Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infinite cmd.exe window pop-ups on Bootup


  • This topic is locked This topic is locked
2 replies to this topic

#1 mhakkinen68

mhakkinen68

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:02 AM

Posted 25 July 2015 - 03:08 PM

I am using WinXP and encountered infinite cmd.exe window pop-ups on bootup. I believe my issue is very similar to the one found at http://www.bleepingcomputer.com/forums/t/552552/cmdexe-window-during-start-up/ . Followed the instructions and here are the files:
 
MiniToolbox Result.txt (named as MTB.txt)
 
MiniToolBox by Farbar  Version: 25-07-2015 01
Ran by user (administrator) on 26-07-2015 at 01:26:45
Running from "C:\Documents and Settings\user\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Model: Veriton X4620G Manufacturer: Acer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
 
Windows IP Configuration
 
 
 
Successfully flushed the DNS Resolver Cache.
 
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
 
 
127.0.0.1       localhost
 
========================= IP Configuration: ================================
 
D-Link DWA-123 Wireless N 150 USB Adapter(rev.D) = Wireless Network Connection (Connected)
Broadcom NetXtreme Gigabit Ethernet = Local Area Connection (Media disconnected)
TAP-Win32 Adapter OAS = Local Area Connection 3 (Media disconnected)
 
 
# ---------------------------------- 
# Interface IP Configuration         
# ---------------------------------- 
pushd interface ip
 
 
# Interface IP Configuration for "Local Area Connection"
 
set address name="Local Area Connection" source=dhcp 
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp
 
# Interface IP Configuration for "Local Area Connection 3"
 
set address name="Local Area Connection 3" source=dhcp 
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp
 
# Interface IP Configuration for "Wireless Network Connection"
 
set address name="Wireless Network Connection" source=dhcp 
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp
 
 
popd
# End of interface IP configuration
 
 
 
 
Windows IP Configuration
 
 
 
        Host Name . . . . . . . . . . . . : acer
 
        Primary Dns Suffix  . . . . . . . : 
 
        Node Type . . . . . . . . . . . . : Broadcast
 
        IP Routing Enabled. . . . . . . . : No
 
        WINS Proxy Enabled. . . . . . . . : No
 
 
 
Ethernet adapter Local Area Connection:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : Broadcom NetXtreme Gigabit Ethernet
 
        Physical Address. . . . . . . . . : 74-27-EA-B3-53-2E
 
 
 
Ethernet adapter Local Area Connection 3:
 
 
 
        Media State . . . . . . . . . . . : Media disconnected
 
        Description . . . . . . . . . . . : TAP-Win32 Adapter OAS
 
        Physical Address. . . . . . . . . : 00-FF-C1-F0-87-B7
 
 
 
Ethernet adapter Wireless Network Connection:
 
 
 
        Connection-specific DNS Suffix  . : 
 
        Description . . . . . . . . . . . : D-Link DWA-123 Wireless N 150 USB Adapter(rev.D)
 
        Physical Address. . . . . . . . . : C4-A8-1D-F3-88-60
 
        Dhcp Enabled. . . . . . . . . . . : Yes
 
        Autoconfiguration Enabled . . . . : Yes
 
        IP Address. . . . . . . . . . . . : 192.168.1.4
 
        Subnet Mask . . . . . . . . . . . : 255.255.255.0
 
        Default Gateway . . . . . . . . . : 192.168.1.254
 
        DHCP Server . . . . . . . . . . . : 192.168.1.254
 
        DNS Servers . . . . . . . . . . . : 192.168.1.254
 
        Lease Obtained. . . . . . . . . . : Sunday, July 26, 2015 1:18:54 AM
 
        Lease Expires . . . . . . . . . . : Sunday, July 26, 2015 5:18:54 AM
 
Server:  UnKnown
Address:  192.168.1.254
 
Name:    google.com
Addresses:  74.125.200.100, 74.125.200.113, 74.125.200.101, 74.125.200.139
 74.125.200.102, 74.125.200.138
 
 
 
Pinging google.com [74.125.200.139] with 32 bytes of data:
 
 
 
Reply from 74.125.200.139: bytes=32 time=20ms TTL=41
 
Reply from 74.125.200.139: bytes=32 time=8ms TTL=41
 
 
 
Ping statistics for 74.125.200.139:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 8ms, Maximum = 20ms, Average = 14ms
 
Server:  UnKnown
Address:  192.168.1.254
 
Name:    yahoo.com
Addresses:  98.139.183.24, 98.138.253.109, 206.190.36.45
 
 
 
Pinging yahoo.com [98.138.253.109] with 32 bytes of data:
 
 
 
Reply from 98.138.253.109: bytes=32 time=236ms TTL=45
 
Reply from 98.138.253.109: bytes=32 time=240ms TTL=47
 
 
 
Ping statistics for 98.138.253.109:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 236ms, Maximum = 240ms, Average = 238ms
 
 
 
Pinging 127.0.0.1 with 32 bytes of data:
 
 
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
 
 
Ping statistics for 127.0.0.1:
 
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
 
Approximate round trip times in milli-seconds:
 
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
 
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...74 27 ea b3 53 2e ...... Broadcom NetXtreme Gigabit Ethernet - Packet Scheduler Miniport
0x3 ...00 ff c1 f0 87 b7 ...... TAP-Win32 Adapter OAS - Packet Scheduler Miniport
0x10005 ...c4 a8 1d f3 88 60 ...... D-Link DWA-123 Wireless N 150 USB Adapter(rev.D) - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0    192.168.1.254     192.168.1.4   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0      192.168.1.4     192.168.1.4   25
      192.168.1.4  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.1.255  255.255.255.255      192.168.1.4     192.168.1.4   25
        224.0.0.0        240.0.0.0      192.168.1.4     192.168.1.4   25
  255.255.255.255  255.255.255.255      192.168.1.4     192.168.1.4   1
  255.255.255.255  255.255.255.255      192.168.1.4               2   1
  255.255.255.255  255.255.255.255      192.168.1.4               3   1
Default Gateway:     192.168.1.254
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (07/18/2015 09:56:09 PM) (Source: Application Error) (User: )
Description: Faulting application hpcmpmgr.exe, version 1.76.0.0, faulting module hpcmpmgr.exe, version 1.76.0.0, fault address 0x000119a6.
Processing media-specific event for [hpcmpmgr.exe!ws!]
 
