Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

upstaradown java update virus


  • Please log in to reply
16 replies to this topic

#1 DarkD

DarkD

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 07 May 2014 - 05:57 PM

Whenever I am streaming videos I often get redirected to this address which asks me to update Java.  

 

http://www.upstaradown.com/CA/index.php?dv1=12303580&dv2=51802&dv3=CA&dv4=51802-CA&sec_id=qWJ8vBQjIEzEzreKDW78C9hEClg3C9haI07jDc1%3gzE7HFB84NAYEh0epCB8eNAV3PTCHzB8eNANKPBN0Y3oufcCrD3dRFcC8F9tofis%EB&marketing_fid=MTM5OTUwMjc4OC0zNWE1ZWQzNmRlZGQ4NjA4MjRkYTM3OGM1NzhkNWE5OQ==

 

Now I wasn't born yesterday, I know this is suspicious as all hell.  So I always just close it or something else.  Not to mention I am pretty sure that I am up to date on my Java.  

 

Windows XP 32 bit OS

Chrome browser

 

One thing I just remembered.  If I hit back and go back to the link again, sometimes it lets me through to the video sometimes it doesn't and sends me to the upstaradown thing...  So its not like the video is telling me to update my Java because its not up to date.  

 

Also I have run a full run of Malwarebytes anti-malware with this thing before and it didn't fix anything.  I also have a copy of Super Anti-Spyware that I purchased and that didn't help either.  

 

http://www.mediafire.com/download/um4xgi8ia37ri5e/Java+%281%29.exe

 

is what it tries to get me to download.  When I went back to that other link I gave you just now it wasn't working anymore.  I am starting to suspect that the website is only active for a certain portion of the day.  So can someone with more experience tell me if this is a legitimate copy of Java or a virus?


Edited by DarkD, 07 May 2014 - 06:35 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:57 PM

Posted 07 May 2014 - 08:01 PM

Hello DarkD

Lets also do these. What Browser are you using?

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 07 May 2014 - 08:44 PM

I believe I did mention that I am using chrome for a browser.  

 

ADW cleaner wants me to close everything so I will post this for now and see what happens with the rest later.  

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by DarkD (administrator) on 07-05-2014 at 18:21:09
Running from "C:\Documents and Settings\DarkD\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
1394 Net Adapter = 1394 Connection (Connected)
Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller = Local Area Connection 3 (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection 3"
 
set address name="Local Area Connection 3" source=dhcp 
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp
 
# Interface IP Configuration for "{56F40D90-9CC8-4793-8A76-78E6DD342542}"
 
set address name="{56F40D90-9CC8-4793-8A76-78E6DD342542}" source=dhcp 
set dns name="{56F40D90-9CC8-4793-8A76-78E6DD342542}" source=static addr=208.69.150.252 register=PRIMARY
add dns name="{56F40D90-9CC8-4793-8A76-78E6DD342542}" addr=208.69.150.250 index=2
set wins name="{56F40D90-9CC8-4793-8A76-78E6DD342542}" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : colby-szgfu88bf
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : vc.shawcable.net
 
 
 
Ethernet adapter Local Area Connection 3:
 
 
 
        Connection-specific DNS Suffix  . : vc.shawcable.net
 
        Description . . . . . . . . . . . : Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller
 
        Physical Address. . . . . . . . . : 00-22-15-95-2F-C2
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.1.143
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.1.1
 
        DHCP Server . . . . . . . . . . . : 192.168.1.1
 
        DNS Servers . . . . . . . . . . . : 64.59.144.93
 
                                            64.59.150.139
 
                                            192.168.1.1
 
        Lease Obtained. . . . . . . . . . : 2014年5月7日 10:06:07
 
        Lease Expires . . . . . . . . . . : 2014年5月8日 10:06:07
 
 
 
Ethernet adapter {56F40D90-9CC8-4793-8A76-78E6DD342542}:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Anchorfree HSS Adapter - Packet Scheduler Miniport
 
        Physical Address. . . . . . . . . : 00-FF-56-F4-0D-90
 
Server:  pd2nsc4.st.vc.shawcable.net
Address:  64.59.144.93
 
Name:    google.com
Addresses:  173.194.33.128, 173.194.33.134, 173.194.33.136, 173.194.33.142
 173.194.33.135, 173.194.33.133, 173.194.33.129, 173.194.33.132, 173.194.33.131
 173.194.33.137, 173.194.33.130
 
 
 
Pinging google.com [173.194.33.128] with 32 bytes of data:
 
 
 
Reply from 173.194.33.128: bytes=32 time=14ms TTL=55
 
Reply from 173.194.33.128: bytes=32 time=13ms TTL=56
 
 
 
Ping statistics for 173.194.33.128:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 13ms, Maximum = 14ms, Average = 13ms
 
Server:  pd2nsc4.st.vc.shawcable.net
Address:  64.59.144.93
 
Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=78ms TTL=50
 
Reply from 98.138.253.109: bytes=32 time=80ms TTL=50
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 78ms, Maximum = 80ms, Average = 79ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 22 15 95 2f c2 ...... Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller - Packet Scheduler Miniport
0x3 ...00 ff 56 f4 0d 90 ...... Anchorfree HSS Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.143  20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
      192.168.1.0    255.255.255.0    192.168.1.143   192.168.1.143  20
    192.168.1.143  255.255.255.255        127.0.0.1       127.0.0.1  20
    192.168.1.255  255.255.255.255    192.168.1.143   192.168.1.143  20
        224.0.0.0        240.0.0.0    192.168.1.143   192.168.1.143  20
  255.255.255.255  255.255.255.255    192.168.1.143               3  1
  255.255.255.255  255.255.255.255    192.168.1.143   192.168.1.143  1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\windows\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 04 C:\windows\system32\wshbth.dll [108032] (Microsoft Corporation)
Catalog5 05 C:\windows\system32\nwprovau.dll [142336] (Microsoft Corporation)
Catalog9 01 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 11 C:\windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 12 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 18 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 19 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 20 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 21 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 22 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 23 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 24 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 25 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 26 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 27 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 28 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 29 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 30 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 31 C:\windows\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (05/07/2014 03:58:34 PM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.116;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\9744845e-32b5-405a-8c55-e4d2168f7f5a.dmp
 
Error: (05/05/2014 05:28:55 PM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.116;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\e492cba8-be1b-4453-bf76-83eef7d52f00.dmp
 
Error: (05/05/2014 04:20:16 PM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.116;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\1764856b-2a9b-457b-ad98-1ce1697803d3.dmp
 
Error: (04/28/2014 01:02:24 PM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.116;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\f88fc4e3-69c8-443b-84a3-6d5ed26a7af6.dmp
 
Error: (04/25/2014 10:00:53 PM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.116;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\0cc85c6e-f36f-4259-bd52-7c8456c69135.dmp
 
Error: (04/18/2014 01:05:17 PM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.116;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\6a7340ca-75ad-415f-8178-1f4004046e40.dmp
 
Error: (04/18/2014 01:05:17 PM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.116;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\676b8b6e-fcc6-4bad-baa3-82d8127992a0.dmp
 
Error: (04/15/2014 09:12:46 AM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=34.0.1847.116;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\e063eb2f-c46d-45af-8e5b-f4542192fab2.dmp
 
Error: (04/04/2014 07:24:43 PM) (Source: Chrome) (User: COLBY-SZGFU88BF)
Description: Chrome has encountered a fatal error.
ver=33.0.1750.154;lang=;id=;is_machine=0;oop=1;upload=1;minidump=C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\CrashReports\44983ef4-0e0b-4c3a-8ff5-5c971259280f.dmp
 
Error: (03/27/2014 01:24:05 PM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.
 
 
System errors:
=============
Error: (04/13/2014 00:50:23 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
TfFsMon
TFSysMon
 
Error: (04/13/2014 00:50:09 PM) (Source: Service Control Manager) (User: )
Description: The BuddyVM service failed to start due to the following error: 
%%3
 
Error: (04/13/2014 00:50:09 PM) (Source: Service Control Manager) (User: )
Description: The Update Center service terminated with the following error: 
%%126
 
Error: (04/08/2014 05:53:27 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/24/2014 03:32:39 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
TfFsMon
TFSysMon
 
Error: (03/24/2014 03:32:24 PM) (Source: Service Control Manager) (User: )
Description: The BuddyVM service failed to start due to the following error: 
%%3
 
Error: (03/24/2014 03:32:24 PM) (Source: Service Control Manager) (User: )
Description: The Update Center service terminated with the following error: 
%%126
 
Error: (03/24/2014 01:26:38 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (03/01/2014 06:13:47 PM) (Source: Service Control Manager) (User: )
Description: The NVIDIA Update Service Daemon service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (02/13/2014 06:28:34 PM) (Source: 0) (User: )
Description: \Device\CdRom0
 
