Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows XP Slow Loading


  • This topic is locked This topic is locked
7 replies to this topic

#1 whitez

whitez

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 20 May 2014 - 01:31 AM

Hi,
My Windows XP SP3 just recently loading really slow after booting up, maybe takes about 5 minutes.
I have tried scanning with AVG anti virus and Malwarebytes but nothing coming up. I also tried defragmenting and removing unused programs but that didn't help either.
Can someone help me please?
Thanks a lot in advance

Edited by whitez, 20 May 2014 - 01:33 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:45 PM

Posted 20 May 2014 - 02:11 PM

Hello whitez, let's run these and see if it improves.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 whitez

whitez
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 20 May 2014 - 11:34 PM

Hi,

Please see below for results. Unfortunately no improvement yet.

Thanks

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by Franzo (administrator) on 21-05-2014 at 10:51:48
Running from "C:\Utils\Bleeping Computer"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
ProxyServer: 69.162.162.240:3128
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
 
========================= FF Proxy Settings: ============================== 
 
"network.proxy.http", "189.3.14.242"
"network.proxy.http_port", 8080
 
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
 
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
127.0.0.1                               adobeereg.com                        
127.0.0.1                               www.adobeereg.com                    
127.0.0.1                               wwis-dubc1-vip60.adobe.com           
 
There are 2 more lines starting with "127.0.0.1"
 
========================= IP Configuration: ================================
 
Intel® 82566DM Gigabit Network Connection = Local Area Connection (Disconnected)
TP-LINK Wireless N Adapter = Wireless Network Connection (Connected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : bless1
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Unknown
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
        DNS Suffix Search List. . . . . . : home
 
 
 
Ethernet adapter Wireless Network Connection:
 
 
 
        Connection-specific DNS Suffix  . : home
 
        Description . . . . . . . . . . . : TP-LINK Wireless N Adapter #2
 
        Physical Address. . . . . . . . . : 00-27-19-13-F3-D1
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 10.7.7.81
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 10.7.7.77
 
        DHCP Server . . . . . . . . . . . : 10.7.7.77
 
        DNS Servers . . . . . . . . . . . : 10.7.7.77
 
        Lease Obtained. . . . . . . . . . : Wednesday, 21 May 2014 9:20:48 AM
 
        Lease Expires . . . . . . . . . . : Wednesday, 4 June 2014 9:20:48 AM
 
Server:  Router.home
Address:  10.7.7.77
 
Name:    google.com
Addresses:  74.125.237.137, 74.125.237.133, 74.125.237.135, 74.125.237.131
 74.125.237.129, 74.125.237.142, 74.125.237.130, 74.125.237.136, 74.125.237.132
 74.125.237.134, 74.125.237.128
 
 
 
Pinging google.com [74.125.237.137] with 32 bytes of data:
 
 
 
Reply from 74.125.237.137: bytes=32 time=19ms TTL=56
 
Reply from 74.125.237.137: bytes=32 time=20ms TTL=57
 
 
 
Ping statistics for 74.125.237.137:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 19ms, Maximum = 20ms, Average = 19ms
 
Server:  Router.home
Address:  10.7.7.77
 
Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109
 
 
 
Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
 
 
 
Reply from 98.139.183.24: bytes=32 time=272ms TTL=45
 
Reply from 98.139.183.24: bytes=32 time=273ms TTL=45
 
 
 
Ping statistics for 98.139.183.24:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 272ms, Maximum = 273ms, Average = 272ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 27 19 13 f3 d1 ...... TP-LINK Wireless N Adapter #2 - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0        10.7.7.77       10.7.7.81  25
         10.7.7.0    255.255.255.0        10.7.7.81       10.7.7.81  25
        10.7.7.81  255.255.255.255        127.0.0.1       127.0.0.1  25
   10.255.255.255  255.255.255.255        10.7.7.81       10.7.7.81  25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1  1
        224.0.0.0        240.0.0.0        10.7.7.81       10.7.7.81  25
  255.255.255.255  255.255.255.255        10.7.7.81       10.7.7.81  1
Default Gateway:         10.7.7.77
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (03/18/2014 09:41:03 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [iexplore.exe!ws!]
 
Error: (03/18/2014 09:37:26 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18702, fault address 0x0013e9c6.
Processing media-specific event for [iexplore.exe!ws!]
 
Error: (03/18/2014 09:37:15 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18702, fault address 0x0013e9c6.
Processing media-specific event for [iexplore.exe!ws!]
 
Error: (03/18/2014 09:34:04 AM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18702, fault address 0x0013e9c6.
Processing media-specific event for [iexplore.exe!ws!]
 
Error: (02/28/2014 09:50:35 AM) (Source: Application Error) (User: )
Description: Faulting application machineidcreator.exe, version 14.0.0.6, faulting module avguidx.dll, version 2012.0.0.1, fault address 0x00028eb0.
Processing media-specific event for [machineidcreator.exe!ws!]
 
Error: (02/28/2014 09:49:05 AM) (Source: Application Error) (User: )
Description: Faulting application MachineIdCreator.exe, version 14.0.0.6, faulting module avguidx.dll, version 2012.0.0.1, fault address 0x00028eb0.
Processing media-specific event for [MachineIdCreator.exe!ws!]
 
Error: (02/28/2014 09:49:01 AM) (Source: Application Error) (User: )
Description: Faulting application MachineIdCreator.exe, version 14.0.0.6, faulting module avguidx.dll, version 2012.0.0.1, fault address 0x00028eb0.
Processing media-specific event for [MachineIdCreator.exe!ws!]
 
Error: (02/28/2014 08:52:50 AM) (Source: Application Error) (User: )
Description: Faulting application machineidcreator.exe, version 14.0.0.6, faulting module avguidx.dll, version 2012.0.0.1, fault address 0x00028eb0.
Processing media-specific event for [machineidcreator.exe!ws!]
 
Error: (02/28/2014 08:30:49 AM) (Source: Application Error) (User: )
Description: Faulting application machineidcreator.exe, version 14.0.0.6, faulting module avguidx.dll, version 2012.0.0.1, fault address 0x00028eb0.
Processing media-specific event for [machineidcreator.exe!ws!]
 
Error: (02/28/2014 08:25:46 AM) (Source: Application Error) (User: )
Description: Faulting application MachineIdCreator.exe, version 14.0.0.6, faulting module avguidx.dll, version 2012.0.0.1, fault address 0x00028eb0.
Processing media-specific event for [MachineIdCreator.exe!ws!]
 
 
System errors:
=============
Error: (05/21/2014 09:21:25 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
i8042prt
 
Error: (05/21/2014 09:21:25 AM) (Source: Service Control Manager) (User: )
Description: The Apple Mobile Device service failed to start due to the following error: 
%%14001
 
Error: (05/21/2014 09:20:57 AM) (Source: SideBySide) (User: )
Description: Generate Activation Context failed for C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe.
Reference error message: The operation completed successfully.
.
 
Error: (05/21/2014 09:20:57 AM) (Source: SideBySide) (User: )
Description: Resolve Partial Assembly failed for Microsoft.VC80.CRT.
Reference error message: The referenced assembly is not installed on your system.
.
 
Error: (05/21/2014 09:20:57 AM) (Source: SideBySide) (User: )
Description: Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.
 
Error: (05/20/2014 08:18:25 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
Error: (05/20/2014 08:17:11 PM) (Source: DCOM) (User: BLESS1)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
 
Error: (05/20/2014 07:34:40 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
Avgdiskx
AVGIDSDriver
AVGIDSShim
Avgldx86
bcbus
Fips
i8042prt
intelppm
 
Error: (05/20/2014 07:34:40 PM) (Source: Service Control Manager) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error: 
%%31
 
Error: (05/20/2014 07:33:18 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
 
 
Microsoft Office Sessions:
=========================
Error: (03/18/2014 09:41:03 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702unknown0.0.0.000000000
 
Error: (03/18/2014 09:37:26 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.187020013e9c6
 
Error: (03/18/2014 09:37:15 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.187020013e9c6
 
Error: (03/18/2014 09:34:04 AM) (Source: Application Error)(User: )
Description: iexplore.exe8.0.6001.18702mshtml.dll8.0.6001.187020013e9c6
 
Error: (02/28/2014 09:50:35 AM) (Source: Application Error)(User: )
Description: machineidcreator.exe14.0.0.6avguidx.dll2012.0.0.100028eb0
 
Error: (02/28/2014 09:49:05 AM) (Source: Application Error)(User: )
Description: MachineIdCreator.exe14.0.0.6avguidx.dll2012.0.0.100028eb0
 
Error: (02/28/2014 09:49:01 AM) (Source: Application Error)(User: )
Description: MachineIdCreator.exe14.0.0.6avguidx.dll2012.0.0.100028eb0
 