Error: (06/03/2015 12:21:03 PM) (Source: Application Error) (User: )
Description: Faulting application hpcmpmgr.exe, version 1.76.0.0, faulting module hpcmpmgr.exe, version 1.76.0.0, fault address 0x000119a6.
Processing media-specific event for [hpcmpmgr.exe!ws!]
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
 
System errors:
=============
Error: (06/15/2015 11:30:42 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ahcix86
 
Error: (06/15/2015 09:28:53 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ahcix86
 
Error: (06/14/2015 07:33:23 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ahcix86
 
Error: (06/14/2015 12:01:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ahcix86
 
Error: (06/14/2015 04:54:04 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ahcix86
 
Error: (06/13/2015 09:15:38 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ahcix86
 
Error: (06/13/2015 03:17:33 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ahcix86
 
Error: (06/13/2015 02:03:24 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ahcix86
 
Error: (06/13/2015 02:01:18 PM) (Source: Service Control Manager) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (06/13/2015 02:01:18 PM) (Source: Service Control Manager) (User: )
Description: The OpenVPN Access Client service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (07/18/2015 09:56:09 PM) (Source: Application Error)(User: )
Description: hpcmpmgr.exe1.76.0.0hpcmpmgr.exe1.76.0.0000119a6
 
Error: (06/03/2015 12:21:03 PM) (Source: Application Error)(User: )
Description: hpcmpmgr.exe1.76.0.0hpcmpmgr.exe1.76.0.0000119a6
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
Error: (11/19/2015 06:37:22 PM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
 
 
=========================== Installed Programs ============================
 
1300 (HKLM\...\{6dc18d50-8cc3-4dea-a666-ea6f01907663}) (Version: 5.31.1.27 - Hewlett-Packard) Hidden
1300_Help (HKLM\...\{b17cf867-a4e5-41ba-a646-50f237810eca}) (Version: 5.31.1.27 -  Hewlett-Packard) Hidden
1300Tour (HKLM\...\{c46485b1-6527-4937-9dc0-29bb5d5613fe}) (Version: 5.31.1.27 -  Hewlett-Packard) Hidden
1300Trb (HKLM\...\{0e4a0db5-801d-489e-85c0-6c3f96335d20}) (Version: 5.31.1.27 -  Hewlett-Packard) Hidden
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader 9.4.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A94000000001}) (Version: 9.4.0 - Adobe Systems Incorporated)
AiO_Scan (HKLM\...\{092eeeee-9fdd-4895-a568-0818c96beb6c}) (Version: 5.31.1.27 - Hewlett-Packard) Hidden
AIOMinimal (HKLM\...\{ec7d7a6a-31cb-4810-826f-74171bef44f1}) (Version: 5.31.1.27 - Hewlett-Packard) Hidden
AiOSoftware (HKLM\...\{c330461f-c4a9-4fc7-af5d-c158e0b56aa7}) (Version: 5.31.1.27 - Hewlett-Packard) Hidden
AVG PC TuneUp 2014 (en-GB) (HKLM\...\{967A3B08-DEC2-4C28-981F-96E86179FA4B}) (Version: 14.0.1001.380 - AVG) Hidden
Copy (HKLM\...\{D1D8C9C4-89BE-4f37-9EC4-B80E3C239C41}) (Version: 5.31.0.150 - Hewlett-Packard) Hidden
CreativeProjects (HKLM\...\{A363B66C-1547-47bf-90F0-3834E70A841A}) (Version: 5.31.0.150 - Hewlett-Packard) Hidden
Director (HKLM\...\{829698DE-9EAC-475E-9A05-B7BA807CA1EF}) (Version: 5.31.0.154 - Hewlett-Packard) Hidden
DocProc (HKLM\...\{2F1FD032-67D1-4569-923F-47EAF132BF0F}) (Version: 3.1.0.0 - Hewlett-Packard) Hidden
Fax (HKLM\...\{d40e4a88-ebc8-4d52-be3c-a4917a057ef0}) (Version: 5.31.2.31 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.28.1 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Photo & Imaging 3.1 (HKLM\...\HP Photo & Imaging) (Version: 3.1 - HP)
HP PSC & OfficeJet 3.0 (HKLM\...\{F38FA38A-7E5A-4209-88ED-4DE21CD20EEF}) (Version: 3.0 - HP)
HP Software Update (HKLM\...\{CC0A24CB-87C9-4F1C-A1F2-F87D8D4DDCAF}) (Version: 1.0.18.20030625 - Hewlett-Packard)
hpmdtab (HKLM\...\{9F4EEA0C-7174-4BD3-89AF-7AB2F9F6AEDD}) (Version: 2.0.470.1598 - Hewlett-Packard) Hidden
HPSystemDiagnostics (HKLM\...\{3CF78481-FB7B-4B51-99A2-D5E0CD0B3AAF}) (Version: 1.5.0.0 - Your Company Name) Hidden
InstantShare (HKLM\...\{745A92AF-53B4-41A7-91C3-9B026B1D5897}) (Version: 3.1.0.13 - Hewlett-Packard) Hidden
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.10.5436 - Intel Corporation)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jays Snipping Tool (HKCU\...\e891758400ca417b) (Version: 1.0.0.12 - Missoula Software)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Memories Disc Creator 2.0 (HKLM\...\{2E132061-C78A-48D4-A899-1D13B9D189FA}) (Version: 2.0.470.1598 - Memories Disc Creator 2.0)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Standard 2010 (HKLM\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WinUsb 2.0 (HKLM\...\winusb0200) (Version:  - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenVPN Client (HKLM\...\{072A5217-8165-4AB7-8366-36CB3245DB60}) (Version: 1.5.6 - OpenVPN Technologies)
Overland (HKLM\...\{1CAD83B0-87A3-4206-BF70-644546808731}) (Version: 1.76.0 - Hewlett-Packard) Hidden
PhotoGallery (HKLM\...\{C38BC5B7-62D3-4880-82DD-A4803FD81921}) (Version: 5.31.0.158 - Hewlett-Packard) Hidden
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.1815.0 - CyberLink Corporation)
PrintScreen (HKLM\...\{CFD1B282-555D-494d-8231-4175C2AF08C2}) (Version: 5.31.0.147 - Hewlett-Packard) Hidden
QFolder (HKLM\...\{8777AC6D-89F9-4793-8266-DE406F343E89}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
QuickProjects (HKLM\...\{5ADF6293-D60F-4425-AFA7-CEB820DB872B}) (Version: 5.31.0.147 - Hewlett-Packard) Hidden
Readme (HKLM\...\{54e854d5-d5d4-452d-9c75-b39f5625b5fb}) (Version: 5.31.1.27 - Hewlett-Packard) Hidden
REALTEK GbE & FE Ethernet PCI-E NIC Driver (HKLM\...\{C9BED750-1211-4480-B1A5-718A3BE15525}) (Version: 1.30.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6828 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.20.0 - Renesas Electronics Corporation)
Scan (HKLM\...\{939227BD-19D8-4684-8A04-31AC9F6A564C}) (Version: 3.1.0.0 - Hewlett-Packard) Hidden
Segoe UI (HKLM\...\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}) (Version: 14.0.4327.805 - Microsoft Corp) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0016-0409-0000-0000000FF1CE}_Office14.STANDARD_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.STANDARD_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0019-0409-0000-0000000FF1CE}_Office14.STANDARD_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.STANDARD_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001B-0409-0000-0000000FF1CE}_Office14.STANDARD_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.STANDARD_{09A9DF49-DA06-4093-A2FD-F339211E39EA}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.STANDARD_{ECC1D579-DC17-4B90-929C-B4A0BB35F7B3}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.STANDARD_{8C5A05B6-FF56-480F-A0E6-9F4BCA4B4CAC}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-002C-0409-0000-0000000FF1CE}_Office14.STANDARD_{945F1D43-451D-4383-9BBE-241F37950B15}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-006E-0409-0000-0000000FF1CE}_Office14.STANDARD_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-00A1-0409-0000-0000000FF1CE}_Office14.STANDARD_{D6A2CD7F-C90C-4B90-BBA7-2BADE2E08610}) (Version:  - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0115-0409-0000-0000000FF1CE}_Office14.STANDARD_{8DD50F3B-E0BD-4E39-AF1F-2F316B4FC528}) (Version:  - Microsoft) Hidden
SkinsHP1 (HKLM\...\{4FB6F304-A91D-4919-98E5-D96E074EA9E5}) (Version: 5.31.0.147 - Hewlett-Packard) Hidden
SkinsHP2 (HKLM\...\{D545BB81-DEB0-49f7-BE26-197BC31AAF57}) (Version: 5.31.0.147 - Hewlett-Packard) Hidden
Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sony PC Companion 2.10.275 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
TrayApp (HKLM\...\{CE4F8FFB-4063-4247-9F14-ECE61AFEFA25}) (Version: 5.31.0.147 - Hewlett-Packard) Hidden
Unload (HKLM\...\{E4ABB302-9D82-4D18-83D5-AD1DFE786AA8}) (Version: 3.1.0 - Hewlett-Packard) Hidden
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB978207) (HKLM\...\KB978207) (Version: 1 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (HKLM\...\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM\...\{FBBF532A-47AC-457d-AC06-0D3163D8911E}) (Version: 5.31.0.147 - Hewlett-Packard) Hidden
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
???????2007 (HKLM\...\{52307374-EA35-4003-B7E4-8F1FB422749F}) (Version: 12.0.5000.1001 - Microsoft Corporation)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 21%
Total physical RAM: 3522.31 MB
Available physical RAM: 2750.13 MB
Total Virtual: 5403.11 MB
Available Virtual: 4645.17 MB
 
