WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93124 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Registry repair/still having issues [Solved]

Started by btbenoit , Jan 27 2014 09:24 AM

This topic is locked

132 replies to this topic

#1 btbenoit

Authentic Member

Authentic Member
95 posts

Posted 27 January 2014 - 09:24 AM

Hi, I had posted back a few moths ago about rootkit issues with my PC. I think I'm also having Registry issues also. My PC is running slow: programs, folders opening,etc. Also the PC detects some external devises: MP3 player, iPhone, external hardrive. But some devices it does not detect automatically (when it used to): GPS unit, thumb drive, nextbook. I've talked to a couple of computer guru's and they said I should do a registry repair. I tried using CCcleaner and Glary utilities, and both seem to be getting stuck on certain folders.

Advertisements

Register to Remove

#2 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 29 January 2014 - 09:56 PM

Hi btbenoit,

:welcome:

My name is Tomk. I would be glad to take a look at your log and help you with solving any malware problems. Logs can take a while to research, so please be patient and I'd be grateful if you would note the following:

I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.

In my opinion, registry cleaners are never the answer. And by that I mean that I've never seen a system helped by running a registry cleaner... but I have seen systems completely borked after a registry cleaner/optimizer was used.

Let's get a log and see what we can see.

Please download DDS by sUBs from one of the following links and save it to your desktop.

dds.scr
dds.com

Temporarily disable any script blocker if your Anti-Virus/Anti-Malware has it.
How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs

Once downloaded you can disconnect from the Internet and disable your Ant-Virus temporarily if needed.
Then double click dds.scr or dds.com to run the tool
Click the Run button if prompted with an Open File - Security Warning dialog box.
A black DOS console should open and run for a moment.

When done, DDS will open two (2) logs:
- DDS.txt
- Attach.txt

Save both reports to your desktop
Please include the following logs in your next reply: DDS.txt and Attach.txt
You can ignore the note about zipping the Attach.txt file in most cases.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#3 btbenoit

Authentic Member

Authentic Member
95 posts

Posted 29 January 2014 - 10:12 PM

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.45.2

Run by Beaub at 22:13:15 on 2014-01-29

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.916 [GMT -6:00]

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

============== Running Processes ================

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Glary Utilities 4\Integrator.exe

C:\Program Files\Creative\Mixer\CTSVolFE.exe

C:\Program Files\Fisher-Price\Photo Software\Util\Fisher-Price Photo Software Middleware.exe

C:\Program Files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe

C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

C:\Program Files\WinZip\WZQKPICK.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

C:\Program Files\Secunia\PSI\sua.exe

C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\alg.exe

C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Microsoft\BingBar\7.3.124.0\BingApp.exe

C:\Program Files\Microsoft\BingBar\7.3.124.0\BingBar.exe

C:\Program Files\Microsoft\BingBar\7.3.124.0\BingSurrogate.exe

C:\program files\real\realplayer\update\realsched.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k rpcss

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k hpdevmgmt

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\system32\svchost.exe -k imgsvc

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/

BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files\microsoft\bingbar\7.3.124.0\BingExt.dll

BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll

BHO: WOT Helper: {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - c:\program files\wot\WOT.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: WOT: {71576546-354D-41C9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll

TB: WOT: {71576546-354D-41c9-AAE8-31F2EC22BF0D} - c:\program files\wot\WOT.dll

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - c:\program files\microsoft\bingbar\7.3.124.0\BingExt.dll

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background

uRun: [Google Update] "c:\documents and settings\beaub\local settings\application data\google\update\GoogleUpdate.exe" /c

mRun: [CTSVolFE.exe] "c:\program files\creative\mixer\CTSVolFE.exe" /r

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [FPPhotoMiddleWare] c:\program files\fisher-price\photo software\util\Fisher-Price Photo Software Middleware.exe

mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe

mRun: [Philips Device Listener] "c:\program files\philips\philips songbird resources\autolauncher\PhilipsDeviceListener.exe"

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"

mRun: [ContentTransferWMDetector.exe] c:\program files\sony\content transfer\ContentTransferWMDetector.exe

mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot

mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey

dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\winzip~1.lnk - c:\program files\winzip\WZQKPICK.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:323

uPolicies-Explorer: NoDriveAutoRun = dword:67108863

uPolicies-Explorer: NoDrives = dword:0

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDrives = dword:0

mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1

mPolicies-Explorer: NoDriveTypeAutoRun = dword:323

mPolicies-Explorer: NoDriveAutoRun = dword:67108863

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1262200055895

DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1369003957641

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://samsclubus.pnimedia.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab

DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_21-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com//activex/ractrl.cab?lmi=1007

TCP: NameServer = 192.168.2.1

TCP: Interfaces\{67A097C5-EA5A-4A00-B984-FC00705A6157} : DHCPNameServer = 192.168.2.1

Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - c:\program files\wot\WOT.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

================= FIREFOX ===================

FF - ProfilePath - c:\documents and settings\beaub\application data\mozilla\firefox\profiles\0ixibutj.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z005&form=ZGAPHP

FF - prefs.js: browser.search.selectedEngine - Google

FF - ExtSQL: !HIDDEN! 2010-01-10 14:30; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension

============= SERVICES / DRIVERS ===============

R0 BootDefragDriver;BootDefragDriver;c:\windows\system32\drivers\BootDefragDriver.sys [2013-11-29 13504]

R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2010-10-24 214696]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2013-6-6 37664]

R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-2-11 35088]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-3-6 39056]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2013-11-4 660184]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2013-8-27 93072]

R2 WDDMService;WD SmartWare Drive Manager;c:\program files\western digital\wd smartware\wd drive manager\WDDMService.exe [2009-10-14 98304]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\western digital\wd smartware\front parlor\WDSmartWareBackgroundService.exe [2009-6-16 20480]

R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.3.124.0\SeaPort.EXE [2013-12-16 247968]

S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.3.124.0\BBSvc.EXE [2013-12-16 193696]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2010-9-29 16512]

S3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [2013-8-20 30464]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\lavasoft\ad-aware\kernexplorer.sys --> c:\program files\lavasoft\ad-aware\KernExplorer.sys [?]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-11-4 16024]

S3 Revoflt;Revoflt;c:\windows\system32\drivers\revoflt.sys --> c:\windows\system32\drivers\revoflt.sys [?]

S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2013-11-4 1228504]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2010-1-9 11520]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]

S4 KodakDigitalDisplayService;KodakDigitalDisplayService;c:\program files\kodak\digital display\orbkodaklauncher\DllStartupService.exe [2009-5-14 98304]

S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\lavasoft\ad-aware\aawservice.exe" --> c:\program files\lavasoft\ad-aware\AAWService.exe [?]

=============== Created Last 30 ================

2014-01-28 10:16:38 7760024 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{e46fbda0-5a12-412e-bfeb-e7ca9f7b8e54}\mpengine.dll

2014-01-27 05:23:45 7760024 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll

2014-01-26 03:35:34 -------- d-----w- c:\program files\CCleaner

2014-01-17 03:23:22 -------- d-----w- c:\windows\system32\NtmsData

==================== Find3M ====================

2014-01-24 21:27:39 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-01-24 21:27:39 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-01-19 07:32:23 231584 ------w- c:\windows\system32\MpSigStub.exe

2013-12-19 01:56:36 4558848 ----a-w- c:\windows\system32\GPhotos.scr

2013-12-11 09:01:26 9272200 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-12-02 19:25:48 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-11-27 20:21:06 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys

2013-11-19 03:57:02 101664 ----a-w- c:\windows\system32\BootDefrag.exe

2013-11-18 01:18:34 13504 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys

2013-11-13 02:59:42 150528 ----a-w- c:\windows\system32\imagehlp.dll

2013-11-12 20:33:41 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-11-07 05:38:51 591360 ----a-w- c:\windows\system32\rpcrt4.dll

2013-11-06 01:03:31 7168 ----a-w- c:\windows\system32\xpsp4res.dll

2013-11-04 12:42:02 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys

=================== ROOTKIT ====================

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net

Windows 5.1.2600 Disk: SAMSUNG_SP2504C rev.VT100-52 -> Harddisk0\DR0 -> \Device\00000064

device: opened successfully

user: MBR read successfully

Disk trace:

called modules: ntkrnlpa.exe >>UNKNOWN [0x8A31E5D0]<<

_asm { MOV EAX, 0x8a31e4f0; XCHG [ESP], EAX; PUSH EAX; PUSH 0x8a3b42ac; RET ; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; ADD [EAX], AL; }

1 ntkrnlpa!IofCallDriver[0x804EE1A0] -> \Device\Harddisk0\DR0[0x8A3D4628]

\Driver\Disk[0x8A472DD8] -> IRP_MJ_CREATE -> 0x8A31E5D0

kernel: MBR read successfully

_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }

detected disk devices:

detected hooks:

\Driver\Disk -> 0x8a31e5d0

user & kernel MBR OK

Warning: possible MBR rootkit infection !

============= FINISH: 22:14:32.76 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_2012-11-20.01)

Microsoft Windows XP Home Edition

Boot Device: \Device\HarddiskVolume3

Install Date: 12/30/2009 8:29:26 AM

System Uptime: 1/26/2014 8:38:37 AM (86 hours ago)

Motherboard: Dell Inc | | 0UW457

Processor: AMD Athlon™ 64 Processor 3200+ | Socket M2 | 2004/1000mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 223 GiB total, 29.892 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 6.007 GiB free.

E: is CDROM (CDFS)

G: is FIXED (NTFS) - 1863 GiB total, 1669.266 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP2996: 12/21/2013 4:00:18 AM - Software Distribution Service 3.0

RP2997: 12/22/2013 4:00:19 AM - Software Distribution Service 3.0

RP2998: 12/22/2013 4:16:17 AM - Software Distribution Service 3.0

RP2999: 12/22/2013 10:42:28 PM - Software Distribution Service 3.0

RP3000: 12/23/2013 4:00:19 AM - Software Distribution Service 3.0

RP3001: 12/24/2013 4:00:22 AM - Software Distribution Service 3.0

RP3002: 12/24/2013 4:17:39 AM - Software Distribution Service 3.0

RP3003: 12/25/2013 4:00:22 AM - Software Distribution Service 3.0

RP3004: 12/25/2013 6:04:15 AM - Software Distribution Service 3.0

RP3005: 12/26/2013 4:00:27 AM - Software Distribution Service 3.0

RP3006: 12/27/2013 4:00:23 AM - Software Distribution Service 3.0

RP3007: 12/27/2013 4:17:47 AM - Software Distribution Service 3.0

RP3008: 12/28/2013 4:00:24 AM - Software Distribution Service 3.0

RP3009: 12/29/2013 4:00:22 AM - Software Distribution Service 3.0

RP3010: 12/29/2013 4:18:54 AM - Software Distribution Service 3.0

RP3011: 12/29/2013 11:30:04 PM - Software Distribution Service 3.0

RP3012: 12/30/2013 4:00:21 AM - Software Distribution Service 3.0

RP3013: 12/31/2013 4:08:10 AM - Software Distribution Service 3.0

RP3014: 12/31/2013 10:33:08 AM - Software Distribution Service 3.0

RP3015: 1/1/2014 4:00:19 AM - Software Distribution Service 3.0

RP3016: 1/2/2014 4:00:21 AM - Software Distribution Service 3.0

RP3017: 1/2/2014 4:17:24 AM - Software Distribution Service 3.0

RP3018: 1/3/2014 4:00:24 AM - Software Distribution Service 3.0

RP3019: 1/4/2014 4:00:21 AM - Software Distribution Service 3.0

RP3020: 1/4/2014 4:16:47 AM - Software Distribution Service 3.0

RP3021: 1/5/2014 4:00:19 AM - Software Distribution Service 3.0

RP3022: 1/5/2014 10:47:58 AM - Software Distribution Service 3.0

RP3023: 1/6/2014 3:15:54 AM - Software Distribution Service 3.0

RP3024: 1/6/2014 4:13:43 AM - Software Distribution Service 3.0

RP3025: 1/7/2014 4:07:09 AM - Software Distribution Service 3.0

RP3026: 1/8/2014 4:06:49 AM - Software Distribution Service 3.0

RP3027: 1/8/2014 6:56:36 PM - Software Distribution Service 3.0

RP3028: 1/9/2014 4:07:10 AM - Software Distribution Service 3.0

RP3029: 1/10/2014 4:07:47 AM - Software Distribution Service 3.0

RP3030: 1/10/2014 1:23:43 PM - Software Distribution Service 3.0

RP3031: 1/11/2014 4:02:37 AM - Software Distribution Service 3.0

RP3032: 1/11/2014 6:37:20 PM - Software Distribution Service 3.0

RP3033: 1/12/2014 9:28:08 AM - Software Distribution Service 3.0

RP3034: 1/12/2014 5:05:21 PM - System Checkpoint

RP3035: 1/12/2014 11:04:42 PM - Software Distribution Service 3.0

RP3036: 1/13/2014 4:00:18 AM - Software Distribution Service 3.0

RP3037: 1/14/2014 4:00:19 AM - Software Distribution Service 3.0

RP3038: 1/14/2014 4:16:36 AM - Software Distribution Service 3.0

RP3039: 1/15/2014 4:00:30 AM - Software Distribution Service 3.0

RP3040: 1/16/2014 4:06:27 AM - Software Distribution Service 3.0

RP3041: 1/16/2014 9:20:10 PM - Software Distribution Service 3.0

RP3042: 1/17/2014 4:00:19 AM - Software Distribution Service 3.0

RP3043: 1/18/2014 4:00:20 AM - Software Distribution Service 3.0

RP3044: 1/18/2014 4:17:55 AM - Software Distribution Service 3.0

RP3045: 1/19/2014 4:00:24 AM - Software Distribution Service 3.0

RP3046: 1/19/2014 10:57:18 PM - Software Distribution Service 3.0

RP3047: 1/20/2014 4:00:19 AM - Software Distribution Service 3.0

RP3048: 1/21/2014 4:00:18 AM - Software Distribution Service 3.0

RP3049: 1/21/2014 4:16:10 AM - Software Distribution Service 3.0

RP3050: 1/22/2014 4:00:18 AM - Software Distribution Service 3.0

RP3051: 1/23/2014 4:00:20 AM - Software Distribution Service 3.0

RP3052: 1/23/2014 4:17:06 AM - Software Distribution Service 3.0

RP3053: 1/24/2014 4:06:45 AM - Software Distribution Service 3.0

RP3054: 1/24/2014 7:24:26 AM - Software Distribution Service 3.0

RP3055: 1/25/2014 4:06:23 AM - Software Distribution Service 3.0

RP3056: 1/25/2014 7:33:15 AM - Software Distribution Service 3.0

RP3057: 1/26/2014 8:45:07 AM - Software Distribution Service 3.0

RP3058: 1/26/2014 9:04:18 AM - Software Distribution Service 3.0

RP3059: 1/26/2014 11:23:41 PM - Software Distribution Service 3.0

RP3060: 1/27/2014 4:00:18 AM - Software Distribution Service 3.0

RP3061: 1/28/2014 4:00:19 AM - Software Distribution Service 3.0

RP3062: 1/28/2014 4:16:35 AM - Software Distribution Service 3.0

RP3063: 1/29/2014 4:00:22 AM - Software Distribution Service 3.0

==== Installed Programs ======================

32 Bit HP CIO Components Installer

3ivx MPEG-4 5.0.2 (remove only)

Acrobat.com

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Flash Player 12 ActiveX

Adobe Photoshop 7.0

Adobe Reader X (10.1.9)

Adobe Shockwave Player 12.0

Adobe SVG Viewer 3.0

AI-Aircraft Editor Version 2.1.0.23

AIO_Scan

AMR to MP3 Converter 1.4

AnyToISO

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Application Mover

ArcSoft Panorama Maker 4

ASPCA Reminder by We-Care.com v4.1.22.1

Athlon 64 Processor Driver

Avanquest update

AviSynth 2.5

Bing Bar

BitTorrent

Bonjour

Broadcom 440x 10/100 Integrated Controller

Broadcom Management Programs

BufferChm

C5200

C5200_doccd

c5200_Help

CardRd81

CCleaner

CCScore

ClipGrab 3.3.0.2

Compatibility Pack for the 2007 Office system

Content Transfer

Copy

CR2

Critical Security Update

CustomerResearchQFolder

CutePDF Writer 3.0

Dealio Toolbar v8.2

Defraggler

Delta Force - Black Hawk Down

Destination Component

DeviceDiscovery

DeviceManagementQFolder

Digital Line Detect

DocProc

DocProcQFolder

EditVoicepack

ESSBrwr

ESSCDBK

ESScore

ESSgui

ESSini

ESSPCD

ESSPDock

ESSTOOLS

essvatgt

eSupportQFolder

Expstudio Audio Editor FREE

Fax

File Uploader

Fisher-Price Photo Software

Flight Deck 6 for FS2004

Free M4a to MP3 Converter 7.1

Free Mp3 Wma Converter V 1.9

Glary Utilities 4.0

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Google+ Auto Backup

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows XP (KB2158563)

Hotfix for Windows XP (KB2443685)

Hotfix for Windows XP (KB2570791)

Hotfix for Windows XP (KB2633952)

Hotfix for Windows XP (KB2756822)

Hotfix for Windows XP (KB2779562)

Hotfix for Windows XP (KB954550-v5)

HP Customer Participation Program 9.0

HP Imaging Device Functions 9.0

HP OCR Software 9.0

HP Officejet 6700 Basic Device Software

HP Officejet 6700 Help

HP Officejet 6700 Product Improvement Study

HP Photosmart All-In-One Software 9.0

HP Photosmart Essential 2.01

HP Photosmart Essential2.01

HP Solution Center 9.0

HP Update

HPProductAssistant

HPSSupply

I.R.I.S. OCR

iTunes

Java Auto Updater

Java™ 6 Update 21

K-Lite Codec Pack 7.0.0 (Standard)

KATL Atlanta

KEDDS

Kodak EasyShare digital display software

Malwarebytes Anti-Malware version 1.75.0.1300

MarketResearch

Microsoft .NET Framework 1.1

Microsoft .NET Framework 1.1 Security Update (KB2698023)

Microsoft .NET Framework 1.1 Security Update (KB2833941)

Microsoft .NET Framework 1.1 Security Update (KB979906)