Error: (02/28/2014 08:52:50 AM) (Source: Application Error)(User: )
Description: machineidcreator.exe14.0.0.6avguidx.dll2012.0.0.100028eb0
 
Error: (02/28/2014 08:30:49 AM) (Source: Application Error)(User: )
Description: machineidcreator.exe14.0.0.6avguidx.dll2012.0.0.100028eb0
 
Error: (02/28/2014 08:25:46 AM) (Source: Application Error)(User: )
Description: MachineIdCreator.exe14.0.0.6avguidx.dll2012.0.0.100028eb0
 
 
=========================== Installed Programs ============================
 
µTorrent (Version: 3.3.0.29544)
7-Zip 9.20
Adobe Acrobat  9 Standard - English, Français, Deutsch (Version: 9.0.0)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.214)
Adobe Flash Player 13 Plugin (Version: 13.0.0.214)
Adobe Photoshop CS5 (Version: 12.0)
Adobe Photoshop Lightroom 2 (Version: 2)
Adobe Reader 7.0 (Version: 7.0.0)
Airytec Switch Off (Version: 3.4.1)
Apple Mobile Device Support (Version: 7.0.0.117)
AVG 2014 (Version: 14.0.3950)
AVG 2014 (Version: 14.0.4570)
AVG 2014 (Version: 2014.0.4570)
BestCrypt 8.0
Brother P-touch Editor 5.1 (Version: 5.1.0060)
Brother P-touch Editor Label Collection - Package Shipping [ENG] (Version: 1.0.001)
Brother P-touch Editor Label Collection - Package Shipping [ENU] (Version: 1.0.001)
Brother P-touch Update Software (Version: 1.0.0070)
CCleaner (Version: 4.13)
Embedded Security for HP ProtectTools Driver (Version: 5.5.100)
Google Chrome (Version: 33.0.1750.117)
Google Talk Plugin (Version: 5.1.4.17398)
Intel® Graphics Media Accelerator Driver
Intel® Management Engine Interface
Intel® PRO Network Connections Drivers
Ipswitch WS_FTP Professional 2007 (Version: 11.1.0000)
IrfanView (remove only)
Java 7 Update 51 (Version: 7.0.510)
Java Auto Updater (Version: 2.1.9.8)
Malwarebytes Anti-Malware version 2.0.1.1004 (Version: 2.0.1.1004)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Access database engine 2010 (English) (Version: 14.0.4763.1000)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.7
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Professional Edition 2003 (Version: 11.0.7969.0)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.4734.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft WinUsb 1.0
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 19.0.2 (x86 en-US) (Version: 19.0.2)
Mozilla Maintenance Service (Version: 19.0.2)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
NVIDIA Control Panel 263.14 (Version: 263.14)
NVIDIA Graphics Driver 263.14 (Version: 263.14)
NVIDIA HD Audio Driver 1.1.12.1 (Version: 1.1.12.1)
NVIDIA Install Application (Version: 2.265.36.0)
NVIDIA nView 135.36 (Version: 135.36)
NVIDIA nView Desktop Manager (Version: 6.14.10.13065)
NVIDIA PhysX (Version: 9.10.0514)
NVIDIA PhysX System Software 9.10.0514 (Version: 9.10.0514)
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 5.10.0.7111)
Samsung Kies (Version: 2.2.0.12014_18)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.103.0)
TeamViewer 9 (Version: 9.0.28223)
Uninstall Startup Inspector
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.0.1 (Version: 2.0.1)
WBFS Manager 3.0 (Version: 3.0)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR archiver
XML Paper Specification Shared Components Pack 1.0
Yawcam 0.4.1
 
========================= Memory info: ===================================
 
Percentage of memory in use: 39%
Total physical RAM: 2031.23 MB
Available physical RAM: 1230.15 MB
Total Pagefile: 3923.68 MB
Available Pagefile: 3189.66 MB
Total Virtual: 2047.88 MB
Available Virtual: 1974.52 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:931.5 GB) (Free:718.36 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\BLESS1
 
Administrator            ASPNET                   Franzo                   
Guest                    HelpAssistant            SUPPORT_388945a0         
 
 
**** End of log ****
 
 
 