========================= Partitions: =====================================
 
1 Drive c: (XPP_EN) (Fixed) (Total:465.76 GB) (Free:368.62 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\ACER
 
Administrator            ASPNET                   Guest                    
HelpAssistant            SUPPORT_388945a0         user                     
 
 
**** End of log ****
 
TDSSKiller Log
 
01:27:55.0062 0x0b80  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
01:27:59.0546 0x0b80  ============================================================
01:27:59.0546 0x0b80  Current date / time: 2015/07/26 01:27:59.0546
01:27:59.0546 0x0b80  SystemInfo:
01:27:59.0546 0x0b80  
01:27:59.0546 0x0b80  OS Version: 5.1.2600 ServicePack: 3.0
01:27:59.0546 0x0b80  Product type: Workstation
01:27:59.0546 0x0b80  ComputerName: ACER
01:27:59.0546 0x0b80  UserName: user
01:27:59.0546 0x0b80  Windows directory: C:\WINDOWS
01:27:59.0546 0x0b80  System windows directory: C:\WINDOWS
01:27:59.0546 0x0b80  Processor architecture: Intel x86
01:27:59.0546 0x0b80  Number of processors: 2
01:27:59.0546 0x0b80  Page size: 0x1000
01:27:59.0546 0x0b80  Boot type: Normal boot
01:27:59.0546 0x0b80  ============================================================
01:28:06.0562 0x0b80  KLMD registered as C:\WINDOWS\system32\drivers\61253090.sys
01:28:08.0078 0x0b80  System UUID: {0A0E072E-29FE-1A63-8207-CFB4639CC5EC}
01:28:12.0531 0x0b80  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
01:28:12.0703 0x0b80  ============================================================
01:28:12.0703 0x0b80  \Device\Harddisk0\DR0:
01:28:12.0703 0x0b80  MBR partitions:
01:28:12.0703 0x0b80  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800
01:28:12.0703 0x0b80  ============================================================
01:28:12.0828 0x0b80  C: <-> \Device\Harddisk0\DR0\Partition1
01:28:13.0250 0x0b80  ============================================================
01:28:13.0250 0x0b80  Initialize success
01:28:13.0250 0x0b80  ============================================================
01:28:16.0609 0x0250  ============================================================
01:28:16.0609 0x0250  Scan started
01:28:16.0609 0x0250  Mode: Manual; 
01:28:16.0609 0x0250  ============================================================
01:28:16.0609 0x0250  KSN ping started
01:28:21.0203 0x0250  KSN ping finished: true
01:29:03.0343 0x0250  ================ Scan system memory ========================
01:29:03.0343 0x0250  System memory - ok
01:29:03.0343 0x0250  ================ Scan services =============================
01:29:03.0593 0x0250  Abiosdsk - ok
01:29:03.0593 0x0250  abp480n5 - ok
01:29:03.0703 0x0250  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
01:29:03.0765 0x0250  ACPI - ok
01:29:03.0937 0x0250  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
01:29:03.0937 0x0250  ACPIEC - ok
01:29:04.0078 0x0250  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
01:29:04.0171 0x0250  AdobeFlashPlayerUpdateSvc - ok
01:29:04.0187 0x0250  adpu160m - ok
01:29:04.0265 0x0250  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
01:29:04.0296 0x0250  aec - ok
01:29:04.0375 0x0250  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
01:29:04.0421 0x0250  AFD - ok
01:29:04.0468 0x0250  [ 0EBB674888CBDEFD5773341C16DD6A07, EC87828DBD4E11079C1E7296EEC568917A7B4052AA3EFFA402DD5FAA7E45741D ] AFS2K           C:\WINDOWS\system32\drivers\AFS2K.sys
01:29:04.0468 0x0250  AFS2K - ok
01:29:04.0468 0x0250  Aha154x - ok
01:29:04.0578 0x0250  [ 3936A49ECB74CF23BBB6979CD683DD56, 472BEDEFC099A05630664DD5DFA9DA01DFFCB681AE9F8F7748F5A31DF1221096 ] ahcix86         C:\WINDOWS\system32\DRIVERS\ahcix86.sys
01:29:04.0640 0x0250  ahcix86 - ok
01:29:04.0640 0x0250  aic78u2 - ok
01:29:04.0640 0x0250  aic78xx - ok
01:29:04.0671 0x0250  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
01:29:04.0671 0x0250  Alerter - ok
01:29:04.0703 0x0250  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
01:29:04.0703 0x0250  ALG - ok
01:29:04.0718 0x0250  AliIde - ok
01:29:05.0265 0x0250  [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt         C:\WINDOWS\system32\drivers\Ambfilt.sys
01:29:05.0781 0x0250  Ambfilt - ok
01:29:05.0796 0x0250  amsint - ok
01:29:05.0859 0x0250  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
01:29:05.0921 0x0250  AppMgmt - ok
01:29:05.0921 0x0250  asc - ok
01:29:05.0921 0x0250  asc3350p - ok
01:29:05.0921 0x0250  asc3550 - ok
01:29:06.0078 0x0250  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
01:29:06.0109 0x0250  aspnet_state - ok
01:29:06.0125 0x0250  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
01:29:06.0125 0x0250  AsyncMac - ok
01:29:06.0171 0x0250  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
01:29:06.0171 0x0250  atapi - ok
01:29:06.0171 0x0250  Atdisk - ok
01:29:06.0218 0x0250  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
01:29:06.0234 0x0250  Atmarpc - ok
01:29:06.0265 0x0250  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
01:29:06.0281 0x0250  AudioSrv - ok
01:29:06.0312 0x0250  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
01:29:06.0312 0x0250  audstub - ok
01:29:06.0421 0x0250  [ C88454126FD53B0782F6423E7DA3169D, 83C962E974C188CE2EC1B54C2FEFF9F7677F30EB135B4E9D5A4E5EA24254290B ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
01:29:06.0421 0x0250  b57w2k - ok
01:29:06.0468 0x0250  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
01:29:06.0468 0x0250  Beep - ok
01:29:06.0609 0x0250  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
01:29:06.0812 0x0250  BITS - ok
01:29:06.0875 0x0250  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
01:29:06.0890 0x0250  Browser - ok
01:29:06.0953 0x0250  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
01:29:06.0953 0x0250  cbidf2k - ok
01:29:06.0953 0x0250  cd20xrnt - ok
01:29:07.0000 0x0250  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
01:29:07.0000 0x0250  Cdaudio - ok
01:29:07.0062 0x0250  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
01:29:07.0078 0x0250  Cdfs - ok
01:29:07.0125 0x0250  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
01:29:07.0140 0x0250  Cdrom - ok
01:29:07.0156 0x0250  Changer - ok
01:29:07.0171 0x0250  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
01:29:07.0171 0x0250  CiSvc - ok
01:29:07.0187 0x0250  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
01:29:07.0203 0x0250  ClipSrv - ok
01:29:07.0296 0x0250  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:29:07.0328 0x0250  clr_optimization_v2.0.50727_32 - ok
01:29:07.0406 0x0250  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:29:07.0546 0x0250  clr_optimization_v4.0.30319_32 - ok
01:29:07.0546 0x0250  CmdIde - ok
01:29:07.0546 0x0250  COMSysApp - ok
01:29:10.0171 0x0250  [ D641CA108187E8169A04DD1B50280557, 766B7ABAFA3CBDFF0C8AD21CFACC4C06BDF9AC13AB51B0A1B4A029556A61155C ] Cooperative Taste C:\Program Files\Cooperative Taste\Cooperative Taste.exe
01:29:12.0500 0x0250  Cooperative Taste - ok
01:29:12.0515 0x0250  Cpqarray - ok
01:29:12.0562 0x0250  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
01:29:12.0578 0x0250  CryptSvc - ok
01:29:12.0593 0x0250  dac2w2k - ok
01:29:12.0593 0x0250  dac960nt - ok
01:29:12.0750 0x0250  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
01:29:12.0875 0x0250  DcomLaunch - ok
01:29:12.0953 0x0250  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
01:29:12.0984 0x0250  Dhcp - ok
01:29:13.0015 0x0250  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
01:29:13.0031 0x0250  Disk - ok
01:29:13.0031 0x0250  dmadmin - ok
01:29:13.0296 0x0250  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
01:29:13.0546 0x0250  dmboot - ok
01:29:13.0593 0x0250  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
01:29:13.0640 0x0250  dmio - ok
