Jump to content

Build Theme!
  •  
  • Infected?

big grin WE'RE SURE THAT YOU'LL LOVE US!

We invite you to ask questions, share experiences, and learn. It's 100% free. Did we mention that it's free. It is. It's free. Join 91603 other members! Anybody can ask, anybody can answer. Consistently helpful members with best answers are invited to staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Can't connect to internet in normal boot [Solved]


  • This topic is locked This topic is locked
55 replies to this topic

#1 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 20 December 2013 - 09:20 PM

Hello,

 

My nephew gave me his Windows 7 Dell Inspiron 1525 laptop to look at as he has been having a lot of problems with it.

 

When I boot into either normal mode or into safe mode with networking, during the boot cycle I hear approx. 20-25 fast beeps.

 

The computer will eventually boot but everything after that works slowly, and it will not connect to the internet in normal mode.  It will connect to the internet (very slowly) in safe mode.

 

I realize that the beeps could be a hardware error code but I wanted to double check that he did not pick up some sort of virus/problem.

 

Since I can only get to the net in safe mode I am unsure what program you would like me to run first.

 

Thank you very much for taking the time to help.

 

Maldini


Edited by maldini, 21 December 2013 - 02:14 PM.

    Advertisements

Register to Remove


#2 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 22 December 2013 - 01:58 PM

Hi and Welcome!!   

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
  • Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.


Having said that....   YBCQLm4.gif   Let's get going!!  
----------
 
Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

  • Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
  • Double click dds to run the tool.
  • When done, two DDS.txt's will open.
  • Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------
 
weVCzW0.jpg Please download TDSSKiller

  • Double click TDSSKiller.exe
  • Press Start Scan but do nothing else as we are just looking for what is there.
  • If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
  • Attach the log in your next reply
    • A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------
 
81mYIKe.jpg  AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------


Posted Image
 
 

#3 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 22 December 2013 - 03:57 PM

Hello Jeff,

 

Thank you very much for engaging with me!

 

I have completed all requested.

 

I will be posting the log files in the next 3 posts (first DDS, second TDSkiller and third adwCleaner



#4 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 22 December 2013 - 04:00 PM

DDS Logs

 