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Application Error Reporting

Microsoft Flight Simulator 2004 A Century of Flight

Microsoft Kernel-Mode Driver Framework Feature Pack 1.7

Microsoft Office Professional Edition 2003

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Military AI Works - RAF Lakenheath 48th FW

MobileMe Control Panel

Motorola Driver Installation 4.5.0

Mouse Suite for Desktop Computers

Mozilla Firefox 21.0 (x86 en-US)

Mozilla Maintenance Service

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

NASCAR® Racing 2007 Season

netbrdg

Nikon Message Center

Nikon Transfer

NNC Series Mod

NRatings

NVIDIA Drivers

OfotoXMI

PanoStandAlone

PGA Championship Golf 2000

Picasa 3

Prop-Liners Collection

PS Panels 737NG Version 1.1

PS_AIO_02_ProductContext

PS_AIO_02_Software

PS_AIO_02_Software_min

PSSWCORE

QuickTime

RealDownloader

RealNetworks - Microsoft Visual C++ 2008 Runtime

RealNetworks - Microsoft Visual C++ 2010 Runtime

RealPlayer

RealUpgrade 1.1

Roxio Creator Audio

Roxio Creator Copy

Roxio Creator Data

Roxio Creator DE

Roxio Creator Tools

Roxio Drag-to-Disc

Roxio Express Labeler

Roxio Update Manager

Safari

SAMSUNG CDMA Modem Driver Set

SAMSUNG Mobile Composite Device Software

SAMSUNG Mobile Modem Driver Set

Samsung Mobile phone USB driver Software

SAMSUNG Mobile USB Modem 1.0 Software

SAMSUNG Mobile USB Modem Software

Samsung PC Studio 3 USB Driver Installer

Samsung Samples Installer

Scan

Secunia PSI (3.0.0.9015)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)

Security Update for Microsoft .NET Framework 4 Extended (KB2416472)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)

Security Update for Microsoft Windows (KB2564958)

Security Update for Windows Internet Explorer 8 (KB2183461)

Security Update for Windows Internet Explorer 8 (KB2360131)

Security Update for Windows Internet Explorer 8 (KB2416400)

Security Update for Windows Internet Explorer 8 (KB2482017)

Security Update for Windows Internet Explorer 8 (KB2497640)

Security Update for Windows Internet Explorer 8 (KB2510531)

Security Update for Windows Internet Explorer 8 (KB2530548)

Security Update for Windows Internet Explorer 8 (KB2559049)

Security Update for Windows Internet Explorer 8 (KB2586448)

Security Update for Windows Internet Explorer 8 (KB2618444)

Security Update for Windows Internet Explorer 8 (KB2647516)

Security Update for Windows Internet Explorer 8 (KB2675157)

Security Update for Windows Internet Explorer 8 (KB2699988)

Security Update for Windows Internet Explorer 8 (KB2722913)

Security Update for Windows Internet Explorer 8 (KB2744842)

Security Update for Windows Internet Explorer 8 (KB2761465)

Security Update for Windows Internet Explorer 8 (KB2792100)

Security Update for Windows Internet Explorer 8 (KB2797052)

Security Update for Windows Internet Explorer 8 (KB2799329)

Security Update for Windows Internet Explorer 8 (KB2809289)

Security Update for Windows Internet Explorer 8 (KB2817183)

Security Update for Windows Internet Explorer 8 (KB2829530)

Security Update for Windows Internet Explorer 8 (KB2838727)

Security Update for Windows Internet Explorer 8 (KB2846071)

Security Update for Windows Internet Explorer 8 (KB2847204)

Security Update for Windows Internet Explorer 8 (KB2862772)

Security Update for Windows Internet Explorer 8 (KB2870699)

Security Update for Windows Internet Explorer 8 (KB2879017)

Security Update for Windows Internet Explorer 8 (KB2888505)

Security Update for Windows Internet Explorer 8 (KB2898785)

Security Update for Windows Internet Explorer 8 (KB971961)

Security Update for Windows Internet Explorer 8 (KB976325)

Security Update for Windows Internet Explorer 8 (KB978207)

Security Update for Windows Internet Explorer 8 (KB981332)

Security Update for Windows Internet Explorer 8 (KB982381)

Security Update for Windows Media Player (KB2378111)

Security Update for Windows Media Player (KB2834904-v2)

Security Update for Windows Media Player (KB2834904)

Security Update for Windows Media Player (KB975558)

Security Update for Windows XP (KB2121546)

Security Update for Windows XP (KB2259922)

Security Update for Windows XP (KB2279986)

Security Update for Windows XP (KB2296011)

Security Update for Windows XP (KB2296199)

Security Update for Windows XP (KB2347290)

Security Update for Windows XP (KB2360937)

Security Update for Windows XP (KB2387149)

Security Update for Windows XP (KB2393802)

Security Update for Windows XP (KB2412687)

Security Update for Windows XP (KB2419632)

Security Update for Windows XP (KB2423089)

Security Update for Windows XP (KB2436673)

Security Update for Windows XP (KB2440591)

Security Update for Windows XP (KB2443105)

Security Update for Windows XP (KB2476687)

Security Update for Windows XP (KB2478960)

Security Update for Windows XP (KB2478971)

Security Update for Windows XP (KB2479628)

Security Update for Windows XP (KB2479943)

Security Update for Windows XP (KB2481109)

Security Update for Windows XP (KB2483185)

Security Update for Windows XP (KB2485376)

Security Update for Windows XP (KB2485663)

Security Update for Windows XP (KB2503658)

Security Update for Windows XP (KB2506212)

Security Update for Windows XP (KB2506223)

Security Update for Windows XP (KB2507618)

Security Update for Windows XP (KB2507938)

Security Update for Windows XP (KB2508272)

Security Update for Windows XP (KB2508429)

Security Update for Windows XP (KB2509553)

Security Update for Windows XP (KB2511455)

Security Update for Windows XP (KB2524375)

Security Update for Windows XP (KB2536276-v2)

Security Update for Windows XP (KB2544893-v2)

Security Update for Windows XP (KB2555917)

Security Update for Windows XP (KB2562937)

Security Update for Windows XP (KB2566454)

Security Update for Windows XP (KB2567053)

Security Update for Windows XP (KB2567680)

Security Update for Windows XP (KB2570222)

Security Update for Windows XP (KB2570947)

Security Update for Windows XP (KB2584146)

Security Update for Windows XP (KB2585542)

Security Update for Windows XP (KB2592799)

Security Update for Windows XP (KB2598479)

Security Update for Windows XP (KB2603381)

Security Update for Windows XP (KB2618451)

Security Update for Windows XP (KB2619339)

Security Update for Windows XP (KB2620712)

Security Update for Windows XP (KB2621440)

Security Update for Windows XP (KB2624667)

Security Update for Windows XP (KB2631813)

Security Update for Windows XP (KB2633171)

Security Update for Windows XP (KB2639417)

Security Update for Windows XP (KB2641653)

Security Update for Windows XP (KB2646524)

Security Update for Windows XP (KB2647518)

Security Update for Windows XP (KB2653956)

Security Update for Windows XP (KB2655992)

Security Update for Windows XP (KB2659262)

Security Update for Windows XP (KB2660465)

Security Update for Windows XP (KB2661637)

Security Update for Windows XP (KB2676562)

Security Update for Windows XP (KB2685939)

Security Update for Windows XP (KB2686509)

Security Update for Windows XP (KB2691442)

Security Update for Windows XP (KB2695962)

Security Update for Windows XP (KB2698365)

Security Update for Windows XP (KB2705219)

Security Update for Windows XP (KB2707511)

Security Update for Windows XP (KB2709162)

Security Update for Windows XP (KB2712808)

Security Update for Windows XP (KB2718523)

Security Update for Windows XP (KB2719985)

Security Update for Windows XP (KB2723135)

Security Update for Windows XP (KB2724197)

Security Update for Windows XP (KB2727528)

Security Update for Windows XP (KB2731847)

Security Update for Windows XP (KB2753842-v2)

Security Update for Windows XP (KB2753842)

Security Update for Windows XP (KB2757638)

Security Update for Windows XP (KB2758857)

Security Update for Windows XP (KB2761226)

Security Update for Windows XP (KB2770660)

Security Update for Windows XP (KB2778344)

Security Update for Windows XP (KB2779030)

Security Update for Windows XP (KB2780091)

Security Update for Windows XP (KB2799494)

Security Update for Windows XP (KB2802968)

Security Update for Windows XP (KB2807986)

Security Update for Windows XP (KB2808735)

Security Update for Windows XP (KB2813170)

Security Update for Windows XP (KB2813345)

Security Update for Windows XP (KB2820197)

Security Update for Windows XP (KB2820917)

Security Update for Windows XP (KB2829361)

Security Update for Windows XP (KB2834886)

Security Update for Windows XP (KB2839229)

Security Update for Windows XP (KB2845187)

Security Update for Windows XP (KB2847311)

Security Update for Windows XP (KB2849470)

Security Update for Windows XP (KB2850851)

Security Update for Windows XP (KB2850869)

Security Update for Windows XP (KB2859537)

Security Update for Windows XP (KB2862152)

Security Update for Windows XP (KB2862330)

Security Update for Windows XP (KB2862335)

Security Update for Windows XP (KB2864063)

Security Update for Windows XP (KB2868038)

Security Update for Windows XP (KB2868626)

Security Update for Windows XP (KB2876217)

Security Update for Windows XP (KB2876315)

Security Update for Windows XP (KB2876331)

Security Update for Windows XP (KB2883150)

Security Update for Windows XP (KB2884256)

Security Update for Windows XP (KB2892075)

Security Update for Windows XP (KB2893294)

Security Update for Windows XP (KB2893984)

Security Update for Windows XP (KB2898715)

Security Update for Windows XP (KB2900986)

Security Update for Windows XP (KB2914368)

Security Update for Windows XP (KB979687)

Security Update for Windows XP (KB981322)

Security Update for Windows XP (KB981957)

Security Update for Windows XP (KB982132)

Security Update for Windows XP (KB982802)

SFR

SHASTA

SigmaTel Audio

SimCity 2000® Special Edition

skin0001

SKINXSDK

SolutionCenter

Sonic Activation Module

Spy Sweeper

staticcr

Status

swMSM

TomTom HOME

TomTom HOME Visual Studio Merge Modules

Toolbox

tooltips

TrayApp

Unity Web Player

UnloadSupport

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB975364)

Update for Windows Internet Explorer 8 (KB976662)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows XP (KB2141007)

Update for Windows XP (KB2345886)

Update for Windows XP (KB2467659)

Update for Windows XP (KB2541763)

Update for Windows XP (KB2607712)

Update for Windows XP (KB2616676)

Update for Windows XP (KB2641690)

Update for Windows XP (KB2661254-v2)

Update for Windows XP (KB2718704)

Update for Windows XP (KB2736233)

Update for Windows XP (KB2749655)

Update for Windows XP (KB2863058)

Update for Windows XP (KB2904266)

Update for Windows XP (KB971029)

VideoToolkit01

Visual C++ 2008 x86 Runtime - (v9.0.30729)

Visual C++ 2008 x86 Runtime - v9.0.30729.01

VPRINTOL

WD SmartWare

WebFldrs XP

WebReg

WinDirStat 1.1.2

Windows Genuine Advantage Validation Tool (KB892130)

Windows Internet Explorer 8

Windows Live ID Sign-in Assistant

Windows Media Format 11 runtime

Windows Media Player 11

WinPcap 4.1.2

WinX Free AVI to WMV Converter 4.0.15

WinX Free FLV to MP3 Converter 2.0.7

WinX Free FLV to WMV Converter 4.1.9

WinX Free MOV to MP4 Converter 4.1.11

WinX Free MOV to WMV Converter 4.1.11

WinX Free MP4 to AVI Converter 4.1.12

WinX Free MP4 to WMV Converter 4.1.10

WinZip 14.5

WIRELESS

WOT for Internet Explorer

==== Event Viewer Messages From Past Week ========

1/26/2014 8:40:00 PM, error: Schedule [7901] - The At2.job command failed to start due to the following error: General access denied error

1/26/2014 2:00:00 PM, error: Schedule [7901] - The At4.job command failed to start due to the following error: General access denied error

1/26/2014 10:10:00 AM, error: Schedule [7901] - The At1.job command failed to start due to the following error: General access denied error

1/26/2014 1:14:00 PM, error: Schedule [7901] - The At3.job command failed to start due to the following error: General access denied error

1/25/2014 9:47:37 PM, error: Service Control Manager [7034] - The NVIDIA Display Driver Service service terminated unexpectedly. It has done this 1 time(s).

1/24/2014 7:14:10 AM, error: Service Control Manager [7000] - The Process creation detector. service failed to start due to the following error: The system cannot find the file specified.

1/24/2014 7:13:58 AM, error: Service Control Manager [7000] - The vToolbarUpdater17.1.2 service failed to start due to the following error: The system cannot find the file specified.

1/24/2014 7:13:38 AM, error: sptd [4] - Driver detected an internal error in its data structures for .

1/24/2014 7:13:28 AM, error: Print [23] - Printer Microsoft Office Document Image Writer failed to initialize because a suitable Microsoft Office Document Image Writer Driver driver could not be found.

1/24/2014 4:10:05 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070641: Office 2003 Service Pack 3 (SP3).

1/24/2014 4:09:59 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Windows Installer service to connect.

1/24/2014 4:09:59 AM, error: Service Control Manager [7000] - The Windows Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

1/24/2014 4:09:57 AM, error: DCOM [10005] - DCOM got error "%1053" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

1/23/2014 4:06:35 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Outlook 2003 Junk E-mail Filter (KB2863822).

1/23/2014 4:06:35 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Office 2003 (KB907417).

1/23/2014 4:04:32 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Security Essentials - 4.4.304.0 (KB2902885).

1/23/2014 4:01:14 AM, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Office 2003 Service Pack 3 (SP3).

1/22/2014 8:02:00 PM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Adobe Flash Player Update Service service to connect.

1/22/2014 8:02:00 PM, error: Service Control Manager [7000] - The Adobe Flash Player Update Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

==== End Of File ===========================

#4 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 29 January 2014 - 10:24 PM

The registry is the least of your problems. You have a severely infected system... including, possibly, a rootkit.

bittorrent
You have bittorrent, a P2P/file sharing program installed on your computer. P2P applications like it are the largest source of malware we see. You'll be doing yourself a favor by removing it.

References for the risk of these programs can be found in these links:
http://www.microsoft...protection.mspx
http://www.techweb.com/wire/160500554
http://www.internetw...cles/art053.htm

I would recommend that you uninstall bittorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it. If asked to download Avast's database please do so.

Click the "Scan" button to start scan

On completion of the scan click save log, save it to your desktop and post in your next reply

There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#5 btbenoit

Authentic Member

Authentic Member
95 posts

Posted 30 January 2014 - 01:50 PM

Tomk, first of all, I want to say thank you for the help that you guys give.I had a post a few months ago about a possible rootkit. Another person supposedly helped me clean it up on here. However, I think it was never cleaned because after they had me go through all the steps, my PC still ran slow. I haven't used Bittorrent since Malware bytes picked up on the rootkit. I will delete bittorrent.

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2014-01-30 06:32:23
-----------------------------
06:32:23.562 OS Version: Windows 5.1.2600 Service Pack 3
06:32:23.562 Number of processors: 1 586 0x5F02
06:32:23.562 ComputerName: BEAU UserName:
06:32:24.171 Initialize success
07:23:39.687 AVAST engine defs: 14013000
13:36:51.265 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000064
13:36:51.265 Disk 0 Vendor: SAMSUNG_SP2504C VT100-52 Size: 238418MB BusType: 3
13:36:51.265 Disk 1 \Device\Harddisk1\DR1 -> \Device\00000068
13:36:51.265 Disk 1 Vendor: WDC_WD20EZRX-00D8PB0 80.00A80 Size: 1907729MB BusType: 3
13:36:51.265 Device \Driver\nvata -> MajorFunction 8a31ea40
13:36:51.281 Disk 0 MBR read successfully
13:36:51.281 Disk 0 MBR scan
13:36:51.375 Disk 0 Windows XP default MBR code
13:36:51.375 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
13:36:51.390 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 81920
13:36:51.406 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 228137 MB offset 21053440
13:36:51.453 Disk 0 scanning sectors +488278016
13:36:51.578 Disk 0 scanning C:\WINDOWS\system32\drivers
13:37:02.250 Service scanning
13:37:08.875 Service MpKsla5d04bef C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{50179A9D-EE07-4177-ADFC-4EF001C2FD9F}\MpKsla5d04bef.sys **LOCKED** 32
13:37:17.234 Modules scanning
13:37:23.531 Disk 0 trace - called modules:
13:37:23.546 ntkrnlpa.exe >>UNKNOWN [0x8a31e5d0]<<
13:37:23.546 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3d4628]
13:37:23.546 \Driver\Disk[0x8a472dd8] -> IRP_MJ_CREATE -> 0x8a31e5d0
13:37:24.390 AVAST engine scan C:\WINDOWS
13:37:29.718 AVAST engine scan C:\WINDOWS\system32
13:40:31.781 AVAST engine scan C:\WINDOWS\system32\drivers
13:40:48.453 AVAST engine scan C:\Documents and Settings\Beaub
13:47:26.625 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Beaub\Desktop\MBR.dat"
13:47:26.625 The log file has been saved successfully to "C:\Documents and Settings\Beaub\Desktop\aswMBR.txt"

I'm not sure how to insert the zip file?

#6 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 30 January 2014 - 03:15 PM

When you go to type a reply in the Reply to this topic box at the bottom of the page... click on the more reply options button on the lower right of the page. This will open you a bigger reply box. Below the reply box on the left it will say Attach Files and there is a browse button below those words. Click the browse button and then browse to the file you want to attach.

After you attach the zip file... go ahead and run the following tool:

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#7 btbenoit

Authentic Member

Authentic Member
95 posts

Posted 30 January 2014 - 05:46 PM

MBR.zip 523bytes 323 downloads

#8 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 30 January 2014 - 06:07 PM

Good news... your Mbr appears to be clean.