 
Microsoft Office Sessions:
=========================
 
=========================== Installed Programs ============================
 
_inmm.dll 2.38
7 Days to Die
7-Zip 9.20
Adobe AIR (Version: 3.5.0.1060)
Adobe Community Help (Version: 3.0.0)
Adobe Community Help (Version: 3.0.0.400)
Adobe Flash Player 12 Plugin (Version: 12.0.0.77)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.182)
Adobe Media Player (Version: 1.8)
Adobe Reader X (10.1.9) (Version: 10.1.9)
Agarest Zero
Age of Empires II: HD Edition
Age of Empires III (Version: 1.00.0000)
aMSN 0.98.4
Apache Tomcat 7.0.34
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.40)
Audacity 2.0.5 (Version: 2.0.5)
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Banished
Battle.net
CamStudio
CDex - Open Source Digital Audio CD Extractor (Version: 1.70.4.2009)
CDisplay 1.8
Cisco Connect (Version: 1.4.11350.0)
Command & Conquer Red Alert 2
CompuApps SwissKnife V3
Counter-Strike: Source
CPUID CPU-Z 1.63.0
Craft The World
DAEMON Tools Lite (Version: 4.40.2.0131)
Darwinia
Dia (remove only)
Diablo
DivX Setup (Version: 2.6.1.44)
Don't Starve
DubIt (Version: 2.0)
Dune 2000
Dungeon Keeper 2
Dungeon Keeper 2 Demo
Dwarfs F2P
DwimPerl version 0.07 (Version: 0.07)
EditPlus 3
Enhanced Multimedia Keyboard Solution
Fallout: New Vegas
Garry's Mod
GlassFish Server Open Source Edition 3.1.2.2
Godus
GOM Player (Version: 2.1.39.5101)
Google Chrome (Version: 34.0.1847.131)
Google Update Helper (Version: 1.3.21.145)
Half-Life
Half-Life 2
Half-Life 2: Episode One
Half-Life 2: Episode Two
Half-Life Dedicated Server Update Tool
Hi-Rez Studios Authenticate and Update Service (Version: 3.0.0.0)
HitmanPro 3.7 (Version: 3.7.7.205)
ImgBurn (Version: 2.5.5.0)
Impire
InfraRecorder
IsoBuster 3.2 (Version: 3.2)
Itibiti RTC (Version: 0.0.1)
Java 7 Update 10 (Version: 7.0.100)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Java SE Development Kit 7 Update 45 (Version: 1.7.0.450)
JDownloader 0.9 (Version: 0.9)
Killing Floor
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Age of Empires II
Microsoft Application Compatibility Toolkit 5.6 (Version: 5.6.7324.0)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (Version: 3.5.30730.0)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Games for Windows - LIVE Redistributable (Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (Version: 3.5.50.0)
Microsoft LifeChat (Version: 1.30.196.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Professional Plus 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (Version: 11.0.60610.1)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (Version: 11.0.60610)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
Microsoft XNA Framework Redistributable 4.0 Refresh (Version: 4.0.30901.0)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
MinGW-Get version 0.5-beta-20120426-1 (Version: 0.5-beta-20120426-1)
Mozilla Firefox 23.0.1 (x86 en-US) (Version: 23.0.1)
Mozilla Maintenance Service (Version: 23.0.1)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
MSXML4 Parser (Version: 1.0.0)
NetBeans IDE 7.3 (Version: 7.3)
Notepad++ (Version: 5.9.2)
NVIDIA Control Panel 310.70 (Version: 310.70)
NVIDIA Graphics Driver 310.70 (Version: 310.70)
NVIDIA Install Application (Version: 2.1002.95.599)
NVIDIA nView 136.53 (Version: 136.53)
NVIDIA nView Desktop Manager (Version: 6.14.10.13585)
NVIDIA PhysX (Version: 9.12.1031)
NVIDIA PhysX System Software 9.12.1031 (Version: 9.12.1031)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OpenOffice.org 3.3 (Version: 3.3.9567)
Opera 12.13 (Version: 12.13.1734)
Orcs Must Die! 2
Origin (Version: 9.1.10.2728)
Paint.NET v3.5.10 (Version: 3.60.0)
Perfect Uninstaller v6.3.3.9
Pidgin (Version: 2.10.5)
Polipo 1.0.4.1
Prison Architect
RaidCall (Version: 7.3.2-1.0.11364.74)
Rainmeter (Version: 3.1 beta r2282)
RealDownloader (Version: 1.3.0)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0)
RealPlayer (Version: 16.0.0)
REALTEK GbE & FE Ethernet PCI-E NIC Driver (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 5.10.0.6710)
RealUpgrade 1.1 (Version: 1.1.0)
Revo Uninstaller 1.95 (Version: 1.95)
Security Task Manager 1.8f (Version: 1.8f)
Segoe UI (Version: 14.0.4327.805)
Shadowrun Returns
Sid Meier's Civilization 4 (Version: 1.00.0000)
Sid Meier's Civilization 4 (Version: 1.74)
Sid Meier's Civilization V
Sierra Utilities
Sir, You Are Being Hunted
Skype? 6.11 (Version: 6.11.102)
Source SDK
Source SDK Base 2006
Source SDK Base 2007
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1032)
System Requirements Lab CYRI (Version: 6.0.8.0)
Team Fortress Classic
Terraria
The Bridge 
The Wolf Among Us
Tor 0.2.2.33
Towns
Ubisoft Game Launcher (Version: 1.0.0.0)
Unlocker 1.9.2 (Version: 1.9.2)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3)
Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (Version: 3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB2904266) (Version: 1)
Update for Windows XP (KB2934207) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0)
Vidalia 0.2.14
Vim 7.3 (self-installing)
VLC media player 2.0.5 (Version: 2.0.5)
VS v6.0 (Version: VS v6.0)
VTFEdit 1.2.5
WampServer 2.4
War for the Overworld Bedrock Beta
WebFldrs XP (Version: 9.50.6513)
Westwood Shared Internet Components
Winamp (Version: 5.63 )
Winamp Detector Plug-in (Version: 1.0.0.1)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live ID Sign-in Assistant (Version: 6.500.3165.0)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
Windows Search 4.0 (Version: 04.00.6001.503)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinRAR 4.20 (32-bit) (Version: 4.20.0)
WinZip 15.5 (Version: 15.5.9468)
Wireshark 1.6.13 (32-bit) (Version: 1.6.13)
Yahoo! Messenger
μTorrent (Version: 3.3.0.29625)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 64%
Total physical RAM: 3326.98 MB
Available physical RAM: 1177.24 MB
Total Pagefile: 6239.64 MB
Available Pagefile: 3054.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.78 MB
 
========================= Partitions: =====================================
 
2 Drive c: () (Fixed) (Total:280.5 GB) (Free:3.7 GB) NTFS
4 Drive e: (DAIBANCHOU) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF
5 Drive f: (ADATA HV620) (Fixed) (Total:465.76 GB) (Free:436.07 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\COLBY-SZGFU88BF
 
Administrator            ASPNET                   DarkD                    
Guest                    HelpAssistant            SUPPORT_388945a0         
UpdatusUser              
 