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 11.0.9600.16428  BrowserJavaVersion: 10.45.2
Run by Busa at 16:37:17 on 2013-12-22
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.1014.564 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Outdated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: McAfee VirusScan Enterprise *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Microsoft Security Essentials *Enabled/Outdated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111003083355.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{72D083C3-A821-439F-A31E-A594F5DB5A7B} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96}\2457E63686 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96}\2457E6368623 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96}\4303648503 : DHCPNameServer = 192.168.1.1 71.243.0.12
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96}\D4354727565647 : DHCPNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 validation.sls.microsoft.com
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-10-3 436728]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-10-3 162928]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-3 145936]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
S1 MpKsl05c06806;MpKsl05c06806;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl05c06806.sys [2013-12-14 40392]
S1 MpKsl0a723b1b;MpKsl0a723b1b;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl0a723b1b.sys [2013-12-13 40392]
S1 MpKsl173b0bfe;MpKsl173b0bfe;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl173b0bfe.sys [2013-12-13 40392]
S1 MpKsl3ec561c4;MpKsl3ec561c4;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl3ec561c4.sys [2013-12-13 40392]
S1 MpKsl42d20d8c;MpKsl42d20d8c;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl42d20d8c.sys [2013-12-15 40392]
S1 MpKsl433457a4;MpKsl433457a4;c:\windows\system32\mpenginestore\MpKsl433457a4.sys [2013-10-28 40392]
S1 MpKsl531712b5;MpKsl531712b5;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl531712b5.sys [2013-12-20 40392]
S1 MpKsl56479291;MpKsl56479291;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl56479291.sys [2013-12-13 40392]
S1 MpKsl567cd4ca;MpKsl567cd4ca;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl567cd4ca.sys [2013-12-20 40392]
S1 MpKsl5c09c013;MpKsl5c09c013;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl5c09c013.sys [2013-12-13 40392]
S1 MpKsl62582d91;MpKsl62582d91;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl62582d91.sys [2013-12-13 40392]
S1 MpKsl6b852b6f;MpKsl6b852b6f;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl6b852b6f.sys [2013-12-13 40392]
S1 MpKsl6d1a139a;MpKsl6d1a139a;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl6d1a139a.sys [2013-12-13 40392]
S1 MpKsl72991219;MpKsl72991219;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl72991219.sys [2013-12-13 40392]
S1 MpKsl783f7958;MpKsl783f7958;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl783f7958.sys [2013-12-15 40392]
S1 MpKsl8c99a18f;MpKsl8c99a18f;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl8c99a18f.sys [2013-12-13 40392]
S1 MpKsl9d9e2965;MpKsl9d9e2965;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl9d9e2965.sys [2013-12-13 40392]
S1 MpKsl9e5d3c7a;MpKsl9e5d3c7a;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl9e5d3c7a.sys [2013-12-13 40392]
S1 MpKsla090ee3b;MpKsla090ee3b;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsla090ee3b.sys [2013-12-13 40392]
S1 MpKslb1514709;MpKslb1514709;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslb1514709.sys [2013-12-17 40392]
S1 MpKslb1b46087;MpKslb1b46087;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslb1b46087.sys [2013-12-13 40392]
S1 MpKslbaeaec6f;MpKslbaeaec6f;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslbaeaec6f.sys [2013-12-13 40392]
S1 MpKslbc126b3d;MpKslbc126b3d;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslbc126b3d.sys [2013-12-13 40392]
S1 MpKslc2ea08a6;MpKslc2ea08a6;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc2ea08a6.sys [2013-12-20 40392]
S1 MpKslc5965bac;MpKslc5965bac;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc5965bac.sys [2013-12-13 40392]
S1 MpKslc7c28cb0;MpKslc7c28cb0;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc7c28cb0.sys [2013-12-20 40392]
S1 MpKsld6bd47db;MpKsld6bd47db;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsld6bd47db.sys [2013-12-18 40392]
S1 MpKsld81027f9;MpKsld81027f9;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsld81027f9.sys [2013-12-13 40392]
S1 MpKsld849d12f;MpKsld849d12f;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsld849d12f.sys [2013-12-18 40392]
S1 MpKslda6f8fb7;MpKslda6f8fb7;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslda6f8fb7.sys [2013-12-20 40392]
S1 MpKslddc61595;MpKslddc61595;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslddc61595.sys [2013-12-13 40392]
S1 MpKsleff99713;MpKsleff99713;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsleff99713.sys [2013-12-13 40392]
S1 MpKslf28e4fd4;MpKslf28e4fd4;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslf28e4fd4.sys [2013-12-16 40392]
S1 MpKslface65c7;MpKslface65c7;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslface65c7.sys [2013-12-20 40392]
S1 MpKslfba52fc5;MpKslfba52fc5;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslfba52fc5.sys [2013-12-15 40392]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-6-23 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-6-23 72944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]
S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-10-3 159320]
S2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2011-1-12 209760]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2012-12-10 32408]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-12-12 108032]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2012-12-10 15896]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-10-3 171296]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-10-3 58456]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-3 85152]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 104768]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-6-23 7408]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-8-25 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-8-24 1343400]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\drivers\zghsmdm.sys [2012-12-10 113432]
.
=============== Created Last 30 ================
.
2013-12-21 03:02:28    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc7c28cb0.sys
2013-12-21 01:07:02    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc2ea08a6.sys
2013-12-20 22:23:02    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslface65c7.sys
2013-12-20 22:12:06    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslda6f8fb7.sys
2013-12-20 21:52:11    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl531712b5.sys
2013-12-18 23:53:48    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsld849d12f.sys
2013-12-17 12:41:40    --------    d-----w-    C:\2877ecef3e25d9c8e3
2013-12-17 11:44:09    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslb1514709.sys
2013-12-17 01:12:13    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslf28e4fd4.sys
2013-12-16 02:26:58    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl783f7958.sys
2013-12-15 23:22:40    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl42d20d8c.sys
2013-12-15 22:44:31    62576    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\offreg.dll
2013-12-15 22:38:37    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2013-12-15 22:36:46    --------    d-----w-    c:\program files\SUPERAntiSpyware
2013-12-15 22:36:45    --------    d-----w-    c:\users\busa\appdata\roaming\SUPERAntiSpyware.com
2013-12-15 22:35:27    --------    d-----w-    c:\program files\common files\Wise Installation Wizard
2013-12-15 22:33:16    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslfba52fc5.sys
2013-12-14 20:02:00    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl05c06806.sys
2013-12-14 01:28:36    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl9d9e2965.sys
2013-12-13 22:41:06    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl72991219.sys
2013-12-13 21:40:20    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc5965bac.sys
2013-12-13 14:54:16    40392    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl6b852b6f.sys
2013-12-13 09:23:43    7772552    ----a-w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\mpengine.dll
2013-12-12 23:33:01    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-12-12 23:33:00    251392    ----a-w-    c:\program files\internet explorer\IEShims.dll
2013-12-12 23:33:00    235216    ----a-w-    c:\program files\internet explorer\sqmapi.dll
2013-12-12 23:25:59    12625408    ----a-w-    c:\windows\system32\wmploc.DLL
2013-12-12 23:25:46    164864    ----a-w-    c:\program files\windows media player\wmplayer.exe
2013-12-12 05:27:03    7772552    ------w-    c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-12-11 23:03:08    301568    ----a-w-    c:\windows\system32\msieftp.dll
2013-12-11 23:03:02    417792    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-12-11 23:03:01    159232    ----a-w-    c:\windows\system32\imagehlp.dll
2013-12-11 23:02:59    163840    ----a-w-    c:\windows\system32\scrrun.dll
2013-12-11 23:02:59    141824    ----a-w-    c:\windows\system32\wscript.exe
2013-12-11 23:02:59    121856    ----a-w-    c:\windows\system32\wshom.ocx
2013-12-11 23:02:58    126976    ----a-w-    c:\windows\system32\cscript.exe
2013-12-11 23:02:48    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-12-11 23:02:09    2349056    ----a-w-    c:\windows\system32\win32k.sys
2013-12-11 23:01:59    177152    ----a-w-    c:\windows\system32\drivers\portcls.sys
2013-12-11 23:01:54    81408    ----a-w-    c:\windows\system32\drivers\drmk.sys
2013-12-07 19:57:55    719224    ------w-    c:\programdata\microsoft\microsoft antimalware\definition updates\{a90f2866-45e4-484d-a96d-b0606be5a1ee}\gapaengine.dll
.
==================== Find3M  ====================
.
2013-12-10 23:35:24    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 23:35:24    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-11-26 09:22:11    4096    ----a-w-    c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53:56    61952    ----a-w-    c:\windows\system32\iesetup.dll
2013-11-26 08:52:26    51200    ----a-w-    c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29:55    112128    ----a-w-    c:\windows\system32\ieUnatt.exe
2013-11-26 08:29:52    108032    ----a-w-    c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28:16    553472    ----a-w-    c:\windows\system32\jscript9diag.dll
2013-11-26 08:16:12    4243968    ----a-w-    c:\windows\system32\jscript9.dll
2013-11-26 07:32:06    1928192    ----a-w-    c:\windows\system32\inetcpl.cpl
2013-11-26 06:33:33    1820160    ----a-w-    c:\windows\system32\wininet.dll
2013-11-19 10:21:30    230048    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-17 23:05:17    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-10-12 02:03:08    656896    ----a-w-    c:\windows\system32\nshwfp.dll
2013-10-12 02:01:41    679424    ----a-w-    c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01:25    216576    ----a-w-    c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57:25    1168384    ----a-w-    c:\windows\system32\crypt32.dll
2013-10-04 01:58:50    152576    ----a-w-    c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56:25    168960    ----a-w-    c:\windows\system32\credui.dll
2013-10-04 01:56:00    1796096    ----a-w-    c:\windows\system32\authui.dll
2013-10-03 01:58:07    305152    ----a-w-    c:\windows\system32\gdi32.dll
2013-09-27 14:53:06    214696    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-09-27 14:53:06    104768    ----a-w-    c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:01:08    136640    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01:06    67520    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57:46    99840    ----a-w-    c:\windows\system32\sspicli.dll
2013-09-25 01:57:26    22016    ----a-w-    c:\windows\system32\secur32.dll
2013-09-25 01:57:24    247808    ----a-w-    c:\windows\system32\schannel.dll
2013-09-25 01:56:42    220160    ----a-w-    c:\windows\system32\ncrypt.dll
2013-09-25 01:56:02    1038848    ----a-w-    c:\windows\system32\lsasrv.dll
2013-09-25 00:49:20    22016    ----a-w-    c:\windows\system32\lsass.exe
2013-09-25 00:49:18    15872    ----a-w-    c:\windows\system32\sspisrv.dll
.
============= FINISH: 16:39:35.42 ===============
 

==================================================================================

