Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random Resets, even with Auto Reset Disabled.


  • Please log in to reply
17 replies to this topic

#1 kenwood570

kenwood570

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 25 December 2014 - 11:44 AM

This computer running WinXP has been experiencing random resets, it will shut down and restart even with

Auto Reset disabled both in the Boot Menu and Systems.

 

We have been working on it within this forum under WinXP section:

 

Advised to post in this section for Malware assistance.

 

http://www.bleepingcomputer.com/forums/t/560083/winxp-home-random-restarts/

 

Temperatures are normal.

 

It will not reset in the SAFEMODE.

 

It will random reset with Configsys selections all unchecked and running Windows.

 

Malware Bytes has turned up nothing on a scan.


Edited by kenwood570, 25 December 2014 - 11:45 AM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 25 December 2014 - 06:07 PM

Ok, lets look at these also.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 25 December 2014 - 07:34 PM

Thanks: It will take some time as CPU keeps resetting in midst of testing....



#4 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 25 December 2014 - 07:58 PM

Minitool Box Results:

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Ken (administrator) on 12-12-2014 at 22:10:55
Running from "C:\Documents and Settings\Ken\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/12/2014 09:58:35 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (12/12/2014 03:19:53 PM) (Source: EventSystem) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing.  HRESULT was 8007043C from line 44 of d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp.  Please contact Microsoft Product Support Services to report this error.

Error: (12/11/2014 00:18:14 PM) (Source: Application Hang) (User: )
Description: Hanging application FlashUtil32_12_0_0_44_ActiveX.exe, version 12.0.0.44, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (12/11/2014 00:17:15 PM) (Source: F-Secure Anti-Virus) (User: )
Description: 1  2014-12-11  12:17:15-03:00    \Ken  F-Secure Anti-Virus
 Scanning of \DEVICE\HARDDISKVOLUME1\DOCUMENTS AND SETTINGS\KEN\START MENU\PROGRAMS\MRP40 MORSE DECODER V64\DDE CLIENT EXAMPLE VB6.LNK was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).


System errors:
=============
Error: (12/12/2014 10:06:06 PM) (Source: DCOM) (User: )
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (12/12/2014 10:05:57 PM) (Source: DCOM) (User: )
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (12/12/2014 09:58:35 PM) (Source: DCOM) (User: )
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/12/2014 09:24:32 PM) (Source: DCOM) (User: )
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (12/12/2014 09:24:32 PM) (Source: DCOM) (User: )
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (12/12/2014 09:01:51 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Fips
intelppm

Error: (12/12/2014 09:00:36 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (12/12/2014 09:00:31 PM) (Source: DCOM) (User: )
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (12/12/2014 09:00:31 PM) (Source: DCOM) (User: )
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (12/12/2014 08:24:01 PM) (Source: PlugPlayManager) (User: )
Description: The device Root\LEGACY_FSBL\0000 disappeared from the system without first being prepared for removal.


Microsoft Office Sessions:
=========================
Error: (12/12/2014 09:58:35 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (12/12/2014 03:19:53 PM) (Source: EventSystem)(User: )
Description: d:\comxp_sp3\com\com1x\src\events\tier1\eventsystemobj.cpp448007043C

Error: (12/11/2014 00:18:14 PM) (Source: Application Hang)(User: )
Description: FlashUtil32_12_0_0_44_ActiveX.exe12.0.0.44hungapp0.0.0.000000000

Error: (12/11/2014 00:17:15 PM) (Source: F-Secure Anti-Virus)(User: )
Description: 1  2014-12-11  12:17:15-03:00  \Ken  F-Secure Anti-Virus
 Scanning of \DEVICE\HARDDISKVOLUME1\DOCUMENTS AND SETTINGS\KEN\START MENU\PROGRAMS\MRP40 MORSE DECODER V64\DDE CLIENT EXAMPLE VB6.LNK was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).



=========================== Installed Programs ============================
Acrobat.com (HKLM\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI - Software Uninstall Utility (HKLM\...\All ATI Software) (Version: 6.14.10.1022 - )
ATI Catalyst Control Center (HKLM\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.010.0210.2338 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.593.100-100210a-095952E-ATI - )
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center HydraVision Full (Version: 2010.0210.2339.42455 - ATI) Hidden
Catalyst Control Center Localization All (Version: 2010.0210.2339.42455 - ATI) Hidden
CCC Help Chinese Standard (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Czech (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Danish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Dutch (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help English (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Finnish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help French (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help German (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Greek (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Hungarian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Italian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Japanese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Korean (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Norwegian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Polish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Portuguese (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Russian (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Spanish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Swedish (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Thai (Version: 2010.0210.2338.42455 - ATI) Hidden
CCC Help Turkish (Version: 2010.0210.2338.42455 - ATI) Hidden
ccc-core-preinstall (Version: 2010.0210.2339.42455 - ATI) Hidden
ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden
ccc-utility (Version: 2010.0210.2339.42455 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CleanUp! (HKLM\...\CleanUp!) (Version:  - )
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Computer Security 12.62.110.0 (release) (Version: 12.62.110.0 - F-Secure Corporation) Hidden
CwGet V2.26 (HKLM\...\CwGet_is1) (Version:  - )
CwType V2.10 (HKLM\...\CwType_is1) (Version:  - )
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
F-Secure CCF Reputation (Version: 1.0.25.1756 - F-Secure) Hidden
F-Secure CCF Scanning 1.23.124.8831 (release) (Version: 1.23.124.8831 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.115 (Version: 1.02.115 - F-Secure Corporation) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HDSDR 2.70 (HKLM\...\{DB200CBD-9E3E-4C72-B711-B46D6817BC51}_is1) (Version:  - DG0JBJ)
IDT Audio (HKLM\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.20001.0 - IDT)
Index Dat Spy 2.1.0 (HKLM\...\Index Dat Spy_is1) (Version:  - stevengould.org)
Intel® Network Connections 15.1.29.0 (HKLM\...\{0BBBA9A9-02E8-467D-BE57-4797A50F7861}) (Version: 15.1.29.0 - Intel)
Internet Security Services (HKLM\...\F-Secure ServiceEnabler 46333) (Version: 1.62.373.0 - F-Secure Corporation)
Internet Security Services (Version: 1.62.373.0 - F-Secure Corporation) Hidden
LG Power Tools (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3316 - CyberLink Corp.)
LG Power Tools (Version: 6.0.3316 - CyberLink Corp.) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0409-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
MRP40 Morse Decoder V64 (HKLM\...\MRP40 Morse Decoder V64) (Version:  - )
MySQL Connector/ODBC 3.51 (HKLM\...\{F929096B-54A0-4C5C-B125-1E7EB1917412}) (Version: 3.51.19 - MySQL AB)
Online Safety 2.63.170.284 (Version: 2.63.170.284 - F-Secure Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Reimage Repair (HKLM\...\Reimage Repair) (Version: 1.8.0.1 - Reimage)
SDR-RADIO.com (V2) (HKLM\...\SDR-RADIO.com (V2)) (Version:  - )
Skins (Version: 2010.0210.2339.42455 - ATI) Hidden
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update 4.0.3 for Microsoft .NET Framework 4 Client Profile (KB2600211) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2600211) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Backup Utility (HKLM\...\{76EFFC7C-17A6-479D-9E47-8E658C1695AE}) (Version: 5.1 - Microsoft Corporation)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 29.2.2013 - BillP Studios)
ZoneAlarm LTD Toolbar (HKLM\...\ZoneAlarm LTD Toolbar) (Version:  - Check Point Software Technologies)

========================= Memory info: ===================================

Percentage of memory in use: 38%
Total physical RAM: 1020.89 MB
Available physical RAM: 632.71 MB
Total Pagefile: 2451.7 MB
Available Pagefile: 2186.13 MB
Total Virtual: 2047.88 MB
Available Virtual: 1984.42 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:465.75 GB) (Free:437.28 GB) NTFS
4 Drive f: (New Volume) (Fixed) (Total:465.76 GB) (Free:431.72 GB) NTFS

========================= Users: ========================================

User accounts for \\

Administrator            Betty                    Guest                    
HelpAssistant            Ken                      SUPPORT_388945a0         


**** End of log ****
 



#5 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 25 December 2014 - 08:28 PM

Can I run TDSSKILLER in the Safe Mode and the results will be valid?