 
**** End of log ****
 
TDSS Killer log
 
18:30:32.0859 0x0908  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
18:30:42.0796 0x0908  ============================================================
18:30:42.0796 0x0908  Current date / time: 2014/05/07 18:30:42.0796
18:30:42.0796 0x0908  SystemInfo:
18:30:42.0796 0x0908  
18:30:42.0796 0x0908  OS Version: 5.1.2600 ServicePack: 3.0
18:30:42.0796 0x0908  Product type: Workstation
18:30:42.0796 0x0908  ComputerName: COLBY-SZGFU88BF
18:30:42.0796 0x0908  UserName: DarkD
18:30:42.0796 0x0908  Windows directory: C:\windows
18:30:42.0796 0x0908  System windows directory: C:\windows
18:30:42.0796 0x0908  Processor architecture: Intel x86
18:30:42.0796 0x0908  Number of processors: 4
18:30:42.0796 0x0908  Page size: 0x1000
18:30:42.0796 0x0908  Boot type: Normal boot
18:30:42.0796 0x0908  ============================================================
18:30:45.0796 0x0908  KLMD registered as C:\windows\system32\drivers\15415352.sys
18:30:46.0390 0x0908  System UUID: {40D67B69-5B20-D8B9-E19D-228065DD592A}
18:30:48.0390 0x0908  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
18:30:48.0390 0x0908  Drive \Device\Harddisk1\DR4 - Size: 0x7470C05800 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
18:30:50.0187 0x0908  ============================================================
18:30:50.0187 0x0908  \Device\Harddisk0\DR0:
18:30:50.0203 0x0908  MBR partitions:
18:30:50.0203 0x0908  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23101FC1
18:30:50.0234 0x0908  \Device\Harddisk1\DR4:
18:30:50.0234 0x0908  MBR partitions:
18:30:50.0234 0x0908  \Device\Harddisk1\DR4\Partition1: MBR, Type 0x7, StartLBA 0x20, BlocksNum 0x3A385FE0
18:30:50.0234 0x0908  ============================================================
18:30:50.0281 0x0908  C: <-> \Device\Harddisk0\DR0\Partition1
18:30:50.0312 0x0908  F: <-> \Device\Harddisk1\DR4\Partition1
18:30:50.0312 0x0908  ============================================================
18:30:50.0312 0x0908  Initialize success
18:30:50.0312 0x0908  ============================================================
18:30:54.0687 0x0e40  ============================================================
18:30:54.0687 0x0e40  Scan started
18:30:54.0687 0x0e40  Mode: Manual; 
18:30:54.0687 0x0e40  ============================================================
18:30:54.0687 0x0e40  KSN ping started
18:30:54.0875 0x0e40  KSN ping finished: true
18:30:55.0390 0x0e40  ================ Scan system memory ========================
18:30:55.0390 0x0e40  System memory - ok
18:30:55.0390 0x0e40  ================ Scan services =============================
18:30:55.0546 0x0e40  [ 9EBE730D4B5E3FF25EAAF5A59BA6CCFF, 558231A81D30F98D2285D3AC63E0B33D0BB8BA182115E263436CC431BA4CC0CD ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
18:30:55.0546 0x0e40  !SASCORE - ok
18:30:56.0000 0x0e40  Abiosdsk - ok
18:30:56.0000 0x0e40  abp480n5 - ok
18:30:56.0093 0x0e40  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\windows\system32\DRIVERS\ACPI.sys
18:30:56.0140 0x0e40  ACPI - ok
18:30:56.0171 0x0e40  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\windows\system32\drivers\ACPIEC.sys
18:30:56.0187 0x0e40  ACPIEC - ok
18:30:56.0312 0x0e40  [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
18:30:56.0390 0x0e40  AdobeFlashPlayerUpdateSvc - ok
18:30:56.0390 0x0e40  adpu160m - ok
18:30:56.0468 0x0e40  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\windows\system32\drivers\aec.sys
18:30:56.0500 0x0e40  aec - ok
18:30:56.0578 0x0e40  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\windows\System32\drivers\afd.sys
18:30:56.0609 0x0e40  AFD - ok
18:30:56.0625 0x0e40  Aha154x - ok
18:30:56.0625 0x0e40  aic78u2 - ok
18:30:56.0625 0x0e40  aic78xx - ok
18:30:56.0656 0x0e40  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\windows\system32\alrsvc.dll
18:30:56.0687 0x0e40  Alerter - ok
18:30:56.0718 0x0e40  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\windows\System32\alg.exe
18:30:56.0718 0x0e40  ALG - ok
18:30:56.0718 0x0e40  AliIde - ok
18:30:57.0218 0x0e40  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\windows\system32\drivers\Ambfilt.sys
18:30:57.0812 0x0e40  Ambfilt - ok
18:30:57.0828 0x0e40  amsint - ok
18:30:57.0828 0x0e40  AppMgmt - ok
18:30:57.0859 0x0e40  [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394         C:\windows\system32\DRIVERS\arp1394.sys
18:30:57.0875 0x0e40  Arp1394 - ok
18:30:57.0890 0x0e40  asc - ok
18:30:57.0890 0x0e40  asc3350p - ok
18:30:57.0890 0x0e40  asc3550 - ok
18:30:58.0015 0x0e40  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
18:30:58.0062 0x0e40  aspnet_state - ok
18:30:58.0093 0x0e40  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
18:30:58.0109 0x0e40  AsyncMac - ok
18:30:58.0156 0x0e40  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\windows\system32\DRIVERS\atapi.sys
18:30:58.0156 0x0e40  atapi - ok
18:30:58.0156 0x0e40  Atdisk - ok
18:30:58.0203 0x0e40  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\windows\system32\DRIVERS\atmarpc.sys
18:30:58.0218 0x0e40  Atmarpc - ok
18:30:58.0265 0x0e40  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\windows\System32\audiosrv.dll
18:30:58.0265 0x0e40  AudioSrv - ok
18:30:58.0312 0x0e40  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\windows\system32\DRIVERS\audstub.sys
18:30:58.0312 0x0e40  audstub - ok
18:30:58.0359 0x0e40  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\windows\system32\drivers\Beep.sys
18:30:58.0359 0x0e40  Beep - ok
18:30:58.0578 0x0e40  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\windows\system32\qmgr.dll
18:30:58.0671 0x0e40  BITS - ok
18:30:58.0734 0x0e40  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\windows\System32\browser.dll
18:30:58.0734 0x0e40  Browser - ok
18:30:58.0781 0x0e40  [ B279426E3C0C344893ED78A613A73BDE, 30B29ED5DCFF0C180B806A5FBC705E1CAF6B0F525298CDA79A77FC2AF6E5AAA7 ] BthEnum         C:\windows\system32\DRIVERS\BthEnum.sys
18:30:58.0796 0x0e40  BthEnum - ok
18:30:58.0812 0x0e40  [ FCA6F069597B62D42495191ACE3FC6C1, 23A4EAA542547AC48BCB19DEC9C8E1C1D7D83F199F045DA4682C33292F011CE9 ] BTHMODEM        C:\windows\system32\DRIVERS\bthmodem.sys
18:30:58.0812 0x0e40  BTHMODEM - ok
18:30:58.0843 0x0e40  [ 80602B8746D3738F5886CE3D67EF06B6, 15ABAA8106C42A4453763EEB92B291844580168C934088DB1E22B2065DC238E9 ] BthPan          C:\windows\system32\DRIVERS\bthpan.sys
18:30:58.0875 0x0e40  BthPan - ok
18:30:58.0984 0x0e40  [ 662BFD909447DD9CC15B1A1C366583B4, 2E012304336769C24A6EFB4D975BA3F21289827A5EB4C9A8216E941344348447 ] BTHPORT         C:\windows\system32\Drivers\BTHport.sys
18:30:59.0093 0x0e40  BTHPORT - ok
18:30:59.0140 0x0e40  [ F4C43C66471B87996D95DB7A3A664A37, C7324DBF75376578EC254FD64E2564FEF9A35B58DFE1095389F769F37EA68B21 ] BthServ         C:\windows\System32\bthserv.dll
18:30:59.0140 0x0e40  BthServ - ok
18:30:59.0171 0x0e40  [ 61364CD71EF63B0F038B7E9DF00F1EFA, FB44D02B4379A8AF7DD8B0B22B53888B758903700142BFE45A412709294CE88A ] BTHUSB          C:\windows\system32\Drivers\BTHUSB.sys
18:30:59.0171 0x0e40  BTHUSB - ok
18:30:59.0203 0x0e40  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\windows\system32\drivers\cbidf2k.sys
18:30:59.0203 0x0e40  cbidf2k - ok
18:30:59.0250 0x0e40  [ FDC06E2ADA8C468EBB161624E03976CF, 94317DBE975A3EE918D3FC2C54B2D766FB4DBFEC5F85DCBA5F30BAF449673EE0 ] CCDECODE        C:\windows\system32\DRIVERS\CCDECODE.sys
18:30:59.0250 0x0e40  CCDECODE - ok
18:30:59.0250 0x0e40  cd20xrnt - ok
18:30:59.0281 0x0e40  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\windows\system32\drivers\Cdaudio.sys
18:30:59.0312 0x0e40  Cdaudio - ok
18:30:59.0375 0x0e40  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\windows\system32\drivers\Cdfs.sys
18:30:59.0390 0x0e40  Cdfs - ok
18:30:59.0453 0x0e40  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\windows\system32\DRIVERS\cdrom.sys
18:30:59.0562 0x0e40  Cdrom - ok
18:30:59.0609 0x0e40  [ 61305C679E5766A03A09C0E966939206, E85EC9D23C81A2F8C08B439FA34F43C475A26C38DF4B4B40758CFC0D64C50C17 ] CFRMD           C:\windows\system32\DRIVERS\CFRMD.sys
18:30:59.0609 0x0e40  CFRMD - ok
18:30:59.0625 0x0e40  Changer - ok
18:30:59.0656 0x0e40  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\windows\system32\cisvc.exe
18:30:59.0656 0x0e40  CiSvc - ok
18:30:59.0703 0x0e40  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\windows\system32\clipsrv.exe
18:30:59.0718 0x0e40  ClipSrv - ok
18:30:59.0812 0x0e40  [ A57C2DB68E452874FCF5B3178EAEF267, 30CEE5D43961C6EFCB9533ED4DF0CE8DC8A6F4DD0DEE3CFA4F83CE7F6A01F2A6 ] CLPSLauncher    C:\Program Files\Common Files\Comodo\launcher_service.exe
18:30:59.0843 0x0e40  CLPSLauncher - ok
18:30:59.0937 0x0e40  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:30:59.0968 0x0e40  clr_optimization_v2.0.50727_32 - ok
18:31:00.0046 0x0e40  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:31:00.0140 0x0e40  clr_optimization_v4.0.30319_32 - ok
18:31:00.0171 0x0e40  [ 0EC8D44534D96776B04C6908E0B5F4B3, BD9DE56B5156C627E03D116A1832C70945BB408ADB417065237E331BD748E02B ] cmderd          C:\windows\system32\DRIVERS\cmderd.sys
18:31:00.0187 0x0e40  cmderd - ok
18:31:00.0359 0x0e40  [ BEE235831F8E3F0BAACA18B39D285CF5, 0AB6DA837BC2552BD655AC3FD3DF35C008F186C93771349A7F091A2A231ABFE7 ] cmdGuard        C:\windows\system32\DRIVERS\cmdguard.sys
18:31:00.0703 0x0e40  cmdGuard - ok
18:31:00.0718 0x0e40  CmdIde - ok
18:31:00.0718 0x0e40  COMSysApp - ok
18:31:00.0734 0x0e40  Cpqarray - ok
18:31:00.0781 0x0e40  [ C2EB4539A4F6AB6EDD01BDC191619975, 8C95D28270A4A314299CF50F05DCBE63033B2A555195D2AD2F678E09E00393E6 ] cpuz135         C:\WINDOWS\system32\drivers\cpuz135_x32.sys
18:31:01.0015 0x0e40  cpuz135 - ok
18:31:01.0062 0x0e40  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\windows\System32\cryptsvc.dll
18:31:01.0062 0x0e40  CryptSvc - ok
18:31:01.0062 0x0e40  dac2w2k - ok
18:31:01.0062 0x0e40  dac960nt - ok
18:31:01.0218 0x0e40  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\windows\system32\rpcss.dll
18:31:01.0234 0x0e40  DcomLaunch - ok
18:31:01.0312 0x0e40  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\windows\System32\dhcpcsvc.dll
18:31:01.0312 0x0e40  Dhcp - ok
18:31:01.0328 0x0e40  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\windows\system32\DRIVERS\disk.sys
18:31:01.0343 0x0e40  Disk - ok
18:31:01.0343 0x0e40  dmadmin - ok
18:31:01.0687 0x0e40  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\windows\system32\drivers\dmboot.sys
18:31:01.0921 0x0e40  dmboot - ok
18:31:02.0000 0x0e40  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\windows\system32\drivers\dmio.sys
18:31:02.0031 0x0e40  dmio - ok
18:31:02.0078 0x0e40  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\windows\system32\drivers\dmload.sys
18:31:02.0078 0x0e40  dmload - ok
18:31:02.0093 0x0e40  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\windows\System32\dmserver.dll
18:31:02.0093 0x0e40  dmserver - ok
18:31:02.0140 0x0e40  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\windows\system32\drivers\DMusic.sys
18:31:02.0156 0x0e40  DMusic - ok
18:31:02.0203 0x0e40  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\windows\System32\dnsrslvr.dll
18:31:02.0203 0x0e40  Dnscache - ok
18:31:02.0265 0x0e40  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\windows\System32\dot3svc.dll
18:31:02.0312 0x0e40  Dot3svc - ok
18:31:02.0312 0x0e40  dpti2o - ok
18:31:02.0328 0x0e40  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