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 8/24/2011 6:52:48 PM
System Uptime: 12/21/2013 1:37:30 AM (39 hours ago)
.
Motherboard: Dell Inc. |  | 0U990C
Processor: Intel® Celeron® CPU          550  @ 2.00GHz | Microprocessor | 1995/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 62 GiB total, 15.682 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 9.689 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_022F1028&REV_12\4&277C618&0&4AF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_022F1028&REV_12\4&277C618&0&4AF0
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_022F1028&REV_12\4&277C618&0&4BF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_022F1028&REV_12\4&277C618&0&4BF0
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.8)
Adobe Shockwave Player 11.6
AppInventor Setup
Apple Application Support
Apple Software Update
FileZilla Client 3.5.1
Intel® Graphics Media Accelerator Driver
Intel® TV Wizard
Java 7 Update 45
Java Auto Updater
Java SE Development Kit 7 Update 9
Java™ 6 Update 27
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Agent
McAfee Security Scan Plus
McAfee VirusScan Enterprise
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office PowerPoint 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
QuickTime
Scratch
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Visio 2007 suites (KB2596595) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Sketchpad
SUPERAntiSpyware Free Edition
swMSM
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
ZTE Handset USB Driver 5.2066.1.8B02
.
==== Event Viewer Messages From Past Week ========
.
12/22/2013 4:35:38 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
12/22/2013 4:28:30 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/22/2013 4:28:23 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/22/2013 2:28:54 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80070002      Error description: The system cannot find the file specified.
12/22/2013 2:28:48 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/22/2013 2:28:48 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/22/2013 2:28:28 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/22/2013 1:48:32 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80070002      Error description: The system cannot find the file specified.
12/22/2013 1:48:27 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/22/2013 1:48:27 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/22/2013 1:48:06 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/22/2013 1:48:06 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/22/2013 1:48:06 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/21/2013 2:08:31 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80070002      Error description: The system cannot find the file specified.
12/21/2013 2:08:25 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/21/2013 2:08:25 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/21/2013 2:08:05 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/21/2013 1:48:36 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80070002      Error description: The system cannot find the file specified.
12/21/2013 1:48:31 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/21/2013 1:48:31 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/21/2013 1:48:09 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/21/2013 1:40:09 AM, Error: Service Control Manager [7001]  - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
12/21/2013 1:38:51 AM, Error: atapi [11]  - The driver detected a controller error on \Device\Ide\IdePort1.
12/21/2013 1:38:43 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80070002      Error description: The system cannot find the file specified.
12/21/2013 1:38:26 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/21/2013 1:38:11 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/21/2013 1:38:11 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/21/2013 1:38:10 AM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/21/2013 1:38:09 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  discache MpFilter SASDIFSV SASKUTIL spldr Wanarpv6
12/20/2013 5:21:49 PM, Error: volmgr [46]  - Crash dump initialization failed!
12/20/2013 5:13:20 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 109.61.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 2.1.10003.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 5:13:20 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 5:13:19 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 5:13:18 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8024402c      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/20/2013 5:06:43 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
12/20/2013 5:05:59 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 5:05:59 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 5:05:59 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 5:05:57 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/20/2013 5:05:51 PM, Error: Service Control Manager [7001]  - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12/20/2013 4:43:26 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 4:43:25 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 4:43:25 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 4:43:23 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/20/2013 4:38:35 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
12/20/2013 4:38:35 PM, Error: Service Control Manager [7000]  - The Application Experience service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/20/2013 10:11:01 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 109.61.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 2.1.10003.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 10:10:19 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 10:10:19 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/20/2013 10:09:35 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8024402c      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/20/2013 10:08:55 PM, Error: Service Control Manager [7034]  - The McAfee McShield service terminated unexpectedly.  It has done this 6 time(s).
12/20/2013 10:08:15 PM, Error: Service Control Manager [7031]  - The McAfee McShield service terminated unexpectedly.  It has done this 5 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/20/2013 10:07:35 PM, Error: Service Control Manager [7031]  - The McAfee McShield service terminated unexpectedly.  It has done this 4 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/20/2013 10:06:53 PM, Error: Service Control Manager [7031]  - The McAfee McShield service terminated unexpectedly.  It has done this 3 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/20/2013 10:05:32 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.      Feature: Network Inspection System      Error Code: 0x800705b4      Error description: This operation returned because the timeout period expired.       Reason: The Network Inspection System did not successfully start due to an error.
12/20/2013 10:05:09 PM, Error: Service Control Manager [7031]  - The McAfee McShield service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/20/2013 10:05:09 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
12/20/2013 10:03:56 PM, Error: Service Control Manager [7031]  - The McAfee McShield service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/18/2013 8:35:27 PM, Error: Service Control Manager [7043]  - The Windows Update service did not shut down properly after receiving a preshutdown control.
12/18/2013 8:33:02 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 109.61.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 2.1.10003.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/18/2013 8:32:56 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/18/2013 8:32:56 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/18/2013 8:32:55 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8024402c      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/18/2013 8:30:53 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the McAfee Framework Service service to connect.
12/18/2013 8:30:53 PM, Error: Service Control Manager [7000]  - The McAfee Framework Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/18/2013 8:28:21 PM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
12/18/2013 8:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/18/2013 8:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/18/2013 8:28:14 PM, Error: Service Control Manager [7001]  - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error:  The dependency service or group failed to start.
12/18/2013 8:28:14 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/18/2013 8:28:14 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/18/2013 8:28:14 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/18/2013 8:28:14 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 0.0.0.0      Update Source: Microsoft Malware Protection Center      Update Stage: Search      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: Network Inspection System      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 0.0.0.0      Error code: 0x80072ee7      Error description: The server name or address could not be resolved
12/18/2013 8:27:53 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD CSC DfsC discache mfehidk MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error:  A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
12/18/2013 7:23:18 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/18/2013 7:23:18 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Malware Protection Center      Update Stage: Install      Source Path: http://go.microsoft....5D-99752CCA7094      Signature Type: AntiSpyware      Update Type: Full      User: NT AUTHORITY\NETWORK SERVICE      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8000ffff      Error description: Catastrophic failure
12/18/2013 6:54:22 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
12/18/2013 6:54:22 PM, Error: Service Control Manager [7000]  - The Application Information service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/18/2013 1:48:35 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001]  - The computer has rebooted from a bugcheck.  The bugcheck was: 0x0000007a (0xc0419268, 0xc0000185, 0x029e7860, 0x8324dfbb). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121813-23634-01.
12/17/2013 1:19:59 AM, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
12/16/2013 9:11:41 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/16/2013 9:02:38 PM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:  The dependency service or group failed to start.
12/16/2013 8:42:07 AM, Error: volsnap [14]  - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
12/16/2013 8:15:31 PM, Error: Microsoft Antimalware [3002]  - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.      Feature: Network Inspection System      Error Code: 0x800705b4      Error description: This operation returned because the timeout period expired.       Reason: The Network Inspection System did not successfully start due to an error.
12/16/2013 4:28:15 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
12/16/2013 4:28:15 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
12/15/2013 7:01:39 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: Default URL      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8007043c      Error description: This service cannot be started in Safe Mode
12/15/2013 6:27:14 PM, Error: Microsoft-Windows-WMPNSS-Service [14332]  - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
12/15/2013 6:25:37 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/15/2013 6:02:15 PM, Error: Microsoft Antimalware [2001]  - Microsoft Antimalware has encountered an error trying to update signatures.      New Signature Version:       Previous Signature Version: 1.163.1798.0      Update Source: Microsoft Update Server      Update Stage: Search      Source Path: http://www.microsoft.com      Signature Type: AntiVirus      Update Type: Full      User: NT AUTHORITY\SYSTEM      Current Engine Version:       Previous Engine Version: 1.1.10100.0      Error code: 0x8024001e      Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/15/2013 5:34:27 PM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
12/15/2013 5:34:27 PM, Error: Service Control Manager [7000]  - The Google Update Service (gupdate) service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
12/15/2013 5:33:47 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
12/15/2013 5:25:48 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DPS service.
12/15/2013 5:15:44 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
12/15/2013 5:15:14 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
12/15/2013 5:14:43 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.
12/15/2013 10:36:59 PM, Error: Microsoft-Windows-HAL [12]  - The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.
.
==== End Of File ===========================
 



#5 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 22 December 2013 - 04:01 PM

TDSKiller Log

 

