Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

slippery trackers


  • This topic is locked This topic is locked
5 replies to this topic

#1 reuch

reuch

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 06 September 2014 - 10:24 PM

So , about 9 months ago , i started to encounter a slow down in my pc performance , so many lags in my online gaming , then unlikely , the pop ads windows rain my desktop , regardless of the add blocker extensions in my browser ( Mozilla ) or the internet security i have ( BDF TS ) , then some sites start to be blocked , and i can only browse them from VPN stuff ( hide my as.s - Anonymo X browser extension - Tor browser , etc )  , then One Day i opened my mozilla to get a connection disconnection page !!! little did i know at this time , encountering this for the time in my life , so a safe mode was my first alternative choice , and the next thing i knew  i really could connect to my internet in the safe mode !!

later after googling i know it was malware , i headed for a bunch of real-time & On-demand antivirus softwares , but the trend seems the same in most of them , when the software is freshly installed it is like Mr.Muscle catching some crap after the scan , but after 1 or 2 formats , it is a full time wasted drunk safety inspector , confirming that ur system is as clean as junky slu* -_-

when this all started , i just had the BDF TS , so the first scan showed a bunch of PUP , a small cocktail of trojan generic ( about 4 types ) , then on second time scan it showed nothing , at the same time my internet was out of service in the normal mode !!! so for the first time i tried the mbam and after first scan in the safe mode , my internet was reachable again in normal mode , but still though the blocked sites and the spam of pop up ads didnt stop !  

so as usual the dumb easy solution i always run to , is formatting my system drive , installing fresh copy of windows , which really worked in the first time , but after a couple of days , the sites block , pop ads spam , the high ping  and gaming lag are back again , and 2 days later the internet was off again ! a  mbam scan in the safe mode showed nothing this time !!
a couple of tardy formats later , i went back to a cave age win xp version ( my current state ) , which also showed  no change , but the new crap was that the KIS and mbam both went crazy , notifying me that they both database are out of date , regardless of how many times i update them , nothing gives -_- , just also for informing you , my dvd is broken , so in order to format each time , i format my system drive using a CD win xp , then i install win 7 from a  copy on my hard disk , which means the source of my win 7 is jammed among the all that crap

later i  installed a party of on-demand scan software on my pc , and where rouge killer caught about 4  tracker cookies , the hitman pro caught a lot of tracker cookies , eset on demand caught 33 infection ( pup included )where a variant of packed trojan AAA , ABD were identified Whilst the other softwares  caught nothing ! but all logs are included

Well , after a 10 month struggle , the thing that is killing me mostly is the sites blockage , which i believe the damn ****** tracker cookies are the cause for that ! i dont know if u can help after all that , but i am desperate to the max , i dont care for  watever happens next , if u can stop the site block , then u will be my guardian angles !using proxies , VPN is a straight way suicidal , i cant open a lot sites , especially the streaming ones , on some sites i got streaming error message like " this video is not available now " , or " streaming server error " , on other sites the videos work normally , but the related videos thumbnails are broken ! all the videos thumbnails on these sites are broken !  ONCE I HIDE MY IP ALL THIS IS GONE !

if u can nominate a non-provocative blind real-time internet security software , even before all this started , the BDF TS went crazy  blocking most of my apps , regardless of the exception i make in its firewall , and i finally i had to remove it , and when i substituted it with the KIS , things went worse -_-

 

All i want is help to surf the internet without hidden identity , without being blocked !
 

p.s i couldnt modify attached files , so i added the dds , attach TXTs in the final reply

Attached Files


Edited by reuch, 06 September 2014 - 11:14 PM.


BC AdBot (Login to Remove)

 


#2 reuch

reuch
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 06 September 2014 - 10:26 PM

more logs

Attached Files



#3 reuch

reuch
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 06 September 2014 - 10:27 PM