#6 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 25 December 2014 - 10:00 PM

Here is the log file for TDSSKILLER this run was in SAFE MODE.

 

22:53:20.0453 0x014c  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20

22:53:23.0640 0x014c  ============================================================

22:53:23.0640 0x014c  Current date / time: 2014/12/25 22:53:23.0640

22:53:23.0640 0x014c  SystemInfo:

22:53:23.0640 0x014c 

22:53:23.0640 0x014c  OS Version: 5.1.2600 ServicePack: 3.0

22:53:23.0640 0x014c  Product type: Workstation

22:53:23.0640 0x014c  ComputerName:

22:53:23.0640 0x014c  UserName: Ken

22:53:23.0640 0x014c  Windows directory: C:\WINDOWS

22:53:23.0640 0x014c  System windows directory: C:\WINDOWS

22:53:23.0640 0x014c  Processor architecture: Intel x86

22:53:23.0640 0x014c  Number of processors: 2

22:53:23.0640 0x014c  Page size: 0x1000

22:53:23.0640 0x014c  Boot type: Safe boot with network

22:53:23.0640 0x014c  ============================================================

22:53:28.0046 0x014c  KLMD registered as C:\WINDOWS\system32\drivers\91835334.sys

22:53:28.0156 0x014c  System UUID: {E672D032-D778-8A74-78C6-E60766A14099}

22:53:28.0703 0x014c  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

22:53:28.0703 0x014c  ============================================================

22:53:28.0703 0x014c  \Device\Harddisk0\DR0:

22:53:28.0703 0x014c  MBR partitions:

22:53:28.0703 0x014c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41

22:53:28.0703 0x014c  ============================================================

22:53:28.0734 0x014c  C: <-> \Device\Harddisk0\DR0\Partition1

22:53:28.0734 0x014c  ============================================================

22:53:28.0734 0x014c  Initialize success

22:53:28.0734 0x014c  ============================================================

22:53:31.0718 0x01a0  ============================================================

22:53:31.0718 0x01a0  Scan started

22:53:31.0734 0x01a0  Mode: Manual;

22:53:31.0734 0x01a0  ============================================================

22:53:31.0734 0x01a0  KSN ping started

22:53:43.0031 0x01a0  KSN ping finished: true

22:53:43.0859 0x01a0  ================ Scan system memory ========================

22:53:43.0859 0x01a0  System memory - ok

22:53:43.0859 0x01a0  ================ Scan services =============================

22:53:43.0984 0x01a0  Abiosdsk - ok

22:53:44.0000 0x01a0  abp480n5 - ok

22:53:44.0062 0x01a0  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

22:53:44.0078 0x01a0  ACPI - ok

22:53:44.0250 0x01a0  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

22:53:44.0250 0x01a0  ACPIEC - ok

22:53:44.0265 0x01a0  adpu160m - ok

22:53:44.0328 0x01a0  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

22:53:44.0328 0x01a0  aec - ok

22:53:44.0375 0x01a0  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

22:53:44.0390 0x01a0  AFD - ok

22:53:44.0406 0x01a0  Aha154x - ok

22:53:44.0421 0x01a0  aic78u2 - ok

22:53:44.0453 0x01a0  aic78xx - ok

22:53:44.0484 0x01a0  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

22:53:44.0500 0x01a0  Alerter - ok

22:53:44.0531 0x01a0  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe

22:53:44.0531 0x01a0  ALG - ok

22:53:44.0546 0x01a0  AliIde - ok

22:53:44.0578 0x01a0  amsint - ok

22:53:44.0593 0x01a0  AppMgmt - ok

22:53:44.0625 0x01a0  asc - ok

22:53:44.0656 0x01a0  asc3350p - ok

22:53:44.0687 0x01a0  asc3550 - ok

22:53:44.0828 0x01a0  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

22:53:44.0843 0x01a0  aspnet_state - ok

22:53:44.0859 0x01a0  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

22:53:44.0859 0x01a0  AsyncMac - ok

22:53:44.0906 0x01a0  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

22:53:44.0906 0x01a0  atapi - ok

22:53:44.0921 0x01a0  Atdisk - ok

22:53:45.0000 0x01a0  [ 471087B5E1E01CC82604E81EA14781D8, DA6AAFE65232AF3DA3D0D5F399730A1117B0DBBCB6AA2A9BD0D1ADA22A1198B8 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe

22:53:45.0031 0x01a0  Ati HotKey Poller - ok

22:53:45.0093 0x01a0  [ B979BA0120B6DB757196A8E2E873FE3C, 4F4CCD1D07485A53CA3ECEB10E029102BBE9946A15C7B67840E64D352808A0CA ] ATI Smart       C:\WINDOWS\system32\ati2sgag.exe

22:53:45.0125 0x01a0  ATI Smart - ok

22:53:45.0281 0x01a0  [ C0B86ECB324E50F6BBD529F9D5C6B24B, 6B6E58CBDE1010FF13740DA91482E8A40D7B31CD808C16B524BE012C0EADB0D1 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys

22:53:45.0390 0x01a0  ati2mtag - ok

22:53:45.0453 0x01a0  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

22:53:45.0453 0x01a0  Atmarpc - ok

22:53:45.0500 0x01a0  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

22:53:45.0500 0x01a0  AudioSrv - ok

22:53:45.0531 0x01a0  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

22:53:45.0531 0x01a0  audstub - ok

22:53:45.0578 0x01a0  [ CB2C2B24BD7E64CFB2B24D401FF5BBC0, F48ABD9F5BF91BF5F25E6D5EE02647F7DD8E1C1A11FEEE2C1C1B3BD34E3D0F85 ] Avgdiskx        C:\WINDOWS\system32\DRIVERS\avgdiskx.sys

22:53:45.0593 0x01a0  Avgdiskx - ok

22:53:45.0609 0x01a0  [ FD86E9F97D3171189137148476E13143, 8D28FFC2E2FBA1002531D0154BC487BC216E153DACC72E1817CFAF700B0A4FCB ] AVGIDSDriverl   C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys

22:53:45.0609 0x01a0  AVGIDSDriverl - ok

22:53:45.0640 0x01a0  [ D1663A0114691080C624D857A8343D5B, 8E7029A8FE7A62F4BED7687C54699D0709876D05D93CAA499B4BC69BF8C59091 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys

22:53:45.0640 0x01a0  AVGIDSHX - ok

22:53:45.0671 0x01a0  [ 2429F7F025F63532B6B264D97E4ECA49, EDE2C88B3B4B2A3AC59A3AB0B2FEC1D2CC75AA8AFFF0F5011D07AB4F053390D9 ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys

22:53:45.0671 0x01a0  AVGIDSShim - ok

22:53:45.0718 0x01a0  [ 9AFD535116E986D49877B811F3665E8E, 6843415ED638BB26A17BE9AB7A49D36070A588088256D4D0D1B4789FBDA6730B ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys

22:53:45.0718 0x01a0  Avgldx86 - ok

22:53:45.0765 0x01a0  [ D94378757947E02AE9BC484DF196A44D, 91B711C07320EFFDB780356EF84D39A06673198C4E0B45EE1D1412B996CB9227 ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys

22:53:45.0765 0x01a0  Avglogx - ok

22:53:45.0781 0x01a0  [ 35DD83C14AA01F4817BA46A4D6B6A520, 563619CDFC2ACC061C2421091E3527CA3C6C5F595008C5E9E45CFBE954D45841 ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