16:42:25.0700 0x04fc  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
16:42:30.0646 0x04fc  ============================================================
16:42:30.0646 0x04fc  Current date / time: 2013/12/22 16:42:30.0646
16:42:30.0646 0x04fc  SystemInfo:
16:42:30.0646 0x04fc  
16:42:30.0646 0x04fc  OS Version: 6.1.7601 ServicePack: 1.0
16:42:30.0646 0x04fc  Product type: Workstation
16:42:30.0646 0x04fc  ComputerName: DELL-PC
16:42:30.0646 0x04fc  UserName: Busa
16:42:30.0646 0x04fc  Windows directory: C:\Windows
16:42:30.0646 0x04fc  System windows directory: C:\Windows
16:42:30.0646 0x04fc  Processor architecture: Intel x86
16:42:30.0646 0x04fc  Number of processors: 1
16:42:30.0646 0x04fc  Page size: 0x1000
16:42:30.0646 0x04fc  Boot type: Safe boot with network
16:42:30.0646 0x04fc  ============================================================
16:42:32.0939 0x04fc  KLMD registered as C:\Windows\system32\drivers\60947139.sys
16:42:33.0048 0x04fc  System UUID: {458874E6-C36C-BE7A-AB05-AEDA39718D87}
16:42:33.0641 0x04fc  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:42:33.0641 0x04fc  ============================================================
16:42:33.0641 0x04fc  \Device\Harddisk0\DR0:
16:42:33.0641 0x04fc  MBR partitions:
16:42:33.0641 0x04fc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
16:42:33.0641 0x04fc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0x7C730A8
16:42:33.0672 0x04fc  ============================================================
16:42:33.0735 0x04fc  C: <-> \Device\Harddisk0\DR0\Partition2
16:42:33.0750 0x04fc  D: <-> \Device\Harddisk0\DR0\Partition1
16:42:33.0750 0x04fc  ============================================================
16:42:33.0750 0x04fc  Initialize success
16:42:33.0750 0x04fc  ============================================================
16:42:40.0193 0x07f4  ============================================================
16:42:40.0193 0x07f4  Scan started
16:42:40.0193 0x07f4  Mode: Manual;
16:42:40.0193 0x07f4  ============================================================
16:42:40.0193 0x07f4  KSN ping started
16:42:43.0110 0x07f4  KSN ping finished: true
16:42:43.0921 0x07f4  ================ Scan system memory ========================
16:42:43.0921 0x07f4  System memory - ok
16:42:43.0921 0x07f4  ================ Scan services =============================
16:42:44.0202 0x07f4  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:42:44.0202 0x07f4  1394ohci - ok
16:42:44.0311 0x07f4  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:42:44.0327 0x07f4  ACPI - ok
16:42:44.0389 0x07f4  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:42:44.0389 0x07f4  AcpiPmi - ok
16:42:44.0561 0x07f4  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:42:44.0561 0x07f4  AdobeARMservice - ok
16:42:44.0717 0x07f4  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:42:44.0733 0x07f4  AdobeFlashPlayerUpdateSvc - ok
16:42:44.0826 0x07f4  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:42:44.0842 0x07f4  adp94xx - ok
16:42:44.0873 0x07f4  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:42:44.0889 0x07f4  adpahci - ok
16:42:44.0920 0x07f4  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:42:44.0920 0x07f4  adpu320 - ok
16:42:44.0998 0x07f4  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:42:44.0998 0x07f4  AeLookupSvc - ok
16:42:45.0076 0x07f4  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
16:42:45.0091 0x07f4  AFD - ok
16:42:45.0154 0x07f4  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
16:42:45.0154 0x07f4  agp440 - ok
16:42:45.0247 0x07f4  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
16:42:45.0247 0x07f4  aic78xx - ok
16:42:45.0310 0x07f4  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
16:42:45.0325 0x07f4  ALG - ok
16:42:45.0403 0x07f4  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:42:45.0403 0x07f4  aliide - ok
16:42:45.0450 0x07f4  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:42:45.0466 0x07f4  amdagp - ok
16:42:45.0513 0x07f4  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:42:45.0513 0x07f4  amdide - ok
16:42:45.0591 0x07f4  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:42:45.0591 0x07f4  AmdK8 - ok
16:42:45.0653 0x07f4  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:42:45.0653 0x07f4  AmdPPM - ok
16:42:45.0731 0x07f4  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:42:45.0731 0x07f4  amdsata - ok
16:42:45.0778 0x07f4  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:42:45.0793 0x07f4  amdsbs - ok
16:42:45.0809 0x07f4  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:42:45.0809 0x07f4  amdxata - ok
16:42:45.0887 0x07f4  [ 0E46FDA73FD47FA4C61223E45187F7D5, 52241FBBAB07150C865B461D3F065250C3653A4D1BD80E4A21A65FFCB8CDA6B6 ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
16:42:45.0887 0x07f4  androidusb - ok
16:42:45.0965 0x07f4  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
16:42:45.0965 0x07f4  AppID - ok
16:42:46.0027 0x07f4  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:42:46.0027 0x07f4  AppIDSvc - ok
16:42:46.0121 0x07f4  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
16:42:46.0121 0x07f4  Appinfo - ok
16:42:46.0199 0x07f4  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:42:46.0199 0x07f4  AppMgmt - ok
16:42:46.0261 0x07f4  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:42:46.0261 0x07f4  arc - ok
16:42:46.0293 0x07f4  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:42:46.0308 0x07f4  arcsas - ok
16:42:46.0339 0x07f4  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:46.0339 0x07f4  AsyncMac - ok
16:42:46.0402 0x07f4  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:42:46.0402 0x07f4  atapi - ok
16:42:46.0495 0x07f4  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:42:46.0511 0x07f4  AudioEndpointBuilder - ok
16:42:46.0542 0x07f4  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:42:46.0558 0x07f4  Audiosrv - ok
16:42:46.0636 0x07f4  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:42:46.0636 0x07f4  AxInstSV - ok
16:42:46.0729 0x07f4  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
16:42:46.0745 0x07f4  b06bdrv - ok
16:42:46.0839 0x07f4  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
16:42:46.0854 0x07f4  b57nd60x - ok
16:42:47.0057 0x07f4  [ F9CE9B5E049EFC66B8E6C73C18EE8438, 8B43B84F59810DAFA961EEA13E354FF9A0796A185E2C8D6642D8660AAC1B96F4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
16:42:47.0182 0x07f4  BCM43XX - ok
16:42:47.0244 0x07f4  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
16:42:47.0260 0x07f4  BDESVC - ok
16:42:47.0291 0x07f4  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:42:47.0291 0x07f4  Beep - ok
16:42:47.0385 0x07f4  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
16:42:47.0431 0x07f4  BFE - ok
16:42:47.0509 0x07f4  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
16:42:47.0541 0x07f4  BITS - ok
16:42:47.0587 0x07f4  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:42:47.0587 0x07f4  blbdrive - ok
16:42:47.0650 0x07f4  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:42:47.0650 0x07f4  bowser - ok
16:42:47.0665 0x07f4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:42:47.0665 0x07f4  BrFiltLo - ok
16:42:47.0681 0x07f4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:42:47.0681 0x07f4  BrFiltUp - ok
16:42:47.0743 0x07f4  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
16:42:47.0743 0x07f4  Browser - ok