18:31:02.0343 0x0e40  drmkaud - ok
18:31:02.0421 0x0e40  [ 555E54AC2F601A8821CEF58961653991, C094E4BE6903D73C45BEEA21B8E0B65FB94178FF99927640C2C2792F46D543A0 ] dtsoftbus01     C:\windows\system32\DRIVERS\dtsoftbus01.sys
18:31:02.0609 0x0e40  dtsoftbus01 - ok
18:31:02.0640 0x0e40  EagleXNt - ok
18:31:02.0671 0x0e40  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\windows\System32\eapsvc.dll
18:31:02.0687 0x0e40  EapHost - ok
18:31:02.0734 0x0e40  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\windows\System32\ersvc.dll
18:31:02.0734 0x0e40  ERSvc - ok
18:31:02.0796 0x0e40  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\windows\system32\services.exe
18:31:02.0796 0x0e40  Eventlog - ok
18:31:02.0890 0x0e40  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
18:31:02.0890 0x0e40  EventSystem - ok
18:31:02.0953 0x0e40  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\windows\system32\drivers\Fastfat.sys
18:31:03.0000 0x0e40  Fastfat - ok
18:31:03.0078 0x0e40  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\windows\System32\shsvcs.dll
18:31:03.0078 0x0e40  FastUserSwitchingCompatibility - ok
18:31:03.0125 0x0e40  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\windows\system32\DRIVERS\fdc.sys
18:31:03.0140 0x0e40  Fdc - ok
18:31:03.0171 0x0e40  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\windows\system32\drivers\Fips.sys
18:31:03.0187 0x0e40  Fips - ok
18:31:03.0218 0x0e40  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\windows\system32\DRIVERS\flpydisk.sys
18:31:03.0218 0x0e40  Flpydisk - ok
18:31:03.0281 0x0e40  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
18:31:03.0312 0x0e40  FltMgr - ok
18:31:03.0421 0x0e40  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
18:31:03.0437 0x0e40  FontCache3.0.0.0 - ok
18:31:03.0562 0x0e40  [ 455F778EE14368468560BD7CB8C854D0, 06FAED65D9949BBD98A4DA8ECE5B24C08646EB6C4E09D84CD32A474B206B180C ] FsVga           C:\windows\system32\DRIVERS\fsvga.sys
18:31:03.0578 0x0e40  FsVga - ok
18:31:03.0593 0x0e40  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
18:31:03.0593 0x0e40  Fs_Rec - ok
18:31:03.0625 0x0e40  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\windows\system32\DRIVERS\ftdisk.sys
18:31:03.0671 0x0e40  Ftdisk - ok
18:31:03.0718 0x0e40  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\windows\system32\DRIVERS\msgpc.sys
18:31:03.0734 0x0e40  Gpc - ok
18:31:03.0843 0x0e40  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
18:31:03.0875 0x0e40  gupdate - ok
18:31:03.0906 0x0e40  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
18:31:03.0921 0x0e40  gupdatem - ok
18:31:03.0968 0x0e40  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
18:31:04.0015 0x0e40  HDAudBus - ok
18:31:04.0109 0x0e40  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\windows\PCHealth\HelpCtr\Binaries\pchsvc.dll
18:31:04.0109 0x0e40  helpsvc - ok
18:31:04.0156 0x0e40  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\windows\System32\hidserv.dll
18:31:04.0156 0x0e40  HidServ - ok
18:31:04.0171 0x0e40  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\windows\system32\DRIVERS\hidusb.sys
18:31:04.0187 0x0e40  hidusb - ok
18:31:04.0265 0x0e40  [ 8D1F00F4254C3EF428B715484940427C, 9C6EB9F1F3C398B6980D88E83B194554EBF7E761BB18E85BBA415D1F48392A2A ] HiPatchService  C:\Program Files\Hi-Rez Studios\HiPatchService.exe
18:31:04.0281 0x0e40  HiPatchService - ok
18:31:04.0328 0x0e40  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\windows\System32\kmsvc.dll
18:31:04.0359 0x0e40  hkmsvc - ok
18:31:04.0359 0x0e40  hpn - ok
18:31:04.0578 0x0e40  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\windows\system32\Drivers\HTTP.sys
18:31:04.0671 0x0e40  HTTP - ok
18:31:04.0718 0x0e40  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\windows\System32\w3ssl.dll
18:31:04.0718 0x0e40  HTTPFilter - ok
18:31:04.0718 0x0e40  i2omgmt - ok
18:31:04.0734 0x0e40  i2omp - ok
18:31:04.0781 0x0e40  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
18:31:04.0796 0x0e40  i8042prt - ok
18:31:04.0875 0x0e40  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
18:31:04.0921 0x0e40  IDriverT - ok
18:31:05.0203 0x0e40  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
18:31:05.0531 0x0e40  idsvc - ok
18:31:05.0578 0x0e40  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\windows\system32\DRIVERS\imapi.sys
18:31:05.0593 0x0e40  Imapi - ok
18:31:05.0656 0x0e40  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\windows\system32\imapi.exe
18:31:05.0703 0x0e40  ImapiService - ok
18:31:05.0718 0x0e40  ini910u - ok
18:31:07.0484 0x0e40  [ 71318705126975C9F09E2D03614AC53C, BDBEE2EAD915482C81CA1CC4B18CAE9C4FFCDC3ECC39673C6958EF709D2E7348 ] IntcAzAudAddService C:\windows\system32\drivers\RtkHDAud.sys
18:31:09.0234 0x0e40  IntcAzAudAddService - ok
18:31:09.0250 0x0e40  IntelIde - ok
18:31:09.0453 0x0e40  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\windows\system32\DRIVERS\intelppm.sys
18:31:09.0484 0x0e40  intelppm - ok
18:31:09.0531 0x0e40  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw           C:\windows\system32\drivers\ip6fw.sys
18:31:09.0531 0x0e40  ip6fw - ok
18:31:09.0843 0x0e40  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\windows\system32\DRIVERS\ipfltdrv.sys
18:31:09.0890 0x0e40  IpFilterDriver - ok
18:31:09.0953 0x0e40  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\windows\system32\DRIVERS\ipinip.sys
18:31:09.0968 0x0e40  IpInIp - ok
18:31:10.0046 0x0e40  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\windows\system32\DRIVERS\ipnat.sys
18:31:10.0093 0x0e40  IpNat - ok
18:31:10.0140 0x0e40  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\windows\system32\DRIVERS\ipsec.sys
18:31:10.0156 0x0e40  IPSec - ok
18:31:10.0187 0x0e40  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\windows\system32\DRIVERS\irenum.sys
18:31:10.0187 0x0e40  IRENUM - ok
18:31:10.0234 0x0e40  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\windows\system32\DRIVERS\isapnp.sys
18:31:10.0250 0x0e40  isapnp - ok
18:31:10.0437 0x0e40  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
18:31:10.0437 0x0e40  JavaQuickStarterService - ok
18:31:10.0437 0x0e40  jdebnkdbv - ok
18:31:10.0468 0x0e40  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
18:31:10.0468 0x0e40  Kbdclass - ok
18:31:10.0515 0x0e40  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\windows\system32\DRIVERS\kbdhid.sys
18:31:10.0515 0x0e40  kbdhid - ok
18:31:10.0593 0x0e40  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\windows\system32\drivers\kmixer.sys
18:31:10.0640 0x0e40  kmixer - ok
18:31:10.0687 0x0e40  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\windows\system32\drivers\KSecDD.sys
18:31:10.0718 0x0e40  KSecDD - ok
18:31:10.0750 0x0e40  [ 080CF8720A306A64F7A09D1226491791, B75EAD1846FFA65D386A55BFEE2CF94CBE02BE01DACCD336A8153DD58016E8AE ] L1e             C:\windows\system32\DRIVERS\l1e51x86.sys
18:31:10.0765 0x0e40  L1e - ok
18:31:10.0828 0x0e40  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\windows\System32\srvsvc.dll
18:31:10.0843 0x0e40  lanmanserver - ok
18:31:10.0890 0x0e40  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\windows\System32\wkssvc.dll
18:31:10.0890 0x0e40  lanmanworkstation - ok
18:31:10.0906 0x0e40  lbrtfdc - ok
18:31:10.0953 0x0e40  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\windows\System32\lmhsvc.dll
18:31:10.0953 0x0e40  LmHosts - ok
18:31:10.0984 0x0e40  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
18:31:10.0984 0x0e40  MBAMProtector - ok
18:31:11.0140 0x0e40  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
18:31:11.0281 0x0e40  MBAMScheduler - ok
18:31:11.0500 0x0e40  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
18:31:11.0718 0x0e40  MBAMService - ok
18:31:11.0781 0x0e40  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\mbamswissarmy.sys
18:31:11.0796 0x0e40  MBAMSwissArmy - ok
18:31:11.0828 0x0e40  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\windows\System32\msgsvc.dll
18:31:11.0843 0x0e40  Messenger - ok
18:31:11.0859 0x0e40  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\windows\system32\drivers\mnmdd.sys
18:31:11.0859 0x0e40  mnmdd - ok
18:31:11.0906 0x0e40  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
18:31:11.0921 0x0e40  mnmsrvc - ok
18:31:11.0953 0x0e40  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\windows\system32\drivers\Modem.sys
18:31:11.0968 0x0e40  Modem - ok
18:31:12.0406 0x0e40  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\windows\system32\drivers\Monfilt.sys
18:31:12.0812 0x0e40  Monfilt - ok
18:31:12.0828 0x0e40  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\windows\system32\DRIVERS\mouclass.sys
18:31:12.0843 0x0e40  Mouclass - ok
18:31:12.0859 0x0e40  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\windows\system32\DRIVERS\mouhid.sys
18:31:12.0859 0x0e40  mouhid - ok
18:31:12.0921 0x0e40  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\windows\system32\drivers\MountMgr.sys
18:31:12.0921 0x0e40  MountMgr - ok
18:31:13.0031 0x0e40  [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
18:31:13.0078 0x0e40  MozillaMaintenance - ok
18:31:13.0078 0x0e40  mraid35x - ok
18:31:13.0140 0x0e40  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\windows\system32\DRIVERS\mrxdav.sys
18:31:13.0203 0x0e40  MRxDAV - ok
18:31:13.0359 0x0e40  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\windows\system32\DRIVERS\mrxsmb.sys
18:31:13.0484 0x0e40  MRxSmb - ok
18:31:13.0515 0x0e40  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:31:13.0531 0x0e40  MSDTC - ok
18:31:13.0531 0x0e40  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\windows\system32\drivers\Msfs.sys
18:31:13.0546 0x0e40  Msfs - ok
18:31:13.0546 0x0e40  MSIServer - ok
18:31:13.0578 0x0e40  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
18:31:13.0578 0x0e40  MSKSSRV - ok
18:31:13.0578 0x0e40  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
18:31:13.0578 0x0e40  MSPCLOCK - ok
18:31:13.0593 0x0e40  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
18:31:13.0609 0x0e40  MSPQM - ok
18:31:13.0625 0x0e40  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
18:31:13.0625 0x0e40  mssmbios - ok
18:31:13.0656 0x0e40  [ D5059366B361F0E1124753447AF08AA2, D551D7DF5736847CAF1C7C48470035A4AABC6FB7CF7512DB11C6C9C9898D83ED ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
18:31:13.0671 0x0e40  MSTEE - ok
18:31:13.0703 0x0e40  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\windows\system32\drivers\Mup.sys
18:31:13.0734 0x0e40  Mup - ok
18:31:13.0750 0x0e40  mv61xx - ok
18:31:13.0796 0x0e40  [ AC31B352CE5E92704056D409834BEB74, FB000EA253475ABC5B6938AAA3E7A0405E81D3A282485B7F74EA9A4E77563308 ] NABTSFEC        C:\windows\system32\DRIVERS\NABTSFEC.sys
18:31:13.0812 0x0e40  NABTSFEC - ok
18:31:13.0921 0x0e40  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\windows\System32\qagentrt.dll
18:31:14.0031 0x0e40  napagent - ok
18:31:14.0140 0x0e40  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\windows\system32\drivers\NDIS.sys
18:31:14.0234 0x0e40  NDIS - ok
18:31:14.0281 0x0e40  [ ABD7629CF2796250F315C1DD0B6CF7A0, E880DA5DDD381ABED5BF2C3B8CB387842301B52EBF29173383D618F5961F36F7 ] NdisIP          C:\windows\system32\DRIVERS\NdisIP.sys
18:31:14.0296 0x0e40  NdisIP - ok
18:31:14.0343 0x0e40  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
18:31:14.0343 0x0e40  NdisTapi - ok