22:53:45.0796 0x01a0  Avgmfx86 - ok

22:53:45.0812 0x01a0  [ F016B95273E0B1961F204F7FD2FFD811, 9F89323177B68DEDE6B1F09790E6A978376B4FCBDC029283B297A3C4D9B242FF ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

22:53:45.0812 0x01a0  Avgrkx86 - ok

22:53:45.0859 0x01a0  [ 5A22A7A67BFB67D3223B7A339FC97780, 1DADB75B30665866FC93DADDC1EC9F612CD8CE5EC8582BCAF2A527FFDAFF8DBE ] Avgtdix         C:\WINDOWS\system32\DRIVERS\avgtdix.sys

22:53:45.0859 0x01a0  Avgtdix - ok

22:53:45.0921 0x01a0  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

22:53:45.0921 0x01a0  Beep - ok

22:53:45.0968 0x01a0  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll

22:53:46.0062 0x01a0  BITS - ok

22:53:46.0109 0x01a0  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll

22:53:46.0109 0x01a0  Browser - ok

22:53:46.0218 0x01a0  catchme - ok

22:53:46.0250 0x01a0  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

22:53:46.0250 0x01a0  cbidf2k - ok

22:53:46.0265 0x01a0  cd20xrnt - ok

22:53:46.0312 0x01a0  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

22:53:46.0312 0x01a0  Cdaudio - ok

22:53:46.0375 0x01a0  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

22:53:46.0375 0x01a0  Cdfs - ok

22:53:46.0421 0x01a0  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

22:53:46.0421 0x01a0  Cdrom - ok

22:53:46.0437 0x01a0  Changer - ok

22:53:46.0484 0x01a0  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

22:53:46.0484 0x01a0  CiSvc - ok

22:53:46.0515 0x01a0  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

22:53:46.0515 0x01a0  ClipSrv - ok

22:53:46.0546 0x01a0  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

22:53:46.0609 0x01a0  clr_optimization_v2.0.50727_32 - ok

22:53:46.0671 0x01a0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

22:53:46.0687 0x01a0  clr_optimization_v4.0.30319_32 - ok

22:53:46.0703 0x01a0  CmdIde - ok

22:53:46.0734 0x01a0  COMSysApp - ok

22:53:46.0781 0x01a0  Cpqarray - ok

22:53:46.0812 0x01a0  cpuz134 - ok

22:53:46.0843 0x01a0  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

22:53:46.0843 0x01a0  CryptSvc - ok

22:53:46.0859 0x01a0  dac2w2k - ok

22:53:46.0890 0x01a0  dac960nt - ok

22:53:46.0953 0x01a0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

22:53:46.0968 0x01a0  DcomLaunch - ok

22:53:46.0984 0x01a0  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

22:53:47.0000 0x01a0  Dhcp - ok

22:53:47.0015 0x01a0  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

22:53:47.0015 0x01a0  Disk - ok

22:53:47.0031 0x01a0  dmadmin - ok

22:53:47.0109 0x01a0  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

22:53:47.0140 0x01a0  dmboot - ok

22:53:47.0187 0x01a0  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

22:53:47.0187 0x01a0  dmio - ok

22:53:47.0218 0x01a0  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

22:53:47.0218 0x01a0  dmload - ok

22:53:47.0250 0x01a0  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll

22:53:47.0250 0x01a0  dmserver - ok

22:53:47.0281 0x01a0  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

22:53:47.0296 0x01a0  DMusic - ok

22:53:47.0328 0x01a0  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

22:53:47.0328 0x01a0  Dnscache - ok

22:53:47.0359 0x01a0  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

22:53:47.0375 0x01a0  Dot3svc - ok

22:53:47.0390 0x01a0  dpti2o - ok

22:53:47.0421 0x01a0  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

22:53:47.0421 0x01a0  drmkaud - ok

22:53:47.0468 0x01a0  [ 14C55DD3BCCA998FD6AC874A72A2CEB0, 57EDDFE7D43F42ABCFBB11039ECC3705FCC23645684284A7C6826D679B668FD5 ] DXSOFTIO        C:\WINDOWS\system32\drivers\DXSOFTIO.sys

22:53:47.0468 0x01a0  DXSOFTIO - ok

22:53:47.0500 0x01a0  [ AC9CF17EE2AE003C98EB4F5336C38058, 40618641B6B2DD71A8C284EB25AF81CA219A82AE7AA91C4BB2B4A3D44A2B3BBF ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys

22:53:47.0500 0x01a0  E100B - ok

22:53:47.0531 0x01a0  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll

22:53:47.0531 0x01a0  EapHost - ok

22:53:47.0562 0x01a0  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

22:53:47.0562 0x01a0  ERSvc - ok

22:53:47.0609 0x01a0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe

22:53:47.0625 0x01a0  Eventlog - ok

22:53:47.0656 0x01a0  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll

22:53:47.0671 0x01a0  EventSystem - ok

22:53:47.0781 0x01a0  [ 3796C0BCF30212488C24BCFB40349C6D, 2B017F27AE3E8E81292F861A33176D71732852E5093883E3ACECD1B3401FDC9F ] F-Secure Gatekeeper C:\Program Files\eastlinkinternetsecurityservices\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys

22:53:47.0796 0x01a0  F-Secure Gatekeeper - ok

22:53:47.0843 0x01a0  [ 3C79ADD6CD5CDACC0BB92ACBCCB429C6, 790365FDE7887351963A73FEF3AB1E01D5EFE8E54CC88BDCECF2A0A0FC152462 ] F-Secure HIPS   C:\Program Files\eastlinkinternetsecurityservices\apps\ComputerSecurity\HIPS\drivers\fshs.sys

22:53:47.0859 0x01a0  F-Secure HIPS - ok

22:53:47.0906 0x01a0  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

22:53:47.0906 0x01a0  Fastfat - ok

22:53:47.0968 0x01a0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

22:53:47.0968 0x01a0  FastUserSwitchingCompatibility - ok

22:53:48.0000 0x01a0  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

22:53:48.0015 0x01a0  Fdc - ok

22:53:48.0031 0x01a0  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

22:53:48.0046 0x01a0  Fips - ok

22:53:48.0062 0x01a0  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys

22:53:48.0062 0x01a0  Flpydisk - ok

22:53:48.0109 0x01a0  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

22:53:48.0125 0x01a0  FltMgr - ok

22:53:48.0218 0x01a0  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

22:53:48.0218 0x01a0  FontCache3.0.0.0 - ok

22:53:48.0265 0x01a0  [ 18DA737DD5122A475DA4948ED4643675, D8CB47E6376217C69D348B117225D567317B755518337C5A37C99511B32378FE ] fsbts           C:\WINDOWS\system32\Drivers\fsbts.sys

22:53:48.0265 0x01a0  fsbts - ok

22:53:48.0328 0x01a0  [ 9D756DEC91FE4DF7C3D772F29A5B4B05, B369BC57EF5725AA6F601DA8735F96EBB2EADDC44FD55063218737E28DDC51A6 ] fshoster        C:\Program Files\eastlinkinternetsecurityservices\fshoster32.exe

22:53:48.0343 0x01a0  fshoster - ok

22:53:48.0390 0x01a0  [ 7DB3D7C940BFDBEB744BE9AE711905F2, 32FF37A0D0F83617EDBA8438E6830B11E87BA35825CD154BFFCE3FC1FFEBD160 ] FSMA            C:\Program Files\eastlinkinternetsecurityservices\apps\ComputerSecurity\Common\FSMA32.EXE

22:53:48.0390 0x01a0  FSMA - ok

22:53:48.0421 0x01a0  [ 472596A1E846D517C6AF137171AB8ACE, 23F69B7A567A26C0901208B21FCC733DA79CFA5F280A51A8F0FAF3CE59FEA2B7 ] fsni            C:\Program Files\eastlinkinternetsecurityservices\apps\CCF_Scanning\bin\fsnixp32.sys