 
10:53:40.0218 0x1474  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
10:53:45.0812 0x1474  ============================================================
10:53:45.0812 0x1474  Current date / time: 2014/05/21 10:53:45.0812
10:53:45.0812 0x1474  SystemInfo:
10:53:45.0812 0x1474  
10:53:45.0812 0x1474  OS Version: 5.1.2600 ServicePack: 3.0
10:53:45.0812 0x1474  Product type: Workstation
10:53:45.0812 0x1474  ComputerName: BLESS1
10:53:45.0812 0x1474  UserName: Franzo
10:53:45.0812 0x1474  Windows directory: C:\WINDOWS
10:53:45.0812 0x1474  System windows directory: C:\WINDOWS
10:53:45.0812 0x1474  Processor architecture: Intel x86
10:53:45.0812 0x1474  Number of processors: 2
10:53:45.0812 0x1474  Page size: 0x1000
10:53:45.0812 0x1474  Boot type: Normal boot
10:53:45.0812 0x1474  ============================================================
10:53:48.0421 0x1474  KLMD registered as C:\WINDOWS\system32\drivers\67810371.sys
10:53:48.0515 0x1474  System UUID: {E0C91EF5-9DB7-CC62-BCEC-7D8141519543}
10:53:48.0984 0x1474  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
10:53:48.0984 0x1474  ============================================================
10:53:48.0984 0x1474  \Device\Harddisk0\DR0:
10:53:48.0984 0x1474  MBR partitions:
10:53:48.0984 0x1474  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74701AC1
10:53:48.0984 0x1474  ============================================================
10:53:49.0015 0x1474  C: <-> \Device\Harddisk0\DR0\Partition1
10:53:49.0015 0x1474  ============================================================
10:53:49.0015 0x1474  Initialize success
10:53:49.0015 0x1474  ============================================================
10:53:52.0468 0x0bfc  ============================================================
10:53:52.0468 0x0bfc  Scan started
10:53:52.0468 0x0bfc  Mode: Manual; 
10:53:52.0468 0x0bfc  ============================================================
10:53:52.0468 0x0bfc  KSN ping started
10:53:55.0015 0x0bfc  KSN ping finished: true
10:53:56.0171 0x0bfc  ================ Scan system memory ========================
10:53:56.0171 0x0bfc  System memory - ok
10:53:56.0171 0x0bfc  ================ Scan services =============================
10:53:56.0218 0x0bfc  Abiosdsk - ok
10:53:56.0234 0x0bfc  abp480n5 - ok
10:53:56.0296 0x0bfc  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
10:53:56.0296 0x0bfc  ACPI - ok
10:53:56.0406 0x0bfc  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
10:53:56.0406 0x0bfc  ACPIEC - ok
10:53:56.0484 0x0bfc  [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:53:56.0500 0x0bfc  AdobeFlashPlayerUpdateSvc - ok
10:53:56.0500 0x0bfc  adpu160m - ok
10:53:56.0546 0x0bfc  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
10:53:56.0546 0x0bfc  aec - ok
10:53:56.0593 0x0bfc  [ E3F08935158038D385AD382442F4BB2D, 02E080A4EF28FA593B4218BA7BDFD56ED956A1FD8014A86581EC8812D6BD0426 ] AF15BDA         C:\WINDOWS\system32\DRIVERS\AF15BDA.sys
10:53:56.0609 0x0bfc  AF15BDA - ok
10:53:56.0640 0x0bfc  [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
10:53:56.0656 0x0bfc  AFD - ok
10:53:56.0656 0x0bfc  Aha154x - ok
10:53:56.0656 0x0bfc  aic78u2 - ok
10:53:56.0656 0x0bfc  aic78xx - ok
10:53:56.0687 0x0bfc  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
10:53:56.0687 0x0bfc  Alerter - ok
10:53:56.0718 0x0bfc  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
10:53:56.0718 0x0bfc  ALG - ok
10:53:56.0718 0x0bfc  AliIde - ok
10:53:56.0734 0x0bfc  amsint - ok
10:53:56.0734 0x0bfc  anvsnddrv - ok
10:53:56.0812 0x0bfc  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:53:56.0812 0x0bfc  Apple Mobile Device - ok
10:53:56.0843 0x0bfc  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
10:53:56.0843 0x0bfc  AppMgmt - ok
10:53:56.0937 0x0bfc  [ 74AD200C4E5454A884D7C711B6A906CF, E53D7278E224C1D5765388C2D08EF7579B812FA7384A2522FC6D5FAD04BEB2B9 ] AR5416          C:\WINDOWS\system32\DRIVERS\athw.sys
10:53:56.0984 0x0bfc  AR5416 - ok
10:53:57.0000 0x0bfc  asc - ok
10:53:57.0000 0x0bfc  asc3350p - ok
10:53:57.0000 0x0bfc  asc3550 - ok
10:53:57.0062 0x0bfc  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
10:53:57.0062 0x0bfc  aspnet_state - ok
10:53:57.0062 0x0bfc  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
10:53:57.0062 0x0bfc  AsyncMac - ok
10:53:57.0078 0x0bfc  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
10:53:57.0078 0x0bfc  atapi - ok
10:53:57.0078 0x0bfc  Atdisk - ok
10:53:57.0093 0x0bfc  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
10:53:57.0093 0x0bfc  Atmarpc - ok
10:53:57.0125 0x0bfc  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
10:53:57.0125 0x0bfc  AudioSrv - ok
10:53:57.0125 0x0bfc  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
10:53:57.0125 0x0bfc  audstub - ok
10:53:57.0156 0x0bfc  [ 4F5490453284A641F159FF7AE6E0D736, E19F26462273D6E98F1C154695E2670DCF963BACAFD90B7EF0EF1DBB38264A7B ] Avgdiskx        C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
10:53:57.0156 0x0bfc  Avgdiskx - ok
10:53:57.0343 0x0bfc  [ 7645B56EE79C68DFE19298BD531A66A3, 4FB045E7B947A4C9D7FA0EADE0BBC2C14F55BF1B660D8BA7D479935D74A9F5E7 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
10:53:57.0500 0x0bfc  AVGIDSAgent - ok
10:53:57.0531 0x0bfc  [ FCA016A74EDAA915F903F2E802CCDDF7, 6CEBCE860CCE79D16B1D0FA227AE6487AEE3211E0327597CB76735C08A9960D7 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
10:53:57.0531 0x0bfc  AVGIDSDriver - ok
10:53:57.0531 0x0bfc  [ FF4297EC210BC9A6BCFEF929694EA88D, 965F7ABD89B4157E9FD47A727C217C8B3170631F974E10684E0B96E8F4660559 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
10:53:57.0546 0x0bfc  AVGIDSHX - ok
10:53:57.0546 0x0bfc  [ F3643535D7598B950BC774D8E3D4626D, 0388539CD47132B5729A18D123E40CDC8791FF9B59AF3063BC3F0658E00DCCA5 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
10:53:57.0546 0x0bfc  AVGIDSShim - ok
10:53:57.0562 0x0bfc  [ D0F06211AE2BDD5F2F82279550EED31B, 431C24145B71ADDBBF6C4A44EC6F763F3C53D20614C379254657D04888FE4784 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
10:53:57.0562 0x0bfc  Avgldx86 - ok
10:53:57.0578 0x0bfc  [ 9D663E6EBFAF4E74A61B492A79AAB5A1, F411C248F4A22A6E6C4336CB2FF8386D866A84C5029D276F361B178636603F5B ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
10:53:57.0593 0x0bfc  Avglogx - ok
10:53:57.0640 0x0bfc  [ 5E26854C4FF7368A79C48F01D4388E28, 39DA13AA3D3794378053AC012F88FEC076CFD7A0FACF985C70E8AA861F81554E ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
10:53:57.0640 0x0bfc  Avgmfx86 - ok
10:53:57.0640 0x0bfc  [ DAC682B3F40824E1E1011A899ED2AF36, 315890594177028C2BB03457C7C2E8A573698F1E7BC4D5A4ACDD195C32D8321E ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
10:53:57.0640 0x0bfc  Avgrkx86 - ok
10:53:57.0671 0x0bfc  [ CFA067ADD4D1A8D081FF816E817CAF39, BA6EF94A28C760DC7B506896630D60D61FE01C7DD37754823F28CF9236E38907 ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys
10:53:57.0671 0x0bfc  Avgtdix - ok
10:53:57.0718 0x0bfc  [ DBAEB3D23C653018629A76E53260E122, DF402D83206EDA77818D3B59456240E66C69D307FCC7419354BF363413BC7963 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
10:53:57.0734 0x0bfc  avgwd - ok
10:53:57.0765 0x0bfc  [ FF4082987B18FF7009EA0D57426F0702, 0D0C06FDFD26E19CCF9718CED669B19CB144BC6338646027C097C9DFC4201534 ] bcbus           C:\WINDOWS\system32\DRIVERS\bcbus.sys
10:53:57.0765 0x0bfc  bcbus - ok
10:53:57.0781 0x0bfc  [ 15EA19632912136299935E4C3997F121, 0D6828AB112E7483CB8E5066B89389F0B6F3170F1903EF9D9E2B2EF756261848 ] bcfnt           C:\WINDOWS\system32\drivers\bcfnt.sys
10:53:57.0781 0x0bfc  bcfnt - ok
10:53:57.0812 0x0bfc  [ 718F751F4530E5ED37D7F1D3A0540AC9, 9ACCA852171E9C67AAF92773BA79EC0B8C50A076A6C6D8CF5F0DCE216104234E ] BCWipeSvc       C:\Program Files\Jetico\BestCrypt\BCWipeSvc.exe
10:53:57.0812 0x0bfc  BCWipeSvc - ok
10:53:57.0828 0x0bfc  [ 5C79A4827F603BC5284C31624E1E6D90, 006F8747CEBABDE0F26C0D2F20FD5BC25FE15467A4BAA23151243D7763DEB85A ] BC_3DES         C:\WINDOWS\system32\drivers\BC_3DES.sys
10:53:57.0828 0x0bfc  BC_3DES - ok
10:53:57.0828 0x0bfc  [ CD4EFBCD7BE6DEBC7CE513E9A985C0CF, 3B6287898462554889CC8E956918581DA4EC26C80FF4C9D15191CC7A960AC377 ] BC_BF128        C:\WINDOWS\system32\drivers\BC_BF128.sys
10:53:57.0828 0x0bfc  BC_BF128 - ok
10:53:57.0843 0x0bfc  [ 02FDD50C7130D375344F289BE3C9940F, D3F85E41CF78C7CA7362985D70B5D816D9F53B4F190CA751A4F2A61A9BD657E1 ] BC_BF448        C:\WINDOWS\system32\drivers\BC_BF448.sys
10:53:57.0843 0x0bfc  BC_BF448 - ok
10:53:57.0843 0x0bfc  [ 6DEA703EAA4627EED10CB5EA4F441121, 5F30FCBDAFD60463B53EF59151BC0F40B41FA9F0B00621E4FA3AA0CB966331CE ] BC_BFish        C:\WINDOWS\system32\drivers\BC_BFish.sys