16:42:47.0790 0x07f4  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:42:47.0806 0x07f4  Brserid - ok
16:42:47.0821 0x07f4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:47.0821 0x07f4  BrSerWdm - ok
16:42:47.0853 0x07f4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:47.0853 0x07f4  BrUsbMdm - ok
16:42:47.0868 0x07f4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:47.0868 0x07f4  BrUsbSer - ok
16:42:47.0884 0x07f4  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:42:47.0884 0x07f4  BTHMODEM - ok
16:42:47.0993 0x07f4  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
16:42:47.0993 0x07f4  bthserv - ok
16:42:48.0040 0x07f4  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:42:48.0055 0x07f4  cdfs - ok
16:42:48.0149 0x07f4  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:42:48.0149 0x07f4  cdrom - ok
16:42:48.0227 0x07f4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:42:48.0227 0x07f4  CertPropSvc - ok
16:42:48.0289 0x07f4  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:42:48.0289 0x07f4  circlass - ok
16:42:48.0367 0x07f4  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
16:42:48.0367 0x07f4  CLFS - ok
16:42:48.0539 0x07f4  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:48.0539 0x07f4  clr_optimization_v2.0.50727_32 - ok
16:42:48.0695 0x07f4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:42:48.0711 0x07f4  clr_optimization_v4.0.30319_32 - ok
16:42:48.0726 0x07f4  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:42:48.0726 0x07f4  CmBatt - ok
16:42:48.0789 0x07f4  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:42:48.0789 0x07f4  cmdide - ok
16:42:48.0867 0x07f4  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:42:48.0882 0x07f4  CNG - ok
16:42:48.0960 0x07f4  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:42:48.0960 0x07f4  Compbatt - ok
16:42:49.0054 0x07f4  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:42:49.0054 0x07f4  CompositeBus - ok
16:42:49.0069 0x07f4  COMSysApp - ok
16:42:49.0101 0x07f4  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:42:49.0101 0x07f4  crcdisk - ok
16:42:49.0179 0x07f4  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:42:49.0179 0x07f4  CryptSvc - ok
16:42:49.0257 0x07f4  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
16:42:49.0303 0x07f4  CSC - ok
16:42:49.0381 0x07f4  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
16:42:49.0413 0x07f4  CscService - ok
16:42:49.0444 0x07f4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:42:49.0475 0x07f4  DcomLaunch - ok
16:42:49.0537 0x07f4  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
16:42:49.0537 0x07f4  defragsvc - ok
16:42:49.0615 0x07f4  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:42:49.0615 0x07f4  DfsC - ok
16:42:49.0693 0x07f4  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:42:49.0693 0x07f4  Dhcp - ok
16:42:49.0756 0x07f4  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
16:42:49.0756 0x07f4  discache - ok
16:42:49.0803 0x07f4  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:42:49.0803 0x07f4  Disk - ok
16:42:49.0865 0x07f4  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:42:49.0865 0x07f4  Dnscache - ok
16:42:49.0943 0x07f4  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:42:49.0943 0x07f4  dot3svc - ok
16:42:50.0021 0x07f4  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
16:42:50.0021 0x07f4  DPS - ok
16:42:50.0099 0x07f4  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:42:50.0099 0x07f4  drmkaud - ok
16:42:50.0193 0x07f4  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:42:50.0224 0x07f4  DXGKrnl - ok
16:42:50.0302 0x07f4  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
16:42:50.0302 0x07f4  EapHost - ok
16:42:50.0520 0x07f4  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
16:42:50.0661 0x07f4  ebdrv - ok
16:42:50.0739 0x07f4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
16:42:50.0739 0x07f4  EFS - ok
16:42:50.0848 0x07f4  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:42:50.0879 0x07f4  ehRecvr - ok
16:42:50.0926 0x07f4  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
16:42:50.0941 0x07f4  ehSched - ok
16:42:51.0035 0x07f4  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:42:51.0051 0x07f4  elxstor - ok
16:42:51.0113 0x07f4  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:42:51.0113 0x07f4  ErrDev - ok
16:42:51.0207 0x07f4  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
16:42:51.0222 0x07f4  EventSystem - ok
16:42:51.0238 0x07f4  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:42:51.0253 0x07f4  exfat - ok
16:42:51.0316 0x07f4  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:42:51.0316 0x07f4  fastfat - ok
16:42:51.0409 0x07f4  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
16:42:51.0425 0x07f4  Fax - ok
16:42:51.0456 0x07f4  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:42:51.0456 0x07f4  fdc - ok
16:42:51.0472 0x07f4  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
16:42:51.0487 0x07f4  fdPHost - ok
16:42:51.0503 0x07f4  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:42:51.0503 0x07f4  FDResPub - ok
16:42:51.0550 0x07f4  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:42:51.0550 0x07f4  FileInfo - ok
16:42:51.0581 0x07f4  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:42:51.0581 0x07f4  Filetrace - ok
16:42:51.0597 0x07f4  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:42:51.0597 0x07f4  flpydisk - ok
16:42:51.0659 0x07f4  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:42:51.0659 0x07f4  FltMgr - ok
16:42:51.0768 0x07f4  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
16:42:51.0815 0x07f4  FontCache - ok
16:42:51.0955 0x07f4  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:42:51.0955 0x07f4  FontCache3.0.0.0 - ok
16:42:51.0987 0x07f4  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:42:51.0987 0x07f4  FsDepends - ok
16:42:52.0049 0x07f4  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:42:52.0049 0x07f4  Fs_Rec - ok
16:42:52.0111 0x07f4  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:42:52.0111 0x07f4  fvevol - ok
16:42:52.0189 0x07f4  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:42:52.0205 0x07f4  gagp30kx - ok
16:42:52.0283 0x07f4  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:42:52.0330 0x07f4  gpsvc - ok
16:42:52.0377 0x07f4  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:42:52.0377 0x07f4  hcw85cir - ok
16:42:52.0470 0x07f4  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:42:52.0486 0x07f4  HdAudAddService - ok
16:42:52.0533 0x07f4  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:42:52.0548 0x07f4  HDAudBus - ok
16:42:52.0564 0x07f4  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:42:52.0564 0x07f4  HidBatt - ok
16:42:52.0595 0x07f4  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:42:52.0595 0x07f4  HidBth - ok
16:42:52.0642 0x07f4  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:42:52.0642 0x07f4  HidIr - ok
16:42:52.0704 0x07f4  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
16:42:52.0704 0x07f4  hidserv - ok
16:42:52.0767 0x07f4  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:42:52.0767 0x07f4  HidUsb - ok
16:42:52.0829 0x07f4  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:42:52.0829 0x07f4  hkmsvc - ok
16:42:52.0891 0x07f4  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:52.0907 0x07f4  HomeGroupListener - ok