22:53:48.0437 0x01a0  fsni - ok

22:53:48.0453 0x01a0  [ E122733EA6808019D20D1825AED5A848, 17247549C1ADD61A0276FD0ED7ECB5AD0863E56C22EB633F78FA9C3DC1845435 ] fsnitdi         C:\Program Files\eastlinkinternetsecurityservices\apps\CCF_Scanning\bin\fsnitdi32.sys

22:53:48.0453 0x01a0  fsnitdi - ok

22:53:48.0484 0x01a0  [ EB3E03B60279515BD7FDF18392A79DFD, CAF7066F58B96CC0068A63F9E76EE2053C9889E0757C036864BAE1F30A66EE65 ] FSORSPClient    C:\Program Files\eastlinkinternetsecurityservices\apps\CCF_Reputation\fsorsp.exe

22:53:48.0484 0x01a0  FSORSPClient - ok

22:53:48.0515 0x01a0  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

22:53:48.0515 0x01a0  Fs_Rec - ok

22:53:48.0546 0x01a0  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

22:53:48.0546 0x01a0  Ftdisk - ok

22:53:48.0578 0x01a0  [ 77EBF3E9386DAA51551AF429052D88D0, 94C3294BB9E14B07448734AE65B37801D3FF15BEC987D182A929A017FEF7B276 ] giveio          C:\WINDOWS\system32\giveio.sys

22:53:48.0578 0x01a0  giveio - ok

22:53:48.0609 0x01a0  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

22:53:48.0609 0x01a0  Gpc - ok

22:53:48.0656 0x01a0  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

22:53:48.0656 0x01a0  gusvc - ok

22:53:48.0703 0x01a0  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

22:53:48.0703 0x01a0  HDAudBus - ok

22:53:48.0781 0x01a0  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

22:53:48.0781 0x01a0  helpsvc - ok

22:53:48.0828 0x01a0  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll

22:53:48.0828 0x01a0  HidServ - ok

22:53:48.0875 0x01a0  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

22:53:48.0875 0x01a0  HidUsb - ok

22:53:48.0921 0x01a0  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

22:53:48.0921 0x01a0  hkmsvc - ok

22:53:48.0937 0x01a0  hpn - ok

22:53:48.0984 0x01a0  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

22:53:49.0000 0x01a0  HTTP - ok

22:53:49.0015 0x01a0  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

22:53:49.0031 0x01a0  HTTPFilter - ok

22:53:49.0046 0x01a0  i2omgmt - ok

22:53:49.0062 0x01a0  i2omp - ok

22:53:49.0109 0x01a0  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

22:53:49.0109 0x01a0  i8042prt - ok

22:53:49.0187 0x01a0  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

22:53:49.0250 0x01a0  idsvc - ok

22:53:49.0281 0x01a0  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

22:53:49.0281 0x01a0  Imapi - ok

22:53:49.0343 0x01a0  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe

22:53:49.0343 0x01a0  ImapiService - ok

22:53:49.0375 0x01a0  ini910u - ok

22:53:49.0421 0x01a0  IntelIde - ok

22:53:49.0453 0x01a0  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

22:53:49.0468 0x01a0  intelppm - ok

22:53:49.0500 0x01a0  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys

22:53:49.0500 0x01a0  Ip6Fw - ok

22:53:49.0531 0x01a0  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

22:53:49.0531 0x01a0  IpFilterDriver - ok

22:53:49.0546 0x01a0  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

22:53:49.0546 0x01a0  IpInIp - ok

22:53:49.0593 0x01a0  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

22:53:49.0593 0x01a0  IpNat - ok

22:53:49.0640 0x01a0  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

22:53:49.0656 0x01a0  IPSec - ok

22:53:49.0687 0x01a0  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

22:53:49.0687 0x01a0  IRENUM - ok

22:53:49.0734 0x01a0  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

22:53:49.0734 0x01a0  isapnp - ok

22:53:49.0781 0x01a0  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

22:53:49.0781 0x01a0  Kbdclass - ok

22:53:49.0796 0x01a0  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

22:53:49.0796 0x01a0  kbdhid - ok

22:53:49.0828 0x01a0  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

22:53:49.0843 0x01a0  kmixer - ok

22:53:49.0875 0x01a0  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

22:53:49.0875 0x01a0  KSecDD - ok

22:53:49.0906 0x01a0  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll

22:53:49.0906 0x01a0  LanmanServer - ok

22:53:49.0968 0x01a0  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

22:53:49.0968 0x01a0  lanmanworkstation - ok

22:53:49.0984 0x01a0  lbrtfdc - ok

22:53:50.0062 0x01a0  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

22:53:50.0062 0x01a0  LmHosts - ok

22:53:50.0109 0x01a0  [ 027E967B109DE9E881C0E0411D50105D, 454F7E0CD762B39E414F6A88852C97D7906A7940DCC932F7CE27842CB995EDDC ] mbamchameleon   C:\WINDOWS\system32\drivers\mbamchameleon.sys

22:53:50.0109 0x01a0  mbamchameleon - ok

22:53:50.0140 0x01a0  [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys

22:53:50.0140 0x01a0  MBAMProtector - ok

22:53:50.0234 0x01a0  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

22:53:50.0296 0x01a0  MBAMScheduler - ok

22:53:50.0359 0x01a0  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

22:53:50.0406 0x01a0  MBAMService - ok

22:53:50.0453 0x01a0  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys

22:53:50.0453 0x01a0  MBAMSwissArmy - ok

22:53:50.0484 0x01a0  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

22:53:50.0484 0x01a0  Messenger - ok

22:53:50.0531 0x01a0  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

22:53:50.0531 0x01a0  mnmdd - ok

22:53:50.0578 0x01a0  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe

22:53:50.0578 0x01a0  mnmsrvc - ok

22:53:50.0625 0x01a0  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

22:53:50.0625 0x01a0  Modem - ok

22:53:50.0656 0x01a0  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

22:53:50.0656 0x01a0  Mouclass - ok

22:53:50.0703 0x01a0  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

22:53:50.0703 0x01a0  mouhid - ok

22:53:50.0734 0x01a0  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

22:53:50.0734 0x01a0  MountMgr - ok

22:53:50.0796 0x01a0  [ B4E9C7383A705628AD491CF0F87D901F, 5C0CD7133D4F5B1E0466CDB2A2210ECA57206A8BC41F37BC6324120AE5501C70 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