Let's see what TDSSkiller says.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#9 btbenoit

Authentic Member

Authentic Member
95 posts

Posted 30 January 2014 - 06:15 PM

18:05:22.0593 0x05c8 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50

18:05:31.0562 0x05c8 ============================================================

18:05:31.0562 0x05c8 Current date / time: 2014/01/30 18:05:31.0562

18:05:31.0562 0x05c8 SystemInfo:

18:05:31.0562 0x05c8

18:05:31.0562 0x05c8 OS Version: 5.1.2600 ServicePack: 3.0

18:05:31.0562 0x05c8 Product type: Workstation

18:05:31.0562 0x05c8 ComputerName: BEAU

18:05:31.0562 0x05c8 UserName: Beaub

18:05:31.0562 0x05c8 Windows directory: C:\WINDOWS

18:05:31.0562 0x05c8 System windows directory: C:\WINDOWS

18:05:31.0562 0x05c8 Processor architecture: Intel x86

18:05:31.0562 0x05c8 Number of processors: 1

18:05:31.0562 0x05c8 Page size: 0x1000

18:05:31.0562 0x05c8 Boot type: Normal boot

18:05:31.0562 0x05c8 ============================================================

18:05:31.0656 0x05c8 KLMD registered as C:\WINDOWS\system32\drivers\36620771.sys

18:05:31.0703 0x05c8 System UUID: {FC4B0D00-9922-5F55-AF76-811A9AE123D7}

18:05:32.0109 0x05c8 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

18:05:32.0750 0x05c8 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B24B5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000050

18:05:32.0765 0x05c8 ============================================================

18:05:32.0765 0x05c8 \Device\Harddisk0\DR0:

18:05:32.0765 0x05c8 MBR partitions:

18:05:32.0765 0x05c8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1400000

18:05:32.0765 0x05c8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1414000, BlocksNum 0x1BD94800

18:05:32.0765 0x05c8 \Device\Harddisk1\DR1:

18:05:32.0765 0x05c8 MBR partitions:

18:05:32.0765 0x05c8 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E07CA1

18:05:32.0765 0x05c8 ============================================================

18:05:32.0796 0x05c8 C: <-> \Device\Harddisk0\DR0\Partition2

18:05:32.0828 0x05c8 D: <-> \Device\Harddisk0\DR0\Partition1

18:05:32.0875 0x05c8 G: <-> \Device\Harddisk1\DR1\Partition1

18:05:32.0875 0x05c8 ============================================================

18:05:32.0875 0x05c8 Initialize success

18:05:32.0875 0x05c8 ============================================================

18:06:42.0359 0x05a8 ============================================================

18:06:42.0359 0x05a8 Scan started

18:06:42.0359 0x05a8 Mode: Manual; SigCheck; TDLFS;

18:06:42.0359 0x05a8 ============================================================

18:06:42.0359 0x05a8 KSN ping started

18:06:56.0156 0x05a8 KSN ping finished: true

18:06:57.0000 0x05a8 ================ Scan system memory ========================

18:06:57.0000 0x05a8 System memory - ok

18:06:57.0000 0x05a8 ================ Scan services =============================

18:06:57.0093 0x05a8 Abiosdsk - ok

18:06:57.0093 0x05a8 abp480n5 - ok

18:06:57.0125 0x05a8 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:06:57.0937 0x05a8 ACPI - ok

18:06:58.0046 0x05a8 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

18:06:58.0203 0x05a8 ACPIEC - ok

18:06:58.0281 0x05a8 [ 2471BCB6E1388A3484E78243A1BE5F33, CB7FBA6C15791554594228A5A1A7A5040BEB1BD725F08947D780E301D8AE788A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:06:58.0312 0x05a8 AdobeFlashPlayerUpdateSvc - ok

18:06:58.0312 0x05a8 adpu160m - ok

18:06:58.0343 0x05a8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys

18:06:58.0484 0x05a8 aec - ok

18:06:58.0531 0x05a8 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys

18:06:58.0593 0x05a8 AFD - ok

18:06:58.0593 0x05a8 AFGMp50 - ok

18:06:58.0593 0x05a8 AFGSp50 - ok

18:06:58.0609 0x05a8 Aha154x - ok

18:06:58.0609 0x05a8 aic78u2 - ok

18:06:58.0625 0x05a8 aic78xx - ok

18:06:58.0656 0x05a8 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

18:06:58.0828 0x05a8 Alerter - ok

18:06:58.0843 0x05a8 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe

18:06:58.0906 0x05a8 ALG - ok

18:06:58.0937 0x05a8 AliIde - ok

18:06:58.0984 0x05a8 [ 0A4D13B388C814560BD69C3A496ECFA8, 71ADD4C4A5C6465EA27F572DE608C348896C4C557D136718CCDD9919144F7986 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys

18:06:59.0031 0x05a8 AmdK8 - ok

18:06:59.0046 0x05a8 amsint - ok

18:06:59.0156 0x05a8 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:06:59.0171 0x05a8 Apple Mobile Device - ok

18:06:59.0187 0x05a8 AppMgmt - ok

18:06:59.0218 0x05a8 asc - ok

18:06:59.0218 0x05a8 asc3350p - ok

18:06:59.0234 0x05a8 asc3550 - ok

18:06:59.0265 0x05a8 [ 54AB078660E536DA72B21A27F56B035B, 41FA4D644EBC12AC8768D3D0EC12FF4E31FE0A7FE5E049432132710A1ED4E500 ] ASPI C:\WINDOWS\System32\DRIVERS\ASPI32.sys

18:06:59.0281 0x05a8 ASPI - detected UnsignedFile.Multi.Generic ( 1 )

18:07:02.0296 0x05a8 Detect skipped due to KSN trusted

18:07:02.0296 0x05a8 ASPI - ok

18:07:02.0406 0x05a8 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

18:07:02.0437 0x05a8 aspnet_state - ok

18:07:02.0453 0x05a8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:07:02.0593 0x05a8 AsyncMac - ok

18:07:02.0609 0x05a8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

18:07:02.0750 0x05a8 atapi - ok

18:07:02.0765 0x05a8 Atdisk - ok

18:07:02.0781 0x05a8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:07:02.0937 0x05a8 Atmarpc - ok

18:07:02.0968 0x05a8 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

18:07:03.0125 0x05a8 AudioSrv - ok

18:07:03.0156 0x05a8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

18:07:03.0296 0x05a8 audstub - ok

18:07:03.0328 0x05a8 [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys

18:07:03.0375 0x05a8 avgtp - ok

18:07:03.0437 0x05a8 [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe

18:07:03.0468 0x05a8 BBSvc - ok

18:07:03.0484 0x05a8 [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe

18:07:03.0515 0x05a8 BBUpdate - ok

18:07:03.0562 0x05a8 [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

18:07:03.0593 0x05a8 bcm4sbxp - ok

18:07:03.0625 0x05a8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys

18:07:03.0781 0x05a8 Beep - ok

18:07:03.0843 0x05a8 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll

18:07:04.0078 0x05a8 BITS - ok

18:07:04.0171 0x05a8 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:07:04.0203 0x05a8 Bonjour Service - ok

18:07:04.0250 0x05a8 [ 3722F97E33CACAB1D08B76ABFCCC2966, A40BD18AA7B0B4C5F5912438C0B8AD427C709FD1918C0C57FA3979A5CF73D890 ] BootDefragDriver C:\WINDOWS\system32\drivers\BootDefragDriver.sys

18:07:04.0265 0x05a8 BootDefragDriver - ok

18:07:04.0312 0x05a8 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll

18:07:04.0375 0x05a8 Browser - ok

18:07:04.0406 0x05a8 catchme - ok

18:07:04.0437 0x05a8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

18:07:04.0578 0x05a8 cbidf2k - ok

18:07:04.0593 0x05a8 cd20xrnt - ok

18:07:04.0625 0x05a8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

18:07:04.0781 0x05a8 Cdaudio - ok

18:07:04.0796 0x05a8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

18:07:04.0953 0x05a8 Cdfs - ok

18:07:04.0984 0x05a8 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:07:05.0031 0x05a8 Cdrom - ok

18:07:05.0046 0x05a8 [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys

18:07:05.0046 0x05a8 cercsr6 - detected UnsignedFile.Multi.Generic ( 1 )

18:07:07.0656 0x05a8 Detect skipped due to KSN trusted

18:07:07.0656 0x05a8 cercsr6 - ok

18:07:07.0671 0x05a8 Changer - ok

18:07:07.0703 0x05a8 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe

18:07:07.0828 0x05a8 CiSvc - ok

18:07:07.0843 0x05a8 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

18:07:07.0968 0x05a8 ClipSrv - ok

18:07:08.0000 0x05a8 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:07:08.0062 0x05a8 clr_optimization_v2.0.50727_32 - ok

18:07:08.0093 0x05a8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:07:08.0203 0x05a8 clr_optimization_v4.0.30319_32 - ok

18:07:08.0218 0x05a8 CmdIde - ok

18:07:08.0218 0x05a8 COMSysApp - ok

18:07:08.0234 0x05a8 Cpqarray - ok

18:07:08.0250 0x05a8 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

18:07:08.0406 0x05a8 CryptSvc - ok

18:07:08.0406 0x05a8 dac2w2k - ok

18:07:08.0421 0x05a8 dac960nt - ok

18:07:08.0468 0x05a8 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

18:07:08.0546 0x05a8 DcomLaunch - ok

18:07:08.0578 0x05a8 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

18:07:08.0703 0x05a8 Dhcp - ok

18:07:08.0718 0x05a8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

18:07:08.0859 0x05a8 Disk - ok

18:07:08.0906 0x05a8 [ 0659E6E0A95564F958D9DF7313F7701E, CDE805D797853D37149678A5A9BE9B5C8F637F5629AAAE9545509E5686F87C20 ] DLABMFSM C:\WINDOWS\system32\DLA\DLABMFSM.SYS

18:07:08.0921 0x05a8 DLABMFSM - ok

18:07:08.0921 0x05a8 [ 8691C78908F0BD66170669DB268369F2, 7CEDECA3C6A4BBC3195589D7B6A7B9C9F2D8CD4D0513B055C55B867FB14EB58F ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS

18:07:08.0937 0x05a8 DLABOIOM - ok

18:07:08.0953 0x05a8 [ 76167B5EB2DFFC729EDC36386876B40B, 4116749A6C6D9473564AE7B3BEB3555867BAA6A7081920B9B8921F89DAA7A3C0 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

18:07:08.0968 0x05a8 DLACDBHM - ok

18:07:08.0968 0x05a8 [ 5615744A1056933B90E6AC54FEB86F35, 4A7A34E01F829C1E3430166CCBB604490D0A61E39ED9F5B663DFD46DA6C7CE4B ] DLADResM C:\WINDOWS\system32\DLA\DLADResM.SYS

18:07:08.0984 0x05a8 DLADResM - ok

18:07:09.0000 0x05a8 [ 1AECA2AFA5005CE4A550CF8EB55A8C88, E42DCC29F2D5FE811BC4200D676EC60D8FDB9F86C9204B14754B496E8D8E6E28 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

18:07:09.0031 0x05a8 DLAIFS_M - ok

18:07:09.0046 0x05a8 [ 840E7F6ABB885C72B9FFDDB022EF5B6D, 4F2CF773652E93E9DA5A57BAF505190B608D96923E00B7A589294E2D1EEEC115 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

18:07:09.0062 0x05a8 DLAOPIOM - ok

18:07:09.0078 0x05a8 [ 0294D18731AC05DA80132CE88F8A876B, 913CFA7D0868E1C95F116B2C583803E9138BAA5A52524F0D26026B1661C20392 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS

18:07:09.0093 0x05a8 DLAPoolM - ok

18:07:09.0093 0x05a8 [ 91886FED52A3F9966207BCE46CFD794F, 808425C5ECA163626ED23EC0BB203C77870932C23AD9FEEB39FE907314BB3997 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

18:07:09.0109 0x05a8 DLARTL_M - ok

18:07:09.0125 0x05a8 [ CCA4E121D599D7D1706A30F603731E59, 2776BB5384A210184F0BEC0A3CBC1076BEBEAE00D74D4D6B7CED5711291BBB9E ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

18:07:09.0140 0x05a8 DLAUDFAM - ok

18:07:09.0156 0x05a8 [ 7DAB85C33135DF24419951DA4E7D38E5, 87FC6BD347C7DC68130FDE862389DD0B9321FB51D5ED62B39985EA4437486EDA ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

18:07:09.0171 0x05a8 DLAUDF_M - ok

18:07:09.0171 0x05a8 dmadmin - ok

18:07:09.0218 0x05a8 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

18:07:09.0437 0x05a8 dmboot - ok

18:07:09.0468 0x05a8 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys

18:07:09.0609 0x05a8 dmio - ok

18:07:09.0640 0x05a8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys

18:07:09.0765 0x05a8 dmload - ok

18:07:09.0812 0x05a8 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll

18:07:09.0968 0x05a8 dmserver - ok

18:07:10.0000 0x05a8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

18:07:10.0156 0x05a8 DMusic - ok

18:07:10.0203 0x05a8 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

18:07:10.0265 0x05a8 Dnscache - ok

18:07:10.0296 0x05a8 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

18:07:10.0437 0x05a8 Dot3svc - ok

18:07:10.0437 0x05a8 dpti2o - ok

18:07:10.0468 0x05a8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

18:07:10.0593 0x05a8 drmkaud - ok

18:07:10.0640 0x05a8 [ C00440385CF9F3D142917C63F989E244, 5DD3684D3C6DE4E9C82778C4097E9017E1DB0617DDD1D04831263B1E390B2D08 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

18:07:10.0656 0x05a8 DRVMCDB - ok

18:07:10.0656 0x05a8 [ 6E6AB29D3C06E64CE81FEACDA85394B5, 82BB4F82D4C0DA7FC426FDF363E232183CD0DC7F3357CF930ACEE21DA71F62B8 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

18:07:10.0671 0x05a8 DRVNDDM - ok

18:07:10.0703 0x05a8 [ 6461E57BB51A848AAE26F52427B7CF9E, A5730998362CB5C3A7B288A3DCD02E3165ACBBB98AB39F7A0FE2029D946EA95D ] dtscsi C:\WINDOWS\System32\Drivers\dtscsi.sys

18:07:10.0734 0x05a8 dtscsi - ok

18:07:10.0765 0x05a8 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll

18:07:10.0906 0x05a8 EapHost - ok

18:07:10.0937 0x05a8 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll

18:07:11.0078 0x05a8 ERSvc - ok

18:07:11.0109 0x05a8 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe

18:07:11.0140 0x05a8 Eventlog - ok

18:07:11.0171 0x05a8 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll

18:07:11.0218 0x05a8 EventSystem - ok

18:07:11.0234 0x05a8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

18:07:11.0359 0x05a8 Fastfat - ok

18:07:11.0421 0x05a8 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:07:11.0484 0x05a8 FastUserSwitchingCompatibility - ok

18:07:11.0531 0x05a8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

18:07:11.0656 0x05a8 Fdc - ok

18:07:11.0687 0x05a8 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys

18:07:11.0796 0x05a8 Fips - ok

18:07:11.0812 0x05a8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

18:07:11.0937 0x05a8 Flpydisk - ok

18:07:11.0968 0x05a8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

18:07:12.0109 0x05a8 FltMgr - ok

18:07:12.0156 0x05a8 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:07:12.0171 0x05a8 FontCache3.0.0.0 - ok

18:07:12.0187 0x05a8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:07:12.0312 0x05a8 Fs_Rec - ok

18:07:12.0343 0x05a8 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:07:12.0468 0x05a8 Ftdisk - ok

18:07:12.0484 0x05a8 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:07:12.0500 0x05a8 GEARAspiWDM - ok

18:07:12.0515 0x05a8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:07:12.0640 0x05a8 Gpc - ok

18:07:12.0703 0x05a8 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

18:07:12.0734 0x05a8 gupdate - ok

18:07:12.0734 0x05a8 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

18:07:12.0750 0x05a8 gupdatem - ok

18:07:12.0796 0x05a8 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:07:12.0812 0x05a8 gusvc - ok

18:07:12.0828 0x05a8 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:07:12.0953 0x05a8 HDAudBus - ok

18:07:13.0000 0x05a8 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:07:13.0109 0x05a8 helpsvc - ok

18:07:13.0125 0x05a8 HidServ - ok

18:07:13.0140 0x05a8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:07:13.0265 0x05a8 hidusb - ok

18:07:13.0296 0x05a8 [ 4ADF0F441F26B0BA70B82E703BD72D2C, 4EEEA588A8F4253F40F0389EBFBC76B0EC888B40FCA9FB367EC5B8AEA9EA3F3F ] hitmanpro37 C:\WINDOWS\system32\drivers\hitmanpro37.sys

18:07:13.0312 0x05a8 hitmanpro37 - ok

18:07:13.0343 0x05a8 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

18:07:13.0453 0x05a8 hkmsvc - ok

18:07:13.0468 0x05a8 hpn - ok

18:07:13.0546 0x05a8 [ 38D6B51F04DEF7FB248FA56E4C47407E, 9D2A53553AF2FB2E8424BE6B6388EFFC69240EA5BBE043AC542029BE39BACB25 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

18:07:13.0578 0x05a8 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )

18:07:16.0515 0x05a8 Detect skipped due to KSN trusted

18:07:16.0515 0x05a8 hpqcxs08 - ok

18:07:16.0562 0x05a8 [ 3EE4A63539EC04EE2D4BD293985087AB, 754826BC906F69AEE5D2CFEA1B22B7179767999C834B70D561F8B0CB4CAE9A59 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

18:07:16.0593 0x05a8 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )

18:07:19.0265 0x05a8 Detect skipped due to KSN trusted

18:07:19.0265 0x05a8 hpqddsvc - ok

18:07:19.0296 0x05a8 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

18:07:19.0406 0x05a8 HPZid412 - ok

18:07:19.0437 0x05a8 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

18:07:19.0468 0x05a8 HPZipr12 - ok

18:07:19.0500 0x05a8 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

18:07:19.0531 0x05a8 HPZius12 - ok

18:07:19.0562 0x05a8 [ 77E4FF0B73BC0AEAAF39BF0C8104231F, A5D35FCD9E52003D990EB97DF1634DE9B516647C8DAAD3152550CD875DBBDA82 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

18:07:19.0625 0x05a8 HSFHWBS2 - ok

18:07:19.0687 0x05a8 [ 60E1604729A15EF4A3B05F298427B3B1, 139DE473F645A300DD436B4AA8359A23FCE3BB9688B6B597E89F8ADBC36A71B9 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