10:53:57.0843 0x0bfc  BC_BFish - ok
10:53:57.0843 0x0bfc  [ 71FE6784CCD49E6CB93E22ECC5706D2E, 2B60090F2DDB8FEB30CE1CB4983E46121065FE69B6C937FB92C7E37F979AA914 ] BC_CAST         C:\WINDOWS\system32\drivers\BC_CAST.sys
10:53:57.0859 0x0bfc  BC_CAST - ok
10:53:57.0859 0x0bfc  [ F41AC0D4EED9560A4AD829E20D173943, 03870BE711EB7D759FD3AF291C9DA52C761E7D9167E9121DE74F2668BC370A3A ] BC_DES          C:\WINDOWS\system32\drivers\BC_DES.sys
10:53:57.0859 0x0bfc  BC_DES - ok
10:53:57.0859 0x0bfc  [ A4C5B66A0E3445895D9427833DEC7B6A, C67B5E008DC62EF773D32BFB9C56C85B6EDA93B0EC380DC9684D41064B34D4D8 ] BC_Gost         C:\WINDOWS\system32\drivers\BC_Gost.sys
10:53:57.0859 0x0bfc  BC_Gost - ok
10:53:57.0875 0x0bfc  [ 700F6C0A1E96DDBA4012A80ECA2B432B, 6F953019280EFC700726A1F6D12039118D33ADC62E67A61387BD7249E3A734E4 ] BC_IDEA         C:\WINDOWS\system32\drivers\BC_IDEA.sys
10:53:57.0875 0x0bfc  BC_IDEA - ok
10:53:57.0875 0x0bfc  [ 8F896309570CE983EA4DA25D3D6A790F, F0815429278D1DD644FF528C963EF56723FBB88C312E3914D985622F06734BD5 ] BC_RC6          C:\WINDOWS\system32\drivers\BC_RC6.sys
10:53:57.0875 0x0bfc  BC_RC6 - ok
10:53:57.0875 0x0bfc  [ CF70A1A7DF666ACD4894A307B16DED35, CC9EAED4CFD5D618E8B8938A61C5E1CD1E5A35CAF56F2E417A3248B8A651DC46 ] BC_RIJN         C:\WINDOWS\system32\drivers\BC_RIJN.sys
10:53:57.0890 0x0bfc  BC_RIJN - ok
10:53:57.0890 0x0bfc  [ 35F1780899D91938869F37D5B2BC51CE, 10A1C4D8966060234227E48DFE759569C7725B4A70FB9CA667BCBACADB490602 ] BC_SERP         C:\WINDOWS\system32\drivers\BC_SERP.sys
10:53:57.0890 0x0bfc  BC_SERP - ok
10:53:57.0890 0x0bfc  [ AA6D0EE0EC2AB932E4F84CD7E8A6419D, AFC7414A0295CB89B9EB043BFB8F9C6E98509782156A04503CF2C46844094D62 ] BC_TFISH        C:\WINDOWS\system32\drivers\BC_TFISH.sys
10:53:57.0890 0x0bfc  BC_TFISH - ok
10:53:57.0937 0x0bfc  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
10:53:57.0937 0x0bfc  Beep - ok
10:53:57.0984 0x0bfc  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
10:53:58.0000 0x0bfc  BITS - ok
10:53:58.0015 0x0bfc  [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser         C:\WINDOWS\System32\browser.dll
10:53:58.0031 0x0bfc  Browser - ok
10:53:58.0046 0x0bfc  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
10:53:58.0062 0x0bfc  cbidf2k - ok
10:53:58.0062 0x0bfc  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
10:53:58.0062 0x0bfc  CCDECODE - ok
10:53:58.0062 0x0bfc  cd20xrnt - ok
10:53:58.0093 0x0bfc  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
10:53:58.0093 0x0bfc  Cdaudio - ok
10:53:58.0109 0x0bfc  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
10:53:58.0109 0x0bfc  Cdfs - ok
10:53:58.0125 0x0bfc  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
10:53:58.0140 0x0bfc  Cdrom - ok
10:53:58.0140 0x0bfc  Changer - ok
10:53:58.0156 0x0bfc  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
10:53:58.0156 0x0bfc  CiSvc - ok
10:53:58.0171 0x0bfc  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
10:53:58.0171 0x0bfc  ClipSrv - ok
10:53:58.0203 0x0bfc  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:53:58.0203 0x0bfc  clr_optimization_v2.0.50727_32 - ok
10:53:58.0250 0x0bfc  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:53:58.0250 0x0bfc  clr_optimization_v4.0.30319_32 - ok
10:53:58.0250 0x0bfc  CmdIde - ok
10:53:58.0250 0x0bfc  COMSysApp - ok
10:53:58.0265 0x0bfc  Cpqarray - ok
10:53:58.0265 0x0bfc  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
10:53:58.0281 0x0bfc  CryptSvc - ok
10:53:58.0281 0x0bfc  dac2w2k - ok
10:53:58.0281 0x0bfc  dac960nt - ok
10:53:58.0296 0x0bfc  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
10:53:58.0312 0x0bfc  DcomLaunch - ok
10:53:58.0343 0x0bfc  [ 919F338FD36F47D860775368D0748780, 28A332E77E0F724E89E3EDCB64B24663CFD824E5FDA4FD266913C4E4E5FF676A ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
10:53:58.0343 0x0bfc  dg_ssudbus - ok
10:53:58.0359 0x0bfc  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
10:53:58.0359 0x0bfc  Dhcp - ok
10:53:58.0359 0x0bfc  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
10:53:58.0359 0x0bfc  Disk - ok
10:53:58.0359 0x0bfc  dmadmin - ok
10:53:58.0421 0x0bfc  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
10:53:58.0453 0x0bfc  dmboot - ok
10:53:58.0453 0x0bfc  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
10:53:58.0468 0x0bfc  dmio - ok
10:53:58.0468 0x0bfc  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
10:53:58.0468 0x0bfc  dmload - ok
10:53:58.0484 0x0bfc  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
10:53:58.0500 0x0bfc  dmserver - ok
10:53:58.0546 0x0bfc  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
10:53:58.0546 0x0bfc  DMusic - ok
10:53:58.0562 0x0bfc  [ 474B4DC3983173E4B4C9740B0DAC98A6, C0B1B5B3A87529FFA93BCFCC2BC013A96CAD7F5049ED4D999E8D5D9AC91F95B7 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
10:53:58.0562 0x0bfc  Dnscache - ok
10:53:58.0593 0x0bfc  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
10:53:58.0593 0x0bfc  Dot3svc - ok
10:53:58.0593 0x0bfc  dpti2o - ok
10:53:58.0625 0x0bfc  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
10:53:58.0625 0x0bfc  drmkaud - ok
10:53:58.0656 0x0bfc  [ 00192F0C612591D585594E9467E6CA8B, 72CA81F07F10F53E56019CF6B925696A1F01D6CB5C0E9CADAAA5E7A2F7BF82CD ] e1express       C:\WINDOWS\system32\DRIVERS\e1e5132.sys
10:53:58.0671 0x0bfc  e1express - ok
10:53:58.0687 0x0bfc  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
10:53:58.0687 0x0bfc  EapHost - ok
10:53:58.0687 0x0bfc  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
10:53:58.0687 0x0bfc  ERSvc - ok
10:53:58.0718 0x0bfc  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] Eventlog        C:\WINDOWS\system32\services.exe
10:53:58.0718 0x0bfc  Eventlog - ok
10:53:58.0765 0x0bfc  [ 19A799805B24990867B00C120D300C3A, 3C8CB64BE0508B5136D4F4919DA665AB86366EFFFFDD890A9B27E7CE39DCF098 ] EventSystem     C:\WINDOWS\system32\es.dll
10:53:58.0765 0x0bfc  EventSystem - ok
10:53:58.0781 0x0bfc  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
10:53:58.0781 0x0bfc  Fastfat - ok
10:53:58.0812 0x0bfc  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
10:53:58.0812 0x0bfc  FastUserSwitchingCompatibility - ok
10:53:58.0828 0x0bfc  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
10:53:58.0828 0x0bfc  Fdc - ok
10:53:58.0843 0x0bfc  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
10:53:58.0843 0x0bfc  Fips - ok
10:53:58.0890 0x0bfc  [ F76D04F7413B07DAA029F6520B64B4E8, 3EB13C0EFE737880853FB8952381E7A57723F9472E0E4ED7CDA8A0D7DE8DC90D ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:53:58.0921 0x0bfc  FLEXnet Licensing Service - ok
10:53:58.0937 0x0bfc  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
10:53:58.0953 0x0bfc  Flpydisk - ok
10:53:58.0968 0x0bfc  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
10:53:58.0984 0x0bfc  FltMgr - ok
10:53:59.0015 0x0bfc  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
10:53:59.0015 0x0bfc  FontCache3.0.0.0 - ok
10:53:59.0015 0x0bfc  [ E9CFA6E1FF5A64CB1D2274B2CB4BA548, 64632B3E8728027797741FB28E53F476CEE2A110750DE785C808F98F36CD1F3C ] fsh             C:\WINDOWS\system32\drivers\fsh.sys
10:53:59.0015 0x0bfc  fsh - ok
10:53:59.0015 0x0bfc  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
10:53:59.0015 0x0bfc  Fs_Rec - ok
10:53:59.0031 0x0bfc  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
10:53:59.0031 0x0bfc  Ftdisk - ok
10:53:59.0062 0x0bfc  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
10:53:59.0062 0x0bfc  GEARAspiWDM - ok
10:53:59.0078 0x0bfc  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
10:53:59.0078 0x0bfc  Gpc - ok
10:53:59.0093 0x0bfc  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
10:53:59.0093 0x0bfc  HDAudBus - ok
10:53:59.0125 0x0bfc  [ D0FC694DF051BC65946DB616F20D1168, C38C4F06C0B1E8949B25A339D2D541CB6210C6FADB0355F16515EF9B2BA7ECCB ] HECI            C:\WINDOWS\system32\DRIVERS\HECI.sys
10:53:59.0125 0x0bfc  HECI - ok
10:53:59.0156 0x0bfc  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
10:53:59.0171 0x0bfc  helpsvc - ok
10:53:59.0218 0x0bfc  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
10:53:59.0218 0x0bfc  HidServ - ok
10:53:59.0265 0x0bfc  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
10:53:59.0265 0x0bfc  hidusb - ok
10:53:59.0296 0x0bfc  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
10:53:59.0296 0x0bfc  hkmsvc - ok
10:53:59.0312 0x0bfc  hpn - ok
10:53:59.0312 0x0bfc  HTCAND32 - ok
10:53:59.0328 0x0bfc  [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
10:53:59.0343 0x0bfc  HTTP - ok
10:53:59.0359 0x0bfc  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
10:53:59.0359 0x0bfc  HTTPFilter - ok