01:29:13.0656 0x0250  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
01:29:13.0671 0x0250  dmload - ok
01:29:13.0671 0x0250  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
01:29:13.0687 0x0250  dmserver - ok
01:29:13.0734 0x0250  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
01:29:13.0750 0x0250  DMusic - ok
01:29:13.0796 0x0250  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
01:29:13.0812 0x0250  Dnscache - ok
01:29:13.0875 0x0250  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
01:29:13.0906 0x0250  Dot3svc - ok
01:29:13.0906 0x0250  dpti2o - ok
01:29:13.0921 0x0250  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
01:29:13.0921 0x0250  drmkaud - ok
01:29:13.0937 0x0250  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
01:29:13.0953 0x0250  EapHost - ok
01:29:13.0968 0x0250  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
01:29:13.0968 0x0250  ERSvc - ok
01:29:14.0046 0x0250  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
01:29:14.0078 0x0250  Eventlog - ok
01:29:14.0171 0x0250  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
01:29:14.0234 0x0250  EventSystem - ok
01:29:14.0328 0x0250  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
01:29:14.0375 0x0250  Fastfat - ok
01:29:14.0437 0x0250  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
01:29:14.0484 0x0250  FastUserSwitchingCompatibility - ok
01:29:14.0500 0x0250  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
01:29:14.0515 0x0250  Fdc - ok
01:29:14.0531 0x0250  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
01:29:14.0531 0x0250  Fips - ok
01:29:14.0546 0x0250  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
01:29:14.0546 0x0250  Flpydisk - ok
01:29:14.0625 0x0250  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\DRIVERS\fltMgr.sys
01:29:14.0656 0x0250  FltMgr - ok
01:29:14.0718 0x0250  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
01:29:14.0750 0x0250  FontCache3.0.0.0 - ok
01:29:14.0750 0x0250  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
01:29:14.0750 0x0250  Fs_Rec - ok
01:29:14.0796 0x0250  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
01:29:14.0828 0x0250  Ftdisk - ok
01:29:14.0859 0x0250  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
01:29:14.0875 0x0250  Gpc - ok
01:29:14.0984 0x0250  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
01:29:15.0015 0x0250  gupdate - ok
01:29:15.0046 0x0250  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
01:29:15.0062 0x0250  gupdatem - ok
01:29:15.0125 0x0250  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
01:29:15.0125 0x0250  HDAudBus - ok
01:29:15.0218 0x0250  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
01:29:15.0218 0x0250  helpsvc - ok
01:29:15.0250 0x0250  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
01:29:15.0265 0x0250  HidServ - ok
01:29:15.0281 0x0250  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
01:29:15.0296 0x0250  hidusb - ok
01:29:15.0343 0x0250  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
01:29:15.0359 0x0250  hkmsvc - ok
01:29:15.0359 0x0250  hpn - ok
01:29:15.0406 0x0250  [ 287A63BD8509BD78E7978823B38AFA81, B3508209F557CF92DD8C21789F934168345212DAFD082494DB7089CF96C104DD ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
01:29:15.0421 0x0250  HPZid412 - ok
01:29:15.0453 0x0250  [ 0B4FDA2657C3E0315EAA57F9C6D4FD1F, 74228EA4E3AD882A4FA5FD5534FF0B29CDF2AC70D8888240E061BE030E61C7BE ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
01:29:15.0468 0x0250  HPZipr12 - ok
01:29:15.0484 0x0250  [ 29559DB25258B60510A60C4E470FCE32, 4918053D6AA26D176985FFFF529D8113B025648EA26D8ABB9972E09CBD0DE1AD ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
01:29:15.0500 0x0250  HPZius12 - ok
01:29:15.0593 0x0250  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
01:29:15.0687 0x0250  HTTP - ok
01:29:15.0703 0x0250  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
01:29:15.0718 0x0250  HTTPFilter - ok
01:29:15.0718 0x0250  i2omgmt - ok
01:29:15.0718 0x0250  i2omp - ok
01:29:15.0765 0x0250  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
01:29:15.0781 0x0250  i8042prt - ok
01:29:16.0593 0x0250  [ AB3ACAC0F000CA91599B71FD0519C228, 568055B5E5F78DAF955AFAB1240882107ECAC8F78B72A1579F02EEA737D45760 ] ialm            C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
01:29:17.0375 0x0250  ialm - ok
01:29:17.0531 0x0250  [ 26541A068572F650A2FA490726FE81BE, 9D6EF745731D45C4482274BE9C56300BBE8843D6C182F0E5C621AB121DBE371E ] iastor          C:\WINDOWS\system32\DRIVERS\iaStor.sys
01:29:17.0656 0x0250  iastor - ok
01:29:17.0984 0x0250  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
01:29:18.0312 0x0250  idsvc - ok
01:29:18.0328 0x0250  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
01:29:18.0343 0x0250  Imapi - ok
01:29:18.0421 0x0250  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
01:29:18.0468 0x0250  ImapiService - ok
01:29:18.0468 0x0250  ini910u - ok
01:29:20.0203 0x0250  [ 0411E287D5E77DE24E3ED602D80C0B6B, A7AA69BC8E16FD8C75E0090A4D482D5BD03F1A63136088A871CAE05254BE2C8F ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
01:29:20.0281 0x0250  IntcAzAudAddService - ok
01:29:20.0375 0x0250  [ F4804891676F2EFAA81CBF5F2393AD2A, E4F226D78B10327521FFDA8EAAAC0791B38BC81C7CCCD939A3A882C880A24C7F ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
01:29:20.0484 0x0250  IntcDAud - ok
01:29:20.0515 0x0250  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
01:29:20.0531 0x0250  intelppm - ok
01:29:20.0546 0x0250  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
01:29:20.0562 0x0250  Ip6Fw - ok
01:29:20.0593 0x0250  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
01:29:20.0593 0x0250  IpFilterDriver - ok
01:29:20.0609 0x0250  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
01:29:20.0625 0x0250  IpInIp - ok
01:29:20.0671 0x0250  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
01:29:20.0734 0x0250  IpNat - ok
01:29:20.0781 0x0250  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
01:29:20.0812 0x0250  IPSec - ok
01:29:20.0828 0x0250  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
01:29:20.0828 0x0250  IRENUM - ok
01:29:20.0859 0x0250  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
01:29:20.0875 0x0250  isapnp - ok
01:29:21.0015 0x0250  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
01:29:21.0078 0x0250  JavaQuickStarterService - ok
01:29:21.0109 0x0250  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
01:29:21.0109 0x0250  Kbdclass - ok
01:29:21.0125 0x0250  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
01:29:21.0140 0x0250  kbdhid - ok
01:29:21.0218 0x0250  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
01:29:21.0281 0x0250  kmixer - ok
01:29:21.0328 0x0250  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
01:29:21.0359 0x0250  KSecDD - ok
01:29:21.0406 0x0250  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer    C:\WINDOWS\System32\srvsvc.dll
01:29:21.0437 0x0250  LanmanServer - ok
01:29:21.0500 0x0250  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
01:29:21.0531 0x0250  lanmanworkstation - ok
01:29:21.0546 0x0250  lbrtfdc - ok
01:29:21.0578 0x0250  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
01:29:21.0593 0x0250  LmHosts - ok
01:29:21.0734 0x0250  [ C3ED67C05F3923F9A8FEBA7A996337E1, 0A092A22339A9BFFAAB4A8A7C795480C058C0360C743BDF5D5DE042825F464A7 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
01:29:21.0812 0x0250  McComponentHostService - ok
01:29:21.0859 0x0250  [ F053F1D48C8A92BDFA72654D0DCDF5AB, A9FD181ECCAD08118DA39D59158171C8D1D9BF67285D6766D2DA03B861CAD512 ] MEI             C:\WINDOWS\system32\DRIVERS\HECI.sys
01:29:21.0859 0x0250  MEI - ok
01:29:21.0890 0x0250  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
01:29:21.0906 0x0250  Messenger - ok