18:07:19.0750 0x05a8 HSF_DP - ok

18:07:19.0812 0x05a8 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

18:07:19.0859 0x05a8 HTTP - ok

18:07:19.0890 0x05a8 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

18:07:20.0015 0x05a8 HTTPFilter - ok

18:07:20.0015 0x05a8 i2omgmt - ok

18:07:20.0031 0x05a8 i2omp - ok

18:07:20.0046 0x05a8 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys

18:07:20.0171 0x05a8 i8042prt - ok

18:07:20.0250 0x05a8 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe

18:07:20.0265 0x05a8 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )

18:07:24.0468 0x05a8 Detect skipped due to KSN trusted

18:07:24.0468 0x05a8 IDriverT - ok

18:07:24.0562 0x05a8 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:07:24.0609 0x05a8 idsvc - ok

18:07:24.0640 0x05a8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

18:07:24.0765 0x05a8 Imapi - ok

18:07:24.0796 0x05a8 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe

18:07:24.0921 0x05a8 ImapiService - ok

18:07:24.0937 0x05a8 ini910u - ok

18:07:24.0953 0x05a8 IntelIde - ok

18:07:24.0968 0x05a8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

18:07:25.0093 0x05a8 Ip6Fw - ok

18:07:25.0109 0x05a8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:07:25.0234 0x05a8 IpFilterDriver - ok

18:07:25.0265 0x05a8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:07:25.0375 0x05a8 IpInIp - ok

18:07:25.0406 0x05a8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:07:25.0531 0x05a8 IpNat - ok

18:07:25.0593 0x05a8 [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

18:07:25.0640 0x05a8 iPod Service - ok

18:07:25.0656 0x05a8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:07:25.0781 0x05a8 IPSec - ok

18:07:25.0796 0x05a8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

18:07:25.0843 0x05a8 IRENUM - ok

18:07:25.0875 0x05a8 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:07:26.0000 0x05a8 isapnp - ok

18:07:26.0125 0x05a8 [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

18:07:26.0140 0x05a8 JavaQuickStarterService - ok

18:07:26.0171 0x05a8 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:07:26.0296 0x05a8 Kbdclass - ok

18:07:26.0328 0x05a8 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:07:26.0437 0x05a8 kbdhid - ok

18:07:26.0453 0x05a8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

18:07:26.0593 0x05a8 kmixer - ok

18:07:26.0656 0x05a8 [ 9646A100ACF21516DB1052BC419332BA, 231A21866983E5D2BA32F2F76B1180880F68908D54FCF13ECE377354FA847D62 ] KodakDigitalDisplayService C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe

18:07:26.0671 0x05a8 KodakDigitalDisplayService - detected UnsignedFile.Multi.Generic ( 1 )

18:07:29.0375 0x05a8 Detect skipped due to KSN trusted

18:07:29.0375 0x05a8 KodakDigitalDisplayService - ok

18:07:29.0390 0x05a8 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

18:07:29.0468 0x05a8 KSecDD - ok

18:07:29.0500 0x05a8 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

18:07:29.0546 0x05a8 lanmanserver - ok

18:07:29.0578 0x05a8 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:07:29.0625 0x05a8 lanmanworkstation - ok

18:07:29.0640 0x05a8 Lavasoft Ad-Aware Service - ok

18:07:29.0640 0x05a8 Lavasoft Kernexplorer - ok

18:07:29.0656 0x05a8 lbrtfdc - ok

18:07:29.0687 0x05a8 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

18:07:29.0812 0x05a8 LmHosts - ok

18:07:29.0843 0x05a8 [ EEAEA6514BA7C9D273B5E87C4E1AAB30, 3B724C6A8867B1B7A45D832150E0CFAC1004D3B972A2A7BFDD2ADDDB2488BB1E ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:07:29.0843 0x05a8 mdmxsdk - ok

18:07:29.0875 0x05a8 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll

18:07:29.0984 0x05a8 Messenger - ok

18:07:30.0000 0x05a8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

18:07:30.0109 0x05a8 mnmdd - ok

18:07:30.0140 0x05a8 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

18:07:30.0250 0x05a8 mnmsrvc - ok

18:07:30.0281 0x05a8 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys

18:07:30.0390 0x05a8 Modem - ok

18:07:30.0421 0x05a8 [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

18:07:30.0531 0x05a8 MODEMCSA - ok

18:07:30.0546 0x05a8 [ 54FEE02961C70FD9D4D7E2F87AFA23FA, 63DFA8340ECD3150AE29291502B10812661CF975FCAC4DA74267588E85A0B0B5 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys

18:07:30.0718 0x05a8 motmodem - ok

18:07:30.0734 0x05a8 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:07:30.0843 0x05a8 Mouclass - ok

18:07:30.0859 0x05a8 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:07:30.0984 0x05a8 mouhid - ok

18:07:31.0000 0x05a8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

18:07:31.0109 0x05a8 MountMgr - ok

18:07:31.0156 0x05a8 [ 825BF0E46B4470A463AEB641480C5FCA, 321F37EA5D2AF7E3F55399ABE94AC3788B90E254E4A6859059C6BB1C6BEF19D0 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

18:07:31.0187 0x05a8 MozillaMaintenance - ok

18:07:31.0218 0x05a8 [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

18:07:31.0250 0x05a8 MpFilter - ok

18:07:31.0406 0x05a8 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsla5d04bef C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{50179A9D-EE07-4177-ADFC-4EF001C2FD9F}\MpKsla5d04bef.sys

18:07:31.0437 0x05a8 MpKsla5d04bef - ok

18:07:31.0437 0x05a8 mraid35x - ok

18:07:31.0468 0x05a8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:07:31.0593 0x05a8 MRxDAV - ok

18:07:31.0640 0x05a8 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:07:31.0703 0x05a8 MRxSmb - ok

18:07:31.0718 0x05a8 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe

18:07:31.0843 0x05a8 MSDTC - ok

18:07:31.0859 0x05a8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

18:07:31.0968 0x05a8 Msfs - ok

18:07:31.0984 0x05a8 MSIServer - ok

18:07:32.0015 0x05a8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:07:32.0109 0x05a8 MSKSSRV - ok

18:07:32.0187 0x05a8 [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

18:07:32.0203 0x05a8 MsMpSvc - ok

18:07:32.0218 0x05a8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:07:32.0312 0x05a8 MSPCLOCK - ok

18:07:32.0343 0x05a8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

18:07:32.0453 0x05a8 MSPQM - ok

18:07:32.0468 0x05a8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:07:32.0578 0x05a8 mssmbios - ok

18:07:32.0593 0x05a8 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

18:07:32.0625 0x05a8 Mup - ok

18:07:32.0687 0x05a8 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll

18:07:32.0812 0x05a8 napagent - ok

18:07:32.0859 0x05a8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

18:07:32.0984 0x05a8 NDIS - ok

18:07:33.0015 0x05a8 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:07:33.0031 0x05a8 NdisTapi - ok

18:07:33.0046 0x05a8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:07:33.0171 0x05a8 Ndisuio - ok

18:07:33.0187 0x05a8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:07:33.0328 0x05a8 NdisWan - ok

18:07:33.0359 0x05a8 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

18:07:33.0390 0x05a8 NDProxy - ok

18:07:33.0421 0x05a8 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll

18:07:33.0453 0x05a8 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )

18:07:36.0375 0x05a8 Detect skipped due to KSN trusted

18:07:36.0375 0x05a8 Net Driver HPZ12 - ok

18:07:36.0390 0x05a8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

18:07:36.0500 0x05a8 NetBIOS - ok

18:07:36.0515 0x05a8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

18:07:36.0656 0x05a8 NetBT - ok

18:07:36.0687 0x05a8 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe

18:07:36.0796 0x05a8 NetDDE - ok

18:07:36.0812 0x05a8 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

18:07:36.0921 0x05a8 NetDDEdsdm - ok

18:07:36.0968 0x05a8 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe

18:07:37.0062 0x05a8 Netlogon - ok

18:07:37.0093 0x05a8 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll

18:07:37.0218 0x05a8 Netman - ok

18:07:37.0234 0x05a8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:07:37.0296 0x05a8 NetTcpPortSharing - ok

18:07:37.0343 0x05a8 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll

18:07:37.0375 0x05a8 Nla - ok

18:07:37.0406 0x05a8 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys

18:07:37.0421 0x05a8 npf - ok

18:07:37.0437 0x05a8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

18:07:37.0562 0x05a8 Npfs - ok

18:07:37.0625 0x05a8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

18:07:37.0781 0x05a8 Ntfs - ok

18:07:37.0812 0x05a8 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

18:07:37.0921 0x05a8 NtLmSsp - ok

18:07:37.0984 0x05a8 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

18:07:38.0109 0x05a8 NtmsSvc - ok

18:07:38.0125 0x05a8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys

18:07:38.0234 0x05a8 Null - ok

18:07:38.0437 0x05a8 [ 15A6306A0B958BF60F09688D0EE70479, BE4AD7CF12EAA8D62B7B8A0153B1F1E8C163DCC61C4C977E8EC06D78239DC91E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:07:38.0734 0x05a8 nv - ok

18:07:38.0781 0x05a8 [ 6B37162E91A7005BAA753CB611ACEA2D, 7B0776F21A1EFBDC519682236A630BDBF598AAAFFD240149F2CFABAC65DF2503 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys

18:07:38.0843 0x05a8 nvata - ok

18:07:38.0875 0x05a8 [ 986D6666E076AFD2B60ACAFD5B01A00F, 074EC1BD13D2B5626AFF7DD966E7F2D0ECE9C64577B8BD6C157B274A44FF3F9A ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

18:07:38.0890 0x05a8 NVSvc - ok

18:07:38.0921 0x05a8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:07:39.0031 0x05a8 NwlnkFlt - ok

18:07:39.0046 0x05a8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:07:39.0156 0x05a8 NwlnkFwd - ok

18:07:39.0187 0x05a8 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys

18:07:39.0312 0x05a8 Parport - ok

18:07:39.0343 0x05a8 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

18:07:39.0453 0x05a8 PartMgr - ok

18:07:39.0500 0x05a8 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

18:07:39.0609 0x05a8 ParVdm - ok

18:07:39.0640 0x05a8 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

18:07:39.0750 0x05a8 PCI - ok

18:07:39.0765 0x05a8 PCIDump - ok

18:07:39.0796 0x05a8 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

18:07:39.0906 0x05a8 PCIIde - ok

18:07:39.0921 0x05a8 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

18:07:40.0046 0x05a8 Pcmcia - ok

18:07:40.0046 0x05a8 PDCOMP - ok

18:07:40.0062 0x05a8 PDFRAME - ok

18:07:40.0062 0x05a8 PDRELI - ok

18:07:40.0078 0x05a8 PDRFRAME - ok

18:07:40.0078 0x05a8 perc2 - ok

18:07:40.0093 0x05a8 perc2hib - ok

18:07:40.0140 0x05a8 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe

18:07:40.0156 0x05a8 PlugPlay - ok

18:07:40.0203 0x05a8 [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll

18:07:40.0218 0x05a8 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )

18:07:44.0437 0x05a8 Detect skipped due to KSN trusted

18:07:44.0437 0x05a8 Pml Driver HPZ12 - ok

18:07:44.0468 0x05a8 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

18:07:44.0562 0x05a8 PolicyAgent - ok

18:07:44.0578 0x05a8 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:07:44.0687 0x05a8 PptpMiniport - ok

18:07:44.0718 0x05a8 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

18:07:44.0843 0x05a8 Processor - ok

18:07:44.0843 0x05a8 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:07:44.0953 0x05a8 ProtectedStorage - ok

18:07:44.0984 0x05a8 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

18:07:45.0109 0x05a8 PSched - ok

18:07:45.0140 0x05a8 [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf_x86.sys

18:07:45.0156 0x05a8 PSI - ok

18:07:45.0171 0x05a8 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:07:45.0296 0x05a8 Ptilink - ok

18:07:45.0328 0x05a8 [ FEFFCFDC528764A04C8ED63D5FA6E711, BECC9174DA5860FCF011957CB6A12DE5074A770DC14076C0C94E63AD42ECF19E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:07:45.0328 0x05a8 PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )

18:07:49.0406 0x05a8 Detect skipped due to KSN trusted

18:07:49.0406 0x05a8 PxHelp20 - ok

18:07:49.0406 0x05a8 ql1080 - ok

18:07:49.0421 0x05a8 Ql10wnt - ok

18:07:49.0421 0x05a8 ql12160 - ok

18:07:49.0437 0x05a8 ql1240 - ok

18:07:49.0437 0x05a8 ql1280 - ok

18:07:49.0453 0x05a8 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:07:49.0562 0x05a8 RasAcd - ok

18:07:49.0578 0x05a8 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll

18:07:49.0718 0x05a8 RasAuto - ok

18:07:49.0718 0x05a8 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:07:49.0828 0x05a8 Rasl2tp - ok

18:07:49.0890 0x05a8 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll

18:07:50.0015 0x05a8 RasMan - ok

18:07:50.0062 0x05a8 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:07:50.0171 0x05a8 RasPppoe - ok

18:07:50.0171 0x05a8 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

18:07:50.0281 0x05a8 Raspti - ok

18:07:50.0312 0x05a8 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:07:50.0421 0x05a8 Rdbss - ok

18:07:50.0437 0x05a8 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:07:50.0531 0x05a8 RDPCDD - ok

18:07:50.0578 0x05a8 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

18:07:50.0625 0x05a8 RDPWD - ok

18:07:50.0656 0x05a8 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

18:07:50.0765 0x05a8 RDSessMgr - ok

18:07:50.0828 0x05a8 [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

18:07:50.0843 0x05a8 RealNetworks Downloader Resolver Service - ok

18:07:50.0859 0x05a8 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

18:07:50.0984 0x05a8 redbook - ok

18:07:51.0000 0x05a8 Revoflt - ok

18:07:51.0031 0x05a8 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe

18:07:51.0156 0x05a8 RpcLocator - ok

18:07:51.0203 0x05a8 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll

18:07:51.0234 0x05a8 RpcSs - ok

18:07:51.0265 0x05a8 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe

18:07:51.0375 0x05a8 RSVP - ok

18:07:51.0390 0x05a8 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe

18:07:51.0484 0x05a8 SamSs - ok

18:07:51.0531 0x05a8 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

18:07:51.0656 0x05a8 SCardSvr - ok

18:07:51.0687 0x05a8 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll

18:07:51.0812 0x05a8 Schedule - ok

18:07:51.0843 0x05a8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:07:51.0906 0x05a8 Secdrv - ok

18:07:51.0921 0x05a8 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll

18:07:52.0015 0x05a8 seclogon - ok

18:07:52.0187 0x05a8 [ DA6C0E0B15CD0B135FD385AEABAE3A4C, 1DBED093D4BD1E800828D8E0EB19EDA7FD1E963AABD4F71D61F1AD04F669290F ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe

18:07:52.0265 0x05a8 Secunia PSI Agent - ok

18:07:52.0375 0x05a8 [ 71761EDC432A0E39CF621105884E738E, 935133326B794F6DEAA97B9B6B6295AC6A884C3B73ABCD5662A79CEAD8EEA5EE ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe

18:07:52.0421 0x05a8 Secunia Update Agent - ok

18:07:52.0453 0x05a8 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll

18:07:52.0562 0x05a8 SENS - ok

18:07:52.0593 0x05a8 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys

18:07:52.0703 0x05a8 Serial - ok

18:07:52.0781 0x05a8 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

18:07:52.0875 0x05a8 Sfloppy - ok

18:07:52.0937 0x05a8 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

18:07:53.0093 0x05a8 SharedAccess - ok

18:07:53.0125 0x05a8 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:07:53.0140 0x05a8 ShellHWDetection - ok

18:07:53.0156 0x05a8 Simbad - ok

18:07:53.0171 0x05a8 Sparrow - ok

18:07:53.0187 0x05a8 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys

18:07:53.0296 0x05a8 splitter - ok

18:07:53.0343 0x05a8 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe

18:07:53.0390 0x05a8 Spooler - ok

18:07:53.0453 0x05a8 [ 610522607B15DC6D5D8E20827D07B282, 86F5E40AEAB77C9381DDB0938FFFC98FAF2A060F3CAD5F0B63278568005511B8 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys

18:07:53.0500 0x05a8 sptd - detected UnsignedFile.Multi.Generic ( 1 )

18:07:56.0625 0x05a8 sptd ( UnsignedFile.Multi.Generic ) - warning

18:08:09.0671 0x05a8 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

18:08:09.0750 0x05a8 sr - ok

18:08:09.0781 0x05a8 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll

18:08:09.0859 0x05a8 srservice - ok

18:08:09.0921 0x05a8 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

18:08:09.0984 0x05a8 Srv - ok

18:08:10.0000 0x05a8 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

18:08:10.0109 0x05a8 SSDPSRV - ok

18:08:10.0156 0x05a8 [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys

18:08:10.0156 0x05a8 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )

18:08:12.0921 0x05a8 Detect skipped due to KSN trusted

18:08:12.0921 0x05a8 StarOpen - ok

18:08:13.0000 0x05a8 [ 8990440E4B2A7CA5A56A1833B03741FD, 55FE82DAE2D15D02AB12777045E2A3FE71560E53ECF1B1C03C25A603D5D90EBB ] STHDA C:\WINDOWS\system32\drivers\sthda.sys

18:08:13.0093 0x05a8 STHDA - ok

18:08:13.0140 0x05a8 [ A9573045BAA16EAB9B1085205B82F1ED, 6A4D68BCD4968C17451EB1C4AB420FFA844D089845520D222BC4A2BD14583C56 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys

18:08:13.0250 0x05a8 StillCam - ok

18:08:13.0296 0x05a8 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll

18:08:13.0421 0x05a8 stisvc - ok

18:08:13.0468 0x05a8 [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

18:08:13.0500 0x05a8 stllssvr - detected UnsignedFile.Multi.Generic ( 1 )