17:35:57.0218 0x0574  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
17:36:02.0625 0x0574  ============================================================
17:36:02.0625 0x0574  Current date / time: 2014/09/05 17:36:02.0625
17:36:02.0625 0x0574  SystemInfo:
17:36:02.0625 0x0574  
17:36:02.0625 0x0574  OS Version: 5.1.2600 ServicePack: 3.0
17:36:02.0625 0x0574  Product type: Workstation
17:36:02.0625 0x0574  ComputerName: F
17:36:02.0625 0x0574  UserName: X
17:36:02.0625 0x0574  Windows directory: C:\WINDOWS
17:36:02.0625 0x0574  System windows directory: C:\WINDOWS
17:36:02.0625 0x0574  Processor architecture: Intel x86
17:36:02.0625 0x0574  Number of processors: 2
17:36:02.0625 0x0574  Page size: 0x1000
17:36:02.0625 0x0574  Boot type: Safe boot with network
17:36:02.0625 0x0574  ============================================================
17:36:10.0812 0x0574  KLMD registered as C:\WINDOWS\system32\drivers\60941915.sys
17:36:11.0000 0x0574  System UUID: {483521DE-22AD-A08E-A76E-097B228D6852}
17:36:11.0734 0x0574  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
17:36:11.0734 0x0574  ============================================================
17:36:11.0734 0x0574  \Device\Harddisk0\DR0:
17:36:11.0734 0x0574  MBR partitions:
17:36:11.0734 0x0574  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x636A9DA
17:36:11.0750 0x0574  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x636AA58, BlocksNum 0x636A9DA
17:36:11.0765 0x0574  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC6D5471, BlocksNum 0x126B9CA6
17:36:11.0781 0x0574  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x1ED8F156, BlocksNum 0x126B9CA6
17:36:11.0796 0x0574  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x31448E3B, BlocksNum 0x126B9CA6
17:36:11.0812 0x0574  \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0x43B02B20, BlocksNum 0x126B9CA6
17:36:11.0828 0x0574  \Device\Harddisk0\DR0\Partition7: MBR, Type 0x7, StartLBA 0x561BC805, BlocksNum 0x1E5452FB
17:36:11.0828 0x0574  ============================================================
17:36:11.0843 0x0574  D: <-> \Device\Harddisk0\DR0\Partition2
17:36:11.0875 0x0574  E: <-> \Device\Harddisk0\DR0\Partition3
17:36:11.0906 0x0574  F: <-> \Device\Harddisk0\DR0\Partition4
17:36:11.0921 0x0574  G: <-> \Device\Harddisk0\DR0\Partition5
17:36:11.0937 0x0574  H: <-> \Device\Harddisk0\DR0\Partition6
17:36:11.0984 0x0574  I: <-> \Device\Harddisk0\DR0\Partition7
17:36:12.0015 0x0574  C: <-> \Device\Harddisk0\DR0\Partition1
17:36:12.0015 0x0574  ============================================================
17:36:12.0015 0x0574  Initialize success
17:36:12.0015 0x0574  ============================================================
17:37:58.0515 0x05fc  ============================================================
17:37:58.0515 0x05fc  Scan started
17:37:58.0515 0x05fc  Mode: Manual; TDLFS;
17:37:58.0515 0x05fc  ============================================================
17:37:58.0515 0x05fc  KSN ping started
17:38:00.0437 0x05fc  KSN ping finished: true
17:38:02.0578 0x05fc  ================ Scan system memory ========================
17:38:02.0578 0x05fc  System memory - ok
17:38:02.0578 0x05fc  ================ Scan services =============================
17:38:03.0156 0x05fc  Abiosdsk - ok
17:38:03.0156 0x05fc  abp480n5 - ok
17:38:03.0171 0x05fc  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
17:38:03.0187 0x05fc  ACPI - ok
17:38:03.0359 0x05fc  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
17:38:03.0359 0x05fc  ACPIEC - ok
17:38:03.0406 0x05fc  [ F4BF3ADDDDC1AD372604F13C2B0C1F65, FA37ED5014336A72F778C485226B61BEFECEB861AB754862738795C167F0BAB7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:38:03.0406 0x05fc  AdobeFlashPlayerUpdateSvc - ok
17:38:03.0421 0x05fc  adpu160m - ok
17:38:03.0437 0x05fc  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
17:38:03.0453 0x05fc  aec - ok
17:38:03.0468 0x05fc  [ D6EE6014241D034E63C49A50CB2B442A, BBFB093F4881E18F2DA5F76DD34B8558DD9B8883408667678B72CF504BBD0E74 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
17:38:03.0468 0x05fc  AFD - ok
17:38:03.0468 0x05fc  Aha154x - ok
17:38:03.0468 0x05fc  aic78u2 - ok
17:38:03.0484 0x05fc  aic78xx - ok
17:38:03.0484 0x05fc  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
17:38:03.0484 0x05fc  Alerter - ok
17:38:03.0500 0x05fc  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
17:38:03.0500 0x05fc  ALG - ok
17:38:03.0500 0x05fc  AliIde - ok
17:38:03.0578 0x05fc  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
17:38:03.0640 0x05fc  Ambfilt - ok
17:38:03.0656 0x05fc  amsint - ok
17:38:03.0671 0x05fc  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
17:38:03.0687 0x05fc  AppMgmt - ok
17:38:03.0687 0x05fc  asc - ok
17:38:03.0687 0x05fc  asc3350p - ok
17:38:03.0687 0x05fc  asc3550 - ok
17:38:03.0875 0x05fc  [ D33C507942299753868204CC7642FA27, 4E7096D6F4B1176C4823540427219988AC9180E70954D3BF32A6C15ED1332670 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
17:38:03.0890 0x05fc  aspnet_state - ok
17:38:03.0906 0x05fc  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
17:38:03.0906 0x05fc  AsyncMac - ok
17:38:03.0921 0x05fc  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
17:38:03.0921 0x05fc  atapi - ok
17:38:03.0921 0x05fc  Atdisk - ok
17:38:04.0000 0x05fc  [ 7EEB8386F9AC3721EDAD9B21E5C2F2D4, 09A811AC15606A590A9F58331304EEDDC4E4A77E53FC9ACFB91A8E815A7F4E5D ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
17:38:04.0031 0x05fc  Ati HotKey Poller - ok
17:38:04.0437 0x05fc  [ 28F1B6CCD2E0A184DA7D9F266BFEB267, 13FD89048DEB57CBB24B96F7DAD0BE386F9E50870F0312CE7AFCEA852CCFAC94 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
17:38:04.0765 0x05fc  ati2mtag - ok
17:38:04.0812 0x05fc  [ F3C66593C93776A7614569137C74C724, 4D6F77D2A7EAF53738838879CDE037DA9C8CCA788386F1F45927FF02B454A417 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdXP3.sys
17:38:04.0828 0x05fc  AtiHDAudioService - ok
17:38:04.0828 0x05fc  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
17:38:04.0828 0x05fc  Atmarpc - ok
17:38:04.0843 0x05fc  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
17:38:04.0843 0x05fc  AudioSrv - ok