01:29:21.0921 0x0250  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
01:29:21.0937 0x0250  mnmdd - ok
01:29:21.0968 0x0250  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
01:29:21.0984 0x0250  mnmsrvc - ok
01:29:22.0015 0x0250  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
01:29:22.0015 0x0250  Modem - ok
01:29:22.0468 0x0250  [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt         C:\WINDOWS\system32\drivers\Monfilt.sys
01:29:22.0921 0x0250  Monfilt - ok
01:29:22.0953 0x0250  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
01:29:22.0968 0x0250  Mouclass - ok
01:29:23.0000 0x0250  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
01:29:23.0046 0x0250  mouhid - ok
01:29:23.0156 0x0250  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
01:29:23.0187 0x0250  MountMgr - ok
01:29:23.0187 0x0250  mraid35x - ok
01:29:23.0281 0x0250  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
01:29:23.0390 0x0250  MRxDAV - ok
01:29:23.0640 0x0250  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
01:29:23.0937 0x0250  MRxSmb - ok
01:29:24.0000 0x0250  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
01:29:24.0015 0x0250  MSDTC - ok
01:29:24.0093 0x0250  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
01:29:24.0109 0x0250  Msfs - ok
01:29:24.0125 0x0250  MSIServer - ok
01:29:24.0203 0x0250  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
01:29:24.0234 0x0250  MSKSSRV - ok
01:29:24.0328 0x0250  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
01:29:24.0375 0x0250  MSPCLOCK - ok
01:29:24.0390 0x0250  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
01:29:24.0437 0x0250  MSPQM - ok
01:29:24.0484 0x0250  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
01:29:24.0515 0x0250  mssmbios - ok
01:29:24.0609 0x0250  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
01:29:24.0703 0x0250  Mup - ok
01:29:24.0890 0x0250  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
01:29:25.0078 0x0250  napagent - ok
01:29:25.0171 0x0250  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
01:29:25.0281 0x0250  NDIS - ok
01:29:25.0359 0x0250  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
01:29:25.0390 0x0250  NdisTapi - ok
01:29:25.0453 0x0250  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
01:29:25.0484 0x0250  Ndisuio - ok
01:29:25.0546 0x0250  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
01:29:25.0609 0x0250  NdisWan - ok
01:29:25.0703 0x0250  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
01:29:25.0734 0x0250  NDProxy - ok
01:29:25.0812 0x0250  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
01:29:25.0843 0x0250  NetBIOS - ok
01:29:25.0953 0x0250  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
01:29:26.0046 0x0250  NetBT - ok
01:29:26.0125 0x0250  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
01:29:26.0203 0x0250  NetDDE - ok
01:29:26.0250 0x0250  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
01:29:26.0250 0x0250  NetDDEdsdm - ok
01:29:26.0312 0x0250  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
01:29:26.0328 0x0250  Netlogon - ok
01:29:26.0500 0x0250  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
01:29:26.0609 0x0250  Netman - ok
01:29:26.0750 0x0250  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
01:29:27.0046 0x0250  NetTcpPortSharing - ok
01:29:27.0203 0x0250  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
01:29:27.0359 0x0250  Nla - ok
01:29:27.0390 0x0250  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
01:29:27.0421 0x0250  Npfs - ok
01:29:27.0718 0x0250  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
01:29:28.0093 0x0250  Ntfs - ok
01:29:28.0109 0x0250  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
01:29:28.0125 0x0250  NtLmSsp - ok
01:29:28.0359 0x0250  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
01:29:28.0656 0x0250  NtmsSvc - ok
01:29:28.0671 0x0250  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
01:29:28.0703 0x0250  Null - ok
01:29:28.0781 0x0250  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
01:29:28.0828 0x0250  NwlnkFlt - ok
01:29:28.0859 0x0250  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
01:29:28.0890 0x0250  NwlnkFwd - ok
01:29:29.0062 0x0250  [ 8C02B0CC65BEE71124A565062BA77B39, C3B4965D62995195A776581BA0750FA72833F4E2E1F8F9DC683F562C13A9E20C ] OpenVPNAccessClient C:\Program Files\OpenVPN Technologies\OpenVPN Client\core\capiws.exe
01:29:29.0078 0x0250  OpenVPNAccessClient - ok
01:29:29.0609 0x0250  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:29:29.0750 0x0250  ose - ok
01:29:32.0125 0x0250  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:29:34.0906 0x0250  osppsvc - ok
01:29:34.0968 0x0250  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
01:29:35.0031 0x0250  Parport - ok
01:29:35.0062 0x0250  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
01:29:35.0093 0x0250  PartMgr - ok
01:29:35.0171 0x0250  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
01:29:35.0187 0x0250  ParVdm - ok
01:29:35.0250 0x0250  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
01:29:35.0312 0x0250  PCI - ok
01:29:35.0312 0x0250  PCIDump - ok
01:29:35.0328 0x0250  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
01:29:35.0359 0x0250  PCIIde - ok
01:29:35.0468 0x0250  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
01:29:35.0546 0x0250  Pcmcia - ok
01:29:35.0609 0x0250  PDCOMP - ok
01:29:35.0625 0x0250  PDFRAME - ok
01:29:35.0640 0x0250  PDRELI - ok
01:29:35.0656 0x0250  PDRFRAME - ok
01:29:35.0656 0x0250  perc2 - ok
01:29:35.0656 0x0250  perc2hib - ok
01:29:35.0718 0x0250  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
01:29:35.0734 0x0250  PlugPlay - ok
01:29:35.0750 0x0250  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
01:29:35.0750 0x0250  PolicyAgent - ok
01:29:35.0812 0x0250  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
01:29:35.0859 0x0250  PptpMiniport - ok
01:29:35.0953 0x0250  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
01:29:35.0984 0x0250  Processor - ok
01:29:36.0000 0x0250  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
01:29:36.0000 0x0250  ProtectedStorage - ok
01:29:36.0046 0x0250  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
01:29:36.0125 0x0250  PSched - ok
01:29:36.0156 0x0250  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
01:29:36.0203 0x0250  Ptilink - ok
01:29:36.0328 0x0250  [ 1CBA8870F17897E58DF295012979C139, 717E135BC9E1524F714CFD035C5509100ECC8B5F1AEA5A6E40F48E4CFF1DCB56 ] qcserxp         C:\WINDOWS\system32\DRIVERS\qcserxp.sys
01:29:36.0390 0x0250  qcserxp - ok
01:29:36.0421 0x0250  ql1080 - ok
01:29:36.0421 0x0250  Ql10wnt - ok
01:29:36.0421 0x0250  ql12160 - ok
01:29:36.0421 0x0250  ql1240 - ok
01:29:36.0421 0x0250  ql1280 - ok
01:29:36.0453 0x0250  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
01:29:36.0468 0x0250  RasAcd - ok
01:29:36.0546 0x0250  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
01:29:36.0640 0x0250  RasAuto - ok
01:29:36.0718 0x0250  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
01:29:36.0750 0x0250  Rasl2tp - ok
01:29:36.0781 0x0f10  Object required for P2P: [ D641CA108187E8169A04DD1B50280557 ] Cooperative Taste
01:29:36.0984 0x0250  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
01:29:37.0140 0x0250  RasMan - ok
01:29:37.0812 0x0250  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
01:29:37.0875 0x0250  RasPppoe - ok
01:29:38.0906 0x0250  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
01:29:38.0937 0x0250  Raspti - ok
01:29:39.0359 0x0250  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
01:29:39.0500 0x0250  Rdbss - ok
01:29:39.0578 0x0250  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
01:29:39.0625 0x0250  RDPCDD - ok
01:29:39.0953 0x0250  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
01:29:40.0140 0x0250  rdpdr - ok