16:42:52.0985 0x07f4  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:52.0985 0x07f4  HomeGroupProvider - ok
16:42:53.0032 0x07f4  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:42:53.0032 0x07f4  HpSAMD - ok
16:42:53.0110 0x07f4  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:42:53.0141 0x07f4  HTTP - ok
16:42:53.0188 0x07f4  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:42:53.0188 0x07f4  hwpolicy - ok
16:42:53.0250 0x07f4  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:42:53.0250 0x07f4  i8042prt - ok
16:42:53.0297 0x07f4  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:42:53.0328 0x07f4  iaStorV - ok
16:42:53.0453 0x07f4  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:42:53.0500 0x07f4  idsvc - ok
16:42:53.0547 0x07f4  IEEtwCollectorService - ok
16:42:53.0874 0x07f4  [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
16:42:54.0108 0x07f4  igfx - ok
16:42:54.0202 0x07f4  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:42:54.0202 0x07f4  iirsp - ok
16:42:54.0295 0x07f4  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:42:54.0327 0x07f4  IKEEXT - ok
16:42:54.0389 0x07f4  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:42:54.0389 0x07f4  intelide - ok
16:42:54.0436 0x07f4  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:42:54.0436 0x07f4  intelppm - ok
16:42:54.0529 0x07f4  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:42:54.0529 0x07f4  IPBusEnum - ok
16:42:54.0545 0x07f4  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:54.0545 0x07f4  IpFilterDriver - ok
16:42:54.0623 0x07f4  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:42:54.0654 0x07f4  iphlpsvc - ok
16:42:54.0717 0x07f4  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:42:54.0717 0x07f4  IPMIDRV - ok
16:42:54.0748 0x07f4  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:42:54.0748 0x07f4  IPNAT - ok
16:42:54.0779 0x07f4  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:42:54.0779 0x07f4  IRENUM - ok
16:42:54.0810 0x07f4  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:42:54.0810 0x07f4  isapnp - ok
16:42:54.0873 0x07f4  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:42:54.0888 0x07f4  iScsiPrt - ok
16:42:54.0919 0x07f4  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:42:54.0919 0x07f4  kbdclass - ok
16:42:54.0997 0x07f4  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:42:54.0997 0x07f4  kbdhid - ok
16:42:55.0029 0x07f4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
16:42:55.0029 0x07f4  KeyIso - ok
16:42:55.0107 0x07f4  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:42:55.0107 0x07f4  KSecDD - ok
16:42:55.0138 0x07f4  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:42:55.0138 0x07f4  KSecPkg - ok
16:42:55.0216 0x07f4  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:42:55.0216 0x07f4  KtmRm - ok
16:42:55.0309 0x07f4  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:42:55.0309 0x07f4  LanmanServer - ok
16:42:55.0341 0x07f4  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:55.0341 0x07f4  LanmanWorkstation - ok
16:42:55.0419 0x07f4  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:42:55.0419 0x07f4  lltdio - ok
16:42:55.0481 0x07f4  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:42:55.0497 0x07f4  lltdsvc - ok
16:42:55.0528 0x07f4  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:42:55.0528 0x07f4  lmhosts - ok
16:42:55.0575 0x07f4  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:42:55.0575 0x07f4  LSI_FC - ok
16:42:55.0637 0x07f4  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:42:55.0637 0x07f4  LSI_SAS - ok
16:42:55.0684 0x07f4  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:42:55.0684 0x07f4  LSI_SAS2 - ok
16:42:55.0715 0x07f4  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:42:55.0715 0x07f4  LSI_SCSI - ok
16:42:55.0762 0x07f4  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:42:55.0762 0x07f4  luafv - ok
16:42:55.0840 0x07f4  [ 3C7B3072C3C5CC23F5FD46F8DFDA7480, E685963025BA3C0A4D1C806C0563B224BC976CA4C99FBCDCF22EDA30B11A596A ] massfilter_hs   C:\Windows\system32\drivers\massfilter_hs.sys
16:42:55.0840 0x07f4  massfilter_hs - ok
16:42:55.0980 0x07f4  [ 062D80F13D762F7BC2F38430D60F5048, 214D5B01F4C8FFD34DF2E390B5F39E6B3140CF362756548E0AC05B50EDA99E6C ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
16:42:55.0980 0x07f4  McAfeeFramework - ok
16:42:56.0136 0x07f4  [ FD3AD5E1ECDAA94A89D6697F5C5465D6, 63DA8E601B90DA558F0B089E89DD559C3C930430270D85CACAC0C0C8D08E5BB2 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe
16:42:56.0136 0x07f4  McComponentHostService - ok
16:42:56.0245 0x07f4  [ 50182E471B44C7A0F63B46E2DEF08B0F, 0597114145A64FF19F046855CB59EFFDE60C1273CB2F3A23FF6B71E963CCD3A9 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:42:56.0245 0x07f4  McShield - ok
16:42:56.0323 0x07f4  [ 113C20EB4982C5670F49718441BEE76D, 01C577CB91A3550C18E98EAA646DABBA828C753FC94505C78F46A7E600FD496A ] McTaskManager   C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
16:42:56.0339 0x07f4  McTaskManager - ok
16:42:56.0386 0x07f4  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:42:56.0401 0x07f4  Mcx2Svc - ok
16:42:56.0464 0x07f4  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:42:56.0464 0x07f4  megasas - ok
16:42:56.0511 0x07f4  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:42:56.0526 0x07f4  MegaSR - ok
16:42:56.0604 0x07f4  [ C0D975D64C1AF8057F2D75B1297A6979, B6EDDDD701A2876EE4331F20422936CD70A51D842F0C58FF16E19D29EF525450 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
16:42:56.0604 0x07f4  mfeapfk - ok
16:42:56.0651 0x07f4  [ C169326049A8A03D5F905B34F5A65F8C, 0A6B7C681854B77CE434C6A4BA1CA1BE56EF6B47EBE42FD5754394823C92CAFB ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
16:42:56.0667 0x07f4  mfeavfk - ok
16:42:56.0682 0x07f4  [ 50B0253B2484A306A20D8695C5AE5858, CAFAAAD49B666679163FCED79BCF29312214F8A45EE45075DE0E7A89D9665D6A ] mfebopk         C:\Windows\system32\drivers\mfebopk.sys
16:42:56.0682 0x07f4  mfebopk - ok
16:42:56.0760 0x07f4  [ 188B40866DB2AB8EF262FEBC65291687, BB28BBFC0800B3A635A5C620A9DD276DD370116D13D7F0DA49FFE790BCB70EFC ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
16:42:56.0791 0x07f4  mfehidk - ok
16:42:56.0823 0x07f4  [ C1B30AF2E18E69BF8CEB39B33F32D3C1, 32D5476D2CEB0D0D16B6B300EB6B326F4C5AC3E68DAE21720F16EFDE9389C802 ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
16:42:56.0823 0x07f4  mferkdet - ok
16:42:56.0854 0x07f4  [ 49C8E20D178BE981FF28523A942A570F, 28431B5849161F77991B0E0EDAE035D41DC1B4B01E21DBC9D77F5CDB0885EBD7 ] mfevtp          C:\Windows\system32\mfevtps.exe
16:42:56.0869 0x07f4  mfevtp - ok
16:42:56.0932 0x07f4  [ 451B49F0E10D6058CED5B56852D82C8B, D29F84AA77E2AA62997A7C88CFF40F8AC3F443D008BA1A0181AAD5887202F772 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
16:42:56.0932 0x07f4  mfewfpk - ok
16:42:57.0010 0x07f4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
16:42:57.0010 0x07f4  MMCSS - ok
16:42:57.0072 0x07f4  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
16:42:57.0072 0x07f4  Modem - ok
16:42:57.0119 0x07f4  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:42:57.0119 0x07f4  monitor - ok
16:42:57.0150 0x07f4  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:42:57.0150 0x07f4  mouclass - ok
16:42:57.0197 0x07f4  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:42:57.0213 0x07f4  mouhid - ok
16:42:57.0259 0x07f4  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:42:57.0259 0x07f4  mountmgr - ok