10:53:59.0375 0x0bfc  i2omgmt - ok
10:53:59.0375 0x0bfc  i2omp - ok
10:53:59.0375 0x0bfc  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
10:53:59.0375 0x0bfc  i8042prt - ok
10:53:59.0625 0x0bfc  [ 66A685B05066683621920BC14A45CFE8, B1DA4E1083E1B60E29607BFEF62653E13A0A9DD5A2ED7074B43BC4185AE64959 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
10:53:59.0828 0x0bfc  ialm - ok
10:53:59.0906 0x0bfc  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:53:59.0921 0x0bfc  idsvc - ok
10:53:59.0937 0x0bfc  [ 91C5E9F49F32110CED27E2F902FAD607, 9B5F1B0996FA7E92DF02214470C77046BF35F13E21CA4AEFC2019B1191248A5E ] IFXTPM          C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS
10:53:59.0937 0x0bfc  IFXTPM - ok
10:53:59.0953 0x0bfc  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
10:53:59.0953 0x0bfc  Imapi - ok
10:53:59.0984 0x0bfc  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
10:53:59.0984 0x0bfc  ImapiService - ok
10:53:59.0984 0x0bfc  ini910u - ok
10:54:00.0218 0x0bfc  [ 1F7C55FC32919644BA9124217A612A64, 7EEDB81C2C0205DE6908955A5E190FD2EE1469F8C966B040593120B7205EF41A ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
10:54:00.0359 0x0bfc  IntcAzAudAddService - ok
10:54:00.0375 0x0bfc  IntelIde - ok
10:54:00.0375 0x0bfc  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
10:54:00.0375 0x0bfc  intelppm - ok
10:54:00.0390 0x0bfc  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
10:54:00.0390 0x0bfc  Ip6Fw - ok
10:54:00.0406 0x0bfc  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
10:54:00.0406 0x0bfc  IpFilterDriver - ok
10:54:00.0421 0x0bfc  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
10:54:00.0421 0x0bfc  IpInIp - ok
10:54:00.0437 0x0bfc  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
10:54:00.0437 0x0bfc  IpNat - ok
10:54:00.0468 0x0bfc  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
10:54:00.0468 0x0bfc  IPSec - ok
10:54:00.0500 0x0bfc  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
10:54:00.0500 0x0bfc  IRENUM - ok
10:54:00.0531 0x0bfc  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
10:54:00.0531 0x0bfc  isapnp - ok
10:54:00.0625 0x0bfc  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
10:54:00.0640 0x0bfc  JavaQuickStarterService - ok
10:54:00.0640 0x0bfc  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
10:54:00.0640 0x0bfc  Kbdclass - ok
10:54:00.0640 0x0bfc  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
10:54:00.0640 0x0bfc  kbdhid - ok
10:54:00.0656 0x0bfc  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
10:54:00.0671 0x0bfc  kmixer - ok
10:54:00.0671 0x0bfc  [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
10:54:00.0671 0x0bfc  KSecDD - ok
10:54:00.0687 0x0bfc  [ F385F4B02C535BFFE1D70CAB80838123, A1695E161673BCB77CE150C2D98A07FCB454C53F10EEBECD754D2CC40DEAA1E0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
10:54:00.0703 0x0bfc  LanmanServer - ok
10:54:00.0718 0x0bfc  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6, 48A6DB1EC7515F0DDD0639AEE3056F32C273B4D541F3647915A32ABA140DA34A ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
10:54:00.0718 0x0bfc  lanmanworkstation - ok
10:54:00.0718 0x0bfc  lbrtfdc - ok
10:54:00.0734 0x0bfc  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
10:54:00.0734 0x0bfc  LmHosts - ok
10:54:00.0765 0x0bfc  [ 0C6EA0109CFEDF441F06D031E9A8D1A9, 61C18F1DD1DC5719252564A60F9E0CBD0AD275C065C5B95F330921C582EA532F ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
10:54:00.0765 0x0bfc  MBAMProtector - ok
10:54:00.0843 0x0bfc  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
10:54:00.0906 0x0bfc  MBAMScheduler - ok
10:54:00.0953 0x0bfc  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
10:54:00.0968 0x0bfc  MBAMService - ok
10:54:01.0000 0x0bfc  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
10:54:01.0000 0x0bfc  Messenger - ok
10:54:01.0000 0x0bfc  [ 9FF6AF74EE8A9A9605359D8C861B78E1, FDDEA286333414049BB30172EE859B187A70089980F94F3C52922242459EE7B1 ] mhk             C:\WINDOWS\system32\drivers\mhk.sys
10:54:01.0000 0x0bfc  mhk - ok
10:54:01.0046 0x0bfc  Microsoft SharePoint Workspace Audit Service - ok
10:54:01.0062 0x0bfc  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
10:54:01.0062 0x0bfc  mnmdd - ok
10:54:01.0078 0x0bfc  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
10:54:01.0078 0x0bfc  mnmsrvc - ok
10:54:01.0093 0x0bfc  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
10:54:01.0093 0x0bfc  Modem - ok
10:54:01.0109 0x0bfc  [ 101A75711D6134FA88822037B69390AD, E4344F8E19EBC8C9D3F68690604A598034CC91C2F23AB08A0213786298D96F11 ] moh             C:\WINDOWS\system32\drivers\moh.sys
10:54:01.0109 0x0bfc  moh - ok
10:54:01.0109 0x0bfc  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
10:54:01.0109 0x0bfc  Mouclass - ok
10:54:01.0109 0x0bfc  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
10:54:01.0109 0x0bfc  mouhid - ok
10:54:01.0125 0x0bfc  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
10:54:01.0125 0x0bfc  MountMgr - ok
10:54:01.0156 0x0bfc  [ 8A7C8F4C713E70D73946833D76B77035, 75D07F56B8F7D50E85F6576427E8DAA3A27384F53AC31753B6213CBD011C1DEF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:54:01.0156 0x0bfc  MozillaMaintenance - ok
10:54:01.0171 0x0bfc  [ C0F8E0C2C3C0437CF37C6781896DC3EC, 12196EF5A94BD011B5D578E755B51424E3238437A028CC1EDFB53138C00D3339 ] MPE             C:\WINDOWS\system32\DRIVERS\MPE.sys
10:54:01.0171 0x0bfc  MPE - ok
10:54:01.0187 0x0bfc  mraid35x - ok
10:54:01.0203 0x0bfc  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
10:54:01.0218 0x0bfc  MRxDAV - ok
10:54:01.0234 0x0bfc  [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
10:54:01.0250 0x0bfc  MRxSmb - ok
10:54:01.0281 0x0bfc  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
10:54:01.0281 0x0bfc  MSDTC - ok
10:54:01.0296 0x0bfc  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
10:54:01.0296 0x0bfc  Msfs - ok
10:54:01.0296 0x0bfc  MSIServer - ok
10:54:01.0328 0x0bfc  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
10:54:01.0328 0x0bfc  MSKSSRV - ok
10:54:01.0328 0x0bfc  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
10:54:01.0343 0x0bfc  MSPCLOCK - ok
10:54:01.0343 0x0bfc  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
10:54:01.0343 0x0bfc  MSPQM - ok
10:54:01.0343 0x0bfc  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
10:54:01.0359 0x0bfc  mssmbios - ok
10:54:01.0375 0x0bfc  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
10:54:01.0375 0x0bfc  MSTEE - ok
10:54:01.0390 0x0bfc  [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
10:54:01.0390 0x0bfc  Mup - ok
10:54:01.0406 0x0bfc  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
10:54:01.0406 0x0bfc  NABTSFEC - ok
10:54:01.0421 0x0bfc  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
10:54:01.0437 0x0bfc  napagent - ok
10:54:01.0453 0x0bfc  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
10:54:01.0453 0x0bfc  NDIS - ok
10:54:01.0468 0x0bfc  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
10:54:01.0484 0x0bfc  NdisIP - ok
10:54:01.0484 0x0bfc  [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
10:54:01.0484 0x0bfc  NdisTapi - ok
10:54:01.0500 0x0bfc  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
10:54:01.0500 0x0bfc  Ndisuio - ok
10:54:01.0500 0x0bfc  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
10:54:01.0515 0x0bfc  NdisWan - ok
10:54:01.0515 0x0bfc  [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
10:54:01.0515 0x0bfc  NDProxy - ok
10:54:01.0515 0x0bfc  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
10:54:01.0531 0x0bfc  NetBIOS - ok
10:54:01.0562 0x0bfc  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
10:54:01.0562 0x0bfc  NetBT - ok
10:54:01.0593 0x0bfc  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
10:54:01.0593 0x0bfc  NetDDE - ok
10:54:01.0593 0x0bfc  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
10:54:01.0593 0x0bfc  NetDDEdsdm - ok
10:54:01.0625 0x0bfc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
10:54:01.0625 0x0bfc  Netlogon - ok
10:54:01.0640 0x0bfc  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
10:54:01.0656 0x0bfc  Netman - ok
10:54:01.0687 0x0bfc  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:54:01.0687 0x0bfc  NetTcpPortSharing - ok
10:54:01.0718 0x0bfc  [ B4138E99236F0F57D4CF49BAE98A0746, DDEAE046C1165C41F06933E808B143118208B02BB83FA80BEF8F550D4DC78149 ] Nla             C:\WINDOWS\System32\mswsock.dll
10:54:01.0734 0x0bfc  Nla - ok
10:54:01.0734 0x0bfc  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
10:54:01.0734 0x0bfc  Npfs - ok
10:54:01.0750 0x0bfc  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