18:31:14.0375 0x0e40  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
18:31:14.0375 0x0e40  Ndisuio - ok
18:31:14.0453 0x0e40  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
18:31:14.0484 0x0e40  NdisWan - ok
18:31:14.0546 0x0e40  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
18:31:14.0562 0x0e40  NDProxy - ok
18:31:14.0609 0x0e40  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
18:31:14.0625 0x0e40  NetBIOS - ok
18:31:14.0703 0x0e40  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
18:31:14.0812 0x0e40  NetBT - ok
18:31:14.0890 0x0e40  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\windows\system32\netdde.exe
18:31:14.0968 0x0e40  NetDDE - ok
18:31:15.0000 0x0e40  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\windows\system32\netdde.exe
18:31:15.0015 0x0e40  NetDDEdsdm - ok
18:31:15.0062 0x0e40  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\windows\system32\lsass.exe
18:31:15.0062 0x0e40  Netlogon - ok
18:31:15.0156 0x0e40  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\windows\System32\netman.dll
18:31:15.0187 0x0e40  Netman - ok
18:31:15.0265 0x0e40  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
18:31:15.0359 0x0e40  NetTcpPortSharing - ok
18:31:15.0406 0x0e40  [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394         C:\windows\system32\DRIVERS\nic1394.sys
18:31:15.0421 0x0e40  NIC1394 - ok
18:31:15.0531 0x0e40  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\windows\System32\mswsock.dll
18:31:15.0531 0x0e40  Nla - ok
18:31:15.0578 0x0e40  [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] NPF             C:\windows\system32\drivers\npf.sys
18:31:15.0593 0x0e40  NPF - ok
18:31:15.0609 0x0e40  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\windows\system32\drivers\Npfs.sys
18:31:15.0625 0x0e40  Npfs - ok
18:31:15.0781 0x0e40  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
18:31:15.0968 0x0e40  Ntfs - ok
18:31:15.0984 0x0e40  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\windows\System32\lsass.exe
18:31:15.0984 0x0e40  NtLmSsp - ok
18:31:16.0140 0x0e40  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\windows\system32\ntmssvc.dll
18:31:16.0265 0x0e40  NtmsSvc - ok
18:31:16.0281 0x0e40  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\windows\system32\drivers\Null.sys
18:31:16.0281 0x0e40  Null - ok
18:31:19.0859 0x0e40  [ A0A12B3824889E07CB5D19C30F058E68, ABF61AF167C7B834E2AC97A8327D9524682719D1C6293D1EDD72480595BF98C4 ] nv              C:\windows\system32\DRIVERS\nv4_mini.sys
18:31:23.0765 0x0e40  nv - ok
18:31:23.0843 0x0e40  [ 36E24031C29E6BB6F905CCB41FC987C0, 6E1C594F634FB079BA17CA3F18915562C96F65F7DB0D99C8E5E8FD50E45CE35A ] NVSvc           C:\windows\system32\nvsvc32.exe
18:31:23.0890 0x0e40  NVSvc - ok
18:31:24.0296 0x0e40  [ EF14502139880F7C3DDCF0D7CA12F370, E33EC1D994B2470A006AB683FD4C17CFE669DD2CC032A898D38328D59E99AB08 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
18:31:24.0609 0x0e40  nvUpdatusService - ok
18:31:24.0640 0x0e40  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\windows\system32\DRIVERS\nwlnkflt.sys
18:31:24.0640 0x0e40  NwlnkFlt - ok
18:31:24.0671 0x0e40  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\windows\system32\DRIVERS\nwlnkfwd.sys
18:31:24.0671 0x0e40  NwlnkFwd - ok
18:31:24.0718 0x0e40  [ 8B8B1BE2DBA4025DA6786C645F77F123, E47D5EED2F3AF85E2332C325DA80AEF2C4EC989E38A175194EBBFA967BA8BF81 ] NwlnkIpx        C:\windows\system32\DRIVERS\nwlnkipx.sys
18:31:24.0750 0x0e40  NwlnkIpx - ok
18:31:24.0781 0x0e40  [ 56D34A67C05E94E16377C60609741FF8, ABE48D3E7D38DB20E9D4884FC6FE42FAE0C5FAFD3AC86F1E585A4BB17C6F09C5 ] NwlnkNb         C:\windows\system32\DRIVERS\nwlnknb.sys
18:31:24.0796 0x0e40  NwlnkNb - ok
18:31:24.0828 0x0e40  [ C0BB7D1615E1ACBDC99757F6CEAF8CF0, 899905C0EB182ABCDAE0D0D749C0BC39CD231B9FAEE733D5DFDAE86EB8BC755B ] NwlnkSpx        C:\windows\system32\DRIVERS\nwlnkspx.sys
18:31:24.0843 0x0e40  NwlnkSpx - ok
18:31:25.0046 0x0e40  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
18:31:25.0171 0x0e40  odserv - ok
18:31:25.0203 0x0e40  [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394        C:\windows\system32\DRIVERS\ohci1394.sys
18:31:25.0218 0x0e40  ohci1394 - ok
18:31:25.0296 0x0e40  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:31:25.0328 0x0e40  ose - ok
18:31:25.0375 0x0e40  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\windows\system32\drivers\Parport.sys
18:31:25.0406 0x0e40  Parport - ok
18:31:25.0421 0x0e40  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\windows\system32\drivers\PartMgr.sys
18:31:25.0437 0x0e40  PartMgr - ok
18:31:25.0468 0x0e40  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\windows\system32\drivers\ParVdm.sys
18:31:25.0468 0x0e40  ParVdm - ok
18:31:25.0500 0x0e40  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\windows\system32\DRIVERS\pci.sys
18:31:25.0531 0x0e40  PCI - ok
18:31:25.0531 0x0e40  PCIDump - ok
18:31:25.0531 0x0e40  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\windows\system32\DRIVERS\pciide.sys
18:31:25.0531 0x0e40  PCIIde - ok
18:31:25.0593 0x0e40  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\windows\system32\drivers\Pcmcia.sys
18:31:25.0625 0x0e40  Pcmcia - ok
18:31:25.0625 0x0e40  PDCOMP - ok
18:31:25.0625 0x0e40  PDFRAME - ok
18:31:25.0625 0x0e40  PDRELI - ok
18:31:25.0640 0x0e40  PDRFRAME - ok
18:31:25.0640 0x0e40  perc2 - ok
18:31:25.0640 0x0e40  perc2hib - ok
18:31:25.0703 0x0e40  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\windows\system32\services.exe
18:31:25.0703 0x0e40  PlugPlay - ok
18:31:25.0718 0x0e40  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\windows\system32\lsass.exe
18:31:25.0718 0x0e40  PolicyAgent - ok
18:31:25.0765 0x0e40  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
18:31:25.0781 0x0e40  PptpMiniport - ok
18:31:25.0796 0x0e40  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\windows\system32\DRIVERS\processr.sys
18:31:25.0812 0x0e40  Processor - ok
18:31:25.0812 0x0e40  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\windows\system32\lsass.exe
18:31:25.0812 0x0e40  ProtectedStorage - ok
18:31:25.0843 0x0e40  [ 390C204CED3785609AB24E9C52054A84, D997A9EAAE4A7FED9C2FEBD1AA7D1171431B9C9D56F8BFB587DCAE26203FF4D2 ] Ps2             C:\windows\system32\DRIVERS\PS2.sys
18:31:25.0859 0x0e40  Ps2 - ok
18:31:25.0875 0x0e40  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\windows\system32\DRIVERS\psched.sys
18:31:25.0906 0x0e40  PSched - ok
18:31:25.0921 0x0e40  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\windows\system32\DRIVERS\ptilink.sys
18:31:25.0937 0x0e40  Ptilink - ok
18:31:25.0984 0x0e40  [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20        C:\windows\system32\Drivers\PxHelp20.sys
18:31:26.0000 0x0e40  PxHelp20 - ok
18:31:26.0000 0x0e40  ql1080 - ok
18:31:26.0015 0x0e40  Ql10wnt - ok
18:31:26.0015 0x0e40  ql12160 - ok
18:31:26.0015 0x0e40  ql1240 - ok
18:31:26.0015 0x0e40  ql1280 - ok
18:31:26.0031 0x0e40  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
18:31:26.0031 0x0e40  RasAcd - ok
18:31:26.0093 0x0e40  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\windows\System32\rasauto.dll
18:31:26.0109 0x0e40  RasAuto - ok
18:31:26.0156 0x0e40  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
18:31:26.0171 0x0e40  Rasl2tp - ok
18:31:26.0218 0x0e40  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\windows\System32\rasmans.dll
18:31:26.0234 0x0e40  RasMan - ok
18:31:26.0250 0x0e40  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
18:31:26.0265 0x0e40  RasPppoe - ok
18:31:26.0265 0x0e40  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\windows\system32\DRIVERS\raspti.sys
18:31:26.0265 0x0e40  Raspti - ok
18:31:26.0359 0x0e40  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\windows\system32\DRIVERS\rdbss.sys
18:31:26.0421 0x0e40  Rdbss - ok
18:31:26.0421 0x0e40  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
18:31:26.0421 0x0e40  RDPCDD - ok
18:31:26.0500 0x0e40  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
18:31:26.0531 0x0e40  RDPWD - ok
18:31:26.0593 0x0e40  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
18:31:26.0656 0x0e40  RDSessMgr - ok
18:31:26.0718 0x0e40  [ A0FF419B61AE47E26ADF3BB15DB4F2FE, 974FF9751D123E212BD3CE8DAE70D4BCCC988A01431A1BD91A532849E492BBD8 ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
18:31:26.0734 0x0e40  RealNetworks Downloader Resolver Service - ok
18:31:26.0781 0x0e40  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\windows\system32\DRIVERS\redbook.sys
18:31:26.0796 0x0e40  redbook - ok
18:31:26.0843 0x0e40  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\windows\System32\mprdim.dll
18:31:26.0859 0x0e40  RemoteAccess - ok
18:31:26.0890 0x0e40  [ 851C30DF2807FCFA21E4C681A7D6440E, C2269B8ED4E831664B83F8F3BE33E5A340206A9E07F89CDF6707EAD8F280FBE9 ] RFCOMM          C:\windows\system32\DRIVERS\rfcomm.sys
18:31:26.0906 0x0e40  RFCOMM - ok
18:31:26.0968 0x0e40  [ B60F58F175DE20A6739194E85B035178, 6E66D6041AF0B69896E4556F9FF3A3AA70CF4B09FFBE68E14E60313C5E3FFDDB ] rpcapd          C:\Program Files\WinPcap\rpcapd.exe
18:31:27.0000 0x0e40  rpcapd - ok
18:31:27.0031 0x0e40  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\windows\System32\locator.exe
18:31:27.0062 0x0e40  RpcLocator - ok
18:31:27.0203 0x0e40  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\windows\System32\rpcss.dll
18:31:27.0203 0x0e40  RpcSs - ok
18:31:27.0281 0x0e40  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\windows\System32\rsvp.exe
18:31:27.0375 0x0e40  RSVP - ok
18:31:27.0406 0x0e40  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\windows\system32\lsass.exe
18:31:27.0406 0x0e40  SamSs - ok
18:31:27.0453 0x0e40  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
18:31:27.0453 0x0e40  SASDIFSV - ok
18:31:27.0484 0x0e40  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
18:31:27.0500 0x0e40  SASKUTIL - ok
18:31:27.0562 0x0e40  [ 729248B54AFF21E740054ACEBFDBCB1C, 1C901500A2BD23590217525DD280EA1AA870545CED7749DC677F5ABE1E767C27 ] SBKUPNT         C:\windows\system32\Drivers\SBKUPNT.SYS
18:31:27.0562 0x0e40  SBKUPNT - ok
18:31:27.0609 0x0e40  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\windows\System32\SCardSvr.exe
18:31:27.0625 0x0e40  SCardSvr - ok
18:31:27.0750 0x0e40  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\windows\system32\schedsvc.dll
18:31:27.0765 0x0e40  Schedule - ok
18:31:27.0812 0x0e40  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\windows\system32\DRIVERS\secdrv.sys
18:31:27.0812 0x0e40  Secdrv - ok
18:31:27.0843 0x0e40  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\windows\System32\seclogon.dll
18:31:27.0843 0x0e40  seclogon - ok
18:31:27.0859 0x0e40  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\windows\system32\sens.dll
18:31:27.0859 0x0e40  SENS - ok
18:31:27.0906 0x0e40  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\windows\system32\DRIVERS\serenum.sys
18:31:27.0906 0x0e40  serenum - ok
18:31:27.0953 0x0e40  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\windows\system32\DRIVERS\serial.sys
18:31:27.0968 0x0e40  Serial - ok
18:31:28.0015 0x0e40  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\windows\system32\drivers\Sfloppy.sys
18:31:28.0031 0x0e40  Sfloppy - ok
18:31:28.0156 0x0e40  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\windows\System32\ipnathlp.dll
18:31:28.0156 0x0e40  SharedAccess - ok
