED (Unknown @ 0xB877817B)
[Address] SSDT[247] : NtSetValueKey @ 0x806227DC -> HOOKED (Unknown @ 0xB8778130)
[Address] SSDT[257] : NtTerminateProcess @ 0x805D2308 -> HOOKED (Unknown @ 0xB8778117)
[Address] Shadow SSDT[549] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0xB8778180)
[Address] Shadow SSDT[552] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0xB8778185)

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD6401AALS-00L3B2 +++++
--- User ---
[MBR] ed0555844928c48f3eb4e4c92b525f9b
[BSP] 5c5afea31e4cb178785050c64c417ec1 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 99998 MB
1 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 204796620 | Size: 510471 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_05112014_000158.txt >>
RKreport[0]_S_05102014_234616.txt


 



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 AM

Posted 13 May 2014 - 09:21 AM

One more try,,,,
Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.
  • Extract the ZIP archive and double-click "mbar.exe" to start the tool.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 easypeesy

easypeesy

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:04:15 PM

Posted 15 May 2014 - 11:33 PM

the scan is as follows:

 

alwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.05.16.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Theresa :: COMPUTER-OBE3CR [administrator]

5/15/2014 11:44:59 PM
mbar-log-2014-05-15 (23-44-59).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 236883
Time elapsed: 12 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
 

 

I am not experiencing any problems. ATM

I shall keep you posted, hopefully it's really gone :D



#15 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,195 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:10:15 AM

Posted 16 May 2014 - 01:01 PM

OK good, give it a day or 2 and if all's well then...
Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can re-infect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state. The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup
  • to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically. Vista and Windows 7 users can refer to these links:
  • Create a New Restore Point in Vista
  • Create a New Restore Point in Windows 7 (alternate method)
  • Disk Cleanup in Vista
  • Disk Cleanup in Windows 7
  • ◾Reboot and see how it is.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users