10:54:01.0765 0x0bfc  Ntfs - ok
10:54:01.0781 0x0bfc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
10:54:01.0781 0x0bfc  NtLmSsp - ok
10:54:01.0812 0x0bfc  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
10:54:01.0828 0x0bfc  NtmsSvc - ok
10:54:01.0828 0x0bfc  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
10:54:01.0828 0x0bfc  Null - ok
10:54:02.0203 0x0bfc  [ 1EF4DFB25DA483913FD110F68CE7FFFA, D5B2F7C2EE4ABA0E914C783BDADCB0B7759BA4CE4E4C025A336EF81F6FAB95AF ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
10:54:02.0531 0x0bfc  nv - ok
10:54:02.0609 0x0bfc  [ ECFABE2E13917C84A49026B2617E118F, 1233A49ADD8D8ECFEEE1AAC937F4C248BEA6498C257FC7F1BB947E483122A341 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda32.sys
10:54:02.0625 0x0bfc  NVHDA - ok
10:54:02.0671 0x0bfc  [ DEE6C4206716AD2605F5EF1A31D14270, 0C03AD8E8B2D0FF5CA28F425B590126664336E1FA99002FD715D07F12142CCD1 ] nvsvc           C:\WINDOWS\system32\nvsvc32.exe
10:54:02.0671 0x0bfc  nvsvc - ok
10:54:02.0703 0x0bfc  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
10:54:02.0703 0x0bfc  NwlnkFlt - ok
10:54:02.0718 0x0bfc  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
10:54:02.0718 0x0bfc  NwlnkFwd - ok
10:54:02.0765 0x0bfc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:54:02.0765 0x0bfc  ose - ok
10:54:02.0968 0x0bfc  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:54:03.0125 0x0bfc  osppsvc - ok
10:54:03.0156 0x0bfc  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
10:54:03.0156 0x0bfc  Parport - ok
10:54:03.0156 0x0bfc  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
10:54:03.0156 0x0bfc  PartMgr - ok
10:54:03.0187 0x0bfc  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
10:54:03.0187 0x0bfc  ParVdm - ok
10:54:03.0203 0x0bfc  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
10:54:03.0203 0x0bfc  PCI - ok
10:54:03.0203 0x0bfc  PCIDump - ok
10:54:03.0218 0x0bfc  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
10:54:03.0218 0x0bfc  PCIIde - ok
10:54:03.0234 0x0bfc  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
10:54:03.0234 0x0bfc  Pcmcia - ok
10:54:03.0250 0x0bfc  PDCOMP - ok
10:54:03.0250 0x0bfc  PDFRAME - ok
10:54:03.0250 0x0bfc  PDRELI - ok
10:54:03.0250 0x0bfc  PDRFRAME - ok
10:54:03.0265 0x0bfc  perc2 - ok
10:54:03.0265 0x0bfc  perc2hib - ok
10:54:03.0296 0x0bfc  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] PlugPlay        C:\WINDOWS\system32\services.exe
10:54:03.0296 0x0bfc  PlugPlay - ok
10:54:03.0296 0x0bfc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
10:54:03.0312 0x0bfc  PolicyAgent - ok
10:54:03.0343 0x0bfc  [ 89045B00BD36CFE3910E3CB6762C2DB0, D0673E8F06EEF2198C230D786E6937FE6BF887FDA3120F99066191C2C32D43F1 ] PPJoyBus        C:\WINDOWS\system32\drivers\PPJoyBus.sys
10:54:03.0343 0x0bfc  PPJoyBus - ok
10:54:03.0343 0x0bfc  [ F1228587245AD1DB17F918D518D85BC1, CAFF3FD41F47DA4DF01ABECCF6E0D70D667390326FEA6FBD034CEDAF4EF9BEAA ] PPortJoystick   C:\WINDOWS\system32\drivers\PPortJoy.sys
10:54:03.0343 0x0bfc  PPortJoystick - ok
10:54:03.0375 0x0bfc  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
10:54:03.0375 0x0bfc  PptpMiniport - ok
10:54:03.0390 0x0bfc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
10:54:03.0390 0x0bfc  ProtectedStorage - ok
10:54:03.0390 0x0bfc  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
10:54:03.0390 0x0bfc  PSched - ok
10:54:03.0406 0x0bfc  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
10:54:03.0406 0x0bfc  Ptilink - ok
10:54:03.0421 0x0bfc  [ 49452BFCEC22F36A7A9B9C2181BC3042, C01A2005E9897B142FF9BC6155770F70C19725C425E48D14239195E81E2E42D0 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
10:54:03.0421 0x0bfc  PxHelp20 - ok
10:54:03.0421 0x0bfc  ql1080 - ok
10:54:03.0437 0x0bfc  Ql10wnt - ok
10:54:03.0437 0x0bfc  ql12160 - ok
10:54:03.0437 0x0bfc  ql1240 - ok
10:54:03.0437 0x0bfc  ql1280 - ok
10:54:03.0468 0x0bfc  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
10:54:03.0468 0x0bfc  RasAcd - ok
10:54:03.0500 0x0bfc  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
10:54:03.0500 0x0bfc  RasAuto - ok
10:54:03.0531 0x0bfc  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
10:54:03.0531 0x0bfc  Rasl2tp - ok
10:54:03.0562 0x0bfc  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
10:54:03.0562 0x0bfc  RasMan - ok
10:54:03.0562 0x0bfc  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
10:54:03.0562 0x0bfc  RasPppoe - ok
10:54:03.0578 0x0bfc  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
10:54:03.0578 0x0bfc  Raspti - ok
10:54:03.0593 0x0bfc  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
10:54:03.0593 0x0bfc  Rdbss - ok
10:54:03.0593 0x0bfc  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
10:54:03.0593 0x0bfc  RDPCDD - ok
10:54:03.0625 0x0bfc  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
10:54:03.0625 0x0bfc  rdpdr - ok
10:54:03.0671 0x0bfc  [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
10:54:03.0671 0x0bfc  RDPWD - ok
10:54:03.0687 0x0bfc  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
10:54:03.0703 0x0bfc  RDSessMgr - ok
10:54:03.0718 0x0bfc  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
10:54:03.0718 0x0bfc  redbook - ok
10:54:03.0765 0x0bfc  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
10:54:03.0765 0x0bfc  RemoteAccess - ok
10:54:03.0796 0x0bfc  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
10:54:03.0796 0x0bfc  RemoteRegistry - ok
10:54:03.0828 0x0bfc  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
10:54:03.0828 0x0bfc  RpcLocator - ok
10:54:03.0875 0x0bfc  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
10:54:03.0875 0x0bfc  RpcSs - ok
10:54:03.0921 0x0bfc  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
10:54:03.0921 0x0bfc  RSVP - ok
10:54:03.0937 0x0bfc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
10:54:03.0937 0x0bfc  SamSs - ok
10:54:03.0953 0x0bfc  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
10:54:03.0953 0x0bfc  SCardSvr - ok
10:54:04.0000 0x0bfc  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
10:54:04.0000 0x0bfc  Schedule - ok
10:54:04.0031 0x0bfc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
10:54:04.0031 0x0bfc  Secdrv - ok
10:54:04.0062 0x0bfc  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
10:54:04.0062 0x0bfc  seclogon - ok
10:54:04.0093 0x0bfc  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
10:54:04.0093 0x0bfc  SENS - ok
10:54:04.0125 0x0bfc  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
10:54:04.0125 0x0bfc  serenum - ok
10:54:04.0125 0x0bfc  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
10:54:04.0125 0x0bfc  Serial - ok
10:54:04.0156 0x0bfc  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
10:54:04.0156 0x0bfc  Sfloppy - ok
10:54:04.0187 0x0bfc  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
10:54:04.0187 0x0bfc  SharedAccess - ok
10:54:04.0203 0x0bfc  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
10:54:04.0203 0x0bfc  ShellHWDetection - ok
10:54:04.0218 0x0bfc  Simbad - ok
10:54:04.0218 0x0bfc  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
10:54:04.0218 0x0bfc  SLIP - ok
10:54:04.0218 0x0bfc  Sparrow - ok
10:54:04.0281 0x0bfc  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
10:54:04.0281 0x0bfc  splitter - ok
10:54:04.0281 0x0bfc  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B, 130D686A220AF97EBF33DD481B79990F259B4EE38DD95A35CD3D0F0517790FF0 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
10:54:04.0296 0x0bfc  Spooler - ok
10:54:04.0312 0x0bfc  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
10:54:04.0312 0x0bfc  sr - ok
10:54:04.0343 0x0bfc  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
10:54:04.0343 0x0bfc  srservice - ok
10:54:04.0375 0x0bfc  [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
10:54:04.0375 0x0bfc  Srv - ok
10:54:04.0406 0x0bfc  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
10:54:04.0421 0x0bfc  SSDPSRV - ok
10:54:04.0453 0x0bfc  [ 8F299012EF58246F1C98DE7B7E48DBF0, 4F559DBC0A87ABDFFFD92A7DCAB6F8CFCAAE0C83DD5779FC46BE0F53C19A034A ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
10:54:04.0453 0x0bfc  ssudmdm - ok
10:54:04.0484 0x0bfc  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
10:54:04.0500 0x0bfc  stisvc - ok
10:54:04.0531 0x0bfc  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
10:54:04.0531 0x0bfc  streamip - ok
10:54:04.0562 0x0bfc  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
10:54:04.0562 0x0bfc  swenum - ok
10:54:04.0640 0x0bfc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
10:54:04.0656 0x0bfc  SwitchBoard - ok