01:29:40.0390 0x0250  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
01:29:40.0546 0x0250  RDPWD - ok
01:29:40.0890 0x0250  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
01:29:41.0078 0x0250  RDSessMgr - ok
01:29:41.0265 0x0250  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
01:29:41.0328 0x0250  redbook - ok
01:29:41.0765 0x0250  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
01:29:41.0859 0x0250  RemoteAccess - ok
01:29:41.0937 0x0250  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
01:29:42.0000 0x0250  RemoteRegistry - ok
01:29:42.0609 0x0250  [ BD517C7FB119997EFFBE39D5E4B37B05, 4B03555714824FE6C247FA9DF910671D7F1BA18C13DD82E5E7147F7AAB2BF6B1 ] RichVideo       C:\Program Files\CyberLink\Shared files\RichVideo.exe
01:29:42.0718 0x0250  RichVideo - ok
01:29:42.0875 0x0250  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
01:29:42.0953 0x0250  RpcLocator - ok
01:29:43.0156 0x0250  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
01:29:43.0265 0x0250  RpcSs - ok
01:29:43.0406 0x0250  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
01:29:43.0515 0x0250  RSVP - ok
01:29:43.0640 0x0250  [ CB9310A5A910648D359C99A857E22A54, 7E24EF1577FC6AEE5B6102DB4126F8EC5B5A1F1D9C46E5B09203B30F3F979C9E ] RTLE8023xp      C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
01:29:43.0750 0x0250  RTLE8023xp - ok
01:29:44.0453 0x0250  [ F16E4F2A64D8B070728825BEE199EDBF, 7B9B08BEC90D9754BFBEA0E130F6ABA3FEBD9A9D503321854F3569BAF390F68B ] RtlWlanu        C:\WINDOWS\system32\DRIVERS\rtwlanu.sys
01:29:44.0484 0x0250  RtlWlanu - ok
01:29:44.0515 0x0250  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
01:29:44.0515 0x0250  SamSs - ok
01:29:44.0609 0x0250  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
01:29:44.0718 0x0250  SCardSvr - ok
01:29:44.0875 0x0250  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
01:29:45.0000 0x0250  Schedule - ok
01:29:45.0109 0x0250  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
01:29:45.0140 0x0250  Secdrv - ok
01:29:45.0234 0x0250  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
01:29:45.0250 0x0250  seclogon - ok
01:29:45.0312 0x0250  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
01:29:45.0343 0x0250  SENS - ok
01:29:45.0375 0x0250  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] Serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
01:29:45.0390 0x0250  Serenum - ok
01:29:45.0468 0x0250  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
01:29:45.0500 0x0250  Serial - ok
01:29:45.0531 0x0250  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
01:29:45.0546 0x0250  Sfloppy - ok
01:29:45.0718 0x0250  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
01:29:45.0937 0x0250  SharedAccess - ok
01:29:46.0031 0x0250  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
01:29:46.0046 0x0250  ShellHWDetection - ok
01:29:46.0046 0x0250  Simbad - ok
01:29:46.0312 0x0250  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
01:29:46.0531 0x0250  SkypeUpdate - ok
01:29:46.0859 0x0250  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files\Sony\Sony PC Companion\PCCService.exe
01:29:46.0984 0x0250  Sony PC Companion - ok
01:29:46.0984 0x0f10  Object send P2P result: true
01:29:46.0984 0x0250  Sparrow - ok
01:29:47.0078 0x0250  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
01:29:47.0093 0x0250  splitter - ok
01:29:47.0187 0x0250  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
01:29:47.0281 0x0250  Spooler - ok
01:29:47.0359 0x0250  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
01:29:47.0421 0x0250  sr - ok
01:29:47.0515 0x0250  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
01:29:47.0625 0x0250  srservice - ok
01:29:47.0921 0x0250  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
01:29:48.0125 0x0250  Srv - ok
01:29:48.0234 0x0250  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
01:29:48.0343 0x0250  SSDPSRV - ok
01:29:48.0546 0x0250  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
01:29:48.0796 0x0250  stisvc - ok
01:29:48.0843 0x0250  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
01:29:48.0875 0x0250  swenum - ok
01:29:48.0953 0x0250  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
01:29:48.0984 0x0250  swmidi - ok
01:29:49.0015 0x0250  SwPrv - ok
01:29:49.0015 0x0250  symc810 - ok
01:29:49.0015 0x0250  symc8xx - ok
01:29:49.0031 0x0250  sym_hi - ok
01:29:49.0062 0x0250  sym_u3 - ok
01:29:49.0140 0x0250  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
01:29:49.0171 0x0250  sysaudio - ok
01:29:49.0281 0x0250  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
01:29:49.0359 0x0250  SysmonLog - ok
01:29:49.0453 0x0250  [ 432D9D823C4C26B6070C41BAD4404CE4, 741B41F7467D312AF4CC733EA31F647FBCD06985CBB6A14117E8A87A6F7B06F5 ] tap0901         C:\WINDOWS\system32\DRIVERS\tap0901.sys
01:29:49.0500 0x0250  tap0901 - ok
01:29:49.0656 0x0250  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
01:29:49.0781 0x0250  TapiSrv - ok
01:29:49.0843 0x0250  [ 827C8058C284FF0013E4462EFE2591A3, CC97766296666B924970F8371127BB74AB96053C556886DD396E788A6C3A2218 ] tapoas          C:\WINDOWS\system32\DRIVERS\tapoas.sys
01:29:49.0843 0x0250  tapoas - ok
01:29:50.0078 0x0250  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
01:29:50.0312 0x0250  Tcpip - ok
01:29:50.0375 0x0250  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
01:29:50.0421 0x0250  TDPIPE - ok
01:29:50.0484 0x0250  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
01:29:50.0515 0x0250  TDTCP - ok
01:29:50.0562 0x0250  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
01:29:50.0593 0x0250  TermDD - ok
01:29:50.0796 0x0250  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
01:29:51.0015 0x0250  TermService - ok
01:29:51.0093 0x0250  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
01:29:51.0093 0x0250  Themes - ok
01:29:51.0203 0x0250  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
01:29:51.0250 0x0250  TlntSvr - ok
01:29:51.0296 0x0250  TosIde - ok
01:29:51.0375 0x0250  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
01:29:51.0437 0x0250  TrkWks - ok
01:29:51.0515 0x0250  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
01:29:51.0593 0x0250  Udfs - ok
01:29:51.0609 0x0250  ultra - ok
01:29:51.0828 0x0250  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
01:29:52.0046 0x0250  Update - ok
01:29:52.0187 0x0250  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
01:29:52.0281 0x0250  upnphost - ok
01:29:52.0343 0x0250  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
01:29:52.0390 0x0250  UPS - ok
01:29:52.0468 0x0250  [ 65898A183FBF1D1F7759D5CCB364DCD4, 85E823123FDB4CA5F8255064E22A444627999055EC3419DFD001371893F36AB9 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
01:29:52.0531 0x0250  usbaudio - ok
01:29:52.0625 0x0250  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
01:29:52.0640 0x0250  usbccgp - ok
01:29:52.0734 0x0250  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
01:29:52.0765 0x0250  usbehci - ok
01:29:52.0828 0x0250  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
01:29:52.0859 0x0250  usbhub - ok
01:29:52.0921 0x0250  [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
01:29:52.0953 0x0250  usbohci - ok
01:29:53.0031 0x0250  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
01:29:53.0062 0x0250  usbprint - ok
01:29:53.0171 0x0250  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
01:29:53.0218 0x0250  usbscan - ok
01:29:53.0343 0x0250  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
01:29:53.0343 0x0250  USBSTOR - ok
01:29:53.0421 0x0250  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
01:29:53.0453 0x0250  VgaSave - ok
01:29:53.0484 0x0250  ViaIde - ok
01:29:53.0593 0x0250  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
01:29:53.0609 0x0250  VolSnap - ok