18:31:28.0218 0x0e40  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\windows\System32\shsvcs.dll
18:31:28.0234 0x0e40  ShellHWDetection - ok
18:31:28.0234 0x0e40  Simbad - ok
18:31:28.0328 0x0e40  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
18:31:28.0390 0x0e40  SkypeUpdate - ok
18:31:28.0406 0x0e40  [ 1FFC44D6787EC1EA9A2B1440A90FA5C1, 96CC96EEBAAD2782D8143DB2B8889E9249C89DFB90875412E5F105C0FFB3C728 ] SLIP            C:\windows\system32\DRIVERS\SLIP.sys
18:31:28.0406 0x0e40  SLIP - ok
18:31:28.0406 0x0e40  Sparrow - ok
18:31:28.0453 0x0e40  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\windows\system32\drivers\splitter.sys
18:31:28.0453 0x0e40  splitter - ok
18:31:28.0500 0x0e40  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\windows\system32\spoolsv.exe
18:31:28.0500 0x0e40  Spooler - ok
18:31:28.0562 0x0e40  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\windows\system32\DRIVERS\sr.sys
18:31:28.0578 0x0e40  sr - ok
18:31:28.0671 0x0e40  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\windows\system32\srsvc.dll
18:31:28.0671 0x0e40  srservice - ok
18:31:28.0796 0x0e40  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\windows\system32\DRIVERS\srv.sys
18:31:28.0890 0x0e40  Srv - ok
18:31:28.0937 0x0e40  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
18:31:28.0937 0x0e40  SSDPSRV - ok
18:31:28.0968 0x0e40  Steam Client Service - ok
18:31:29.0000 0x0e40  [ E4EBF293D1F612BDA19B646C36715B20, 39EBD72BF112098032784D4FD84915E936E7594AB25794AF5F37FA5B0B6309BC ] STEC3           C:\WINDOWS\system32\STEC3.sys
18:31:29.0000 0x0e40  STEC3 - ok
18:31:29.0109 0x0e40  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\windows\system32\wiaservc.dll
18:31:29.0125 0x0e40  stisvc - ok
18:31:29.0140 0x0e40  [ A9F9FD0212E572B84EDB9EB661F6BC04, A06E4A105327FC76CF4697278D8144E83CAD89FA4719FBE3F4C32F6027D802FD ] streamip        C:\windows\system32\DRIVERS\StreamIP.sys
18:31:29.0140 0x0e40  streamip - ok
18:31:29.0171 0x0e40  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
18:31:29.0187 0x0e40  swenum - ok
18:31:29.0203 0x0e40  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\windows\system32\drivers\swmidi.sys
18:31:29.0218 0x0e40  swmidi - ok
18:31:29.0234 0x0e40  SwPrv - ok
18:31:29.0234 0x0e40  symc810 - ok
18:31:29.0250 0x0e40  symc8xx - ok
18:31:29.0250 0x0e40  sym_hi - ok
18:31:29.0250 0x0e40  sym_u3 - ok
18:31:29.0281 0x0e40  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\windows\system32\drivers\sysaudio.sys
18:31:29.0296 0x0e40  sysaudio - ok
18:31:29.0343 0x0e40  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\windows\system32\smlogsvc.exe
18:31:29.0375 0x0e40  SysmonLog - ok
18:31:29.0406 0x0e40  [ FD90A16CEB10D4FDAA00AAF39B8FF58F, A0471D1AE2704BCFE70C61A83B24B45ED92D71706BEC7D599BB7418BF8B854F1 ] taphss          C:\windows\system32\DRIVERS\taphss.sys
18:31:29.0421 0x0e40  taphss - ok
18:31:29.0515 0x0e40  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\windows\System32\tapisrv.dll
18:31:29.0515 0x0e40  TapiSrv - ok
18:31:29.0656 0x0e40  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\windows\system32\DRIVERS\tcpip.sys
18:31:29.0750 0x0e40  Tcpip - ok
18:31:29.0781 0x0e40  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\windows\system32\drivers\TDPIPE.sys
18:31:29.0781 0x0e40  TDPIPE - ok
18:31:29.0812 0x0e40  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\windows\system32\drivers\TDTCP.sys
18:31:29.0812 0x0e40  TDTCP - ok
18:31:29.0828 0x0e40  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
18:31:29.0843 0x0e40  TermDD - ok
18:31:29.0937 0x0e40  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\windows\System32\termsrv.dll
18:31:29.0937 0x0e40  TermService - ok
18:31:29.0953 0x0e40  TfFsMon - ok
18:31:29.0953 0x0e40  TfNetMon - ok
18:31:29.0953 0x0e40  TFSysMon - ok
18:31:30.0015 0x0e40  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\windows\System32\shsvcs.dll
18:31:30.0015 0x0e40  Themes - ok
18:31:30.0015 0x0e40  TosIde - ok
18:31:30.0046 0x0e40  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\windows\system32\trkwks.dll
18:31:30.0062 0x0e40  TrkWks - ok
18:31:30.0296 0x0e40  [ AAF458CC200326BEF602B5339400BF86, DD47C58A855E4FE2D9AFD9912C0661871F0A4CA385D864267F5245480AB8F4D7 ] tvnserver       C:\Program Files\Common Files\Comodo\tvnserver.exe
18:31:30.0531 0x0e40  tvnserver - ok
18:31:30.0578 0x0e40  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\windows\system32\drivers\Udfs.sys
18:31:30.0593 0x0e40  Udfs - ok
18:31:30.0593 0x0e40  ultra - ok
18:31:30.0656 0x0e40  [ BB879DCFD22926EFBEB3298129898CBB, 2A24E6CD5D6E0CEA3082C0699A2371084CC1268B31BC714098EA0D0C11B3AFAC ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
18:31:30.0656 0x0e40  UnlockerDriver5 - ok
18:31:30.0781 0x0e40  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\windows\system32\DRIVERS\update.sys
18:31:30.0921 0x0e40  Update - ok
18:31:31.0015 0x0e40  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\windows\System32\upnphost.dll
18:31:31.0078 0x0e40  upnphost - ok
18:31:31.0109 0x0e40  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\windows\System32\ups.exe
18:31:31.0109 0x0e40  UPS - ok
18:31:31.0156 0x0e40  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\windows\system32\drivers\usbaudio.sys
18:31:31.0171 0x0e40  usbaudio - ok
18:31:31.0203 0x0e40  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
18:31:31.0218 0x0e40  usbccgp - ok
18:31:31.0234 0x0e40  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
18:31:31.0250 0x0e40  usbehci - ok
18:31:31.0296 0x0e40  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
18:31:31.0312 0x0e40  usbhub - ok
18:31:31.0359 0x0e40  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
18:31:31.0359 0x0e40  USBSTOR - ok
18:31:31.0390 0x0e40  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\windows\system32\DRIVERS\usbuhci.sys
18:31:31.0406 0x0e40  usbuhci - ok
18:31:31.0468 0x0e40  [ 813236B1183CFCF289E367BD5DE6E29E, 167FE18A96F330AEEC1A4C419770C15EFEB536D43838285E51E7A62E95DF4674 ] usbvideo        C:\windows\system32\Drivers\usbvideo.sys
18:31:31.0500 0x0e40  usbvideo - ok
18:31:31.0531 0x0e40  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\windows\System32\drivers\vga.sys
18:31:31.0531 0x0e40  VgaSave - ok
18:31:31.0531 0x0e40  ViaIde - ok
18:31:31.0562 0x0e40  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\windows\system32\drivers\VolSnap.sys
18:31:31.0578 0x0e40  VolSnap - ok
18:31:31.0687 0x0e40  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\windows\System32\vssvc.exe
18:31:31.0781 0x0e40  VSS - ok
18:31:31.0843 0x0e40  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\windows\system32\w32time.dll
18:31:31.0859 0x0e40  W32Time - ok
18:31:32.0000 0x0e40  [ A650671AF9A670F678F29FF212B4950C, 3935356E3EA02BD2EE96F6C22E17743FEC9A73AC705A1D1FF90030B33F9EF7A3 ] wampapache      c:\wamp\bin\apache\apache2.4.4\bin\httpd.exe
18:31:32.0015 0x0e40  wampapache - ok
18:31:32.0062 0x0e40  wampmysqld - ok
18:31:32.0078 0x0e40  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\windows\system32\DRIVERS\wanarp.sys
18:31:32.0093 0x0e40  Wanarp - ok
18:31:32.0093 0x0e40  WDICA - ok
18:31:32.0125 0x0e40  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\windows\system32\drivers\wdmaud.sys
18:31:32.0156 0x0e40  wdmaud - ok
18:31:32.0187 0x0e40  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\windows\System32\webclnt.dll
18:31:32.0203 0x0e40  WebClient - ok
18:31:32.0312 0x0e40  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\windows\system32\wbem\WMIsvc.dll
18:31:32.0328 0x0e40  winmgmt - ok
18:31:32.0703 0x0e40  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\windows\system32\WsmSvc.dll
18:31:33.0203 0x0e40  WinRM - ok
18:31:34.0046 0x0e40  [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:31:34.0484 0x0e40  wlidsvc - ok
18:31:34.0546 0x0e40  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
18:31:34.0562 0x0e40  WmdmPmSN - ok
18:31:34.0625 0x0e40  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
18:31:34.0656 0x0e40  WmiApSrv - ok
18:31:34.0968 0x0e40  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
18:31:35.0234 0x0e40  WMPNetworkSvc - ok
18:31:35.0578 0x0e40  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
18:31:35.0859 0x0e40  WPFFontCache_v0400 - ok
18:31:35.0890 0x0e40  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\windows\System32\drivers\ws2ifsl.sys
18:31:35.0890 0x0e40  WS2IFSL - ok
18:31:35.0953 0x0e40  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\windows\system32\wscsvc.dll
18:31:35.0953 0x0e40  wscsvc - ok
18:31:35.0968 0x0e40  WSearch - ok
18:31:35.0984 0x0e40  [ 233CDD1C06942115802EB7CE6669E099, 68348CDFE255471191F8EE5B522174C8B9BED9162359EC180076E19DD78005B7 ] WSTCODEC        C:\windows\system32\DRIVERS\WSTCODEC.SYS
18:31:35.0984 0x0e40  WSTCODEC - ok
18:31:36.0000 0x0e40  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\windows\system32\wuauserv.dll
18:31:36.0031 0x0e40  wuauserv - ok
18:31:36.0062 0x0e40  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\windows\system32\DRIVERS\WudfPf.sys
18:31:36.0093 0x0e40  WudfPf - ok
18:31:36.0109 0x0e40  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\windows\system32\DRIVERS\wudfrd.sys
18:31:36.0156 0x0e40  WudfRd - ok
18:31:36.0187 0x0e40  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\windows\System32\WUDFSvc.dll
18:31:36.0218 0x0e40  WudfSvc - ok
18:31:36.0390 0x0e40  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\windows\System32\wzcsvc.dll
18:31:36.0390 0x0e40  WZCSVC - ok
18:31:36.0406 0x0e40  XDva401 - ok
18:31:36.0546 0x0e40  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\windows\System32\xmlprov.dll
18:31:36.0671 0x0e40  xmlprov - ok
18:31:36.0671 0x0e40  {09BB444F-B2E2-4009-BAF2-7B727681223E} - ok
18:31:36.0687 0x0e40  ================ Scan global ===============================
18:31:36.0734 0x0e40  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\windows\system32\basesrv.dll
18:31:36.0828 0x0e40  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\windows\system32\winsrv.dll
18:31:36.0937 0x0e40  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\windows\system32\winsrv.dll
18:31:37.0000 0x0e40  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\windows\system32\services.exe
18:31:37.0000 0x0e40  [ Global ] - ok
18:31:37.0000 0x0e40  ================ Scan MBR ==================================
18:31:37.0031 0x0e40  [ FA4B270ECF84BA2B87843C741EBB5D1F ] \Device\Harddisk0\DR0
18:31:37.0125 0x0e40  \Device\Harddisk0\DR0 - ok
18:31:37.0125 0x0e40  [ 508F4A6A6A6B3DADC6D881D9948389D2 ] \Device\Harddisk1\DR4
18:31:39.0671 0x0e40  \Device\Harddisk1\DR4 - ok
18:31:39.0671 0x0e40  ================ Scan VBR ==================================
18:31:39.0687 0x0e40  [ 2B928291043FC63E6761349800AF3D76 ] \Device\Harddisk0\DR0\Partition1
18:31:39.0718 0x0e40  \Device\Harddisk0\DR0\Partition1 - ok
18:31:39.0718 0x0e40  [ BBDA5881F07C16727FB5CE374FBCFFF7 ] \Device\Harddisk1\DR4\Partition1
18:31:39.0781 0x0e40  \Device\Harddisk1\DR4\Partition1 - ok
18:31:39.0796 0x0e40  Waiting for KSN requests completion. In queue: 112
18:31:40.0843 0x0e40  Win FW state via NFM: disabled
18:31:41.0140 0x0e40  ============================================================
18:31:41.0140 0x0e40  Scan finished
18:31:41.0140 0x0e40  ============================================================
18:31:41.0156 0x0c30  Detected object count: 0
18:31:41.0156 0x0c30  Actual detected object count: 0
 