10:54:04.0703 0x0bfc  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
10:54:04.0718 0x0bfc  swmidi - ok
10:54:04.0750 0x0bfc  SwOffScheduler - ok
10:54:04.0750 0x0bfc  SwOffWeb - ok
10:54:04.0765 0x0bfc  SwPrv - ok
10:54:04.0765 0x0bfc  symc810 - ok
10:54:04.0765 0x0bfc  symc8xx - ok
10:54:04.0765 0x0bfc  sym_hi - ok
10:54:04.0781 0x0bfc  sym_u3 - ok
10:54:04.0812 0x0bfc  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
10:54:04.0812 0x0bfc  sysaudio - ok
10:54:04.0859 0x0bfc  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
10:54:04.0875 0x0bfc  SysmonLog - ok
10:54:04.0890 0x0bfc  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
10:54:04.0890 0x0bfc  TapiSrv - ok
10:54:04.0921 0x0bfc  [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
10:54:04.0937 0x0bfc  Tcpip - ok
10:54:04.0968 0x0bfc  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
10:54:04.0968 0x0bfc  TDPIPE - ok
10:54:04.0984 0x0bfc  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
10:54:04.0984 0x0bfc  TDTCP - ok
10:54:05.0203 0x0bfc  [ 97F6FFB8A305A77D25C6C0E07B71D252, 97C5FC73A250FC2016E29148A6A37E54BD74AE983D99AAF4890C059719C93EC2 ] TeamViewer9     C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
10:54:05.0390 0x0bfc  TeamViewer9 - ok
10:54:05.0437 0x0bfc  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
10:54:05.0437 0x0bfc  TermDD - ok
10:54:05.0500 0x0bfc  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
10:54:05.0500 0x0bfc  TermService - ok
10:54:05.0515 0x0bfc  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] Themes          C:\WINDOWS\System32\shsvcs.dll
10:54:05.0515 0x0bfc  Themes - ok
10:54:05.0531 0x0bfc  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
10:54:05.0546 0x0bfc  TlntSvr - ok
10:54:05.0546 0x0bfc  TosIde - ok
10:54:05.0562 0x0bfc  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
10:54:05.0578 0x0bfc  TrkWks - ok
10:54:05.0593 0x0bfc  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
10:54:05.0593 0x0bfc  Udfs - ok
10:54:05.0609 0x0bfc  ultra - ok
10:54:05.0656 0x0bfc  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
10:54:05.0671 0x0bfc  Update - ok
10:54:05.0687 0x0bfc  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
10:54:05.0703 0x0bfc  upnphost - ok
10:54:05.0703 0x0bfc  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
10:54:05.0718 0x0bfc  UPS - ok
10:54:05.0734 0x0bfc  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
10:54:05.0734 0x0bfc  USBAAPL - ok
10:54:05.0765 0x0bfc  [ E919708DB44ED8543A7C017953148330, 226D032912D396117213FC29CD0BB5A8B2F872DD91D92F254F2F1FE392481B61 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
10:54:05.0781 0x0bfc  usbaudio - ok
10:54:05.0781 0x0bfc  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
10:54:05.0781 0x0bfc  usbccgp - ok
10:54:05.0828 0x0bfc  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
10:54:05.0828 0x0bfc  usbehci - ok
10:54:05.0859 0x0bfc  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
10:54:05.0859 0x0bfc  usbhub - ok
10:54:05.0875 0x0bfc  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
10:54:05.0875 0x0bfc  usbprint - ok
10:54:05.0890 0x0bfc  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
10:54:05.0890 0x0bfc  usbscan - ok
10:54:05.0906 0x0bfc  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
10:54:05.0906 0x0bfc  USBSTOR - ok
10:54:05.0921 0x0bfc  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
10:54:05.0921 0x0bfc  usbuhci - ok
10:54:05.0953 0x0bfc  [ 63BBFCA7F390F4C49ED4B96BFB1633E0, AEB89CF43376709CDD715D844E8CBB8F2BE24D39795F45F7C84F21962F3A52AB ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
10:54:05.0953 0x0bfc  usbvideo - ok
10:54:05.0968 0x0bfc  [ A1989B6F174AD6EE1C3DE55CB942C91F, 7A720C9B3D57FAF4A7C097ADDED04DD9BD85AE2D2335B1F7E0AE7B0D6CF4C8FB ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
10:54:05.0968 0x0bfc  VBoxNetAdp - ok
10:54:05.0968 0x0bfc  VBoxNetFlt - ok
10:54:06.0000 0x0bfc  [ 54FAB41D4F2FF7B27BDAFAB5507F1E93, F608D874086B2B1FE4AFDABAC664A2FD98CE64BC898836C3216387819E6B5B74 ] VBoxUSB         C:\WINDOWS\system32\Drivers\VBoxUSB.sys
10:54:06.0000 0x0bfc  VBoxUSB - ok
10:54:06.0000 0x0bfc  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
10:54:06.0000 0x0bfc  VgaSave - ok
10:54:06.0015 0x0bfc  ViaIde - ok
10:54:06.0015 0x0bfc  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
10:54:06.0015 0x0bfc  VolSnap - ok
10:54:06.0046 0x0bfc  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
10:54:06.0062 0x0bfc  VSS - ok
10:54:06.0078 0x0bfc  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
10:54:06.0093 0x0bfc  W32Time - ok
10:54:06.0093 0x0bfc  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
10:54:06.0093 0x0bfc  Wanarp - ok
10:54:06.0140 0x0bfc  [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
10:54:06.0156 0x0bfc  Wdf01000 - ok
10:54:06.0171 0x0bfc  WDICA - ok
10:54:06.0187 0x0bfc  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
10:54:06.0203 0x0bfc  wdmaud - ok
10:54:06.0250 0x0bfc  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
10:54:06.0250 0x0bfc  WebClient - ok
10:54:06.0343 0x0bfc  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
10:54:06.0359 0x0bfc  winmgmt - ok
10:54:06.0390 0x0bfc  [ FD600B032E741EB6AAB509FC630F7C42, 2AF671D0648A5C2D2C4A7D0FDE803F07CC079CF1FA4E237DB912A8C77D9EC1F6 ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
10:54:06.0390 0x0bfc  WinUSB - ok
10:54:06.0437 0x0bfc  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
10:54:06.0437 0x0bfc  WmdmPmSN - ok
10:54:06.0484 0x0bfc  [ BAB489A5FE26F2D0C910CF7AF7E4CF92, 700325258CA7A2BC2D7AA6E3176194D21229BEA76EA37BEAE117BBF87CE4ECD4 ] Wmi             C:\WINDOWS\System32\advapi32.dll
10:54:06.0500 0x0bfc  Wmi - ok
10:54:06.0546 0x0bfc  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
10:54:06.0546 0x0bfc  WmiAcpi - ok
10:54:06.0562 0x0bfc  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
10:54:06.0578 0x0bfc  WmiApSrv - ok
10:54:06.0593 0x0bfc  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
10:54:06.0593 0x0bfc  WpdUsb - ok
10:54:06.0640 0x0bfc  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:54:06.0671 0x0bfc  WPFFontCache_v0400 - ok
10:54:06.0687 0x0bfc  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
10:54:06.0687 0x0bfc  wscsvc - ok
10:54:06.0703 0x0bfc  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
10:54:06.0703 0x0bfc  WSTCODEC - ok
10:54:06.0734 0x0bfc  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
10:54:06.0750 0x0bfc  wuauserv - ok
10:54:06.0750 0x0bfc  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
10:54:06.0750 0x0bfc  WudfPf - ok
10:54:06.0765 0x0bfc  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
10:54:06.0765 0x0bfc  WudfRd - ok
10:54:06.0781 0x0bfc  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
10:54:06.0812 0x0bfc  WudfSvc - ok
10:54:06.0890 0x0bfc  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
10:54:06.0890 0x0bfc  WZCSVC - ok
10:54:06.0937 0x0bfc  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
10:54:06.0937 0x0bfc  xmlprov - ok
10:54:06.0953 0x0bfc  ================ Scan global ===============================
10:54:06.0984 0x0bfc  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
10:54:07.0078 0x0bfc  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
10:54:07.0093 0x0bfc  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
10:54:07.0125 0x0bfc  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] C:\WINDOWS\system32\services.exe
10:54:07.0125 0x0bfc  [ Global ] - ok
10:54:07.0125 0x0bfc  ================ Scan MBR ==================================
10:54:07.0156 0x0bfc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
10:54:07.0265 0x0bfc  \Device\Harddisk0\DR0 - ok
10:54:07.0265 0x0bfc  ================ Scan VBR ==================================
10:54:07.0265 0x0bfc  [ 6423AB1E07C569102A0C24157A5A7CF1 ] \Device\Harddisk0\DR0\Partition1
10:54:07.0312 0x0bfc  \Device\Harddisk0\DR0\Partition1 - ok
10:54:07.0312 0x0bfc  Waiting for KSN requests completion. In queue: 192
10:54:08.0312 0x0bfc  Waiting for KSN requests completion. In queue: 192
10:54:09.0312 0x0bfc  Waiting for KSN requests completion. In queue: 192
10:54:10.0359 0x0bfc  AV detected via SS1: AVG AntiVirus 2014, 2014.0, disabled, updated
10:54:10.0359 0x0bfc  Win FW state via NFM: enabled
10:54:13.0015 0x0bfc  ============================================================
10:54:13.0015 0x0bfc  Scan finished
10:54:13.0015 0x0bfc  ============================================================
10:54:13.0015 0x0b4c  Detected object count: 0
10:54:13.0015 0x0b4c  Actual detected object count: 0
 