18:08:16.0531 0x05a8 Detect skipped due to KSN trusted

18:08:16.0531 0x05a8 stllssvr - ok

18:08:16.0578 0x05a8 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

18:08:16.0687 0x05a8 swenum - ok

18:08:16.0718 0x05a8 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

18:08:16.0828 0x05a8 swmidi - ok

18:08:16.0828 0x05a8 SwPrv - ok

18:08:16.0843 0x05a8 symc810 - ok

18:08:16.0843 0x05a8 symc8xx - ok

18:08:16.0859 0x05a8 sym_hi - ok

18:08:16.0859 0x05a8 sym_u3 - ok

18:08:16.0875 0x05a8 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

18:08:16.0984 0x05a8 sysaudio - ok

18:08:17.0015 0x05a8 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

18:08:17.0125 0x05a8 SysmonLog - ok

18:08:17.0156 0x05a8 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

18:08:17.0281 0x05a8 TapiSrv - ok

18:08:17.0343 0x05a8 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:08:17.0390 0x05a8 Tcpip - ok

18:08:17.0406 0x05a8 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

18:08:17.0531 0x05a8 TDPIPE - ok

18:08:17.0562 0x05a8 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

18:08:17.0671 0x05a8 TDTCP - ok

18:08:17.0703 0x05a8 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

18:08:17.0796 0x05a8 TermDD - ok

18:08:17.0828 0x05a8 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll

18:08:17.0968 0x05a8 TermService - ok

18:08:18.0000 0x05a8 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll

18:08:18.0015 0x05a8 Themes - ok

18:08:18.0093 0x05a8 [ E4FAD21646088D79F8889B6531396ACF, D0C8F0E3293D423245FD2233F283A1FE2463E15F8B9F4ED6AC96C2164EC51F75 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

18:08:18.0109 0x05a8 TomTomHOMEService - ok

18:08:18.0109 0x05a8 TosIde - ok

18:08:18.0140 0x05a8 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll

18:08:18.0250 0x05a8 TrkWks - ok

18:08:18.0281 0x05a8 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

18:08:18.0390 0x05a8 Udfs - ok

18:08:18.0390 0x05a8 ultra - ok

18:08:18.0437 0x05a8 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

18:08:18.0593 0x05a8 Update - ok

18:08:18.0640 0x05a8 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll

18:08:18.0718 0x05a8 upnphost - ok

18:08:18.0734 0x05a8 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe

18:08:18.0843 0x05a8 UPS - ok

18:08:18.0875 0x05a8 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys

18:08:18.0890 0x05a8 USBAAPL - ok

18:08:18.0921 0x05a8 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:08:18.0984 0x05a8 usbccgp - ok

18:08:19.0000 0x05a8 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:08:19.0015 0x05a8 usbehci - ok

18:08:19.0046 0x05a8 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:08:19.0156 0x05a8 usbhub - ok

18:08:19.0171 0x05a8 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

18:08:19.0281 0x05a8 usbohci - ok

18:08:19.0312 0x05a8 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:08:19.0437 0x05a8 usbprint - ok

18:08:19.0468 0x05a8 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:08:19.0500 0x05a8 usbscan - ok

18:08:19.0515 0x05a8 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:08:19.0625 0x05a8 USBSTOR - ok

18:08:19.0656 0x05a8 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

18:08:19.0750 0x05a8 VgaSave - ok

18:08:19.0765 0x05a8 ViaIde - ok

18:08:19.0781 0x05a8 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

18:08:19.0890 0x05a8 VolSnap - ok

18:08:19.0937 0x05a8 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe

18:08:20.0000 0x05a8 VSS - ok

18:08:20.0031 0x05a8 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll

18:08:20.0140 0x05a8 W32Time - ok

18:08:20.0156 0x05a8 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:08:20.0250 0x05a8 Wanarp - ok

18:08:20.0281 0x05a8 [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys

18:08:20.0312 0x05a8 WDC_SAM - ok

18:08:20.0375 0x05a8 [ 8530B35284AA20D9C614CCB3725CEF37, 38EDA7CEF28F830C2FF999EA5783152BEF39D61299DBDACEF8AE7865FB605152 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

18:08:20.0375 0x05a8 WDDMService - detected UnsignedFile.Multi.Generic ( 1 )

18:08:23.0343 0x05a8 Detect skipped due to KSN trusted

18:08:23.0343 0x05a8 WDDMService - ok

18:08:23.0406 0x05a8 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys

18:08:23.0453 0x05a8 Wdf01000 - ok

18:08:23.0453 0x05a8 WDICA - ok

18:08:23.0484 0x05a8 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

18:08:23.0593 0x05a8 wdmaud - ok

18:08:23.0640 0x05a8 [ 138AB06ADBBF300AA804D7974A5AEC82, 61A99CB8176C291E858F9D964A9B2EC36970F3BFFF3D5F933A16E9B28BF922DD ] WDSmartWareBackgroundService C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

18:08:23.0656 0x05a8 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic ( 1 )

18:08:26.0453 0x05a8 Detect skipped due to KSN trusted

18:08:26.0453 0x05a8 WDSmartWareBackgroundService - ok

18:08:26.0484 0x05a8 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll

18:08:26.0593 0x05a8 WebClient - ok

18:08:26.0656 0x05a8 [ F59ED5A43B988A18EF582BB07B2327A7, E870821C9C4E31D3B05049FBA5D81358F9C30E6A67F600D4EA3A5736CA344028 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

18:08:26.0703 0x05a8 winachsf - ok

18:08:26.0796 0x05a8 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

18:08:26.0906 0x05a8 winmgmt - ok

18:08:27.0015 0x05a8 [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:08:27.0109 0x05a8 wlidsvc - ok

18:08:27.0156 0x05a8 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

18:08:27.0203 0x05a8 WmdmPmSN - ok

18:08:27.0234 0x05a8 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:08:27.0359 0x05a8 WmiApSrv - ok

18:08:27.0453 0x05a8 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

18:08:27.0531 0x05a8 WMPNetworkSvc - ok

18:08:27.0578 0x05a8 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys

18:08:27.0593 0x05a8 WpdUsb - ok

18:08:27.0671 0x05a8 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:08:27.0718 0x05a8 WPFFontCache_v0400 - ok

18:08:27.0765 0x05a8 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:08:27.0875 0x05a8 WS2IFSL - ok

18:08:27.0937 0x05a8 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

18:08:28.0062 0x05a8 wscsvc - ok

18:08:28.0093 0x05a8 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll

18:08:28.0218 0x05a8 wuauserv - ok

18:08:28.0265 0x05a8 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:08:28.0296 0x05a8 WudfPf - ok

18:08:28.0312 0x05a8 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:08:28.0343 0x05a8 WudfRd - ok

18:08:28.0359 0x05a8 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

18:08:28.0375 0x05a8 WudfSvc - ok

18:08:28.0421 0x05a8 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

18:08:28.0593 0x05a8 WZCSVC - ok

18:08:28.0640 0x05a8 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll

18:08:28.0765 0x05a8 xmlprov - ok

18:08:28.0765 0x05a8 ================ Scan global ===============================

18:08:28.0796 0x05a8 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

18:08:28.0859 0x05a8 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

18:08:28.0890 0x05a8 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

18:08:28.0906 0x05a8 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

18:08:28.0921 0x05a8 [ Global ] - ok

18:08:28.0921 0x05a8 ================ Scan MBR ==================================

18:08:28.0937 0x05a8 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

18:08:29.0078 0x05a8 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )

18:08:29.0078 0x05a8 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

18:08:32.0609 0x05a8 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

18:08:32.0687 0x05a8 \Device\Harddisk1\DR1 - ok

18:08:32.0703 0x05a8 ================ Scan VBR ==================================

18:08:32.0718 0x05a8 [ C343C9F5943295F45F4DDAE291FC0A48 ] \Device\Harddisk0\DR0\Partition1

18:08:32.0718 0x05a8 \Device\Harddisk0\DR0\Partition1 - ok

18:08:32.0718 0x05a8 [ 77F76699DDB661A6C8D7C7004050FB1E ] \Device\Harddisk0\DR0\Partition2

18:08:32.0718 0x05a8 \Device\Harddisk0\DR0\Partition2 - ok

18:08:32.0734 0x05a8 [ 8EE92F04D5EB4A28A82C1F0E2A3213BA ] \Device\Harddisk1\DR1\Partition1

18:08:32.0734 0x05a8 \Device\Harddisk1\DR1\Partition1 - ok

18:08:32.0734 0x05a8 Waiting for KSN requests completion. In queue: 17

18:08:33.0734 0x05a8 Waiting for KSN requests completion. In queue: 17

18:08:34.0734 0x05a8 Waiting for KSN requests completion. In queue: 17

18:08:36.0343 0x05a8 AV detected via SS1: Microsoft Security Essentials, 4.4.0304.0, disabled, updated

18:08:36.0453 0x05a8 Win FW state via NFM: enabled

18:08:39.0640 0x05a8 ============================================================

18:08:39.0640 0x05a8 Scan finished

18:08:39.0640 0x05a8 ============================================================

18:08:39.0656 0x0734 Detected object count: 2

18:08:39.0656 0x0734 Actual detected object count: 2

18:09:56.0796 0x0734 sptd ( UnsignedFile.Multi.Generic ) - skipped by user

18:09:56.0796 0x0734 sptd ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:09:56.0796 0x0734 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

18:09:56.0796 0x0734 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

18:12:05.0843 0x0810 ============================================================

18:12:05.0843 0x0810 Scan started

18:12:05.0843 0x0810 Mode: Manual; SigCheck; TDLFS;

18:12:05.0843 0x0810 ============================================================

18:12:05.0843 0x0810 KSN ping started

18:12:21.0937 0x0810 KSN ping finished: true

18:12:22.0796 0x0810 ================ Scan system memory ========================

18:12:22.0796 0x0810 System memory - ok

18:12:22.0796 0x0810 ================ Scan services =============================

18:12:22.0875 0x0810 Abiosdsk - ok

18:12:22.0890 0x0810 abp480n5 - ok

18:12:22.0921 0x0810 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

18:12:23.0125 0x0810 ACPI - ok

18:12:23.0171 0x0810 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

18:12:23.0281 0x0810 ACPIEC - ok

18:12:23.0343 0x0810 [ 2471BCB6E1388A3484E78243A1BE5F33, CB7FBA6C15791554594228A5A1A7A5040BEB1BD725F08947D780E301D8AE788A ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:12:23.0375 0x0810 AdobeFlashPlayerUpdateSvc - ok

18:12:23.0375 0x0810 adpu160m - ok

18:12:23.0406 0x0810 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys

18:12:23.0531 0x0810 aec - ok

18:12:23.0593 0x0810 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys

18:12:23.0625 0x0810 AFD - ok

18:12:23.0640 0x0810 AFGMp50 - ok

18:12:23.0640 0x0810 AFGSp50 - ok

18:12:23.0656 0x0810 Aha154x - ok

18:12:23.0656 0x0810 aic78u2 - ok

18:12:23.0671 0x0810 aic78xx - ok

18:12:23.0718 0x0810 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

18:12:23.0828 0x0810 Alerter - ok

18:12:23.0843 0x0810 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe

18:12:23.0906 0x0810 ALG - ok

18:12:23.0906 0x0810 AliIde - ok

18:12:23.0937 0x0810 [ 0A4D13B388C814560BD69C3A496ECFA8, 71ADD4C4A5C6465EA27F572DE608C348896C4C557D136718CCDD9919144F7986 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys

18:12:23.0968 0x0810 AmdK8 - ok

18:12:23.0968 0x0810 amsint - ok

18:12:24.0078 0x0810 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:12:24.0093 0x0810 Apple Mobile Device - ok

18:12:24.0093 0x0810 AppMgmt - ok

18:12:24.0109 0x0810 asc - ok

18:12:24.0109 0x0810 asc3350p - ok

18:12:24.0125 0x0810 asc3550 - ok

18:12:24.0156 0x0810 [ 54AB078660E536DA72B21A27F56B035B, 41FA4D644EBC12AC8768D3D0EC12FF4E31FE0A7FE5E049432132710A1ED4E500 ] ASPI C:\WINDOWS\System32\DRIVERS\ASPI32.sys

18:12:24.0156 0x0810 ASPI - detected UnsignedFile.Multi.Generic ( 1 )

18:12:24.0156 0x0810 Detect skipped due to KSN trusted

18:12:24.0156 0x0810 ASPI - ok

18:12:24.0265 0x0810 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

18:12:24.0281 0x0810 aspnet_state - ok

18:12:24.0312 0x0810 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

18:12:24.0421 0x0810 AsyncMac - ok

18:12:24.0437 0x0810 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

18:12:24.0578 0x0810 atapi - ok

18:12:24.0578 0x0810 Atdisk - ok

18:12:24.0593 0x0810 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

18:12:24.0703 0x0810 Atmarpc - ok

18:12:24.0734 0x0810 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

18:12:24.0843 0x0810 AudioSrv - ok

18:12:24.0875 0x0810 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

18:12:24.0968 0x0810 audstub - ok

18:12:25.0015 0x0810 [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys

18:12:25.0031 0x0810 avgtp - ok

18:12:25.0109 0x0810 [ F2E8CEFC8CF4D6454F4121C5FF93136A, DFD05AD328BD0FDD8BF44043C40084A6DF98BF6F5CEAE71BF793176AF6ADFBBB ] BBSvc C:\Program Files\Microsoft\BingBar\7.3.124.0\BBSvc.exe

18:12:25.0125 0x0810 BBSvc - ok

18:12:25.0156 0x0810 [ 6E1BCC590C9D30FEE8FC14DBD053CE94, 4F698D399225A890B7FDCE3773E504B2880534ED1C0F4C37589568C44BA51743 ] BBUpdate C:\Program Files\Microsoft\BingBar\7.3.124.0\SeaPort.exe

18:12:25.0171 0x0810 BBUpdate - ok

18:12:25.0218 0x0810 [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys

18:12:25.0250 0x0810 bcm4sbxp - ok

18:12:25.0281 0x0810 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys

18:12:25.0390 0x0810 Beep - ok

18:12:25.0453 0x0810 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll

18:12:25.0578 0x0810 BITS - ok

18:12:25.0671 0x0810 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:12:25.0703 0x0810 Bonjour Service - ok

18:12:25.0734 0x0810 [ 3722F97E33CACAB1D08B76ABFCCC2966, A40BD18AA7B0B4C5F5912438C0B8AD427C709FD1918C0C57FA3979A5CF73D890 ] BootDefragDriver C:\WINDOWS\system32\drivers\BootDefragDriver.sys

18:12:25.0750 0x0810 BootDefragDriver - ok

18:12:25.0796 0x0810 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll

18:12:25.0828 0x0810 Browser - ok

18:12:25.0828 0x0810 catchme - ok

18:12:25.0843 0x0810 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

18:12:25.0953 0x0810 cbidf2k - ok

18:12:25.0953 0x0810 cd20xrnt - ok

18:12:26.0000 0x0810 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

18:12:26.0093 0x0810 Cdaudio - ok

18:12:26.0125 0x0810 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

18:12:26.0234 0x0810 Cdfs - ok

18:12:26.0265 0x0810 [ 4B0A100EAF5C49EF3CCA8C641431EACC, 88D9C066FFB863910EE1863CE63D38846ACA2DF72D6B5FDFCE0F3379A6DA5EF9 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

18:12:26.0281 0x0810 Cdrom - ok

18:12:26.0296 0x0810 [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6 C:\WINDOWS\system32\drivers\cercsr6.sys

18:12:26.0312 0x0810 cercsr6 - detected UnsignedFile.Multi.Generic ( 1 )

18:12:26.0312 0x0810 Detect skipped due to KSN trusted

18:12:26.0312 0x0810 cercsr6 - ok

18:12:26.0312 0x0810 Changer - ok

18:12:26.0343 0x0810 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe

18:12:26.0453 0x0810 CiSvc - ok

18:12:26.0484 0x0810 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

18:12:26.0593 0x0810 ClipSrv - ok

18:12:26.0640 0x0810 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:12:26.0656 0x0810 clr_optimization_v2.0.50727_32 - ok

18:12:26.0703 0x0810 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:12:26.0718 0x0810 clr_optimization_v4.0.30319_32 - ok

18:12:26.0718 0x0810 CmdIde - ok

18:12:26.0734 0x0810 COMSysApp - ok

18:12:26.0750 0x0810 Cpqarray - ok

18:12:26.0765 0x0810 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

18:12:26.0875 0x0810 CryptSvc - ok

18:12:26.0890 0x0810 dac2w2k - ok

18:12:26.0890 0x0810 dac960nt - ok

18:12:26.0937 0x0810 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

18:12:26.0984 0x0810 DcomLaunch - ok

18:12:27.0015 0x0810 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

18:12:27.0125 0x0810 Dhcp - ok

18:12:27.0171 0x0810 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

18:12:27.0281 0x0810 Disk - ok

18:12:27.0328 0x0810 [ 0659E6E0A95564F958D9DF7313F7701E, CDE805D797853D37149678A5A9BE9B5C8F637F5629AAAE9545509E5686F87C20 ] DLABMFSM C:\WINDOWS\system32\DLA\DLABMFSM.SYS

18:12:27.0343 0x0810 DLABMFSM - ok

18:12:27.0359 0x0810 [ 8691C78908F0BD66170669DB268369F2, 7CEDECA3C6A4BBC3195589D7B6A7B9C9F2D8CD4D0513B055C55B867FB14EB58F ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS

18:12:27.0375 0x0810 DLABOIOM - ok

18:12:27.0375 0x0810 [ 76167B5EB2DFFC729EDC36386876B40B, 4116749A6C6D9473564AE7B3BEB3555867BAA6A7081920B9B8921F89DAA7A3C0 ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS

18:12:27.0390 0x0810 DLACDBHM - ok

18:12:27.0406 0x0810 [ 5615744A1056933B90E6AC54FEB86F35, 4A7A34E01F829C1E3430166CCBB604490D0A61E39ED9F5B663DFD46DA6C7CE4B ] DLADResM C:\WINDOWS\system32\DLA\DLADResM.SYS

18:12:27.0421 0x0810 DLADResM - ok

18:12:27.0437 0x0810 [ 1AECA2AFA5005CE4A550CF8EB55A8C88, E42DCC29F2D5FE811BC4200D676EC60D8FDB9F86C9204B14754B496E8D8E6E28 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS

18:12:27.0453 0x0810 DLAIFS_M - ok

18:12:27.0468 0x0810 [ 840E7F6ABB885C72B9FFDDB022EF5B6D, 4F2CF773652E93E9DA5A57BAF505190B608D96923E00B7A589294E2D1EEEC115 ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS

18:12:27.0484 0x0810 DLAOPIOM - ok

18:12:27.0500 0x0810 [ 0294D18731AC05DA80132CE88F8A876B, 913CFA7D0868E1C95F116B2C583803E9138BAA5A52524F0D26026B1661C20392 ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS

18:12:27.0500 0x0810 DLAPoolM - ok

18:12:27.0515 0x0810 [ 91886FED52A3F9966207BCE46CFD794F, 808425C5ECA163626ED23EC0BB203C77870932C23AD9FEEB39FE907314BB3997 ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS

18:12:27.0531 0x0810 DLARTL_M - ok

18:12:27.0546 0x0810 [ CCA4E121D599D7D1706A30F603731E59, 2776BB5384A210184F0BEC0A3CBC1076BEBEAE00D74D4D6B7CED5711291BBB9E ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS

18:12:27.0562 0x0810 DLAUDFAM - ok

18:12:27.0578 0x0810 [ 7DAB85C33135DF24419951DA4E7D38E5, 87FC6BD347C7DC68130FDE862389DD0B9321FB51D5ED62B39985EA4437486EDA ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS

18:12:27.0593 0x0810 DLAUDF_M - ok

18:12:27.0593 0x0810 dmadmin - ok

18:12:27.0671 0x0810 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

18:12:27.0828 0x0810 dmboot - ok

18:12:27.0843 0x0810 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys

18:12:27.0968 0x0810 dmio - ok

18:12:27.0984 0x0810 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys

18:12:28.0093 0x0810 dmload - ok

18:12:28.0140 0x0810 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll

18:12:28.0265 0x0810 dmserver - ok

18:12:28.0281 0x0810 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

18:12:28.0406 0x0810 DMusic - ok

18:12:28.0453 0x0810 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

18:12:28.0484 0x0810 Dnscache - ok

18:12:28.0515 0x0810 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

18:12:28.0640 0x0810 Dot3svc - ok

18:12:28.0656 0x0810 dpti2o - ok

18:12:28.0687 0x0810 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

18:12:28.0796 0x0810 drmkaud - ok

18:12:28.0828 0x0810 [ C00440385CF9F3D142917C63F989E244, 5DD3684D3C6DE4E9C82778C4097E9017E1DB0617DDD1D04831263B1E390B2D08 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS

18:12:28.0843 0x0810 DRVMCDB - ok

18:12:28.0859 0x0810 [ 6E6AB29D3C06E64CE81FEACDA85394B5, 82BB4F82D4C0DA7FC426FDF363E232183CD0DC7F3357CF930ACEE21DA71F62B8 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS

18:12:28.0875 0x0810 DRVNDDM - ok

18:12:28.0906 0x0810 [ 6461E57BB51A848AAE26F52427B7CF9E, A5730998362CB5C3A7B288A3DCD02E3165ACBBB98AB39F7A0FE2029D946EA95D ] dtscsi C:\WINDOWS\System32\Drivers\dtscsi.sys

18:12:28.0937 0x0810 dtscsi - ok

18:12:28.0968 0x0810 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll

18:12:29.0062 0x0810 EapHost - ok

18:12:29.0093 0x0810 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll

18:12:29.0218 0x0810 ERSvc - ok

18:12:29.0234 0x0810 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe

18:12:29.0281 0x0810 Eventlog - ok

18:12:29.0328 0x0810 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll

18:12:29.0359 0x0810 EventSystem - ok

18:12:29.0375 0x0810 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

18:12:29.0484 0x0810 Fastfat - ok

18:12:29.0515 0x0810 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

18:12:29.0546 0x0810 FastUserSwitchingCompatibility - ok

18:12:29.0546 0x0810 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

18:12:29.0671 0x0810 Fdc - ok

18:12:29.0687 0x0810 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys

18:12:29.0796 0x0810 Fips - ok

18:12:29.0812 0x0810 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

18:12:29.0906 0x0810 Flpydisk - ok

18:12:29.0953 0x0810 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys

18:12:30.0062 0x0810 FltMgr - ok

18:12:30.0109 0x0810 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

18:12:30.0125 0x0810 FontCache3.0.0.0 - ok

18:12:30.0156 0x0810 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

18:12:30.0265 0x0810 Fs_Rec - ok

18:12:30.0296 0x0810 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

18:12:30.0421 0x0810 Ftdisk - ok

18:12:30.0453 0x0810 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

18:12:30.0453 0x0810 GEARAspiWDM - ok

18:12:30.0468 0x0810 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

18:12:30.0593 0x0810 Gpc - ok

18:12:30.0687 0x0810 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

18:12:30.0703 0x0810 gupdate - ok

18:12:30.0703 0x0810 [ 8F0DE4FEF8201E306F9938B0905AC96A, CA7153FE0C037D79FBF7CE0E090D741FB52BCCBBBD4CA505EF4849A0C4199F72 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

18:12:30.0718 0x0810 gupdatem - ok

18:12:30.0781 0x0810 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

18:12:30.0796 0x0810 gusvc - ok

18:12:30.0812 0x0810 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

18:12:30.0906 0x0810 HDAudBus - ok

18:12:30.0953 0x0810 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

18:12:31.0062 0x0810 helpsvc - ok

18:12:31.0078 0x0810 HidServ - ok

18:12:31.0093 0x0810 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys

18:12:31.0218 0x0810 hidusb - ok

18:12:31.0234 0x0810 [ 4ADF0F441F26B0BA70B82E703BD72D2C, 4EEEA588A8F4253F40F0389EBFBC76B0EC888B40FCA9FB367EC5B8AEA9EA3F3F ] hitmanpro37 C:\WINDOWS\system32\drivers\hitmanpro37.sys

18:12:31.0250 0x0810 hitmanpro37 - ok

18:12:31.0296 0x0810 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

18:12:31.0406 0x0810 hkmsvc - ok

18:12:31.0421 0x0810 hpn - ok

18:12:31.0515 0x0810 [ 38D6B51F04DEF7FB248FA56E4C47407E, 9D2A53553AF2FB2E8424BE6B6388EFFC69240EA5BBE043AC542029BE39BACB25 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

18:12:31.0546 0x0810 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )

18:12:31.0546 0x0810 Detect skipped due to KSN trusted

18:12:31.0546 0x0810 hpqcxs08 - ok

18:12:31.0578 0x0810 [ 3EE4A63539EC04EE2D4BD293985087AB, 754826BC906F69AEE5D2CFEA1B22B7179767999C834B70D561F8B0CB4CAE9A59 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll

18:12:31.0609 0x0810 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )

18:12:31.0609 0x0810 Detect skipped due to KSN trusted

18:12:31.0609 0x0810 hpqddsvc - ok

18:12:31.0625 0x0810 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

18:12:31.0656 0x0810 HPZid412 - ok

18:12:31.0671 0x0810 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

18:12:31.0718 0x0810 HPZipr12 - ok

18:12:31.0734 0x0810 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

18:12:31.0765 0x0810 HPZius12 - ok

18:12:31.0812 0x0810 [ 77E4FF0B73BC0AEAAF39BF0C8104231F, A5D35FCD9E52003D990EB97DF1634DE9B516647C8DAAD3152550CD875DBBDA82 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys

18:12:31.0843 0x0810 HSFHWBS2 - ok

18:12:31.0906 0x0810 [ 60E1604729A15EF4A3B05F298427B3B1, 139DE473F645A300DD436B4AA8359A23FCE3BB9688B6B597E89F8ADBC36A71B9 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys

18:12:32.0015 0x0810 HSF_DP - ok

18:12:32.0062 0x0810 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

18:12:32.0078 0x0810 HTTP - ok

18:12:32.0125 0x0810 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

18:12:32.0218 0x0810 HTTPFilter - ok

18:12:32.0234 0x0810 i2omgmt - ok

18:12:32.0234 0x0810 i2omp - ok

18:12:32.0250 0x0810 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys

18:12:32.0375 0x0810 i8042prt - ok

18:12:32.0437 0x0810 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe

18:12:32.0437 0x0810 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )

18:12:32.0437 0x0810 Detect skipped due to KSN trusted

18:12:32.0437 0x0810 IDriverT - ok

18:12:32.0531 0x0810 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:12:32.0578 0x0810 idsvc - ok

18:12:32.0609 0x0810 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

18:12:32.0718 0x0810 Imapi - ok

18:12:32.0750 0x0810 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe

18:12:32.0875 0x0810 ImapiService - ok

18:12:32.0890 0x0810 ini910u - ok

18:12:32.0906 0x0810 IntelIde - ok

18:12:32.0921 0x0810 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys

18:12:33.0031 0x0810 Ip6Fw - ok

18:12:33.0046 0x0810 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

18:12:33.0171 0x0810 IpFilterDriver - ok

18:12:33.0187 0x0810 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

18:12:33.0296 0x0810 IpInIp - ok

18:12:33.0328 0x0810 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

18:12:33.0437 0x0810 IpNat - ok

18:12:33.0500 0x0810 [ 066F2BBE2EEC9A42B065B552BF356B4E, AE86DB5BFD4748C54C0C224E7FBEA3C032F1071A39303DF35AA04869D3950B7A ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

18:12:33.0531 0x0810 iPod Service - ok

18:12:33.0546 0x0810 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

18:12:33.0656 0x0810 IPSec - ok

18:12:33.0671 0x0810 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

18:12:33.0718 0x0810 IRENUM - ok

18:12:33.0750 0x0810 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

18:12:33.0875 0x0810 isapnp - ok

18:12:33.0984 0x0810 [ 80A79264302910C7C24BA7E44267EFEF, 6080C233478350C8E07515D20D2D60C3758C4A65432B04E8C8B816248621A3EF ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

18:12:34.0015 0x0810 JavaQuickStarterService - ok

18:12:34.0031 0x0810 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

18:12:34.0140 0x0810 Kbdclass - ok

18:12:34.0171 0x0810 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

18:12:34.0265 0x0810 kbdhid - ok

18:12:34.0296 0x0810 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

18:12:34.0421 0x0810 kmixer - ok

18:12:34.0484 0x0810 [ 9646A100ACF21516DB1052BC419332BA, 231A21866983E5D2BA32F2F76B1180880F68908D54FCF13ECE377354FA847D62 ] KodakDigitalDisplayService C:\Program Files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe

18:12:34.0500 0x0810 KodakDigitalDisplayService - detected UnsignedFile.Multi.Generic ( 1 )

18:12:34.0500 0x0810 Detect skipped due to KSN trusted

18:12:34.0500 0x0810 KodakDigitalDisplayService - ok

18:12:34.0531 0x0810 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

18:12:34.0546 0x0810 KSecDD - ok

18:12:34.0578 0x0810 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll

18:12:34.0609 0x0810 lanmanserver - ok

18:12:34.0656 0x0810 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

18:12:34.0687 0x0810 lanmanworkstation - ok

18:12:34.0687 0x0810 Lavasoft Ad-Aware Service - ok

18:12:34.0703 0x0810 Lavasoft Kernexplorer - ok

18:12:34.0703 0x0810 lbrtfdc - ok

18:12:34.0734 0x0810 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

18:12:34.0859 0x0810 LmHosts - ok

18:12:34.0875 0x0810 [ EEAEA6514BA7C9D273B5E87C4E1AAB30, 3B724C6A8867B1B7A45D832150E0CFAC1004D3B972A2A7BFDD2ADDDB2488BB1E ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys

18:12:34.0890 0x0810 mdmxsdk - ok

18:12:34.0921 0x0810 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll

18:12:35.0015 0x0810 Messenger - ok

18:12:35.0046 0x0810 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

18:12:35.0156 0x0810 mnmdd - ok

18:12:35.0187 0x0810 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

18:12:35.0281 0x0810 mnmsrvc - ok

18:12:35.0312 0x0810 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys

18:12:35.0406 0x0810 Modem - ok

18:12:35.0453 0x0810 [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

18:12:35.0546 0x0810 MODEMCSA - ok

18:12:35.0593 0x0810 [ 54FEE02961C70FD9D4D7E2F87AFA23FA, 63DFA8340ECD3150AE29291502B10812661CF975FCAC4DA74267588E85A0B0B5 ] motmodem C:\WINDOWS\system32\DRIVERS\motmodem.sys

18:12:35.0625 0x0810 motmodem - ok

18:12:35.0625 0x0810 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

18:12:35.0734 0x0810 Mouclass - ok

18:12:35.0765 0x0810 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

18:12:35.0875 0x0810 mouhid - ok

18:12:35.0906 0x0810 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

18:12:36.0015 0x0810 MountMgr - ok

18:12:36.0062 0x0810 [ 825BF0E46B4470A463AEB641480C5FCA, 321F37EA5D2AF7E3F55399ABE94AC3788B90E254E4A6859059C6BB1C6BEF19D0 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

18:12:36.0078 0x0810 MozillaMaintenance - ok

18:12:36.0109 0x0810 [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys

18:12:36.0140 0x0810 MpFilter - ok

18:12:36.0312 0x0810 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsla5d04bef C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{50179A9D-EE07-4177-ADFC-4EF001C2FD9F}\MpKsla5d04bef.sys

18:12:36.0328 0x0810 MpKsla5d04bef - ok

18:12:36.0343 0x0810 mraid35x - ok

18:12:36.0359 0x0810 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

18:12:36.0484 0x0810 MRxDAV - ok

18:12:36.0562 0x0810 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

18:12:36.0593 0x0810 MRxSmb - ok

18:12:36.0656 0x0810 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe

18:12:36.0765 0x0810 MSDTC - ok

18:12:36.0796 0x0810 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

18:12:36.0890 0x0810 Msfs - ok

18:12:36.0906 0x0810 MSIServer - ok

18:12:36.0921 0x0810 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

18:12:37.0031 0x0810 MSKSSRV - ok

18:12:37.0078 0x0810 [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe

18:12:37.0093 0x0810 MsMpSvc - ok

18:12:37.0125 0x0810 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

18:12:37.0218 0x0810 MSPCLOCK - ok

18:12:37.0250 0x0810 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

18:12:37.0359 0x0810 MSPQM - ok

18:12:37.0359 0x0810 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

18:12:37.0468 0x0810 mssmbios - ok

18:12:37.0484 0x0810 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

18:12:37.0500 0x0810 Mup - ok

18:12:37.0546 0x0810 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll

18:12:37.0656 0x0810 napagent - ok

18:12:37.0703 0x0810 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

18:12:37.0828 0x0810 NDIS - ok

18:12:37.0875 0x0810 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

18:12:37.0906 0x0810 NdisTapi - ok

18:12:37.0937 0x0810 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

18:12:38.0031 0x0810 Ndisuio - ok

18:12:38.0046 0x0810 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

18:12:38.0156 0x0810 NdisWan - ok

18:12:38.0187 0x0810 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

18:12:38.0203 0x0810 NDProxy - ok

18:12:38.0234 0x0810 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3, 29ACA9D8A5426333F75858D9D3960A4DCDDA4ACC986B3E9E37D255E4FAECDB7C ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll

18:12:38.0250 0x0810 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )

18:12:38.0250 0x0810 Detect skipped due to KSN trusted

18:12:38.0250 0x0810 Net Driver HPZ12 - ok

18:12:38.0265 0x0810 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

18:12:38.0359 0x0810 NetBIOS - ok

18:12:38.0390 0x0810 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

18:12:38.0531 0x0810 NetBT - ok

18:12:38.0578 0x0810 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe

18:12:38.0687 0x0810 NetDDE - ok

18:12:38.0687 0x0810 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

18:12:38.0796 0x0810 NetDDEdsdm - ok

18:12:38.0843 0x0810 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe

18:12:38.0937 0x0810 Netlogon - ok

18:12:39.0046 0x0810 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll

18:12:39.0156 0x0810 Netman - ok

18:12:39.0171 0x0810 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:12:39.0187 0x0810 NetTcpPortSharing - ok

18:12:39.0250 0x0810 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll

18:12:39.0281 0x0810 Nla - ok

18:12:39.0328 0x0810 [ B48DC6ABCD3AEFF8618350CCBDC6B09A, 824D8B03E061DDD0D33EF9F03C669B13E7B6E339684009BD44D69178C45E2DE1 ] npf C:\WINDOWS\system32\drivers\npf.sys

18:12:39.0328 0x0810 npf - ok

18:12:39.0343 0x0810 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

18:12:39.0453 0x0810 Npfs - ok

18:12:39.0515 0x0810 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

18:12:39.0687 0x0810 Ntfs - ok

18:12:39.0687 0x0810 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

18:12:39.0796 0x0810 NtLmSsp - ok

18:12:39.0828 0x0810 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

18:12:39.0953 0x0810 NtmsSvc - ok

18:12:39.0968 0x0810 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys

18:12:40.0078 0x0810 Null - ok

18:12:40.0281 0x0810 [ 15A6306A0B958BF60F09688D0EE70479, BE4AD7CF12EAA8D62B7B8A0153B1F1E8C163DCC61C4C977E8EC06D78239DC91E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

18:12:40.0531 0x0810 nv - ok

18:12:40.0578 0x0810 [ 6B37162E91A7005BAA753CB611ACEA2D, 7B0776F21A1EFBDC519682236A630BDBF598AAAFFD240149F2CFABAC65DF2503 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys

18:12:40.0609 0x0810 nvata - ok

18:12:40.0640 0x0810 [ 986D6666E076AFD2B60ACAFD5B01A00F, 074EC1BD13D2B5626AFF7DD966E7F2D0ECE9C64577B8BD6C157B274A44FF3F9A ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

18:12:40.0671 0x0810 NVSvc - ok

18:12:40.0703 0x0810 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

18:12:40.0796 0x0810 NwlnkFlt - ok

18:12:40.0812 0x0810 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

18:12:40.0906 0x0810 NwlnkFwd - ok

18:12:40.0937 0x0810 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys

18:12:41.0046 0x0810 Parport - ok

18:12:41.0078 0x0810 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

18:12:41.0187 0x0810 PartMgr - ok

18:12:41.0203 0x0810 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

18:12:41.0312 0x0810 ParVdm - ok

18:12:41.0343 0x0810 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

18:12:41.0453 0x0810 PCI - ok

18:12:41.0453 0x0810 PCIDump - ok

18:12:41.0500 0x0810 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

18:12:41.0593 0x0810 PCIIde - ok

18:12:41.0609 0x0810 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

18:12:41.0750 0x0810 Pcmcia - ok

18:12:41.0750 0x0810 PDCOMP - ok

18:12:41.0765 0x0810 PDFRAME - ok

18:12:41.0765 0x0810 PDRELI - ok

18:12:41.0781 0x0810 PDRFRAME - ok

18:12:41.0781 0x0810 perc2 - ok

18:12:41.0796 0x0810 perc2hib - ok

18:12:41.0828 0x0810 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe

18:12:41.0859 0x0810 PlugPlay - ok

18:12:41.0906 0x0810 [ 79834AA2FBF9FE81EEBB229024F6F7FC, 4E243765C11AE9B5D003C3220B8AA0C4671B2627221D2323F80189CA3A307FEF ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll

18:12:41.0906 0x0810 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )

18:12:41.0906 0x0810 Detect skipped due to KSN trusted

18:12:41.0906 0x0810 Pml Driver HPZ12 - ok

18:12:41.0921 0x0810 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

18:12:42.0015 0x0810 PolicyAgent - ok

18:12:42.0031 0x0810 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

18:12:42.0140 0x0810 PptpMiniport - ok

18:12:42.0140 0x0810 [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

18:12:42.0250 0x0810 Processor - ok

18:12:42.0250 0x0810 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

18:12:42.0359 0x0810 ProtectedStorage - ok

18:12:42.0375 0x0810 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

18:12:42.0500 0x0810 PSched - ok

18:12:42.0531 0x0810 [ 68B57D7C11277EA89F78255480376B4D, 5530B58126BF33E6BCDED99C73C41B90BA148587BDA3866FD4DAD12035B302B5 ] PSI C:\WINDOWS\system32\DRIVERS\psi_mf_x86.sys

18:12:42.0546 0x0810 PSI - ok

18:12:42.0593 0x0810 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

18:12:42.0718 0x0810 Ptilink - ok

18:12:42.0734 0x0810 [ FEFFCFDC528764A04C8ED63D5FA6E711, BECC9174DA5860FCF011957CB6A12DE5074A770DC14076C0C94E63AD42ECF19E ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys

18:12:42.0734 0x0810 PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )

18:12:42.0734 0x0810 Detect skipped due to KSN trusted

18:12:42.0734 0x0810 PxHelp20 - ok

18:12:42.0750 0x0810 ql1080 - ok

18:12:42.0750 0x0810 Ql10wnt - ok

18:12:42.0750 0x0810 ql12160 - ok

18:12:42.0765 0x0810 ql1240 - ok

18:12:42.0765 0x0810 ql1280 - ok

18:12:42.0796 0x0810 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

18:12:42.0890 0x0810 RasAcd - ok

18:12:42.0921 0x0810 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll

18:12:43.0031 0x0810 RasAuto - ok

18:12:43.0031 0x0810 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

18:12:43.0156 0x0810 Rasl2tp - ok

18:12:43.0203 0x0810 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll

18:12:43.0343 0x0810 RasMan - ok

18:12:43.0359 0x0810 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

18:12:43.0468 0x0810 RasPppoe - ok

18:12:43.0484 0x0810 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

18:12:43.0578 0x0810 Raspti - ok

18:12:43.0609 0x0810 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

18:12:43.0718 0x0810 Rdbss - ok

18:12:43.0734 0x0810 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

18:12:43.0828 0x0810 RDPCDD - ok

18:12:43.0875 0x0810 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

18:12:43.0890 0x0810 RDPWD - ok

18:12:43.0906 0x0810 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

18:12:44.0015 0x0810 RDSessMgr - ok

18:12:44.0078 0x0810 [ 89525CC2DBAD44F7199B9CC188B3F9C5, 09708EFA65BC1CCF92E6F2E143FCF88C645B1633AFE0DED833CDF945CB077D8C ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

18:12:44.0093 0x0810 RealNetworks Downloader Resolver Service - ok

18:12:44.0140 0x0810 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

18:12:44.0250 0x0810 redbook - ok

18:12:44.0265 0x0810 Revoflt - ok

18:12:44.0281 0x0810 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe

18:12:44.0390 0x0810 RpcLocator - ok

18:12:44.0453 0x0810 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll

18:12:44.0484 0x0810 RpcSs - ok

18:12:44.0515 0x0810 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe

18:12:44.0625 0x0810 RSVP - ok

18:12:44.0640 0x0810 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe

18:12:44.0750 0x0810 SamSs - ok

18:12:44.0781 0x0810 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

18:12:44.0906 0x0810 SCardSvr - ok

18:12:44.0937 0x0810 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll

18:12:45.0062 0x0810 Schedule - ok

18:12:45.0093 0x0810 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

18:12:45.0140 0x0810 Secdrv - ok

18:12:45.0156 0x0810 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll

18:12:45.0265 0x0810 seclogon - ok

18:12:45.0421 0x0810 [ DA6C0E0B15CD0B135FD385AEABAE3A4C, 1DBED093D4BD1E800828D8E0EB19EDA7FD1E963AABD4F71D61F1AD04F669290F ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe

18:12:45.0484 0x0810 Secunia PSI Agent - ok

18:12:45.0578 0x0810 [ 71761EDC432A0E39CF621105884E738E, 935133326B794F6DEAA97B9B6B6295AC6A884C3B73ABCD5662A79CEAD8EEA5EE ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe

18:12:45.0625 0x0810 Secunia Update Agent - ok

18:12:45.0656 0x0810 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll

18:12:45.0781 0x0810 SENS - ok

18:12:45.0796 0x0810 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys

18:12:45.0921 0x0810 Serial - ok

18:12:45.0968 0x0810 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

18:12:46.0078 0x0810 Sfloppy - ok

18:12:46.0140 0x0810 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

18:12:46.0296 0x0810 SharedAccess - ok

18:12:46.0328 0x0810 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

18:12:46.0359 0x0810 ShellHWDetection - ok

18:12:46.0359 0x0810 Simbad - ok

18:12:46.0375 0x0810 Sparrow - ok

18:12:46.0390 0x0810 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys

18:12:46.0484 0x0810 splitter - ok

18:12:46.0546 0x0810 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe

18:12:46.0562 0x0810 Spooler - ok

18:12:46.0625 0x0810 [ 610522607B15DC6D5D8E20827D07B282, 86F5E40AEAB77C9381DDB0938FFFC98FAF2A060F3CAD5F0B63278568005511B8 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys

18:12:46.0687 0x0810 sptd - detected UnsignedFile.Multi.Generic ( 1 )

18:12:46.0687 0x0810 sptd ( UnsignedFile.Multi.Generic ) - warning

18:12:46.0687 0x0810 Force sending object to P2P due to detect: C:\WINDOWS\system32\Drivers\sptd.sys

18:12:49.0781 0x0810 Object send P2P result: true

18:12:52.0578 0x0810 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

18:12:52.0625 0x0810 sr - ok

18:12:52.0671 0x0810 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll

18:12:52.0734 0x0810 srservice - ok

18:12:52.0781 0x0810 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

18:12:52.0828 0x0810 Srv - ok

18:12:52.0843 0x0810 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

18:12:52.0921 0x0810 SSDPSRV - ok

18:12:52.0968 0x0810 [ 306521935042FC0A6988D528643619B3, 6FCC06EA71F5C83A8C3A8B7152E9FF48BCFBD35ED8C134A0879735F9135BB20C ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys

18:12:52.0984 0x0810 StarOpen - detected UnsignedFile.Multi.Generic ( 1 )

18:12:52.0984 0x0810 Detect skipped due to KSN trusted

18:12:52.0984 0x0810 StarOpen - ok

18:12:53.0078 0x0810 [ 8990440E4B2A7CA5A56A1833B03741FD, 55FE82DAE2D15D02AB12777045E2A3FE71560E53ECF1B1C03C25A603D5D90EBB ] STHDA C:\WINDOWS\system32\drivers\sthda.sys

18:12:53.0140 0x0810 STHDA - ok

18:12:53.0187 0x0810 [ A9573045BAA16EAB9B1085205B82F1ED, 6A4D68BCD4968C17451EB1C4AB420FFA844D089845520D222BC4A2BD14583C56 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys

18:12:53.0281 0x0810 StillCam - ok

18:12:53.0328 0x0810 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll

18:12:53.0453 0x0810 stisvc - ok

18:12:53.0500 0x0810 [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

18:12:53.0515 0x0810 stllssvr - detected UnsignedFile.Multi.Generic ( 1 )

18:12:53.0515 0x0810 Detect skipped due to KSN trusted

18:12:53.0515 0x0810 stllssvr - ok

18:12:53.0562 0x0810 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

18:12:53.0687 0x0810 swenum - ok

18:12:53.0718 0x0810 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

18:12:53.0812 0x0810 swmidi - ok

18:12:53.0828 0x0810 SwPrv - ok

18:12:53.0828 0x0810 symc810 - ok

18:12:53.0843 0x0810 symc8xx - ok

18:12:53.0843 0x0810 sym_hi - ok

18:12:53.0859 0x0810 sym_u3 - ok

18:12:53.0875 0x0810 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

18:12:53.0984 0x0810 sysaudio - ok

18:12:54.0015 0x0810 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

18:12:54.0125 0x0810 SysmonLog - ok

18:12:54.0171 0x0810 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

18:12:54.0281 0x0810 TapiSrv - ok

18:12:54.0328 0x0810 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

18:12:54.0375 0x0810 Tcpip - ok

18:12:54.0406 0x0810 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

18:12:54.0515 0x0810 TDPIPE - ok

18:12:54.0546 0x0810 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

18:12:54.0640 0x0810 TDTCP - ok

18:12:54.0671 0x0810 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

18:12:54.0781 0x0810 TermDD - ok

18:12:54.0812 0x0810 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll

18:12:54.0937 0x0810 TermService - ok

18:12:54.0968 0x0810 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll

18:12:54.0984 0x0810 Themes - ok

18:12:55.0062 0x0810 [ E4FAD21646088D79F8889B6531396ACF, D0C8F0E3293D423245FD2233F283A1FE2463E15F8B9F4ED6AC96C2164EC51F75 ] TomTomHOMEService C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe

18:12:55.0078 0x0810 TomTomHOMEService - ok

18:12:55.0078 0x0810 TosIde - ok

18:12:55.0093 0x0810 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll

18:12:55.0218 0x0810 TrkWks - ok

18:12:55.0234 0x0810 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

18:12:55.0343 0x0810 Udfs - ok

18:12:55.0343 0x0810 ultra - ok

18:12:55.0406 0x0810 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

18:12:55.0546 0x0810 Update - ok

18:12:55.0593 0x0810 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll

18:12:55.0671 0x0810 upnphost - ok

18:12:55.0687 0x0810 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe

18:12:55.0796 0x0810 UPS - ok

18:12:55.0828 0x0810 [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys

18:12:55.0843 0x0810 USBAAPL - ok

18:12:55.0875 0x0810 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

18:12:55.0921 0x0810 usbccgp - ok

18:12:55.0937 0x0810 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

18:12:55.0953 0x0810 usbehci - ok

18:12:55.0968 0x0810 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

18:12:56.0062 0x0810 usbhub - ok

18:12:56.0078 0x0810 [ 0DAECCE65366EA32B162F85F07C6753B, 3C33AC2FC95E876933F2016CF0CDA2745491679728684DA8DF95A515CE4804BD ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

18:12:56.0203 0x0810 usbohci - ok

18:12:56.0234 0x0810 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

18:12:56.0328 0x0810 usbprint - ok

18:12:56.0375 0x0810 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

18:12:56.0406 0x0810 usbscan - ok

18:12:56.0406 0x0810 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

18:12:56.0515 0x0810 USBSTOR - ok

18:12:56.0546 0x0810 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

18:12:56.0656 0x0810 VgaSave - ok

18:12:56.0671 0x0810 ViaIde - ok

18:12:56.0703 0x0810 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

18:12:56.0812 0x0810 VolSnap - ok

18:12:56.0859 0x0810 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe

18:12:56.0921 0x0810 VSS - ok

18:12:56.0937 0x0810 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll

18:12:57.0046 0x0810 W32Time - ok

18:12:57.0093 0x0810 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

18:12:57.0203 0x0810 Wanarp - ok

18:12:57.0234 0x0810 [ D6EFAF429FD30C5DF613D220E344CCE7, 807D4563E8AD4073688691078EB13AF240E14BA5E0C8506A48B3060A20B90082 ] WDC_SAM C:\WINDOWS\system32\DRIVERS\wdcsam.sys

18:12:57.0250 0x0810 WDC_SAM - ok

18:12:57.0312 0x0810 [ 8530B35284AA20D9C614CCB3725CEF37, 38EDA7CEF28F830C2FF999EA5783152BEF39D61299DBDACEF8AE7865FB605152 ] WDDMService C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe

18:12:57.0328 0x0810 WDDMService - detected UnsignedFile.Multi.Generic ( 1 )

18:12:57.0328 0x0810 Detect skipped due to KSN trusted

18:12:57.0328 0x0810 WDDMService - ok

18:12:57.0390 0x0810 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys

18:12:57.0421 0x0810 Wdf01000 - ok

18:12:57.0421 0x0810 WDICA - ok

18:12:57.0453 0x0810 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

18:12:57.0562 0x0810 wdmaud - ok

18:12:57.0609 0x0810 [ 138AB06ADBBF300AA804D7974A5AEC82, 61A99CB8176C291E858F9D964A9B2EC36970F3BFFF3D5F933A16E9B28BF922DD ] WDSmartWareBackgroundService C:\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe

18:12:57.0609 0x0810 WDSmartWareBackgroundService - detected UnsignedFile.Multi.Generic ( 1 )

18:12:57.0609 0x0810 Detect skipped due to KSN trusted

18:12:57.0609 0x0810 WDSmartWareBackgroundService - ok

18:12:57.0625 0x0810 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll

18:12:57.0734 0x0810 WebClient - ok

18:12:57.0828 0x0810 [ F59ED5A43B988A18EF582BB07B2327A7, E870821C9C4E31D3B05049FBA5D81358F9C30E6A67F600D4EA3A5736CA344028 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys

18:12:57.0875 0x0810 winachsf - ok

18:12:57.0953 0x0810 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

18:12:58.0062 0x0810 winmgmt - ok

18:12:58.0187 0x0810 [ 5144AE67D60EC653F97DDF3FEED29E77, F6238767284B2356A9F502E2ACCFAAC283FA13CBF238E98B5115A55179526B10 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

18:12:58.0265 0x0810 wlidsvc - ok

18:12:58.0343 0x0810 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

18:12:58.0359 0x0810 WmdmPmSN - ok

18:12:58.0406 0x0810 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

18:12:58.0515 0x0810 WmiApSrv - ok

18:12:58.0656 0x0810 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

18:12:58.0703 0x0810 WMPNetworkSvc - ok

18:12:58.0734 0x0810 [ CF4DEF1BF66F06964DC0D91844239104, CC1D9CECE2056D29A9651D51BB57C3F4F9BF9E90A4808CF7496C683C874FBD51 ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys

18:12:58.0750 0x0810 WpdUsb - ok

18:12:58.0828 0x0810 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:12:58.0875 0x0810 WPFFontCache_v0400 - ok

18:12:58.0937 0x0810 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys

18:12:59.0062 0x0810 WS2IFSL - ok

18:12:59.0093 0x0810 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

18:12:59.0218 0x0810 wscsvc - ok

18:12:59.0234 0x0810 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll

18:12:59.0343 0x0810 wuauserv - ok

18:12:59.0390 0x0810 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

18:12:59.0421 0x0810 WudfPf - ok

18:12:59.0437 0x0810 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

18:12:59.0453 0x0810 WudfRd - ok

18:12:59.0484 0x0810 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

18:12:59.0500 0x0810 WudfSvc - ok

18:12:59.0546 0x0810 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

18:12:59.0687 0x0810 WZCSVC - ok

18:12:59.0703 0x0810 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll

18:12:59.0812 0x0810 xmlprov - ok

18:12:59.0828 0x0810 ================ Scan global ===============================

18:12:59.0875 0x0810 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

18:12:59.0921 0x0810 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

18:12:59.0953 0x0810 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

18:12:59.0968 0x0810 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

18:12:59.0984 0x0810 [ Global ] - ok

18:12:59.0984 0x0810 ================ Scan MBR ==================================

18:13:00.0000 0x0810 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

18:13:00.0171 0x0810 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )

18:13:00.0171 0x0810 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

18:13:02.0953 0x0810 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1

18:13:02.0968 0x0810 \Device\Harddisk1\DR1 - ok

18:13:02.0968 0x0810 ================ Scan VBR ==================================

18:13:02.0984 0x0810 [ C343C9F5943295F45F4DDAE291FC0A48 ] \Device\Harddisk0\DR0\Partition1

18:13:02.0984 0x0810 \Device\Harddisk0\DR0\Partition1 - ok

18:13:02.0984 0x0810 [ 77F76699DDB661A6C8D7C7004050FB1E ] \Device\Harddisk0\DR0\Partition2

18:13:03.0000 0x0810 \Device\Harddisk0\DR0\Partition2 - ok

18:13:03.0000 0x0810 [ 8EE92F04D5EB4A28A82C1F0E2A3213BA ] \Device\Harddisk1\DR1\Partition1

18:13:03.0000 0x0810 \Device\Harddisk1\DR1\Partition1 - ok

18:13:03.0015 0x0810 AV detected via SS1: Microsoft Security Essentials, 4.4.0304.0, disabled, updated

18:13:03.0031 0x0810 Win FW state via NFM: enabled

18:13:05.0796 0x0810 ============================================================

18:13:05.0796 0x0810 Scan finished

18:13:05.0796 0x0810 ============================================================

18:13:05.0796 0x0c94 Detected object count: 2

18:13:05.0796 0x0c94 Actual detected object count: 2

18:13:48.0562 0x0c94 sptd ( UnsignedFile.Multi.Generic ) - skipped by user

18:13:48.0562 0x0c94 sptd ( UnsignedFile.Multi.Generic ) - User select action: Skip

18:13:48.0562 0x0c94 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

18:13:48.0562 0x0c94 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

#10 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 30 January 2014 - 07:08 PM

18:13:48.0562 0x0c94 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

18:13:48.0562 0x0c94 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Were you not given the option to cure this?

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

Advertisements

Register to Remove

#11 btbenoit

Authentic Member

Authentic Member
95 posts

Posted 30 January 2014 - 07:13 PM

no. it didnt even say to reboot. all it said was supiciuos objects were found.