17:38:04.0859 0x05fc  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
17:38:04.0859 0x05fc  audstub - ok
17:38:04.0937 0x05fc  [ D83ADAF82A89289BB13A69F7B4F5757C, 3E1F065C07FE265D7E17D8086294A1055370C638E1EFA7E083F4BAB332EF7C22 ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
17:38:04.0984 0x05fc  avc3 - ok
17:38:05.0000 0x05fc  [ 7F9B99B564E7C9FBB6729ED95B5BBB24, 9231A8298C9FA74B725CA0FEDAB3611AADE90773C597D7834563C79617456E93 ] avchv           C:\WINDOWS\system32\DRIVERS\avchv.sys
17:38:05.0015 0x05fc  avchv - ok
17:38:05.0046 0x05fc  [ 247E94E2D40AC81EEE5F9D34748079F5, A8A5C74149597786E7CE40DCD77301933864398ED991D8F7D0C0B48B5D559679 ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
17:38:05.0078 0x05fc  avckf - ok
17:38:05.0265 0x05fc  [ 6BD44303A952FB97FC48D88088141E0F, FBE2ADB619B1EFC64A084F4652C658DFE8C34E6EB4E13A6F1C57084C01AF5BBA ] BdDesktopParental C:\Program Files\Bitdefender\Bitdefender 2015\bdparentalservice.exe
17:38:05.0281 0x05fc  BdDesktopParental - ok
17:38:05.0328 0x05fc  [ F7E74BB09DAC0A0E782AAD020B22103E, DAFDD00D01D06FD0D3173A0EB85A78D4DA35EBA860125CB789061A8FCB7F5517 ] Bdfndisf        C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf.sys
17:38:05.0343 0x05fc  Bdfndisf - ok
17:38:05.0375 0x05fc  [ FF16D4D2E353B97C82DAEC86C3930158, DB5B2531A745259FDC1B455729A306F30462769F33CCD17EFB148F1E4636E5DD ] bdftdif         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdftdif.sys
17:38:05.0375 0x05fc  bdftdif - ok
17:38:05.0390 0x05fc  [ A1777C97C2FEA21D7166752AA2CCCBE8, 8A3D336066A1C5A14933C8DA5E953E65C208FFB057B21C2A134048DD259780E4 ] BDSandBox       C:\WINDOWS\system32\drivers\bdsandbox.sys
17:38:05.0406 0x05fc  BDSandBox - ok
17:38:05.0437 0x05fc  [ 32A85CDD3D6A8381523CFA171BB6E44F, 2804FC82DDE31E3279FC3B69EF9F0854EBF349A46264CF8A7C7163CD58104020 ] bdselfpr        C:\Program Files\Bitdefender\Bitdefender 2015\bdselfpr.sys
17:38:05.0453 0x05fc  bdselfpr - ok
17:38:05.0484 0x05fc  [ B82A4AE7C1259411421D2389BD1AB058, 200049B96D327DF3A8A8BAF238C52B3711B79929A20DAB57B7B7B9FEF5BEBB73 ] BDVEDISK        C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
17:38:05.0484 0x05fc  BDVEDISK - ok
17:38:05.0500 0x05fc  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:38:05.0500 0x05fc  Beep - ok
17:38:05.0546 0x05fc  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
17:38:05.0640 0x05fc  BITS - ok
17:38:05.0671 0x05fc  [ A06CE3399D16DB864F55FAEB1F1927A9, 3430FA8552D91670D9FB0A921C735ADBE2DA7FF108C199DDEEF2FB2E50713AF3 ] Browser         C:\WINDOWS\System32\browser.dll
17:38:05.0671 0x05fc  Browser - ok
17:38:05.0687 0x05fc  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
17:38:05.0687 0x05fc  cbidf2k - ok
17:38:05.0687 0x05fc  cd20xrnt - ok
17:38:05.0687 0x05fc  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
17:38:05.0687 0x05fc  Cdaudio - ok
17:38:05.0718 0x05fc  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
17:38:05.0718 0x05fc  Cdfs - ok
17:38:05.0718 0x05fc  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
17:38:05.0734 0x05fc  Cdrom - ok
17:38:05.0734 0x05fc  Changer - ok
17:38:05.0734 0x05fc  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
17:38:05.0734 0x05fc  CiSvc - ok
17:38:05.0750 0x05fc  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
17:38:05.0750 0x05fc  ClipSrv - ok
17:38:05.0765 0x05fc  [ 3C4D595E7F9B747325AEF28B4ADCAAE5, 4A283F3E2E659DA996EC16BC8181E9F521BDFDFCF246D0E432D65D2672AC9629 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:05.0796 0x05fc  clr_optimization_v2.0.50727_32 - ok
17:38:05.0812 0x05fc  CmdIde - ok
17:38:05.0812 0x05fc  COMSysApp - ok
17:38:05.0812 0x05fc  Cpqarray - ok
17:38:05.0843 0x05fc  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
17:38:05.0843 0x05fc  CryptSvc - ok
17:38:05.0843 0x05fc  dac2w2k - ok
17:38:05.0843 0x05fc  dac960nt - ok
17:38:05.0875 0x05fc  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:38:05.0906 0x05fc  DcomLaunch - ok
17:38:05.0921 0x05fc  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
17:38:05.0921 0x05fc  Dhcp - ok
17:38:05.0921 0x05fc  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
17:38:05.0937 0x05fc  Disk - ok
17:38:05.0937 0x05fc  dmadmin - ok
17:38:05.0968 0x05fc  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
17:38:06.0015 0x05fc  dmboot - ok
17:38:06.0015 0x05fc  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
17:38:06.0031 0x05fc  dmio - ok
17:38:06.0046 0x05fc  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
17:38:06.0046 0x05fc  dmload - ok
17:38:06.0046 0x05fc  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
17:38:06.0046 0x05fc  dmserver - ok
17:38:06.0093 0x05fc  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
17:38:06.0093 0x05fc  DMusic - ok
17:38:06.0093 0x05fc  [ 474B4DC3983173E4B4C9740B0DAC98A6, C0B1B5B3A87529FFA93BCFCC2BC013A96CAD7F5049ED4D999E8D5D9AC91F95B7 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:38:06.0109 0x05fc  Dnscache - ok
17:38:06.0109 0x05fc  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:38:06.0125 0x05fc  Dot3svc - ok
17:38:06.0125 0x05fc  dpti2o - ok
17:38:06.0140 0x05fc  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:38:06.0140 0x05fc  drmkaud - ok
17:38:06.0156 0x05fc  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
17:38:06.0171 0x05fc  EapHost - ok
17:38:06.0171 0x05fc  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
17:38:06.0171 0x05fc  ERSvc - ok
17:38:06.0187 0x05fc  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] Eventlog        C:\WINDOWS\system32\services.exe
17:38:06.0203 0x05fc  Eventlog - ok
17:38:06.0203 0x05fc  [ 19A799805B24990867B00C120D300C3A, 3C8CB64BE0508B5136D4F4919DA665AB86366EFFFFDD890A9B27E7CE39DCF098 ] EventSystem     C:\WINDOWS\system32\es.dll
17:38:06.0218 0x05fc  EventSystem - ok
17:38:06.0234 0x05fc  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
17:38:06.0250 0x05fc  Fastfat - ok
17:38:06.0312 0x05fc  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
17:38:06.0312 0x05fc  FastUserSwitchingCompatibility - ok
17:38:06.0328 0x05fc  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
17:38:06.0328 0x05fc  Fdc - ok
17:38:06.0328 0x05fc  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