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:57 PM

Posted 07 May 2014 - 08:54 PM

OK, thanks look in Chrome Plug ins for suspicious items to disable.
Disabling Plugins in Google Chrome
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 08 May 2014 - 01:21 AM

ESET is taking forever, but either ESET or one of the earlier scans disabled my sound.  Can you tell me how to re-enable my sound.  It looks like ESET is going to take all night and I want my sound back so I can play music in the background.  
 
# AdwCleaner v3.207 - Report created 07/05/2014 at 18:44:34
# Updated 05/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : DarkD - COLBY-SZGFU88BF
# Running from : C:\Documents and Settings\DarkD\My Documents\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Uniblue
Folder Deleted : C:\Documents and Settings\All Users\VisualBee
Folder Deleted : C:\Documents and Settings\DarkD\Start Menu\Programs\Start Lollipop
Folder Deleted : C:\Documents and Settings\DarkD\Application 
 
Data\Mozilla\Firefox\Profiles\solfoden.default\Extensions\67314b39-24e6-4f05-99f3-3f88c7cddd17@6c5fa560-
 
13a3-4d42-8e90-53d9930111f9.com
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKCU\Software\ViewPassword
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v23.0.1 (en-US)
 
[ File : C:\Documents and Settings\DarkD\Application Data\Mozilla\Firefox\Profiles\solfoden.default\prefs.js 
 
]
 
 
-\\ Google Chrome v
 
[ File : C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\Chrome\User 
 
Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://movies.netflix.com/WiSearch?
 
raw_query=The+Lost+Room&ac_category_type=none&ac_rel_posn=-1&ac_abs_posn=-1&v1={searchTerms}&search_submit=
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www1.delta-search.com/?q={searchTerms}
 
&babsrc=SP_ss&mntrId=B02E00FF56F40D90&affID=119556&tsp=4977
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?
 
ctid=CT3320133&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP5FEE96C0-CA3D-4D3C-AE0F-
 
2E1566160B03&q={searchTerms}&SSPV=
Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=ct3007394&SearchSource=48
Deleted [Startup_urls] : hxxp://www1.delta-search.com/?
 
babsrc=HP_ss&mntrId=B02E00FF56F40D90&affID=119556&tsp=4977
Deleted [Startup_urls] : hxxp://search.conduit.com/?ctid=ct3007394&SearchSource=48&UP=SP5FEE96C0-CA3D-4D3C-
 