22:53:50.0812 0x01a0  MozillaMaintenance - ok

22:53:50.0828 0x01a0  mraid35x - ok

22:53:50.0859 0x01a0  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

22:53:50.0859 0x01a0  MRxDAV - ok

22:53:50.0890 0x01a0  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

22:53:50.0906 0x01a0  MRxSmb - ok

22:53:50.0937 0x01a0  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe

22:53:50.0937 0x01a0  MSDTC - ok

22:53:50.0984 0x01a0  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

22:53:50.0984 0x01a0  Msfs - ok

22:53:51.0015 0x01a0  MSIServer - ok

22:53:51.0046 0x01a0  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

22:53:51.0046 0x01a0  MSKSSRV - ok

22:53:51.0078 0x01a0  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

22:53:51.0078 0x01a0  MSPCLOCK - ok

22:53:51.0093 0x01a0  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

22:53:51.0093 0x01a0  MSPQM - ok

22:53:51.0140 0x01a0  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

22:53:51.0140 0x01a0  mssmbios - ok

22:53:51.0171 0x01a0  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

22:53:51.0187 0x01a0  Mup - ok

22:53:51.0234 0x01a0  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll

22:53:51.0250 0x01a0  napagent - ok

22:53:51.0265 0x01a0  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

22:53:51.0281 0x01a0  NDIS - ok

22:53:51.0296 0x01a0  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

22:53:51.0312 0x01a0  NdisTapi - ok

22:53:51.0328 0x01a0  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

22:53:51.0328 0x01a0  Ndisuio - ok

22:53:51.0343 0x01a0  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

22:53:51.0359 0x01a0  NdisWan - ok

22:53:51.0390 0x01a0  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

22:53:51.0390 0x01a0  NDProxy - ok

22:53:51.0406 0x01a0  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

22:53:51.0406 0x01a0  NetBIOS - ok

22:53:51.0453 0x01a0  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

22:53:51.0453 0x01a0  NetBT - ok

22:53:51.0500 0x01a0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe

22:53:51.0500 0x01a0  NetDDE - ok

22:53:51.0515 0x01a0  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

22:53:51.0531 0x01a0  NetDDEdsdm - ok

22:53:51.0562 0x01a0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe

22:53:51.0562 0x01a0  Netlogon - ok

22:53:51.0593 0x01a0  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll

22:53:51.0609 0x01a0  Netman - ok

22:53:51.0656 0x01a0  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

22:53:51.0656 0x01a0  NetTcpPortSharing - ok

22:53:51.0687 0x01a0  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll

22:53:51.0703 0x01a0  Nla - ok

22:53:51.0734 0x01a0  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

22:53:51.0734 0x01a0  Npfs - ok

22:53:51.0765 0x01a0  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

22:53:51.0781 0x01a0  Ntfs - ok

22:53:51.0796 0x01a0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe

22:53:51.0812 0x01a0  NtLmSsp - ok

22:53:51.0859 0x01a0  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

22:53:51.0875 0x01a0  NtmsSvc - ok

22:53:51.0906 0x01a0  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

22:53:51.0906 0x01a0  Null - ok

22:53:51.0953 0x01a0  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

22:53:51.0953 0x01a0  NwlnkFlt - ok

22:53:51.0968 0x01a0  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

22:53:51.0968 0x01a0  NwlnkFwd - ok

22:53:52.0015 0x01a0  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

22:53:52.0031 0x01a0  ose - ok

22:53:52.0062 0x01a0  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

22:53:52.0078 0x01a0  Parport - ok

22:53:52.0093 0x01a0  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

22:53:52.0093 0x01a0  PartMgr - ok

22:53:52.0140 0x01a0  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

22:53:52.0140 0x01a0  ParVdm - ok

22:53:52.0187 0x01a0  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

22:53:52.0187 0x01a0  PCI - ok

22:53:52.0203 0x01a0  PCIDump - ok

22:53:52.0218 0x01a0  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys

22:53:52.0218 0x01a0  PCIIde - ok

22:53:52.0265 0x01a0  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

22:53:52.0265 0x01a0  Pcmcia - ok

22:53:52.0281 0x01a0  PDCOMP - ok

22:53:52.0312 0x01a0  PDFRAME - ok

22:53:52.0343 0x01a0  PDRELI - ok

22:53:52.0359 0x01a0  PDRFRAME - ok

22:53:52.0390 0x01a0  perc2 - ok

22:53:52.0421 0x01a0  perc2hib - ok

22:53:52.0515 0x01a0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe

22:53:52.0515 0x01a0  PlugPlay - ok

22:53:52.0531 0x01a0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe

22:53:52.0531 0x01a0  PolicyAgent - ok

22:53:52.0562 0x01a0  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

22:53:52.0562 0x01a0  PptpMiniport - ok

22:53:52.0593 0x01a0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

22:53:52.0593 0x01a0  ProtectedStorage - ok

22:53:52.0609 0x01a0  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

22:53:52.0625 0x01a0  PSched - ok

22:53:52.0640 0x01a0  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

22:53:52.0640 0x01a0  Ptilink - ok

22:53:52.0671 0x01a0  ql1080 - ok

22:53:52.0703 0x01a0  Ql10wnt - ok

22:53:52.0718 0x01a0  ql12160 - ok

22:53:52.0750 0x01a0  ql1240 - ok

22:53:52.0781 0x01a0  ql1280 - ok

22:53:52.0812 0x01a0  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

22:53:52.0828 0x01a0  RasAcd - ok

22:53:52.0859 0x01a0  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll

22:53:52.0859 0x01a0  RasAuto - ok

22:53:52.0875 0x01a0  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

22:53:52.0890 0x01a0  Rasl2tp - ok

22:53:52.0921 0x01a0  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll

22:53:52.0921 0x01a0  RasMan - ok

22:53:52.0937 0x01a0  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

22:53:52.0937 0x01a0  RasPppoe - ok

22:53:52.0968 0x01a0  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

22:53:52.0968 0x01a0  Raspti - ok

22:53:53.0015 0x01a0  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

22:53:53.0015 0x01a0  Rdbss - ok

22:53:53.0031 0x01a0  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

22:53:53.0031 0x01a0  RDPCDD - ok

22:53:53.0109 0x01a0  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

22:53:53.0125 0x01a0  RDPWD - ok

22:53:53.0156 0x01a0  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

22:53:53.0171 0x01a0  RDSessMgr - ok

22:53:53.0187 0x01a0  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

22:53:53.0187 0x01a0  redbook - ok

22:53:53.0218 0x01a0  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

22:53:53.0218 0x01a0  RemoteAccess - ok

22:53:53.0265 0x01a0  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe

22:53:53.0265 0x01a0  RpcLocator - ok

22:53:53.0296 0x01a0  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\System32\rpcss.dll

22:53:53.0312 0x01a0  RpcSs - ok

22:53:53.0359 0x01a0  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe

22:53:53.0359 0x01a0  RSVP - ok

22:53:53.0390 0x01a0  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe

22:53:53.0390 0x01a0  SamSs - ok

22:53:53.0437 0x01a0  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

22:53:53.0437 0x01a0  SCardSvr - ok

22:53:53.0484 0x01a0  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

22:53:53.0500 0x01a0  Schedule - ok

22:53:53.0531 0x01a0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

22:53:53.0531 0x01a0  Secdrv - ok

22:53:53.0578 0x01a0  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll

22:53:53.0578 0x01a0  seclogon - ok

22:53:53.0593 0x01a0  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll

22:53:53.0593 0x01a0  SENS - ok

22:53:53.0625 0x01a0  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

22:53:53.0625 0x01a0  serenum - ok

22:53:53.0656 0x01a0  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

22:53:53.0656 0x01a0  Serial - ok

22:53:53.0765 0x01a0  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

22:53:53.0765 0x01a0  Sfloppy - ok

22:53:53.0796 0x01a0  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

22:53:53.0812 0x01a0  SharedAccess - ok

22:53:53.0843 0x01a0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

22:53:53.0843 0x01a0  ShellHWDetection - ok

22:53:53.0859 0x01a0  Simbad - ok

22:53:53.0921 0x01a0  Sparrow - ok

22:53:53.0968 0x01a0  [ DC8D2952FB6FFBAEC67BD1B93A34DF11, 0BD1523A68900B80ED1BCCB967643525CCA55D4FF4622D0128913690E6BB619E ] speedfan        C:\WINDOWS\system32\speedfan.sys

22:53:53.0968 0x01a0  speedfan - ok

22:53:54.0015 0x01a0  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

22:53:54.0015 0x01a0  splitter - ok

22:53:54.0062 0x01a0  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

22:53:54.0062 0x01a0  Spooler - ok

22:53:54.0109 0x01a0  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

22:53:54.0109 0x01a0  sr - ok

22:53:54.0140 0x01a0  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll

22:53:54.0156 0x01a0  srservice - ok

22:53:54.0187 0x01a0  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

22:53:54.0203 0x01a0  Srv - ok

22:53:54.0234 0x01a0  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

22:53:54.0250 0x01a0  SSDPSRV - ok

22:53:54.0328 0x01a0  [ C5003D42CC88C1F5D54ED9AF28D6ED7B, 7F55FAAEEEBB22F6C0FA0F58DDDCE69804785138713C7A7A6F0ABB16D720BF60 ] STacSV          c:\program files\idt\intelxpv_v103\wdm\STacSV.exe