17:38:06.0328 0x05fc  Fips - ok
17:38:06.0328 0x05fc  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
17:38:06.0343 0x05fc  Flpydisk - ok
17:38:06.0359 0x05fc  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
17:38:06.0375 0x05fc  FltMgr - ok
17:38:06.0390 0x05fc  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:38:06.0390 0x05fc  Fs_Rec - ok
17:38:06.0406 0x05fc  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
17:38:06.0406 0x05fc  Ftdisk - ok
17:38:06.0421 0x05fc  [ D556CB79967E92B5CC69686D16C1D846, F4FF679066269392F6B7C3BA6257FC60DD609E4F9C491B00E1A16E4C405B0B9B ] gdrv            C:\WINDOWS\gdrv.sys
17:38:06.0421 0x05fc  gdrv - ok
17:38:06.0453 0x05fc  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
17:38:06.0453 0x05fc  Gpc - ok
17:38:06.0468 0x05fc  [ 3B5CA8EB6748D234F117AB203491F6F9, C554FC454214599831FB73448A0044ED145CB19B8F3008A78448B25145AEDA6E ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
17:38:06.0468 0x05fc  gzflt - ok
17:38:06.0515 0x05fc  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
17:38:06.0515 0x05fc  HDAudBus - ok
17:38:06.0562 0x05fc  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
17:38:06.0562 0x05fc  helpsvc - ok
17:38:06.0578 0x05fc  HidServ - ok
17:38:06.0593 0x05fc  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
17:38:06.0593 0x05fc  hkmsvc - ok
17:38:06.0593 0x05fc  hpn - ok
17:38:06.0625 0x05fc  [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
17:38:06.0625 0x05fc  HTTP - ok
17:38:06.0640 0x05fc  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
17:38:06.0640 0x05fc  HTTPFilter - ok
17:38:06.0656 0x05fc  i2omgmt - ok
17:38:06.0656 0x05fc  i2omp - ok
17:38:06.0656 0x05fc  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
17:38:06.0656 0x05fc  i8042prt - ok
17:38:06.0687 0x05fc  [ AC691CF57CA00169D59F86661EDE60CC, E8F704789C6B9D071637A62D5DD7B2B51E1FC27ACE08227C80031641CE0FE4C9 ] IDMTDI          C:\WINDOWS\system32\DRIVERS\idmtdi.sys
17:38:06.0687 0x05fc  IDMTDI - ok
17:38:06.0718 0x05fc  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
17:38:06.0718 0x05fc  Imapi - ok
17:38:06.0734 0x05fc  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
17:38:06.0734 0x05fc  ImapiService - ok
17:38:06.0734 0x05fc  ini910u - ok
17:38:07.0015 0x05fc  [ 063DD51CBDC37B8668E09148E0A118BC, 5FBBD6C067B4614DF99562B3A46EEBD08588CA71D640BBA0BB9A1DAB6CA34D07 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
17:38:07.0265 0x05fc  IntcAzAudAddService - ok
17:38:07.0281 0x05fc  IntelIde - ok
17:38:07.0296 0x05fc  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
17:38:07.0296 0x05fc  intelppm - ok
17:38:07.0312 0x05fc  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
17:38:07.0312 0x05fc  Ip6Fw - ok
17:38:07.0328 0x05fc  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:38:07.0328 0x05fc  IpFilterDriver - ok
17:38:07.0328 0x05fc  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
17:38:07.0328 0x05fc  IpInIp - ok
17:38:07.0343 0x05fc  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
17:38:07.0343 0x05fc  IpNat - ok
17:38:07.0359 0x05fc  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
17:38:07.0359 0x05fc  IPSec - ok
17:38:07.0375 0x05fc  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
17:38:07.0390 0x05fc  IRENUM - ok
17:38:07.0390 0x05fc  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
17:38:07.0390 0x05fc  isapnp - ok
17:38:07.0406 0x05fc  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
17:38:07.0406 0x05fc  Kbdclass - ok
17:38:07.0421 0x05fc  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
17:38:07.0421 0x05fc  kmixer - ok
17:38:07.0437 0x05fc  [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
17:38:07.0437 0x05fc  KSecDD - ok
17:38:07.0453 0x05fc  [ F385F4B02C535BFFE1D70CAB80838123, A1695E161673BCB77CE150C2D98A07FCB454C53F10EEBECD754D2CC40DEAA1E0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
17:38:07.0468 0x05fc  LanmanServer - ok
17:38:07.0484 0x05fc  [ 1B67B632786FEF1C1BBAEF46C2F3F2E6, 48A6DB1EC7515F0DDD0639AEE3056F32C273B4D541F3647915A32ABA140DA34A ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
17:38:07.0484 0x05fc  lanmanworkstation - ok
17:38:07.0500 0x05fc  lbrtfdc - ok
17:38:07.0515 0x05fc  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
17:38:07.0515 0x05fc  LmHosts - ok
17:38:07.0515 0x05fc  MBAMSwissArmy - ok
17:38:07.0531 0x05fc  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
17:38:07.0531 0x05fc  Messenger - ok
17:38:07.0546 0x05fc  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
17:38:07.0546 0x05fc  mnmdd - ok
17:38:07.0562 0x05fc  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
17:38:07.0562 0x05fc  mnmsrvc - ok
17:38:07.0578 0x05fc  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
17:38:07.0578 0x05fc  Modem - ok
17:38:07.0640 0x05fc  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
17:38:07.0703 0x05fc  Monfilt - ok
17:38:07.0703 0x05fc  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
17:38:07.0703 0x05fc  Mouclass - ok
17:38:07.0718 0x05fc  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
17:38:07.0718 0x05fc  MountMgr - ok
17:38:07.0734 0x05fc  [ 43BCA4038E290F75B5B6FECBFF5288A2, 52076DC16CDBD5A86AF2157528E56B52442489C45429B5EE39D7B34863414682 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:38:07.0750 0x05fc  MozillaMaintenance - ok
17:38:07.0750 0x05fc  mraid35x - ok
17:38:07.0765 0x05fc  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
17:38:07.0781 0x05fc  MRxDAV - ok
17:38:07.0796 0x05fc  [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:38:07.0812 0x05fc  MRxSmb - ok
17:38:07.0843 0x05fc  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
17:38:07.0843 0x05fc  MSDTC - ok
17:38:07.0859 0x05fc  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:38:07.0859 0x05fc  Msfs - ok
17:38:07.0859 0x05fc  MSIServer - ok
17:38:07.0875 0x05fc  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:38:07.0875 0x05fc  MSKSSRV - ok
17:38:07.0890 0x05fc  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:38:07.0890 0x05fc  MSPCLOCK - ok
17:38:07.0890 0x05fc  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:38:07.0906 0x05fc  MSPQM - ok