01:29:53.0812 0x0250  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
01:29:54.0031 0x0250  VSS - ok
01:29:54.0187 0x0250  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
01:29:54.0359 0x0250  W32Time - ok
01:29:54.0421 0x0250  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
01:29:54.0437 0x0250  Wanarp - ok
01:29:54.0734 0x0250  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
01:29:55.0015 0x0250  Wdf01000 - ok
01:29:55.0031 0x0250  WDICA - ok
01:29:55.0062 0x0250  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
01:29:55.0140 0x0250  wdmaud - ok
01:29:55.0203 0x0250  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
01:29:55.0265 0x0250  WebClient - ok
01:29:55.0609 0x0250  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
01:29:55.0703 0x0250  winmgmt - ok
01:29:55.0765 0x0250  [ 30FC6E5448D0CBAAA95280EEEF7FEDAE, 04374450882504D9031951F4E9317E5A128EBA5A22A3555ACD28BC742861AF9C ] WinUSB          C:\WINDOWS\system32\DRIVERS\WinUSB.sys
01:29:55.0812 0x0250  WinUSB - ok
01:29:55.0921 0x0250  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
01:29:55.0953 0x0250  WmdmPmSN - ok
01:29:56.0281 0x0250  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
01:29:56.0671 0x0250  Wmi - ok
01:29:56.0734 0x0250  [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi         C:\WINDOWS\system32\DRIVERS\wmiacpi.sys
01:29:56.0765 0x0250  WmiAcpi - ok
01:29:56.0875 0x0250  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
01:29:56.0953 0x0250  WmiApSrv - ok
01:29:57.0484 0x0250  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
01:29:58.0015 0x0250  WMPNetworkSvc - ok
01:29:58.0046 0x0250  [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
01:29:58.0093 0x0250  WpdUsb - ok
01:29:58.0640 0x0250  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
01:29:59.0171 0x0250  WPFFontCache_v0400 - ok
01:29:59.0281 0x0250  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
01:29:59.0343 0x0250  wscsvc - ok
01:29:59.0421 0x0250  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
01:29:59.0578 0x0250  wuauserv - ok
01:29:59.0671 0x0250  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
01:29:59.0734 0x0250  WudfPf - ok
01:29:59.0812 0x0250  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
01:29:59.0875 0x0250  WudfRd - ok
01:29:59.0921 0x0250  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
01:29:59.0953 0x0250  WudfSvc - ok
01:30:00.0281 0x0250  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
01:30:00.0578 0x0250  WZCSVC - ok
01:30:00.0671 0x0250  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
01:30:01.0109 0x0250  xmlprov - ok
01:30:01.0125 0x0250  ================ Scan global ===============================
01:30:01.0218 0x0250  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
01:30:01.0625 0x0250  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
01:30:01.0984 0x0250  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
01:30:02.0046 0x0250  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
01:30:02.0046 0x0250  [ Global ] - ok
01:30:02.0046 0x0250  ================ Scan MBR ==================================
01:30:02.0093 0x0250  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:30:10.0359 0x0250  \Device\Harddisk0\DR0 - ok
01:30:10.0359 0x0250  ================ Scan VBR ==================================
01:30:10.0375 0x0250  [ 4F4406EE63F098D31EBE578F93FB35D1 ] \Device\Harddisk0\DR0\Partition1
01:30:10.0578 0x0250  \Device\Harddisk0\DR0\Partition1 - ok
01:30:10.0578 0x0250  ================ Scan generic autorun ======================
01:30:10.0859 0x0250  [ 7BBE4CF421AECC7F0226EDD75F12079F, 8E78FC5E0657DB066F9EBAADEA9AFECB1AAA570DD9C08C7ED42116704D2E379D ] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE
01:30:11.0031 0x0250  IMJPMIG8.1 - ok
01:30:11.0328 0x0250  [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
01:30:11.0625 0x0250  PHIME2002ASync - ok
01:30:11.0828 0x0250  [ 024DC0F68DF5FD6AE9DD82DFBAF479D6, FDBF0FD05CFB757C704B22703DF23E05207F14877A4EF52E3032012B6FD0C4E0 ] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
01:30:11.0843 0x0250  PHIME2002A - ok
01:30:11.0968 0x0250  [ 6CCBE90D8EAE1A5A613B0777ED7E96EC, 60F2E09116C7A675074D1AC6305611E8350F49F3CCB32462A8AB3D578C2D0A0F ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
01:30:12.0015 0x0250  RemoteControl - ok
01:30:12.0140 0x0250  [ 4377DDC405D4569530962138EEE20F83, F2ECE7EE6F1086213AF8A9F7F9761D6B81AD92BD322659D95D04F4535D0600CB ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
01:30:12.0140 0x0250  LanguageShortcut - ok
01:30:12.0250 0x0250  [ B1E243AE9C813AFD9052E059740849C8, F57A0EBFE1D0FFABEE9DC81BB5F0A689EE5B0A40827D77C82F57191950D9DD8B ] c:\PROGRA~1\COMMON~1\MICROS~1\IME12L~1\imesc\IMSCMig.exe
01:30:12.0312 0x0250  Microsoft Pinyin IME Migration - ok
01:30:12.0578 0x0250  [ 12673BCF7B32087DF63F0CFF550EA40B, 5985A7902B39BD08B6F0BD96AF5A98D466E4E54CDDA69CCB56767FA5C78085D1 ] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
01:30:12.0609 0x0250  Adobe Reader Speed Launcher - ok
01:30:13.0140 0x0250  [ BAD6BEA0DE1F69C82BDB74378CE0C20A, ADA84B75173E9D03C180B527E31475ACA16CB19532C3EDA11357BD37049927E3 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
01:30:13.0640 0x0250  Adobe ARM - ok
01:30:13.0781 0x0250  [ 51C8885B6A00904C0252704C9FB0F43A, BF2F58E6697DB10F3D6FB3859FADC2CE1D3CDD318E487E02FDC2BE171AF6CA29 ] C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
01:30:13.0843 0x0250  NUSB3MON - ok
01:30:13.0984 0x0250  [ 1F153EC5635BFEE5326145B872C527E1, A5C1C42830E3056F8D0039329A9B005EDA9D12E79705C9523DC6D03F6A1E4660 ] C:\WINDOWS\system32\igfxtray.exe
01:30:14.0093 0x0250  IgfxTray - ok
01:30:14.0234 0x0250  [ 567BE23D24BB494DAEF7B05EDE628C98, D9880FDF3969D0ED24902792CE7B97CFC0AED7A2F6463F66007528A4279EF619 ] C:\WINDOWS\system32\hkcmd.exe
01:30:14.0359 0x0250  HotKeysCmds - ok
01:30:14.0453 0x0250  [ 4213D515EAABD76710D2D055598A0E98, F99BC1A3C31FA976226201ADEAD11A7F7E3817E42A3452DE107946C39BDD46E5 ] C:\WINDOWS\system32\igfxpers.exe
01:30:14.0546 0x0250  Persistence - ok
01:30:24.0000 0x0250  [ A846816E1C18A53BEBD02CB08F351552, 3BDE672D5086DD8DD1E3D2E764F635F24264C7B4D1F00D4C48683DE5D568209D ] C:\WINDOWS\RTHDCPL.EXE
01:30:38.0343 0x0250  RTHDCPL - ok
01:30:38.0593 0x0250  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
01:30:38.0781 0x0250  SunJavaUpdateSched - ok
01:30:38.0984 0x0250  [ 4575C69BC34B111C99A5DFBE8AF10EBB, 0D366778ED5B34C843469E7818CB63074443A959E2F60DDDB848B83F1712D2B7 ] C:\Program Files\HP\HP Software Update\HPWuSchd.exe
01:30:39.0015 0x0250  HP Software Update - ok
01:30:39.0187 0x0250  [ 12509373ADE2A148C18E63E0AD19C96B, F418C980BE80D469BEB245FBB5B26D643DD4F1BA33778CCC61655B7AE63340FB ] C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
01:30:39.0375 0x0250  HP Component Manager - ok
01:30:39.0375 0x0250  DXDllRegExe - ok
01:30:39.0468 0x0250  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
01:30:39.0468 0x0250  ctfmon.exe - ok
01:30:39.0828 0x0250  [ 8F97EDDF827C64AB2C42971095BF2F76, 5A42AA8E3A5E5BA6E93F1CD5B3229022D881B6180976E48A219A7C80F3EBE37D ] C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
01:30:40.0109 0x0250  Sony PC Companion - ok
01:30:40.0125 0x0250  Waiting for KSN requests completion. In queue: 6
01:30:41.0125 0x0250  Waiting for KSN requests completion. In queue: 6
01:30:42.0125 0x0250  Waiting for KSN requests completion. In queue: 6
01:30:43.0125 0x0250  Waiting for KSN requests completion. In queue: 6
01:30:44.0390 0x0250  Win FW state via NFM: enabled
01:30:49.0078 0x0250  ============================================================
01:30:49.0078 0x0250  Scan finished
01:30:49.0078 0x0250  ============================================================
01:30:49.0078 0x0778  Detected object count: 0
01:30:49.0078 0x0778  Actual detected object count: 0
 