16:42:57.0353 0x07f4  [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:42:57.0353 0x07f4  MpFilter - ok
16:42:57.0384 0x07f4  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:42:57.0400 0x07f4  mpio - ok
16:42:57.0634 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl05c06806   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys
16:42:57.0634 0x07f4  MpKsl05c06806 - ok
16:42:57.0727 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl0a723b1b   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl0a723b1b.sys
16:42:57.0727 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl0a723b1b.sys. Real md5: 06D4F934E09C359B0EFBFB3146F1D910, sha256: 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:42:57.0727 0x07f4  MpKsl0a723b1b - detected ForgedFile.Multi.Generic ( 1 )
16:43:00.0613 0x07f4  Detect skipped due to KSN trusted
16:43:00.0613 0x07f4  MpKsl0a723b1b - ok
16:43:00.0738 0x07f4  [ DA18EDA484DB9C6D08143525FD951A8B, 54E78AF283D6E77DB7409E92159A2EEFEE7833CB742571F1B266C80E7038609C ] MpKsl173b0bfe   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl173b0bfe.sys
16:43:00.0738 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl173b0bfe.sys. Real md5: DA18EDA484DB9C6D08143525FD951A8B, sha256: 54E78AF283D6E77DB7409E92159A2EEFEE7833CB742571F1B266C80E7038609C, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:00.0738 0x07f4  MpKsl173b0bfe - detected ForgedFile.Multi.Generic ( 1 )
16:43:03.0780 0x07f4  MpKsl173b0bfe ( ForgedFile.Multi.Generic ) - warning
16:43:06.0729 0x07f4  [ 0F841E1080AF625FC81EBDC8BEC7B59B, 218390D71200643FC51C0A74AB1281F20BA84B800CB297B29DB113CE75D521CB ] MpKsl3ec561c4   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys
16:43:06.0729 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys. Real md5: 0F841E1080AF625FC81EBDC8BEC7B59B, sha256: 218390D71200643FC51C0A74AB1281F20BA84B800CB297B29DB113CE75D521CB, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:06.0729 0x07f4  MpKsl3ec561c4 - detected ForgedFile.Multi.Generic ( 1 )
16:43:09.0739 0x07f4  MpKsl3ec561c4 ( ForgedFile.Multi.Generic ) - warning
16:43:09.0739 0x07f4  Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys
16:43:13.0031 0x07f4  Object send P2P result: true
16:43:15.0933 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl42d20d8c   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys
16:43:15.0933 0x07f4  MpKsl42d20d8c - ok
16:43:16.0011 0x07f4  [ 0298FF58FCAB0C9424D43DE1EE8A96A7, 393AC1EDC5B724C866F23331252DD8BC2B92078BFCAB9F77D50BB9A3CEACF7A5 ] MpKsl433457a4   C:\Windows\system32\MpEngineStore\MpKsl433457a4.sys
16:43:16.0011 0x07f4  Suspicious file ( Forged ): C:\Windows\system32\MpEngineStore\MpKsl433457a4.sys. Real md5: 0298FF58FCAB0C9424D43DE1EE8A96A7, sha256: 393AC1EDC5B724C866F23331252DD8BC2B92078BFCAB9F77D50BB9A3CEACF7A5, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:16.0011 0x07f4  MpKsl433457a4 - detected ForgedFile.Multi.Generic ( 1 )
16:43:18.0959 0x07f4  MpKsl433457a4 ( ForgedFile.Multi.Generic ) - warning
16:43:24.0903 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl531712b5   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys
16:43:24.0903 0x07f4  MpKsl531712b5 - ok
16:43:24.0949 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl56479291   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl56479291.sys
16:43:24.0949 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl56479291.sys. Real md5: 06D4F934E09C359B0EFBFB3146F1D910, sha256: 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:24.0949 0x07f4  MpKsl56479291 - detected ForgedFile.Multi.Generic ( 1 )
16:43:24.0949 0x07f4  Detect skipped due to KSN trusted
16:43:24.0949 0x07f4  MpKsl56479291 - ok
16:43:25.0043 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl567cd4ca   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl567cd4ca.sys
16:43:25.0043 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl567cd4ca.sys. Real md5: 06D4F934E09C359B0EFBFB3146F1D910, sha256: 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:25.0043 0x07f4  MpKsl567cd4ca - detected ForgedFile.Multi.Generic ( 1 )
16:43:25.0043 0x07f4  Detect skipped due to KSN trusted
16:43:25.0043 0x07f4  MpKsl567cd4ca - ok
16:43:25.0105 0x07f4  [ DFF9A8E0319977851460434FC1D42050, B5DAE48081E1E56B9D1E442767D91E0C5B6B3150973E02E71F96D8260E6088A7 ] MpKsl5c09c013   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl5c09c013.sys
16:43:25.0105 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl5c09c013.sys. Real md5: DFF9A8E0319977851460434FC1D42050, sha256: B5DAE48081E1E56B9D1E442767D91E0C5B6B3150973E02E71F96D8260E6088A7, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:25.0105 0x07f4  MpKsl5c09c013 - detected ForgedFile.Multi.Generic ( 1 )
16:43:27.0976 0x07f4  MpKsl5c09c013 ( ForgedFile.Multi.Generic ) - warning
16:43:30.0924 0x07f4  [ 2F47372DED99406CF563818C870E51FA, 8B58713891EF38055135571DC059EA450A555FDDD19C1F0A2149943EFB4747E1 ] MpKsl62582d91   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl62582d91.sys
16:43:30.0924 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl62582d91.sys. Real md5: 2F47372DED99406CF563818C870E51FA, sha256: 8B58713891EF38055135571DC059EA450A555FDDD19C1F0A2149943EFB4747E1, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:30.0924 0x07f4  MpKsl62582d91 - detected ForgedFile.Multi.Generic ( 1 )
16:43:33.0904 0x07f4  MpKsl62582d91 ( ForgedFile.Multi.Generic ) - warning
16:43:36.0805 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl6b852b6f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys
16:43:36.0805 0x07f4  MpKsl6b852b6f - ok
16:43:36.0868 0x07f4  [ 7851848466CC57D1478A6814DFF0349C, 48AE5F33A59310160A8A26429504D792930F7B61E0845868A0BE5FC229B14D3F ] MpKsl6d1a139a   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6d1a139a.sys
16:43:36.0868 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6d1a139a.sys. Real md5: 7851848466CC57D1478A6814DFF0349C, sha256: 48AE5F33A59310160A8A26429504D792930F7B61E0845868A0BE5FC229B14D3F, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:36.0868 0x07f4  MpKsl6d1a139a - detected ForgedFile.Multi.Generic ( 1 )
16:43:39.0879 0x07f4  MpKsl6d1a139a ( ForgedFile.Multi.Generic ) - warning
16:43:42.0780 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl72991219   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys
16:43:42.0780 0x07f4  MpKsl72991219 - ok
16:43:42.0858 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl783f7958   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys
16:43:42.0858 0x07f4  MpKsl783f7958 - ok
16:43:42.0921 0x07f4  [ 4FA7C1861594AA0C198AA9B572DD5A07, 8BD28840A1BC66B9C1A41CF39B84C96C69281A96C78FE2B38B05E7901DC0C590 ] MpKsl8c99a18f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys
16:43:42.0921 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys. Real md5: 4FA7C1861594AA0C198AA9B572DD5A07, sha256: 8BD28840A1BC66B9C1A41CF39B84C96C69281A96C78FE2B38B05E7901DC0C590, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:42.0936 0x07f4  MpKsl8c99a18f - detected ForgedFile.Multi.Generic ( 1 )
16:43:45.0807 0x07f4  MpKsl8c99a18f ( ForgedFile.Multi.Generic ) - warning
16:43:45.0807 0x07f4  Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys
16:43:48.0802 0x07f4  Object send P2P result: true
16:43:51.0703 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl9d9e2965   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys
16:43:51.0703 0x07f4  MpKsl9d9e2965 - ok