17:38:07.0921 0x05fc  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
17:38:07.0921 0x05fc  mssmbios - ok
17:38:07.0937 0x05fc  [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
17:38:07.0937 0x05fc  Mup - ok
17:38:07.0968 0x05fc  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
17:38:07.0984 0x05fc  napagent - ok
17:38:08.0000 0x05fc  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
17:38:08.0000 0x05fc  NDIS - ok
17:38:08.0000 0x05fc  [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:38:08.0000 0x05fc  NdisTapi - ok
17:38:08.0015 0x05fc  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:38:08.0015 0x05fc  Ndisuio - ok
17:38:08.0015 0x05fc  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:38:08.0015 0x05fc  NdisWan - ok
17:38:08.0031 0x05fc  [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:38:08.0031 0x05fc  NDProxy - ok
17:38:08.0046 0x05fc  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:38:08.0046 0x05fc  NetBIOS - ok
17:38:08.0046 0x05fc  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:38:08.0062 0x05fc  NetBT - ok
17:38:08.0078 0x05fc  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
17:38:08.0078 0x05fc  NetDDE - ok
17:38:08.0078 0x05fc  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
17:38:08.0093 0x05fc  NetDDEdsdm - ok
17:38:08.0093 0x05fc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:38:08.0093 0x05fc  Netlogon - ok
17:38:08.0109 0x05fc  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
17:38:08.0125 0x05fc  Netman - ok
17:38:08.0140 0x05fc  [ FCEE5FCB99F7C724593365C706D28388, 96A5E34E78934026357945F7CA3D1BBEF284BE76625DF3CB6B4B5EA4B5807136 ] Nla             C:\WINDOWS\System32\mswsock.dll
17:38:08.0156 0x05fc  Nla - ok
17:38:08.0171 0x05fc  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:38:08.0171 0x05fc  Npfs - ok
17:38:08.0203 0x05fc  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:38:08.0234 0x05fc  Ntfs - ok
17:38:08.0250 0x05fc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
17:38:08.0250 0x05fc  NtLmSsp - ok
17:38:08.0265 0x05fc  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
17:38:08.0281 0x05fc  NtmsSvc - ok
17:38:08.0296 0x05fc  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:38:08.0296 0x05fc  Null - ok
17:38:08.0312 0x05fc  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
17:38:08.0312 0x05fc  NwlnkFlt - ok
17:38:08.0312 0x05fc  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
17:38:08.0312 0x05fc  NwlnkFwd - ok
17:38:08.0328 0x05fc  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
17:38:08.0328 0x05fc  Parport - ok
17:38:08.0328 0x05fc  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
17:38:08.0328 0x05fc  PartMgr - ok
17:38:08.0343 0x05fc  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
17:38:08.0343 0x05fc  ParVdm - ok
17:38:08.0343 0x05fc  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
17:38:08.0359 0x05fc  PCI - ok
17:38:08.0359 0x05fc  PCIDump - ok
17:38:08.0375 0x05fc  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
17:38:08.0375 0x05fc  PCIIde - ok
17:38:08.0390 0x05fc  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
17:38:08.0390 0x05fc  Pcmcia - ok
17:38:08.0390 0x05fc  PDCOMP - ok
17:38:08.0390 0x05fc  PDFRAME - ok
17:38:08.0406 0x05fc  PDRELI - ok
17:38:08.0406 0x05fc  PDRFRAME - ok
17:38:08.0406 0x05fc  perc2 - ok
17:38:08.0406 0x05fc  perc2hib - ok
17:38:08.0437 0x05fc  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] PlugPlay        C:\WINDOWS\system32\services.exe
17:38:08.0437 0x05fc  PlugPlay - ok
17:38:08.0453 0x05fc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
17:38:08.0453 0x05fc  PolicyAgent - ok
17:38:08.0468 0x05fc  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
17:38:08.0468 0x05fc  PptpMiniport - ok
17:38:08.0468 0x05fc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
17:38:08.0468 0x05fc  ProtectedStorage - ok
17:38:08.0484 0x05fc  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
17:38:08.0484 0x05fc  PSched - ok
17:38:08.0484 0x05fc  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
17:38:08.0484 0x05fc  Ptilink - ok
17:38:08.0484 0x05fc  ql1080 - ok
17:38:08.0500 0x05fc  Ql10wnt - ok
17:38:08.0500 0x05fc  ql12160 - ok
17:38:08.0500 0x05fc  ql1240 - ok
17:38:08.0515 0x05fc  ql1280 - ok
17:38:08.0515 0x05fc  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:38:08.0515 0x05fc  RasAcd - ok
17:38:08.0546 0x05fc  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:38:08.0546 0x05fc  RasAuto - ok
17:38:08.0546 0x05fc  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
17:38:08.0546 0x05fc  Rasl2tp - ok
17:38:08.0562 0x05fc  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:38:08.0578 0x05fc  RasMan - ok
17:38:08.0578 0x05fc  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:38:08.0578 0x05fc  RasPppoe - ok
17:38:08.0593 0x05fc  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
17:38:08.0593 0x05fc  Raspti - ok
17:38:08.0593 0x05fc  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:38:08.0609 0x05fc  Rdbss - ok
17:38:08.0609 0x05fc  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
17:38:08.0609 0x05fc  RDPCDD - ok
17:38:08.0640 0x05fc  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
17:38:08.0640 0x05fc  rdpdr - ok
17:38:08.0671 0x05fc  [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
17:38:08.0687 0x05fc  RDPWD - ok
17:38:08.0718 0x05fc  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
17:38:08.0718 0x05fc  RDSessMgr - ok
17:38:08.0750 0x05fc  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
17:38:08.0750 0x05fc  redbook - ok
17:38:08.0765 0x05fc  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:38:08.0765 0x05fc  RemoteAccess - ok
17:38:08.0765 0x05fc  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:38:08.0781 0x05fc  RemoteRegistry - ok
17:38:08.0796 0x05fc  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:38:08.0796 0x05fc  RpcLocator - ok
17:38:08.0828 0x05fc  [ 2589FE6015A316C0F5D5112B4DA7B509, 2753785BA07A1A7A25E275332F5F9F403F6E8CBF396FD0905D6BA84B98C403A6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:38:08.0843 0x05fc  RpcSs - ok
17:38:08.0843 0x05fc  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