#12 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 30 January 2014 - 07:20 PM

Hm... let's try a different scan then:

Please download GMER from one of the following locations and save it to your desktop:

Main Mirror which will download a randomly named file
Zipped Mirror - Unzip the file to its own folder such as C:\gmer
Disconnect from the Internet and close all running programs
Temporarily disable any real-time active protection
It is very important you do not use your computer while GMER is running
Double-click on the randomly named GMER icon
GMER will open to the Rootkit/Malware tab and perform an automatic quick scan
If you receive a warning about rootkit activity and are asked to fully scan your system click NO
Please check in the Quick scan box
Please uncheck the following:

IAT/EAT
Show All <<< Important

Click Scan
If you see a rootkit warning window click OK
When the scan is finished, Save the results to your desktop as gmer.log
Click Copy then paste the results in your reply
Exit GMER and be sure to re-enable your Antivirus, Firewall and any other security programs you had disabled

Note:

If you encounter any problems, try running GMER in Safe Mode
If GMER crashes or keeps resulting in a Blue Screen of Death, uncheck Devices on the right side before scanning

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#13 btbenoit

Authentic Member

Authentic Member
95 posts

Posted 30 January 2014 - 09:27 PM

GMER 2.1.19357 - http://www.gmer.net

Rootkit scan 2014-01-30 21:29:24

Windows 5.1.2600 Service Pack 3 \Device\Harddisk0\DR0 -> \Device\00000064 SAMSUNG_SP2504C rev.VT100-52 232.83GB

Running: ezbonk1v.exe; Driver: C:\DOCUME~1\Beaub\LOCALS~1\Temp\pxtdqpob.sys

---- System - GMER 2.1 ----

SSDT sptd.sys ZwCreateKey [0xB9E9AAC8]

SSDT sptd.sys ZwEnumerateKey [0xB9E9AC22]

SSDT sptd.sys ZwEnumerateValueKey [0xB9E9AF9A]

SSDT sptd.sys ZwOpenKey [0xB9E9A98E]

SSDT sptd.sys ZwQueryKey [0xB9E9B064]

SSDT \??\C:\WINDOWS\system32\drivers\avgtpx86.sys ZwQueryValueKey [0xBA1F91D6]

SSDT sptd.sys ZwSetValueKey [0xB9E9B0EC]

---- Kernel code sections - GMER 2.1 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8F77360, 0x2456AE, 0xE8000020]

? C:\DOCUME~1\Beaub\LOCALS~1\Temp\mbr.sys The filename, directory name, or volume label syntax is incorrect. !

? C:\DOCUME~1\Beaub\LOCALS~1\Temp\aswMBR.sys The filename, directory name, or volume label syntax is incorrect. !

? system32\drivers\36620771.sys The system cannot find the path specified. !

---- User code sections - GMER 2.1 ----

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 34, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 37, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 34, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 35, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91564E

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 36, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 35, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 36, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B9156BF

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 34, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B9157ED

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 35, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 36, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 37, 80, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[252] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 08, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 0B, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 08, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 09, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED22

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 0A, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 09, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 0A, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90ED93

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 08, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EEC1

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 09, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 0A, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 0B, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[1748] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, F4, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, F7, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, F4, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, F5, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90EE0E

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, F6, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, F5, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, F6, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EE7F

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, F4, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EFAD

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, F5, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, F6, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, F7, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[2492] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, 60, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, 63, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, 60, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, 61, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B90ED7A

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, 62, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, 61, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, 62, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B90EDEB

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, 60, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B90EF19

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, 61, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, 62, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, 63, 17, 00]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3776] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtCreateFile + 6 7C90D0B4 4 Bytes [28, C8, 08, 01] {SUB AL, CL; OR [ECX], AL}

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtCreateFile + B 7C90D0B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtMapViewOfSection + 6 7C90D524 4 Bytes [28, CB, 08, 01] {SUB BL, CL; OR [ECX], AL}

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtMapViewOfSection + B 7C90D529 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenFile + 6 7C90D5A4 4 Bytes [68, C8, 08, 01]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenFile + B 7C90D5A9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenProcess + 6 7C90D604 4 Bytes [A8, C9, 08, 01] {TEST AL, 0xc9; OR [ECX], AL}

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenProcess + B 7C90D609 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenProcessToken + 6 7C90D614 4 Bytes CALL 7B91DEE2

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenProcessToken + B 7C90D619 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenProcessTokenEx + 6 7C90D624 4 Bytes [A8, CA, 08, 01] {TEST AL, 0xca; OR [ECX], AL}

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenProcessTokenEx + B 7C90D629 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenThread + 6 7C90D664 4 Bytes [68, C9, 08, 01]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenThread + B 7C90D669 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenThreadToken + 6 7C90D674 4 Bytes [68, CA, 08, 01]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenThreadToken + B 7C90D679 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenThreadTokenEx + 6 7C90D684 4 Bytes CALL 7B91DF53

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtOpenThreadTokenEx + B 7C90D689 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtQueryAttributesFile + 6 7C90D714 4 Bytes [A8, C8, 08, 01] {TEST AL, 0xc8; OR [ECX], AL}

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtQueryAttributesFile + B 7C90D719 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtQueryFullAttributesFile + 6 7C90D7B4 4 Bytes CALL 7B91E081

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtQueryFullAttributesFile + B 7C90D7B9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtSetInformationFile + 6 7C90DC64 4 Bytes [28, C9, 08, 01] {SUB CL, CL; OR [ECX], AL}

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtSetInformationFile + B 7C90DC69 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtSetInformationThread + 6 7C90DCB4 4 Bytes [28, CA, 08, 01] {SUB DL, CL; OR [ECX], AL}

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtSetInformationThread + B 7C90DCB9 1 Byte [E2]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtUnmapViewOfSection + 6 7C90DF14 4 Bytes [68, CB, 08, 01]

.text C:\Documents and Settings\Beaub\Local Settings\Application Data\Google\Chrome\Application\chrome.exe[3904] ntdll.dll!NtUnmapViewOfSection + B 7C90DF19 1 Byte [E2]

.text C:\program files\real\realplayer\update\realsched.exe[4032] kernel32.dll!SetUnhandledExceptionFilter 7C8449CD 5 Bytes [33, C0, C2, 04, 00] {XOR EAX, EAX; RET 0x4}

---- Devices - GMER 2.1 ----

Device \FileSystem\Ntfs \Ntfs 8A31E398

Device \Driver\08566285 \Device\KLMD12112013_02100002 36620771.sys

Device \Driver\nvata \Device\00000064 8A31EA40

Device \Driver\Ftdisk \Device\HarddiskVolume1 8A31EEB0

Device \Driver\Ftdisk \Device\HarddiskVolume2 8A31EEB0

Device \Driver\nvata \Device\00000065 8A31EA40

Device \Driver\Ftdisk \Device\HarddiskVolume3 8A31EEB0

Device \Driver\Ftdisk \Device\HarddiskVolume4 8A31EEB0

Device \Driver\nvata \Device\00000068 8A31EA40

Device \Driver\Disk \Device\Harddisk0\DR0 8A31E5D0

Device \Driver\Disk \Device\Harddisk1\DR1 8A31E5D0

Device \Driver\Disk \Device\Harddisk2\DR6 8A31E5D0

Device \Driver\nvata \Device\NvAta0 8A31EA40

Device \Driver\nvata \Device\NvAta1 8A31EA40

Device mrxsmb.sys

Device \Driver\Ftdisk \Device\FtControl 8A31EEB0

Device 9FE92D20

AttachedDevice fltmgr.sys

Device Cdfs.SYS

Device DLAIFS_M.SYS

---- Trace I/O - GMER 2.1 ----

Trace ntkrnlpa.exe >>UNKNOWN [0x8a31e5d0]<< 8a31e5d0

Trace 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3d4628] 8a3d4628

Trace \Driver\Disk[0x8a472dd8] -> IRP_MJ_CREATE -> 0x8a31e5d0 8a31e5d0

---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s0 -347804638

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 -347219360

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 1084179795

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x84 0x5D 0xEB 0x2D ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0xFA 0x32 0x73 ...

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDF 0x35 0x57 0xE1 ...

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools\

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0x84 0x5D 0xEB 0x2D ...

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ...

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x44 0xFA 0x32 0x73 ...

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet)

Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0xDF 0x35 0x57 0xE1 ...

---- EOF - GMER 2.1 ----

#14 Tomk

Beguilement Monitor

Global Moderator
20,451 posts

Posted 30 January 2014 - 09:44 PM

Interesting... but good. No rootkit showing.

Let's see if we can do some repairing now.

Download ComboFix:

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* IMPORTANT !!! Save ComboFix.exe to your Desktop

Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatth...ams_t96260.html
Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

Notes:

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Tomk
------------------------------------------------------------
Microsoft MVP 2010-2014

#15 btbenoit

Authentic Member

Authentic Member
95 posts

Posted 30 January 2014 - 10:10 PM

ComboFix 14-01-29.01 - Beaub 01/30/2014 21:58:57.1.1 - x86

Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1918.1214 [GMT -6:00]

Running from: c:\documents and settings\Beaub\Desktop\ComboFix.exe

AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}

((((((((((((((((((((((((( Files Created from 2013-12-28 to 2014-01-31 )))))))))))))))))))))))))))))))

2014-01-31 03:29 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{E6AA84C1-B534-4A26-8910-DD7EEEAF396B}\mpengine.dll

2014-01-30 04:16 . 2013-12-04 02:57 7760024 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2014-01-26 14:49 . 2014-01-26 14:50 -------- d-----w- c:\windows\LastGood

2014-01-26 03:35 . 2014-01-26 03:35 -------- d-----w- c:\program files\CCleaner

2014-01-17 03:23 . 2014-01-17 03:24 -------- d-----w- c:\windows\system32\NtmsData

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2014-01-24 21:27 . 2013-12-02 23:43 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-01-24 21:27 . 2011-06-10 18:35 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-01-19 07:32 . 2009-12-30 23:44 231584 ------w- c:\windows\system32\MpSigStub.exe

2013-12-19 01:56 . 2013-12-19 01:56 4558848 ----a-w- c:\windows\system32\GPhotos.scr

2013-12-11 09:01 . 2013-12-11 09:01 9272200 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe

2013-12-02 19:25 . 2013-11-30 13:49 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2013-11-27 20:21 . 2004-08-04 12:00 40960 ----a-w- c:\windows\system32\drivers\ndproxy.sys

2013-11-19 03:57 . 2013-11-30 01:33 101664 ----a-w- c:\windows\system32\BootDefrag.exe

2013-11-18 01:18 . 2013-11-30 01:33 13504 ----a-w- c:\windows\system32\drivers\BootDefragDriver.sys

2013-11-13 02:59 . 2004-08-04 12:00 150528 ----a-w- c:\windows\system32\imagehlp.dll

2013-11-12 20:33 . 2013-06-06 12:32 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys

2013-11-07 05:38 . 2004-08-04 12:00 591360 ----a-w- c:\windows\system32\rpcrt4.dll

2013-11-06 01:03 . 2009-12-30 19:15 7168 ----a-w- c:\windows\system32\xpsp4res.dll

2013-11-04 12:42 . 2013-11-04 12:42 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CTSVolFE.exe"="c:\program files\Creative\Mixer\CTSVolFE.exe" [2005-02-23 57344]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-23 7630848]

"FPPhotoMiddleWare"="c:\program files\Fisher-Price\Photo Software\Util\Fisher-Price Photo Software Middleware.exe" [2010-07-30 62864]

"AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" [2011-04-20 58656]

"Philips Device Listener"="c:\program files\Philips\Philips Songbird Resources\Autolauncher\PhilipsDeviceListener.exe" [2010-10-15 380416]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]

"ContentTransferWMDetector.exe"="c:\program files\Sony\Content Transfer\ContentTransferWMDetector.exe" [2009-11-20 583016]

"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2013-04-14 295512]

"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2013-05-01 421888]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2013-11-02 152392]

"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-26 437160]

c:\documents and settings\All Users\Start Menu\Programs\Startup\

WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2012-8-3 494920]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]

BootExecute REG_MULTI_SZ autocheck autochk * \0lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

@=""

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"c:\\Program Files\\BitTorrent\\BitTorrent.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

R0 BootDefragDriver;BootDefragDriver;c:\windows\system32\drivers\BootDefragDriver.sys [11/29/2013 7:33 PM 13504]

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [12/30/2009 9:22 AM 664064]

R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [6/6/2013 6:32 AM 37664]

R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2/11/2011 3:23 PM 35088]

R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [3/6/2013 1:21 AM 39056]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [11/4/2013 6:42 AM 660184]

R2 TomTomHOMEService;TomTomHOMEService;c:\program files\TomTom HOME 2\TomTomHOMEService.exe [8/27/2013 3:57 PM 93072]

R2 WDDMService;WD SmartWare Drive Manager;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [10/14/2009 2:31 PM 98304]

R2 WDSmartWareBackgroundService;WD SmartWare Background Service;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe [6/16/2009 9:58 AM 20480]

R3 BBUpdate;BBUpdate;c:\program files\Microsoft\BingBar\7.3.124.0\SeaPort.EXE [12/16/2013 7:34 PM 247968]

S2 BBSvc;BingBar Service;c:\program files\Microsoft\BingBar\7.3.124.0\BBSvc.EXE [12/16/2013 7:34 PM 193696]

S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [9/29/2010 7:54 PM 16512]

S3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys [8/20/2013 4:55 PM 30464]

S3 Lavasoft Kernexplorer;Lavasoft helper driver;\??\c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys --> c:\program files\Lavasoft\Ad-Aware\KernExplorer.sys [?]

S3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [11/4/2013 6:42 AM 16024]

S3 Revoflt;Revoflt;c:\windows\system32\DRIVERS\revoflt.sys --> c:\windows\system32\DRIVERS\revoflt.sys [?]

S3 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [11/4/2013 6:42 AM 1228504]

S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [1/9/2010 10:27 AM 11520]

S4 KodakDigitalDisplayService;KodakDigitalDisplayService;c:\program files\Kodak\Digital Display\OrbKodakLauncher\DllStartupService.exe [5/14/2009 11:21 AM 98304]

S4 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;"c:\program files\Lavasoft\Ad-Aware\AAWService.exe" --> c:\program files\Lavasoft\Ad-Aware\AAWService.exe [?]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - 08566285

*NewlyCreated* - ASWMBR

*NewlyCreated* - MPFILTER

*NewlyCreated* - PXTDQPOB

*Deregistered* - 08566285

*Deregistered* - aswMBR

*Deregistered* - pxtdqpob

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

Contents of the 'Scheduled Tasks' folder

2014-01-31 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-11 21:27]

2014-01-24 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 22:57]

2014-01-30 c:\windows\Tasks\At1.job

- c:\program files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17 09:15]

2014-01-31 c:\windows\Tasks\At2.job

- c:\program files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17 09:15]

2014-01-30 c:\windows\Tasks\At3.job

- c:\program files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17 09:15]

2014-01-30 c:\windows\Tasks\At4.job

- c:\program files\HP\HP Officejet 6700\Bin\HPCustPartic.exe [2012-10-17 09:15]

2014-01-26 c:\windows\Tasks\GlaryInitialize 4.job

- c:\program files\Glary Utilities 4\Initialize.exe [2013-11-19 03:53]

2014-01-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 19:27]

2014-01-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-02 19:27]

2014-01-30 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-884357618-839522115-1004Core.job

- c:\documents and settings\Beaub\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-29 06:08]

2014-01-31 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-884357618-839522115-1004UA.job

- c:\documents and settings\Beaub\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-06-29 06:08]

2014-01-30 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job

- c:\program files\Microsoft Security Client\MpCmdRun.exe [2013-10-23 21:01]

2014-01-26 c:\windows\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1715567821-884357618-839522115-1004.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]

2014-01-26 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1715567821-884357618-839522115-1004.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]

2014-01-26 c:\windows\Tasks\RealUpgradeLogonTaskS-1-5-21-1715567821-884357618-839522115-1004.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]

2014-01-27 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-1715567821-884357618-839522115-1004.job

- c:\program files\Real\RealUpgrade\realupgrade.exe [2013-03-06 16:36]

------- Supplementary Scan -------

uStart Page = hxxp://www.yahoo.com/

uInternet Settings,ProxyOverride = *.local

IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\documents and settings\Beaub\Application Data\Mozilla\Firefox\Profiles\0ixibutj.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.bing.com/?pc=Z005&form=ZGAPHP

FF - prefs.js: browser.search.selectedEngine - Google

FF - ExtSQL: !HIDDEN! 2010-01-10 14:30; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

- - - - ORPHANS REMOVED - - - -

AddRemove-Military AI Works - RAF Lakenheath 48th FW - c:\program files\Microsoft Games\Flight Simulator 9\Uninstal.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2014-01-30 22:06

Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully

hidden files: 0

**************************************************************************

--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_38_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3360)

c:\windows\system32\WININET.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

c:\windows\system32\WPDShServiceObj.dll

c:\windows\system32\PortableDeviceTypes.dll

c:\windows\system32\PortableDeviceApi.dll

Completion time: 2014-01-30 22:08:48

ComboFix-quarantined-files.txt 2014-01-31 04:08

Pre-Run: 31,407,435,776 bytes free

Post-Run: 31,524,728,832 bytes free

- - End Of File - - DA22199B22339D907EE7B030B48852E4

8F558EB6672622401DA993E1E865C861

Body Background

skin color theme

Registry repair/still having issues [Solved]

#1 btbenoit

Advertisements

Register to Remove

#2 Tomk

#3 btbenoit

#4 Tomk

#5 btbenoit

#6 Tomk

#7 btbenoit

#8 Tomk

#9 btbenoit

#10 Tomk

Advertisements

Register to Remove

#11 btbenoit

#12 Tomk

#13 btbenoit

#14 Tomk

#15 btbenoit

Related Topics

1 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

Registry repair/still having issues [Solved]

#1 btbenoit

Advertisements Register to Remove

#2 Tomk

#3 btbenoit

#4 Tomk

#5 btbenoit

#6 Tomk

#7 btbenoit

#8 Tomk

#9 btbenoit

#10 Tomk

Advertisements Register to Remove

#11 btbenoit

#12 Tomk

#13 btbenoit

#14 Tomk

#15 btbenoit

Related Topics

1 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove

Advertisements

Register to Remove