22:53:54.0328 0x01a0  STacSV - ok

22:53:54.0406 0x01a0  [ 228519217A88C2F6B0CF8C022E6D669C, FE3A7F9378D3115A52AD96F852783534238E988034B3EB2B23FECADB1F299D8E ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys

22:53:54.0453 0x01a0  STHDA - ok

22:53:54.0515 0x01a0  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

22:53:54.0531 0x01a0  stisvc - ok

22:53:54.0546 0x01a0  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

22:53:54.0546 0x01a0  swenum - ok

22:53:54.0593 0x01a0  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

22:53:54.0593 0x01a0  swmidi - ok

22:53:54.0609 0x01a0  SwPrv - ok

22:53:54.0640 0x01a0  symc810 - ok

22:53:54.0671 0x01a0  symc8xx - ok

22:53:54.0703 0x01a0  sym_hi - ok

22:53:54.0734 0x01a0  sym_u3 - ok

22:53:54.0750 0x01a0  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

22:53:54.0765 0x01a0  sysaudio - ok

22:53:54.0796 0x01a0  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

22:53:54.0812 0x01a0  SysmonLog - ok

22:53:54.0843 0x01a0  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

22:53:54.0843 0x01a0  TapiSrv - ok

22:53:54.0875 0x01a0  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

22:53:54.0890 0x01a0  Tcpip - ok

22:53:54.0953 0x01a0  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

22:53:54.0953 0x01a0  TDPIPE - ok

22:53:54.0984 0x01a0  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

22:53:54.0984 0x01a0  TDTCP - ok

22:53:55.0031 0x01a0  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

22:53:55.0031 0x01a0  TermDD - ok

22:53:55.0062 0x01a0  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll

22:53:55.0078 0x01a0  TermService - ok

22:53:55.0109 0x01a0  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll

22:53:55.0109 0x01a0  Themes - ok

22:53:55.0140 0x01a0  TosIde - ok

22:53:55.0203 0x01a0  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

22:53:55.0218 0x01a0  TrkWks - ok

22:53:55.0265 0x01a0  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

22:53:55.0281 0x01a0  Udfs - ok

22:53:55.0296 0x01a0  ultra - ok

22:53:55.0328 0x01a0  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

22:53:55.0343 0x01a0  Update - ok

22:53:55.0375 0x01a0  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll

22:53:55.0375 0x01a0  upnphost - ok

22:53:55.0390 0x01a0  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe

22:53:55.0390 0x01a0  UPS - ok

22:53:55.0437 0x01a0  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys

22:53:55.0437 0x01a0  usbaudio - ok

22:53:55.0484 0x01a0  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

22:53:55.0484 0x01a0  usbccgp - ok

22:53:55.0515 0x01a0  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

22:53:55.0515 0x01a0  usbehci - ok

22:53:55.0531 0x01a0  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

22:53:55.0531 0x01a0  usbhub - ok

22:53:55.0578 0x01a0  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

22:53:55.0578 0x01a0  usbprint - ok

22:53:55.0609 0x01a0  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

22:53:55.0609 0x01a0  usbscan - ok

22:53:55.0625 0x01a0  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

22:53:55.0625 0x01a0  usbstor - ok

22:53:55.0656 0x01a0  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

22:53:55.0671 0x01a0  usbuhci - ok

22:53:55.0687 0x01a0  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

22:53:55.0687 0x01a0  VgaSave - ok

22:53:55.0703 0x01a0  ViaIde - ok

22:53:55.0750 0x01a0  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

22:53:55.0750 0x01a0  VolSnap - ok

22:53:55.0781 0x01a0  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe

22:53:55.0796 0x01a0  VSS - ok

22:53:55.0828 0x01a0  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll

22:53:55.0843 0x01a0  W32Time - ok

22:53:55.0875 0x01a0  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

22:53:55.0875 0x01a0  Wanarp - ok

22:53:55.0906 0x01a0  WDICA - ok

22:53:55.0937 0x01a0  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

22:53:55.0937 0x01a0  wdmaud - ok

22:53:55.0968 0x01a0  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll

22:53:55.0968 0x01a0  WebClient - ok

22:53:56.0062 0x01a0  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

22:53:56.0062 0x01a0  winmgmt - ok

22:53:56.0156 0x01a0  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll

22:53:56.0156 0x01a0  WmdmPmSN - ok

22:53:56.0218 0x01a0  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe

22:53:56.0218 0x01a0  WmiApSrv - ok

22:53:56.0312 0x01a0  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe

22:53:56.0375 0x01a0  WMPNetworkSvc - ok

22:53:56.0484 0x01a0  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

22:53:56.0531 0x01a0  WPFFontCache_v0400 - ok

22:53:56.0578 0x01a0  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys

22:53:56.0578 0x01a0  WS2IFSL - ok

22:53:56.0625 0x01a0  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

22:53:56.0625 0x01a0  wscsvc - ok

22:53:56.0671 0x01a0  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

22:53:56.0671 0x01a0  wuauserv - ok

22:53:56.0734 0x01a0  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys

22:53:56.0734 0x01a0  WudfPf - ok

22:53:56.0765 0x01a0  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys

22:53:56.0765 0x01a0  WudfRd - ok

22:53:56.0812 0x01a0  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll

22:53:56.0812 0x01a0  WudfSvc - ok

22:53:56.0859 0x01a0  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

22:53:56.0875 0x01a0  WZCSVC - ok

22:53:56.0906 0x01a0  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

22:53:56.0906 0x01a0  xmlprov - ok

22:53:56.0937 0x01a0  ================ Scan global ===============================

22:53:56.0968 0x01a0  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

22:53:56.0984 0x01a0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

22:53:57.0015 0x01a0  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

22:53:57.0031 0x01a0  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

22:53:57.0046 0x01a0  [ Global ] - ok

22:53:57.0046 0x01a0  ================ Scan MBR ==================================

22:53:57.0078 0x01a0  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

22:53:57.0265 0x01a0  \Device\Harddisk0\DR0 - ok

22:53:57.0265 0x01a0  ================ Scan VBR ==================================

22:53:57.0281 0x01a0  [ 476B9D153F21E272A13D97EB6F0058F8 ] \Device\Harddisk0\DR0\Partition1

22:53:57.0328 0x01a0  \Device\Harddisk0\DR0\Partition1 - ok

22:53:57.0328 0x01a0  ================ Scan generic autorun ======================

22:53:57.0359 0x01a0  [ A81135541C9D4EBCE43EFA8AD31395B4, 96CF8E21B7838D8162C68825BC8C4747A4380ACB672FF73423CBEA3EF5590E4B ] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE

22:53:57.0375 0x01a0  MSConfig - ok

22:53:57.0781 0x01a0  [ 805210C8DB11D5799E7172923959BF98, A8DCB8A6FDE5ED583D329D6D8A5979FFD3E844046335529BB2E81A5D310E5894 ] C:\Program Files\CCleaner\CCleaner.exe

22:53:58.0140 0x01a0  CCleaner Monitoring - ok

22:53:58.0250 0x01a0  [ 3E930C641079443D4DE036167A69CAA2, DEBA83978850F17B33A3C4C06C5E707B9A3FACA30FE0DFC5A9425EF2CA592473 ] C:\Program Files\Messenger\msmsgs.exe