17:38:08.0859 0x05fc  RSVP - ok
17:38:09.0031 0x05fc  [ B916D4C11EB16F6F5B91360E78DADFF7, F47E9241C4445EB131D2CDCD65ED54890A68951F4DC41BF4039EAA6675067D68 ] RTHDMIAzAudService C:\WINDOWS\system32\drivers\RtKHDMI.sys
17:38:09.0203 0x05fc  RTHDMIAzAudService - ok
17:38:09.0250 0x05fc  [ 1323BA3CA4E8D863EB00CD81C0AAF356, C1E5C0D4B404BCDD11177466C23898E5A50C50C5A5447B0B88BF9039A2366196 ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
17:38:09.0250 0x05fc  RTLE8023xp - ok
17:38:09.0265 0x05fc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
17:38:09.0265 0x05fc  SamSs - ok
17:38:09.0296 0x05fc  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
17:38:09.0296 0x05fc  SCardSvr - ok
17:38:09.0359 0x05fc  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:38:09.0359 0x05fc  Schedule - ok
17:38:09.0375 0x05fc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
17:38:09.0375 0x05fc  Secdrv - ok
17:38:09.0375 0x05fc  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
17:38:09.0390 0x05fc  seclogon - ok
17:38:09.0390 0x05fc  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
17:38:09.0406 0x05fc  SENS - ok
17:38:09.0406 0x05fc  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
17:38:09.0406 0x05fc  serenum - ok
17:38:09.0406 0x05fc  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
17:38:09.0421 0x05fc  Serial - ok
17:38:09.0421 0x05fc  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
17:38:09.0421 0x05fc  Sfloppy - ok
17:38:09.0437 0x05fc  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:38:09.0453 0x05fc  SharedAccess - ok
17:38:09.0468 0x05fc  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:38:09.0484 0x05fc  ShellHWDetection - ok
17:38:09.0484 0x05fc  Simbad - ok
17:38:09.0484 0x05fc  Sparrow - ok
17:38:09.0500 0x05fc  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
17:38:09.0500 0x05fc  splitter - ok
17:38:09.0515 0x05fc  [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B, 130D686A220AF97EBF33DD481B79990F259B4EE38DD95A35CD3D0F0517790FF0 ] Spooler         C:\WINDOWS\system32\spoolsv.exe
17:38:09.0515 0x05fc  Spooler - ok
17:38:09.0531 0x05fc  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
17:38:09.0546 0x05fc  sr - ok
17:38:09.0562 0x05fc  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
17:38:09.0562 0x05fc  srservice - ok
17:38:09.0593 0x05fc  [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:38:09.0625 0x05fc  Srv - ok
17:38:09.0640 0x05fc  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:38:09.0640 0x05fc  SSDPSRV - ok
17:38:09.0671 0x05fc  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
17:38:09.0687 0x05fc  stisvc - ok
17:38:09.0718 0x05fc  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
17:38:09.0718 0x05fc  swenum - ok
17:38:09.0734 0x05fc  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
17:38:09.0734 0x05fc  swmidi - ok
17:38:09.0750 0x05fc  SwPrv - ok
17:38:09.0750 0x05fc  symc810 - ok
17:38:09.0750 0x05fc  symc8xx - ok
17:38:09.0750 0x05fc  sym_hi - ok
17:38:09.0765 0x05fc  sym_u3 - ok
17:38:09.0781 0x05fc  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
17:38:09.0781 0x05fc  sysaudio - ok
17:38:09.0796 0x05fc  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
17:38:09.0796 0x05fc  SysmonLog - ok
17:38:09.0812 0x05fc  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:38:09.0828 0x05fc  TapiSrv - ok
17:38:09.0843 0x05fc  [ AD978A1B783B5719720CFF204B666C8E, FA50A3664522C58E1637C06731B9CB9D56FF14F0A5F8AB496A1945585E8A2C16 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:38:09.0859 0x05fc  Tcpip - ok
17:38:09.0875 0x05fc  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
17:38:09.0875 0x05fc  TDPIPE - ok
17:38:09.0890 0x05fc  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
17:38:09.0890 0x05fc  TDTCP - ok
17:38:09.0906 0x05fc  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
17:38:09.0906 0x05fc  TermDD - ok
17:38:09.0953 0x05fc  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:38:09.0968 0x05fc  TermService - ok
17:38:09.0984 0x05fc  [ 1926899BF9FFE2602B63074971700412, F5C48EDBE5C6507527630B49C95BAA9F1E47EACC5A910F2B9A4528733E81A966 ] Themes          C:\WINDOWS\System32\shsvcs.dll
17:38:09.0984 0x05fc  Themes - ok
17:38:10.0000 0x05fc  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
17:38:10.0000 0x05fc  TlntSvr - ok
17:38:10.0015 0x05fc  TosIde - ok
17:38:10.0015 0x05fc  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
17:38:10.0031 0x05fc  TrkWks - ok
17:38:10.0062 0x05fc  [ 1F1E5D6E937476A32CBC8AEC17C4B7BC, 585BF44B0B0B0871529CF2E8401254E0BF0ABA722D699646D24B5B5C33376E77 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
17:38:10.0093 0x05fc  trufos - ok
17:38:10.0109 0x05fc  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
17:38:10.0109 0x05fc  Udfs - ok
17:38:10.0109 0x05fc  ultra - ok
17:38:10.0140 0x05fc  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
17:38:10.0156 0x05fc  Update - ok
17:38:10.0187 0x05fc  [ 1B494121D63DD8D820F6655BD758F866, 6F67C91F3CDCFFF8C392AE923BDB90EF6801DF21C3CDBCCA8FD5D5C064AB6901 ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
17:38:10.0234 0x05fc  UPDATESRV - ok
17:38:10.0250 0x05fc  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:38:10.0250 0x05fc  upnphost - ok
17:38:10.0281 0x05fc  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
17:38:10.0281 0x05fc  UPS - ok
17:38:10.0281 0x05fc  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
17:38:10.0281 0x05fc  usbehci - ok
17:38:10.0296 0x05fc  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
17:38:10.0296 0x05fc  usbhub - ok
17:38:10.0296 0x05fc  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
17:38:10.0312 0x05fc  usbuhci - ok
17:38:10.0328 0x05fc  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
17:38:10.0328 0x05fc  VgaSave - ok
17:38:10.0328 0x05fc  ViaIde - ok
17:38:10.0328 0x05fc  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
17:38:10.0328 0x05fc  VolSnap - ok
17:38:10.0343 0x05fc  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
17:38:10.0359 0x05fc  VSS - ok
17:38:10.0437 0x05fc  [ 029DD18E9A887429EE1F62E844A9FA4D, EF5025B4197BC03FBEF1A800EC6DD39EFF076B42C80D0339C1B4F9207686FADB ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