AE0F-2E1566160B03&SSPV=
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : ieakfmpjhljbpbfpldjkddkjmmgjmgon
Deleted [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp
 
*************************
 
AdwCleaner[R0].txt - [27717 octets] - [29/08/2013 02:19:23]
AdwCleaner[R1].txt - [7351 octets] - [29/08/2013 03:25:08]
AdwCleaner[R2].txt - [17976 octets] - [11/11/2013 20:51:46]
AdwCleaner[R3].txt - [2506 octets] - [07/05/2014 18:36:34]
AdwCleaner[S0].txt - [27490 octets] - [29/08/2013 02:21:05]
AdwCleaner[S1].txt - [7191 octets] - [29/08/2013 03:25:52]
AdwCleaner[S2].txt - [18307 octets] - [11/11/2013 20:54:35]
AdwCleaner[S3].txt - [3175 octets] - [07/05/2014 18:44:34]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [3235 octets] ##########
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by DarkD on 2014/05/07 at 19:00:50.35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1417001333-776561741-725345543-1004\Software\sweetim
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{88FB16D2-04EA-4ffe-8079-CFF68F1B9CE6}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{89590F4E-C960-42D6-AAD9-A53E1EC99C93}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Documents and Settings\DarkD\Application Data\getrighttogo"
 
 
 
~~~ FireFox
 
Successfully deleted the following from C:\Documents and Settings\DarkD\Application Data\mozilla\firefox\profiles\solfoden.default\prefs.js
 
user_pref("browser.bdtoolbar.search_searchbar", false);
Emptied folder: C:\Documents and Settings\DarkD\Application Data\mozilla\firefox\profiles\solfoden.default\minidumps [2 files]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 2014/05/07 at 19:04:09.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 

Edited by DarkD, 08 May 2014 - 01:25 AM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:57 PM

Posted 08 May 2014 - 03:54 PM

Click on the start button
select settings
select control panel
select sounds and audio devices
you can move the sliders for the speakers for device volume
also, click on the advanced button, and check that the volume mute button is not pressed.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 08 May 2014 - 08:00 PM

I think it was JRT, now that ESET finished running I could restart my computer and it started working again.  

 

Anyways, I forgot to save the report before closing ESET.  It found 6 items.  A variety of trojans, worms and adware.  



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:57 PM

Posted 08 May 2014 - 08:52 PM

OK ...how is it now then?

In Control Panel, uninstall these
Java 7 Update 10 (Version: 7.0.100)

Java 7 Update 51 (Version: 7.0.510)

Java Auto Updater (Version: 2.1.9.8)

Java SE Development Kit 7 Update 45 (Version: 1.7.0.450)


Open Malwarebytes,update it to version 2 and scan.. Post that log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 08 May 2014 - 10:53 PM

I'm still getting redirected.  

 

http://www.upstaradown.com/CA/index.php?dv1=12303580&dv2=51802&dv3=CA&dv4=51802-CA&sec_id=qWJ8vBQjIEzEzreKDW78C9hEClg3C9haI07jDc1%3gzE7HFB847AN3h0epCB8E7Aud7cCHzB8E7asdNkV0Y3oufcCrD3dRFcC8F9tofis%EB&marketing_fid=MTM5OTYwNzQ0NC01YmFjZGRhMTA4ZDQ1YWZkN2JmZTgzODAxMmMyNDVhMw==

 

is the newest link it sent me to.  I just downloaded Malware Bytes 2 like you suggested and its running right now, but it hasn't found anything new yet.  



#10 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 09 May 2014 - 02:28 AM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 2014/05/09
Scan Time: 0:27:41
Logfile: malware_log.txt
Administrator: Yes
 
Version: 2.00.1.1004
Malware Database: v2014.05.09.04
Rootkit Database: v2014.03.27.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled
 
OS: Windows XP Service Pack 3
CPU: x86
File System: NTFS
User: DarkD
 
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 420040
Time Elapsed: 3 hr, 47 min, 59 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.FCTPlugin, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kincjchfokkeneeofpeefomkikfkiedl, , [1d3b08478fecb284f2e8133aea19857b], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 2
PUP.Optional.DomaIQ, C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\Chrome\User Data\Default\File System\008\t\00\00000003, , [a8b0ed627902072f1196a99af40cbb45], 
PUP.Optional.Conduit.A, C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://search.conduit.com/?ctid=ct3007394&SearchSource=48", "http://www1.delta-search.com/?babsrc=HP_ss&mntrId=B02E00FF56F40D90&affID=119556&tsp=4977", "http://www.google.com/", "http://search.conduit.com/?ctid=ct3007394&SearchSource=48&UP=SP5FEE96C0-CA3D-4D3C-AE0F-2E1566160B03&SSPV=" ],), ,[90c84a05f3880036cbdc2943be4634cc]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:57 PM

Posted 09 May 2014 - 09:56 AM

Look in Chrome Plug ins for anything you do not recognize and disable it.

How To Disable Individual Plug-ins in Google Chrome


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#12 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 09 May 2014 - 03:27 PM

There really isn't much left that isn't disabled.  I have two versions of flash for some reason.  

 

C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll

C:\windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll

C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\Chrome\Application\34.0.1847.131\pdf.dll

C:\Documents and Settings\DarkD\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ajffocjdcmpgjmdfdfkdfdbkjafbkcke\2.1.1_0\plugin/npDownloadAll.dll

C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

 

Is what I have still enabled.  Other than the two flash players I understand what everything else is.  



#13 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,026 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:57 PM

Posted 09 May 2014 - 08:12 PM

Macromedia is a very old version of flash Adobe bought and replaced them.
You can disable them one at a time to see if one is the cause..
Adobe Reader is at version XI now.

Let's try one more thing here.

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", click the Delete button.
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Delete

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#14 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 12 May 2014 - 04:01 PM

I took some time doing this because it was a pain disconnecting my external hard drive, but here it is. 

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : DarkD [Admin rights]
Mode : Remove -- Date : 05/12/2014 13:58:56
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 2 ¤¤¤
[V1][ROGUE ST] VisualBee-chromeinstaller.job : C:\Program Files\VisualBee\VisualBee-chromeinstaller.exe - /installcrx /agentregpath='VisualBee' /extensionfilepath='C:\Program Files\VisualBee\33906.crx' /appid=33906 /srcid='000196' /subid='verticals-shopping,intext,pops,ads' /zdata='0' /bic=3B9DA29BDC2440828988779887C3906DIE /verifier=cce41f983dc75b2d9aa1fed06c892eaa /installerversion=1_27_153 /installerfullversion=1.27.153.8 /installationtime=1379585990 /statsdomain=hxxp://stats.update-apps.com /errorsdomain=hxxp://errors.update-apps.com /waitforbrowser=300 /extensionid=kmkdohofefokfmbnlbgebdapndacfklg /extensionversion=1.23.27 /extensionpublickey=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHyV7VB7pfhL43MJPF6Tz99RMBQPO3ECLfDPBPcouZwWJXUSOgrfOhyGAuLw1ApUxjTpXOYvyXZmdp8XThAhKGF8vIoJaG4GjQYrGDDpExQZcxZa7JuAFp2LFqtTk1fFCjZxCvDCIYRbNwlx2IWaSgtnL3iV0W+mkl/Ap6FVfa6QIDAQAB /allusers /allprofiles /externallog='' [x][x][x][x][x][x][x] -> DELETED
[V1][ROGUE ST] VisualBee-firefoxinstaller.job : C:\Program Files\VisualBee\VisualBee-firefoxinstaller.exe - /installxpi /agentregpath='VisualBee' /extensionfilepath='C:\Program Files\VisualBee\33906.xpi' /appid=33906 /srcid='000196' /subid='verticals-shopping,intext,pops,ads' /zdata='0' /bic=3B9DA29BDC2440828988779887C3906DIE /verifier=cce41f983dc75b2d9aa1fed06c892eaa /installerversion=1_27_153 /installerfullversion=1.27.153.8 /installationtime=1379585990 /statsdomain=hxxp://stats.update-apps.com /errorsdomain=hxxp://errors.update-apps.com /waitforbrowser=300 /extensionid=67314b39-24e6-4f05-99f3-3f88c7cddd17@6c5fa560-13a3-4d42-8e90-53d9930111f9.com /extensionversion=0.91 /prefsbranch=a67314b3924e64f0599f33f88c7cddd176c5fa56013a34d428e9053d9930111f9com33906 /updateurl=hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/ff/update/33906.rdf /allusers /allprofiles /externallog='' [x][x][x][x][x][x][x][x][x] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST3320620AS +++++
--- User ---
[MBR] eb4841f49b241bffefb68e62cd38f59d
[BSP] 1c72b140827dd95e4b1b12a2d85e3cb0 : Linux MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 287235 MB
1 - [XXXXXX] EXTEN (0x05) [VISIBLE] Offset (sectors): 588259328 | Size: 18009 MB
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_05122014_135856.txt >>
RKreport[0]_S_05122014_133635.txt


 



#15 DarkD

DarkD
  • Topic Starter

  • Members
  • 69 posts
  • OFFLINE
  •  
  • Local time:02:57 PM

Posted 12 May 2014 - 05:38 PM

I'm still getting the java update bullbleep.. 

 

http://www.sdafjkg.com/CA/index.php?dv1=12303580&dv2=51802&dv3=CA&dv4=51802-CA&sec_id=qWJ8vBQjIEzEzreKDW78C9hEClg3C9haI07jDc1%3gzE7HFB8e7AV8h0epCB837auE7TCHzB8rNBudPAX0Y3oufcCrD3dRFcC8F9tofis%EB&marketing_fid=MTM5OTkzNDA0OS1jODU2MDhjZDU3NmNlZmY4MzIyMjMyOGQ0NTliYThmYw==

 

Is the new link it sent me just now.  Clearly there is something wrong with that URL.  This time I'm using firefox too.  I'm starting to think that this is a virus that hasn't been registered to a tool yet... 

 

I found another thread on bleeping with a similar problem 

 

http://www.bleepingcomputer.com/forums/t/518073/fake-java-update-redirect/

 

Since my javaupdate BS keeps changing the URL's I get the feeling its the same rootkit. 


Edited by DarkD, 12 May 2014 - 07:29 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users