22:53:58.0312 0x01a0  MSMSGS - ok

22:53:58.0328 0x01a0  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe

22:53:58.0328 0x01a0  ctfmon.exe - ok

22:53:58.0375 0x01a0  [ 20E81CCCC09F9B4C72867BF31AE3EE7B, E39D5A9D0158B9C0C86B94E6CFB83740EC056E685D35EA378CF38BBE05184144 ] C:\AdwCleaner\AdwCleaner[S3].txt

22:53:58.0375 0x01a0  Report - ok

22:53:58.0390 0x01a0  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe

22:53:58.0390 0x01a0  ctfmon.exe - ok

22:53:58.0468 0x01a0  [ 3E930C641079443D4DE036167A69CAA2, DEBA83978850F17B33A3C4C06C5E707B9A3FACA30FE0DFC5A9425EF2CA592473 ] C:\Program Files\Messenger\msmsgs.exe

22:53:58.0515 0x01a0  MSMSGS - ok

22:53:58.0515 0x01a0  Waiting for KSN requests completion. In queue: 215

22:53:59.0609 0x01a0  AV detected via SS1: AVG AntiVirus 2015, 2015.0, enabled, updated

22:53:59.0609 0x01a0  AV detected via SS1: Computer Security, , enabled, updated

22:53:59.0609 0x01a0  Win FW state via NFM: enabled

22:53:59.0859 0x01a0  ============================================================

22:53:59.0859 0x01a0  Scan finished

22:53:59.0859 0x01a0  ============================================================

22:53:59.0875 0x0198  Detected object count: 0

22:53:59.0875 0x0198  Actual detected object count: 0

22:54:25.0375 0x0130  Deinitialize success



#7 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 26 December 2014 - 09:44 AM

Results of AWDCleaner run in SAFE MODE.

 

 

 

 

 

# AdwCleaner v4.106 - Report created 26/12/2014 at 10:36:07

# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Ken -
# Running from : C:\Documents and Settings\Ken\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v34.0.5 (x86 en-US)


*************************

AdwCleaner[R0].txt - [3586 octets] - [14/12/2014 21:44:50]
AdwCleaner[R1].txt - [881 octets] - [14/12/2014 21:58:17]
AdwCleaner[R2].txt - [999 octets] - [25/12/2014 22:20:23]
AdwCleaner[R3].txt - [1119 octets] - [25/12/2014 22:38:26]
AdwCleaner[R4].txt - [1179 octets] - [25/12/2014 22:43:27]
AdwCleaner[R5].txt - [313 octets] - [26/12/2014 10:08:56]
AdwCleaner[R6].txt - [1358 octets] - [26/12/2014 10:29:58]
AdwCleaner[S0].txt - [3562 octets] - [14/12/2014 21:49:41]
AdwCleaner[S1].txt - [941 octets] - [14/12/2014 22:02:08]
AdwCleaner[S2].txt - [1059 octets] - [25/12/2014 22:26:56]
AdwCleaner[S3].txt - [1241 octets] - [25/12/2014 22:48:19]
AdwCleaner[S4].txt - [1280 octets] - [26/12/2014 10:36:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1340 octets] ##########



#8 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 26 December 2014 - 11:45 AM

ESET Results

C:\AdwCleaner\Quarantine\C\Program Files\Reimage\Reimage Repair\Reimage.exe.vir    a variant of Win32/ReImageRepair.D potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Ken\My Documents\Downloads\asc-setup.exe    a variant of Win32/Toolbar.Widgi.B potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Ken\My Documents\Downloads\cbsidlm-tr1_13-Whats_My_Computer_Doing-ORG-75788785.exe    Win32/DownloadAdmin.G potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Ken\My Documents\Downloads\ppsetup.exe    a variant of Win32/Toolbar.Conduit.I potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Ken\My Documents\Downloads\registryboosterplb.exe    a variant of Win32/RegistryBooster potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Ken\My Documents\Downloads\speedupmypc.exe    Win32/SpeedUpMyPC potentially unwanted application    deleted - quarantined
C:\Documents and Settings\Ken\My Documents\Downloads\wpsetup.exe    a variant of Win32/Toolbar.Conduit.H potentially unwanted application    deleted - quarantined


Edited by kenwood570, 26 December 2014 - 11:45 AM.


#9 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 26 December 2014 - 12:16 PM

The CPU still resets and will not respond to "autostart off". It always autostarts....

 

With MSCONFIG set to Diagnostic start up in still resets, sometimes with just a touch of the mouse after windows boots.

 

It still has never reset in SAFE MODE.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 26 December 2014 - 03:43 PM

Ok this one is quick
 
Safe mode, if needed..
 
Please download Rkill by Grinler and save it to your desktop.
  • Link 1
  • Link 2
    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista, right-click on it and Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • If not, delete the file, then download and use the one provided in Link 2.
    • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
    • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#11 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 26 December 2014 - 07:41 PM

Following are Rkill results

 

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/26/2014 08:37:03 PM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * System Restore Disabled

   [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
   "DisableSR" = dword:00000001

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\assembly\GAC_MSIL\CCC\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\
WinSxS\MSIL_CCC_90ba9c70f846762e_2.0.0.0_x-ww_c7ed2bb0 [Dir]
     * C:\WINDOWS\assembly\GAC_MSIL\CLI\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\
WinSxS\MSIL_CLI_90ba9c70f846762e_2.0.0.0_x-ww_42656733 [Dir]
     * C:\WINDOWS\assembly\GAC_MSIL\LOG\2.0.3693.42530__90ba9c70f846762e => C:\W
INDOWS\WinSxS\MSIL_LOG_90ba9c70f846762e_2.0.3693.42530_x-ww_47e32df4 [Dir]
     * C:\WINDOWS\assembly\GAC_MSIL\MOM\2.0.0.0__90ba9c70f846762e => C:\WINDOWS\
WinSxS\MSIL_MOM_90ba9c70f846762e_2.0.0.0_x-ww_a60193a8 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4
.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f
5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Manual

 * System Restore Service (srservice) is not Running.
   Startup Type set to: Automatic

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * Automatic Updates (wuauserv) is not Running.
   Startup Type set to: Automatic

 * System Restore Filter Driver (sr) is not Running.
   Startup Type set to: Disabled

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 12/26/2014 08:37:50 PM
Execution time: 0 hours(s), 0 minute(s), and 46 seconds(s)



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 26 December 2014 - 08:57 PM

Let's try repairing system files, Back up any important files first.

Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 3 and click on Check button next to 1. See If Check Disk Is Needed.
If the tool indicates that the Check Disk is needed click on Do It button next to 2. Check Disk, then restart your computer.

1406373241-3-o.png


Once the above is done, go to Step 4 and allow it to run System File Check by clicking on the Do It button.

1406373250-4-o.png


Go to Step 5 and under"System Restore" click on Create button.

1406373259-5-o.png


Go to Start Repairs tab and click the Start button.

1406373267-start1-o.png


Leave the check marks as they are.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start Repairs button.

1406373275-start2-o.png


After the repair finished, you may be prompted to restart the computer. Please allow it to do so.

Please post the Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 26 December 2014 - 10:30 PM

Thanks I had to skip Step 4 this seemed to have no effect on pressing "Do it" so I went to "Next"

Here is the run log, I hope it is the right one.