17:38:10.0484 0x05fc  VSSERV - ok
17:38:10.0500 0x05fc  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
17:38:10.0500 0x05fc  W32Time - ok
17:38:10.0515 0x05fc  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
17:38:10.0515 0x05fc  Wanarp - ok
17:38:10.0515 0x05fc  WDICA - ok
17:38:10.0531 0x05fc  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
17:38:10.0531 0x05fc  wdmaud - ok
17:38:10.0546 0x05fc  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:38:10.0562 0x05fc  WebClient - ok
17:38:10.0640 0x05fc  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:38:10.0656 0x05fc  winmgmt - ok
17:38:10.0671 0x05fc  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
17:38:10.0671 0x05fc  WmdmPmSN - ok
17:38:10.0703 0x05fc  [ BAB489A5FE26F2D0C910CF7AF7E4CF92, 700325258CA7A2BC2D7AA6E3176194D21229BEA76EA37BEAE117BBF87CE4ECD4 ] Wmi             C:\WINDOWS\System32\advapi32.dll
17:38:10.0750 0x05fc  Wmi - ok
17:38:10.0781 0x05fc  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
17:38:10.0796 0x05fc  WmiApSrv - ok
17:38:10.0859 0x05fc  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
17:38:10.0906 0x05fc  WMPNetworkSvc - ok
17:38:10.0921 0x05fc  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
17:38:10.0921 0x05fc  wscsvc - ok
17:38:10.0953 0x05fc  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
17:38:10.0953 0x05fc  wuauserv - ok
17:38:10.0968 0x05fc  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
17:38:10.0968 0x05fc  WudfPf - ok
17:38:10.0984 0x05fc  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
17:38:10.0984 0x05fc  WudfRd - ok
17:38:10.0984 0x05fc  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
17:38:11.0000 0x05fc  WudfSvc - ok
17:38:11.0015 0x05fc  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
17:38:11.0046 0x05fc  WZCSVC - ok
17:38:11.0062 0x05fc  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
17:38:11.0078 0x05fc  xmlprov - ok
17:38:11.0078 0x05fc  ================ Scan global ===============================
17:38:11.0078 0x05fc  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
17:38:11.0109 0x05fc  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
17:38:11.0140 0x05fc  [ 1618F36D4F7F6CCCEB3EE44BA95BE85C, 1ED920E475221228EF215708701EC166A0B1BBCBD236E5B047420EBD0FF1371A ] C:\WINDOWS\system32\winsrv.dll
17:38:11.0171 0x05fc  [ 0E776ED5F7CC9F94299E70461B7B8185, 22750B3829133D1D4BB3CE2FA6247BE2373B5D15A6ED1C8A71673AA1CE7D9530 ] C:\WINDOWS\system32\services.exe
17:38:11.0171 0x05fc  [ Global ] - ok
17:38:11.0171 0x05fc  ================ Scan MBR ==================================
17:38:11.0187 0x05fc  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
17:38:11.0390 0x05fc  \Device\Harddisk0\DR0 - ok
17:38:11.0390 0x05fc  ================ Scan VBR ==================================
17:38:11.0390 0x05fc  [ 90D431B700E88FDA0FB1C5DF9049B5DD ] \Device\Harddisk0\DR0\Partition1
17:38:11.0468 0x05fc  \Device\Harddisk0\DR0\Partition1 - ok
17:38:11.0468 0x05fc  [ 5CA53831E6BB2ABAD04E693B50097806 ] \Device\Harddisk0\DR0\Partition2
17:38:11.0515 0x05fc  \Device\Harddisk0\DR0\Partition2 - ok
17:38:11.0531 0x05fc  [ 9E1776F70EAEE5F755CA8837C0707A4D ] \Device\Harddisk0\DR0\Partition3
17:38:11.0578 0x05fc  \Device\Harddisk0\DR0\Partition3 - ok
17:38:11.0593 0x05fc  [ 294E94637FCFEDF8402C96074C5F8341 ] \Device\Harddisk0\DR0\Partition4
17:38:11.0640 0x05fc  \Device\Harddisk0\DR0\Partition4 - ok
17:38:11.0656 0x05fc  [ 245583459B8DB9FE20DD3BD21E62288E ] \Device\Harddisk0\DR0\Partition5
17:38:11.0703 0x05fc  \Device\Harddisk0\DR0\Partition5 - ok
17:38:11.0718 0x05fc  [ 5979F190789BD27ACB785147D160F3A2 ] \Device\Harddisk0\DR0\Partition6
17:38:11.0781 0x05fc  \Device\Harddisk0\DR0\Partition6 - ok
17:38:11.0781 0x05fc  [ DAD1673D154273E2697BD4AEE8F1640C ] \Device\Harddisk0\DR0\Partition7
17:38:11.0812 0x05fc  \Device\Harddisk0\DR0\Partition7 - ok
17:38:11.0812 0x05fc  ================ Scan generic autorun ======================
17:38:11.0906 0x05fc  [ F759F5AE393F7141E540282A99AD3586, 57B7A9D0813AC744BC340BF6C0E66BDDB07FC1399AB1B300B471110B15585EA7 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
17:38:11.0968 0x05fc  Bdagent - ok
17:38:12.0796 0x05fc  [ 8C31C7B29061F27A850654F292BCB9DD, D8077C6EFC180F63BA634E2673769D8D0D482ABFC6EC33BA4000BA5E0078ADA5 ] C:\WINDOWS\RTHDCPL.EXE
17:38:13.0562 0x05fc  RTHDCPL - ok
17:38:13.0640 0x05fc  [ E529133242B498179A29807424C9ACFA, 45B7DD571153A0CA07BDB6524190F681D953EDD603D23FF4F5BE081E02B62AD8 ] C:\WINDOWS\system32\Ati2mdxx.exe
17:38:13.0640 0x05fc  ATIModeChange - ok
17:38:13.0828 0x05fc  [ 720E0B6EE85E84746190DC50949A1C96, 7724D3FE2F2ED0AAC3146FE450B3C92FED6E656259A4AF9DD272D1C1C17684BA ] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
17:38:13.0890 0x05fc  StartCCC - ok
17:38:13.0906 0x05fc  nltide_2 - ok
17:38:13.0906 0x05fc  nltide_2 - ok
17:38:13.0921 0x05fc  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
17:38:13.0921 0x05fc  ctfmon.exe - ok
17:38:14.0093 0x05fc  [ 0B3179500F2AB42F82BAA902FDC9D061, FED37B082EF688540C81D8CD29596D54CB0CB1E89819C0A467002B6C17932E58 ] C:\Program Files\Internet Download Manager\IDMan.exe
17:38:14.0218 0x05fc  IDMan - ok
17:38:14.0265 0x05fc  [ BD709E1369189201C555A099E700BA33, B805AE66DAD5691994B996CE91EE0C36E8A483AA3A1CC638994C153E0B22E940 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
17:38:14.0343 0x05fc  Bitdefender Wallet Agent - ok
17:38:14.0343 0x05fc  Waiting for KSN requests completion. In queue: 167
17:38:15.0343 0x05fc  Waiting for KSN requests completion. In queue: 167
17:38:16.0343 0x05fc  Waiting for KSN requests completion. In queue: 167
17:38:17.0390 0x05fc  AV detected via SS1: Bitdefender Antivirus, 18.14.0.1088, enabled, updated
17:38:17.0390 0x05fc  FW detected via SS1: Bitdefender Firewall, 18.14.0.1088, enabled
17:38:19.0015 0x05fc  ============================================================
17:38:19.0015 0x05fc  Scan finished
17:38:19.0015 0x05fc  ============================================================
17:38:19.0015 0x05f4  Detected object count: 0
17:38:19.0015 0x05f4  Actual detected object count: 0
17:40:49.0359 0x052c  Deinitialize success
 