 
 
# AdwCleaner v3.210 - Report created 21/05/2014 at 10:58:47
# Updated 19/05/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Franzo - BLESS1
# Running from : C:\Utils\Bleeping Computer\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Documents and Settings\All Users\Application Data\FreeRIP
Folder Deleted : C:\Program Files\kuaiyong
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Documents and Settings\Franzo\Local Settings\Application Data\genienext
Folder Deleted : C:\Documents and Settings\Franzo\Local Settings\Application Data\Mobogenie
Folder Deleted : C:\Documents and Settings\Franzo\Application Data\kuaiyong
File Deleted : C:\Documents and Settings\Franzo\daemonprocess.txt
File Deleted : C:\Documents and Settings\Franzo\Application Data\Mozilla\Firefox\Profiles\qjnl915d.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Key Deleted : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\NPVR\NextPVR.exe]
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKLM\Software\PIP
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Mozilla Firefox v19.0.2 (en-US)
 
[ File : C:\Documents and Settings\Franzo\Application Data\Mozilla\Firefox\Profiles\qjnl915d.default\prefs.js ]
 
 
-\\ Google Chrome v
 
[ File : C:\Documents and Settings\Franzo\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [3164 octets] - [21/05/2014 10:56:51]
AdwCleaner[S0].txt - [3145 octets] - [21/05/2014 10:58:47]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3205 octets] ##########
 

 

 

 

C:\AdwCleaner\Quarantine\C\Documents and Settings\Franzo\Local Settings\Application Data\Mobogenie\Version\CacheVersion\Mobogenie2.1.36.zip.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files\Mobogenie\DaemonProcess.exe.vir a variant of Win32/Mobogenie.A potentially unwanted application deleted - quarantined
C:\Download\Logo.Design.Studio.Pro.Vector.Edition.v1.5.Incl.Serial\Logo.Design.Studio.Pro.Vector.Edition.v1.5.Incl.Serial.rar Win32/InstallMonetizer.AH potentially unwanted application deleted - quarantined
C:\Download\Logo.Design.Studio.Pro.Vector.Edition.v1.5.Incl.Serial\logo\Autoplay\Docs\setup-LDSV.exe Win32/InstallMonetizer.AH potentially unwanted application deleted - quarantined
C:\Download\Logo.Design.Studio.Pro.Vector.Edition.v1.5.Incl.Serial\logo\Autoplay\Docs\setup_1.exe Win32/InstallMonetizer.AH potentially unwanted application deleted - quarantined
C:\Download\PhoenicRCflightsimulator4\PhoenicRCflightsimulator4.iso Win32/Injector.AQDF trojan deleted - quarantined
C:\RECYCLER\S-1-5-21-343818398-308236825-1177238915-1003\Dc21.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\RECYCLER\S-1-5-21-343818398-308236825-1177238915-1003\Dc14\Blueiris\Blue.Iris.v2.49.10.Incl.Keymaker-CORE.rar a variant of Win32/Keygen.AU potentially unsafe application deleted - quarantined
C:\SharedVM\WEBCAM\Blueiris\Blue.Iris.v2.49.10.Incl.Keymaker-CORE.rar a variant of Win32/Keygen.AU potentially unsafe application deleted - quarantined
C:\Utils\SAMSUNG\kernel\CF-Root-SGN_XX_XEN_KJ4-v5.0-CWM5.rar Android/Exploit.Lotoor.AS trojan deleted - quarantined


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:45 PM

Posted 21 May 2014 - 10:19 AM

Hi, Looks like you are getting infected from keygens

This tool generates software keys.

Malware is often installed along with this tool. Microsoft security software finds malware on more than half of the PCs where we detect this tool.

You can read more about Win32/Keygen in Volume 13 of the Security Intelligence Report.
http://www.microsoft.com/security/portal/threat/encyclopedia/Entry.aspx?Name=HackTool:Win32/Keygen


We should also run this now..

Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
    • Close all programs and disconnect any USB or external drives before running the tool.
    • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
    • Once the Prescan has finished, click Scan.
    • Once the Status box shows "Scan Finished", click the Delete button.
    • Copy and paste the report that opens into your next reply.
      • The log can also be found on your desktop labeled (RKreport[X]_D_xxdatexx_xtimex)
      • The highest number of [X], is the most recent Delete

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 whitez

whitez
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 21 May 2014 - 07:20 PM

Hi again,

Still no improvement. Cheers

 

 

 

RogueKiller V8.8.15 [Mar 27 2014] by Adlice Software
 
Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Franzo [Admin rights]
Mode : Remove -- Date : 05/22/2014 10:08:49
| ARK || FAK || MBR |
 
¤¤¤ Bad processes : 0 ¤¤¤
 
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ SECU][PUM] HKLM\[...]\Security Center : UpdatesDisableNotify (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
 
¤¤¤ Scheduled tasks : 0 ¤¤¤
 
¤¤¤ Startup Entries : 0 ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ Browser Addons : 0 ¤¤¤
 
¤¤¤ Particular Files / Folders: ¤¤¤
 
¤¤¤ Driver : [LOADED] ¤¤¤
 
¤¤¤ External Hives: ¤¤¤
 
¤¤¤ Infection :  ¤¤¤
 
¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts
 
 
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
127.0.0.1                               adobeereg.com                        
127.0.0.1                               www.adobeereg.com                    
127.0.0.1                               wwis-dubc1-vip60.adobe.com           
127.0.0.1                               125.252.224.90                       
[...]
 
 
¤¤¤ MBR Check: ¤¤¤
 
+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST31000528AS +++++
--- User ---
[MBR] 5caa062cefc72966fa3d10c59183772c
[BSP] 57e59293cac99cdc105f62c821e3d225 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 953859 MB
User = LL1 ... OK!
User = LL2 ... OK!
 
Finished : << RKreport[0]_D_05222014_100849.txt >>
RKreport[0]_S_05222014_100650.txt


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:45 PM

Posted 21 May 2014 - 07:44 PM

Something ugly must have got in too deep. We need to get a deeper look. Please follow this Preparation Guide, do steps 6,7 and 8 and post in a new topic.
Let me know if all went well.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 whitez

whitez
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:08:45 PM

Posted 26 May 2014 - 06:42 AM

OK thanks, will be posting the results soon.

Cheers



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,072 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:45 PM

Posted 27 May 2014 - 11:46 AM

New Topic
http://www.bleepingcomputer.com/forums/t/535558/windows-xp-slow-loading/#entry3378616

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 5 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users