Tweaking.com - Windows Repair v2.10.2
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Microsoft Windows XP
OS Architecture: 32-bit
OS Version: 5.1.2600
OS Service Pack: Service Pack 3
Computer Name:
Windows Drive: C:\
Windows Path: C:\WINDOWS
Program Files: C:\Program Files
Current Profile: C:\Documents and Settings\Ken
Current Profile SID: S-1-5-21-789336058-861567501-1417001333-1004
Current Profile Classes: S-1-5-21-789336058-861567501-1417001333-1004_Classes
Profiles Location: C:\Documents and Settings
Profiles Location 2: C:\WINDOWS\ServiceProfiles
Local Settings AppData: C:\Documents and Settings\Ken\Local Settings\Application Data
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 01:30:44

Process Count: 14
Commit Total: 85.84 MB
Commit Limit: 2.39 GB
Commit Peak: 289.17 MB
Handle Count: 3264
Kernel Total: 27.31 MB
Kernel Paged: 22.29 MB
Kernel Non Paged: 5.02 MB
System Cache: 267.48 MB
Thread Count: 185
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 1,020.89 MB
Memory Used: 216.39 MB(21.1966%)
Memory Avail.: 804.50 MB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 1,020.89 MB
Memory Used: 155.50 MB(15.2321%)
Memory Avail.: 865.39 MB
--------------------------------------------------------------------------------

Starting Repairs...
   Started at (12/26/2014 11:06:27 PM)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 78
 
01 - Reset Registry Permissions 01/03
   HKEY_CURRENT_USER & Sub Keys
   Start (12/26/2014 11:06:31 PM)
   Running Repair Under Current User Account
   Done (12/26/2014 11:06:37 PM)

01 - Reset Registry Permissions 02/03
   HKEY_LOCAL_MACHINE & Sub Keys
   Start (12/26/2014 11:06:37 PM)
   Running Repair Under System Account
   Done (12/26/2014 11:09:02 PM)

01 - Reset Registry Permissions 03/03
   HKEY_CLASSES_ROOT & Sub Keys
   Start (12/26/2014 11:09:02 PM)
   Running Repair Under System Account
   Done (12/26/2014 11:10:19 PM)

03 - Reset Service Permissions
   Start (12/26/2014 11:10:19 PM)
   Running Repair Under System Account
   Done (12/26/2014 11:10:47 PM)

04 - Register System Files
   Start (12/26/2014 11:10:47 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:11:52 PM)

05 - Repair WMI
   Start (12/26/2014 11:11:52 PM)

   Starting Security Center So We Can Export The Security Info.

   Exporting Antivirus Info...
   AVG AntiVirus 2015 Exported.
   Computer Security Exported.

   Exporting 3rd Party Firewall Info...
   No 3rd Party Firewall Products Reported.

   Running Repair Under Current User Account
   Done (12/26/2014 11:13:37 PM)

06 - Repair Windows Firewall
   Start (12/26/2014 11:13:37 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:13:49 PM)

07 - Repair Internet Explorer
   Start (12/26/2014 11:13:49 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:15:03 PM)

08 - Repair MDAC/MS Jet
   Start (12/26/2014 11:15:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:15:13 PM)

09 - Repair Hosts File
   Start (12/26/2014 11:15:13 PM)
   Running Repair Under System Account
   Done (12/26/2014 11:15:14 PM)

10 - Remove Policies Set By Infections
   Start (12/26/2014 11:15:14 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:15:25 PM)

11 - Repair Start Menu Icons Removed By Infections
   Start (12/26/2014 11:15:25 PM)
   Running Repair Under System Account
   Done (12/26/2014 11:15:27 PM)

12 - Repair Icons
   Start (12/26/2014 11:15:27 PM)
   Running Repair Under Current User Account
   Done (12/26/2014 11:15:29 PM)

13 - Repair Winsock & DNS Cache
   Start (12/26/2014 11:15:29 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:15:40 PM)

15 - Repair Proxy Settings
   Start (12/26/2014 11:15:40 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:15:42 PM)

17 - Repair Windows Updates
   Start (12/26/2014 11:15:42 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
   Done (12/26/2014 11:16:16 PM)

18 - Repair CD/DVD Missing/Not Working
   Start (12/26/2014 11:16:16 PM)
   iTunes not found, not applying UpperFilters iTunes Reg Key
   Done (12/26/2014 11:16:16 PM)

19 - Repair Volume Shadow Copy Service
   Start (12/26/2014 11:16:16 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:39 PM)

21 - Repair MSI (Windows Installer)
   Start (12/26/2014 11:16:39 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:45 PM)

23.01 - Repair bat Association
   Start (12/26/2014 11:16:45 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:47 PM)

23.02 - Repair cmd Association
   Start (12/26/2014 11:16:47 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:49 PM)

23.03 - Repair com Association
   Start (12/26/2014 11:16:49 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:51 PM)

23.04 - Repair Directory Association
   Start (12/26/2014 11:16:51 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:53 PM)

23.05 - Repair Drive Association
   Start (12/26/2014 11:16:53 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:55 PM)

23.06 - Repair exe Association
   Start (12/26/2014 11:16:55 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:57 PM)

23.07 - Repair Folder Association
   Start (12/26/2014 11:16:57 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:16:59 PM)

23.08 - Repair inf Association
   Start (12/26/2014 11:16:59 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:01 PM)

23.09 - Repair lnk (Shortcuts) Association
   Start (12/26/2014 11:17:01 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:03 PM)

23.10 - Repair msc Association
   Start (12/26/2014 11:17:03 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:05 PM)

23.11 - Repair reg Association
   Start (12/26/2014 11:17:05 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:07 PM)

23.12 - Repair scr Association
   Start (12/26/2014 11:17:07 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:09 PM)

24 - Repair Windows Safe Mode
   Start (12/26/2014 11:17:09 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:11 PM)

25 - Repair Print Spooler
   Start (12/26/2014 11:17:11 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:17 PM)

26 - Restore Important Windows Services
   Start (12/26/2014 11:17:17 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:24 PM)

27 - Set Windows Services To Default Startup
   Start (12/26/2014 11:17:24 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:44 PM)

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1

   Skipping Repair.
   Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
   Current version: 5.1

31 - Repair Windows 'New' Submenu
   Start (12/26/2014 11:17:44 PM)
   Running Repair Under Current User Account
   Running Repair Under System Account
   Done (12/26/2014 11:17:46 PM)

Cleaning up empty logs...

All Selected Repairs Done.
   Done at (12/26/2014 11:17:46 PM)
   Total Repair Time: 00:11:22


...YOU MUST RESTART YOUR SYSTEM...


Edited by kenwood570, 26 December 2014 - 10:32 PM.


#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:07:45 AM

Posted 27 December 2014 - 09:36 PM

Ok that is good.

We need to run the SFC /SCANNOW Command

The sfc /scannow command (System File Checker) scans the integrity of all protected Windows system files and replaces incorrect corrupted, changed/modified, or damaged versions with the correct versions if possible.

Note: Be aware that if you have modified your system files as in theming explorer/system files, running sfc /scannow will revert the system files such as explorer.exe back to it's default state.

Note: Make the appropriate backups of your system files that you have modified for theming if you wish to save them before running sfc /scannow.

For Windows XP:
  • Click the Start button.
  • Click Run.
  • Type cmd.
Next:
  • Copy the following line of text and paste it into the black box.
    (right-click in the black box and choose paste)

    sfc /scannow
  • Press Enter to run the command.
    Note: This may take a while to finish.
  • If SFC could not fix something, then run the command again to see if it may be able to the next time. Sometimes it may take running the sfc /scannow command 3 or more times to completely fix everything that it's able to.
Retrieving SFC /scannow log

For Windows XP:
  • Click the Start button
  • Click Run
  • Type cmd
  • Press enter
  • Copy the following line of text and paste it into the black box.
    (right-click in the black box and choose paste)

    findstr /c:"[SR]" %windir%\setupapi.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Press Enter to run the command.
  • A text file sfcdetails.txt should appear on your desktop. Post the content of the file in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 kenwood570

kenwood570
  • Topic Starter

  • Members
  • 26 posts
  • OFFLINE
  •  
  • Local time:07:45 AM

Posted 28 December 2014 - 11:24 AM

findstr /c:"[SR]" %windir%\setupapi.log >> "%userprofile%\desktop\sfcdetails.txt"

 

Ran the utility 3x , seemed to run OK... It ran for about 30 minutes each run and read from the Windows XP OS disk.

 

However the above command  failed to procduce any text file when run as instructed.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users