Attached Files



#4 reuch

reuch
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:02:03 PM

Posted 06 September 2014 - 11:12 PM

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6000.16674
Run by X at 18:34:23 on 2014-09-08
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.3582.2217 [GMT 4.5:30]
.
AV: Bitdefender Antivirus *Enabled/Updated* {6C4BB89C-B0ED-4F41-A29C-4373888923BB}
FW: Bitdefender Firewall *Enabled*
.
============== Running Processes ================
.
C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\HitmanPro\hmpsched.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxapps.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\THEKMP~1\KMPlayer.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\osk.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
.
============== Pseudo HJT Report ===============
.
BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [IDMan] c:\program files\internet download manager\IDMan.exe /onboot
uRun: [Bitdefender Wallet Agent] "c:\program files\bitdefender\bitdefender 2015\bdwtxag.exe"
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
mRun: [Bdagent] "c:\program files\bitdefender\bitdefender 2015\bdagent.exe"
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [NUSB3MON] "c:\program files\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe"
dRunOnce: [nltide_2] regsvr32 /s /n /i:U shell32
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: Download all links with IDM - c:\program files\internet download manager\IEGetAll.htm
IE: Download with IDM - c:\program files\internet download manager\IEExt.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CF609D1E-97DD-4B77-AF6C-24905EF17D10} : DHCPNameServer = 192.168.1.1
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 141.0.174.38 xvideos.com
Hosts: 141.0.174.39 www.xvideos.com
Hosts: 141.0.173.209 static.xvideos.com
Hosts: 199.16.156.198 twitter.com
Hosts: 69.55.53.7   forum.xnxx.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\x\application data\mozilla\firefox\profiles\l83mi5s4.default\
FF - plugin: c:\documents and settings\all users\application data\nexoneu\ngm\npNxGameeu.dll
FF - plugin: c:\documents and settings\x\application data\mozilla\firefox\profiles\l83mi5s4.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avc3;avc3;c:\windows\system32\drivers\avc3.sys [2014-9-5 1060312]
R0 gzflt;gzflt;c:\windows\system32\drivers\gzflt.sys [2014-9-5 165744]
R1 A2DDA;A2 Direct Disk Access Support Driver;c:\eek\bin\a2ddax86.sys [2014-9-6 22056]
R1 BDVEDISK;BDVEDISK;c:\windows\system32\drivers\bdvedisk.sys [2014-9-5 72704]
R1 IDMTDI;IDMTDI;c:\windows\system32\drivers\idmtdi.sys [2012-8-31 109768]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2014-7-23 142648]
R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2014-9-5 106248]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes anti-malware\mbamscheduler.exe [2014-9-5 1809720]
R2 MBAMService;MBAMService;c:\program files\malwarebytes anti-malware\mbamservice.exe [2014-9-5 860472]
R2 UPDATESRV;Bitdefender Desktop Update Service;c:\program files\bitdefender\bitdefender 2015\updatesrv.exe [2014-9-5 54424]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [2014-9-5 99856]
R3 avckf;avckf;c:\windows\system32\drivers\avckf.sys [2014-9-5 528248]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\common files\bitdefender\bitdefender firewall\bdfndisf.sys [2014-9-5 116688]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-9-5 23256]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-9-5 110296]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2014-9-5 1691480]
S3 avchv;avchv Function Driver;c:\windows\system32\drivers\avchv.sys [2014-9-5 242504]
S3 BdDesktopParental;Bitdefender Desktop Parental Control;c:\program files\bitdefender\bitdefender 2015\bdparentalservice.exe [2014-9-5 69880]
S3 BDSandBox;BDSandBox;c:\windows\system32\drivers\bdsandbox.sys [2014-9-5 66832]
S3 cleanhlp;cleanhlp;c:\eek\bin\cleanhlp32.sys [2014-9-6 50200]
S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?]
.
=============== Created Last 30 ================
.
2014-09-08 00:35:09    --------    d-----w-    c:\documents and settings\x\local settings\application data\Identities
2014-09-07 23:08:30    26368    -c--a-w-    c:\windows\system32\dllcache\usbstor.sys
2014-09-07 23:03:25    --------    d-----w-    c:\program files\NEC Electronics
2014-09-07 13:08:08    --------    d-----w-    c:\documents and settings\all users\application data\Nexon
2014-09-07 12:50:46    --------    d-----w-    c:\documents and settings\all users\application data\NexonEU
2014-09-07 11:48:06    --------    d-----w-    c:\documents and settings\x\application data\SUPERAntiSpyware.com
2014-09-07 11:47:28    --------    d-----w-    c:\program files\SUPERAntiSpyware
2014-09-07 11:47:28    --------    d-----w-    c:\documents and settings\all users\application data\SUPERAntiSpyware.com
2014-09-07 10:54:37    12872    ----a-w-    c:\windows\system32\bootdelete.exe
2014-09-07 10:41:51    --------    d-----w-    c:\documents and settings\x\local settings\application data\Google
2014-09-06 19:04:00    --------    d-----w-    C:\FRST
2014-09-05 23:30:10    --------    d-----w-    c:\documents and settings\x\local settings\application data\ATI
2014-09-05 21:02:14    --------    d-----w-    C:\EEK
2014-09-05 13:41:08    --------    d-----w-    c:\program files\ESET
2014-09-05 13:34:43    --------    d-----w-    c:\windows\ERUNT
2014-09-05 13:27:28    --------    d-----w-    C:\AdwCleaner
2014-09-05 13:21:12    33512    ----a-w-    c:\windows\system32\drivers\TrueSight.sys
2014-09-05 13:21:10    --------    d-----w-    c:\documents and settings\all users\application data\RogueKiller
2014-09-05 13:19:01    --------    d-----w-    c:\program files\HitmanPro
2014-09-05 13:18:33    --------    d-----w-    c:\documents and settings\all users\application data\HitmanPro
2014-09-05 13:12:04    110296    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-09-05 13:11:51    53208    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-09-05 13:11:51    23256    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-09-05 13:11:51    --------    d-----w-    c:\program files\Malwarebytes Anti-Malware
2014-09-05 12:44:34    --------    d-----w-    c:\windows\system32\ReinstallBackups
2014-09-05 12:44:27    99856    ----a-w-    c:\windows\system32\drivers\AtihdXP3.sys
2014-09-05 12:44:18    0    ----a-w-    c:\windows\ativpsrm.bin
2014-09-05 12:39:35    --------    d-----w-    c:\program files\ATI Technologies
2014-09-05 12:39:34    --------    d-----w-    c:\program files\ATI
2014-09-05 12:38:33    --------    d-----w-    C:\AMD
2014-09-05 12:27:38    --------    d-----w-    c:\windows\system32\Lang
2014-09-05 12:23:58    --------    d-----w-    c:\windows\system32\RTCOM
2014-09-05 12:20:11    71344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-05 12:20:11    699568    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-09-05 12:19:50    --------    d-----w-    c:\program files\GIGABYTE
2014-09-05 12:19:48    327168    ----a-w-    c:\windows\IsUninst.exe
2014-09-05 12:19:10    1531268    ----a-w-    c:\documents and settings\all users\application data\1409916657.bdinstall.bin
2014-09-05 12:17:37    --------    d-----w-    c:\documents and settings\x\local settings\application data\Adobe
2014-09-05 12:08:56    --------    d-----w-    c:\documents and settings\all users\application data\BDLogging
2014-09-05 12:08:09    72704    ----a-w-    c:\windows\system32\drivers\bdvedisk.sys
2014-09-05 12:07:21    511328    ----a-w-    c:\windows\capicom.dll
2014-09-05 12:07:21    116688    ----a-w-    c:\windows\system32\drivers\bdfndisf.sys
2014-09-05 12:07:20    74512    ----a-w-    c:\windows\system32\bdsandboxuiskin.dll
2014-09-05 12:07:20    66832    ----a-w-    c:\windows\system32\drivers\bdsandbox.sys
2014-09-05 12:07:20    27168    ----a-w-    c:\windows\system32\bdsandboxuh.dll
2014-09-05 12:07:20    1461992    ----a-w-    c:\windows\system32\WdfCoInstaller01009.dll
2014-09-05 12:06:46    528248    ----a-w-    c:\windows\system32\drivers\avckf.sys
2014-09-05 12:06:46    242504    ----a-w-    c:\windows\system32\drivers\avchv.sys
2014-09-05 12:06:46    1060312    ----a-w-    c:\windows\system32\drivers\avc3.sys
2014-09-05 12:00:58    --------    d-----w-    c:\documents and settings\x\application data\IDM
2014-09-05 12:00:57    --------    d-----w-    c:\documents and settings\x\application data\DMCache
2014-09-05 12:00:49    --------    d-----w-    c:\program files\Internet Download Manager
.
==================== Find3M  ====================
.
2014-09-05 11:19:55    17488    ----a-w-    c:\windows\gdrv.sys
2014-07-02 13:17:10    385096    ----a-w-    c:\windows\system32\drivers\trufos.sys
.
============= FINISH: 18:36:24.75 ===============

Attached Files



#5 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:33 AM

Posted 11 September 2014 - 10:25 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/547198 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#6 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,696 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:33 AM

Posted 16 September 2014 - 10:30 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users