ADWCleaner Log (AdwCleaner[S2[.txt)
 
# AdwCleaner v4.208 - Logfile created 26/07/2015 at 01:45:37
# Updated 09/07/2015 by Xplode
# Database : 2015-07-15.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : user - ACER
# Running from : C:\Documents and Settings\user\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v8.0.6001.18702
 
 
-\\ Google Chrome v44.0.2403.107
 
 
*************************
 
AdwCleaner[R0].txt - [1946 bytes] - [07/05/2015 21:29:22]
AdwCleaner[R1].txt - [872 bytes] - [26/07/2015 01:11:56]
AdwCleaner[R2].txt - [988 bytes] - [26/07/2015 01:32:19]
AdwCleaner[R3].txt - [1046 bytes] - [26/07/2015 01:45:10]
AdwCleaner[S0].txt - [2038 bytes] - [07/05/2015 21:36:56]
AdwCleaner[S1].txt - [935 bytes] - [26/07/2015 01:13:27]
AdwCleaner[S2].txt - [973 bytes] - [26/07/2015 01:45:37]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1031  bytes] ##########
 
 
JRT.txt
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.1 (07.16.2015:1)
OS: Microsoft Windows XP x86
Ran by user on Sun 07/26/2015 at  1:53:03.10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] C:\Documents and Settings\user\Application Data\appdataFr3.bin
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] C:\WINDOWS\System32\c2mp
 
 
 
~~~ Chrome
 
 
[C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Documents and Settings\user\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 07/26/2015 at  1:57:55.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Edited by mhakkinen68, 25 July 2015 - 03:13 PM.


BC AdBot (Login to Remove)

 


m

#2 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:02 PM

Posted 26 July 2015 - 01:35 PM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===


How is the computer running now?
Wait for further instructions.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,223 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:05:02 PM

Posted 31 July 2015 - 07:25 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users