16:43:51.0719 0x07f4  [ B2864BE5293594128825FE993317525B, 56C28267488E5DED934E69B01628A2698C36FCEC97F593E1286E2A170FEA3129 ] MpKsl9e5d3c7a   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys
16:43:51.0735 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys. Real md5: B2864BE5293594128825FE993317525B, sha256: 56C28267488E5DED934E69B01628A2698C36FCEC97F593E1286E2A170FEA3129, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:51.0735 0x07f4  MpKsl9e5d3c7a - detected ForgedFile.Multi.Generic ( 1 )
16:43:54.0730 0x07f4  MpKsl9e5d3c7a ( ForgedFile.Multi.Generic ) - warning
16:43:54.0730 0x07f4  Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys
16:44:00.0315 0x07f4  Object send P2P result: true
16:44:03.0201 0x07f4  [ 73BEFBBA67D65254DB792812FB3FB286, 82163AA7ADF52430D82D245BE2CB85FBF5E57469CB546A05618DDB3D9B844F2B ] MpKsla090ee3b   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys
16:44:03.0201 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys. Real md5: 73BEFBBA67D65254DB792812FB3FB286, sha256: 82163AA7ADF52430D82D245BE2CB85FBF5E57469CB546A05618DDB3D9B844F2B, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:03.0201 0x07f4  MpKsla090ee3b - detected ForgedFile.Multi.Generic ( 1 )
16:44:06.0118 0x07f4  MpKsla090ee3b ( ForgedFile.Multi.Generic ) - warning
16:44:06.0118 0x07f4  Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys
16:44:09.0144 0x07f4  Object send P2P result: true
16:44:12.0077 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslb1514709   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys
16:44:12.0077 0x07f4  MpKslb1514709 - ok
16:44:12.0139 0x07f4  [ B5EBBCB1892BCEFEE370B36250ECACBE, 310A7A0E77A4A201BCFD987F64067A3DC8CE187EFE98D20CE490DD2A0B7F0131 ] MpKslb1b46087   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys
16:44:12.0139 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys. Real md5: B5EBBCB1892BCEFEE370B36250ECACBE, sha256: 310A7A0E77A4A201BCFD987F64067A3DC8CE187EFE98D20CE490DD2A0B7F0131, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:12.0139 0x07f4  MpKslb1b46087 - detected ForgedFile.Multi.Generic ( 1 )
16:44:15.0135 0x07f4  MpKslb1b46087 ( ForgedFile.Multi.Generic ) - warning
16:44:15.0135 0x07f4  Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys
16:44:18.0145 0x07f4  Object send P2P result: true
16:44:21.0031 0x07f4  [ 59C67E1BADC5E79A577E2F427490B33C, 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85 ] MpKslbaeaec6f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbaeaec6f.sys
16:44:21.0031 0x07f4  MpKslbaeaec6f - ok
16:44:21.0109 0x07f4  [ AD589DEF2D8CF7405924D165F674FEC1, 940DABB8CBA8E8F1125540C582EE04A2914C8AC52AE26F22136C3A7F85F00B00 ] MpKslbc126b3d   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbc126b3d.sys
16:44:21.0109 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbc126b3d.sys. Real md5: AD589DEF2D8CF7405924D165F674FEC1, sha256: 940DABB8CBA8E8F1125540C582EE04A2914C8AC52AE26F22136C3A7F85F00B00, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:21.0109 0x07f4  MpKslbc126b3d - detected ForgedFile.Multi.Generic ( 1 )
16:44:23.0949 0x07f4  MpKslbc126b3d ( ForgedFile.Multi.Generic ) - warning
16:44:26.0882 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslc2ea08a6   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys
16:44:26.0882 0x07f4  MpKslc2ea08a6 - ok
16:44:26.0944 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslc5965bac   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys
16:44:26.0944 0x07f4  MpKslc5965bac - ok
16:44:27.0022 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslc7c28cb0   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys
16:44:27.0022 0x07f4  MpKslc7c28cb0 - ok
16:44:27.0100 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsld6bd47db   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld6bd47db.sys
16:44:27.0100 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld6bd47db.sys. Real md5: 06D4F934E09C359B0EFBFB3146F1D910, sha256: 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:27.0100 0x07f4  MpKsld6bd47db - detected ForgedFile.Multi.Generic ( 1 )
16:44:27.0100 0x07f4  Detect skipped due to KSN trusted
16:44:27.0100 0x07f4  MpKsld6bd47db - ok
16:44:27.0162 0x07f4  [ 223722269F40985947C67E95D2352073, 444A9DA1F9532C34112AB6B2FDF7773AE81EB3DC279D4D2368D255686EACE0BC ] MpKsld81027f9   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys
16:44:27.0162 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys. Real md5: 223722269F40985947C67E95D2352073, sha256: 444A9DA1F9532C34112AB6B2FDF7773AE81EB3DC279D4D2368D255686EACE0BC, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:27.0162 0x07f4  MpKsld81027f9 - detected ForgedFile.Multi.Generic ( 1 )
16:44:30.0189 0x07f4  MpKsld81027f9 ( ForgedFile.Multi.Generic ) - warning
16:44:30.0189 0x07f4  Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys
16:44:33.0168 0x07f4  Object send P2P result: true
16:44:36.0179 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsld849d12f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys
16:44:36.0195 0x07f4  MpKsld849d12f - ok
16:44:36.0351 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslda6f8fb7   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys
16:44:36.0351 0x07f4  MpKslda6f8fb7 - ok
16:44:36.0413 0x07f4  [ 33845CF2C874B3199376D1FE7FE7A4EC, 6C53AEC282CA684BBDFFEA484C97B379498338F4CE611A9BF8ACBA690049B1F9 ] MpKslddc61595   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys
16:44:36.0413 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys. Real md5: 33845CF2C874B3199376D1FE7FE7A4EC, sha256: 6C53AEC282CA684BBDFFEA484C97B379498338F4CE611A9BF8ACBA690049B1F9, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:36.0413 0x07f4  MpKslddc61595 - detected ForgedFile.Multi.Generic ( 1 )
16:44:39.0284 0x07f4  MpKslddc61595 ( ForgedFile.Multi.Generic ) - warning
16:44:39.0284 0x07f4  Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys
16:44:42.0388 0x07f4  Object send P2P result: true
16:44:45.0352 0x07f4  [ 7E431D600686802D4DE8236B2F2F02A3, 55B98F4038C5112E30D56F55B3C9EBBBD86E363791C9DB82EF6C6CA526B2CCBA ] MpKsleff99713   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsleff99713.sys
16:44:45.0352 0x07f4  Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsleff99713.sys. Real md5: 7E431D600686802D4DE8236B2F2F02A3, sha256: 55B98F4038C5112E30D56F55B3C9EBBBD86E363791C9DB82EF6C6CA526B2CCBA, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:45.0352 0x07f4  MpKsleff99713 - detected ForgedFile.Multi.Generic ( 1 )
16:44:48.0519 0x07f4  MpKsleff99713 ( ForgedFile.Multi.Generic ) - warning
16:44:51.0436 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslf28e4fd4   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys
16:44:51.0452 0x07f4  MpKslf28e4fd4 - ok
16:44:51.0483 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslface65c7   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys
16:44:51.0483 0x07f4  MpKslface65c7 - ok
16:44:51.0530 0x07f4  [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslfba52fc5   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys
16:44:51.0530 0x07f4  MpKslfba52fc5 - ok
16:44:51.0608 0x07f4  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:44:51.0608 0x07f4  mpsdrv - ok
16:44:51.0686 0x07f4  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:44:51.0732 0x07f4  MpsSvc - ok
16:44:51.0795 0x07f4  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:44:51.0795 0x07f4  MRxDAV - ok
16:44:51.0857 0x07f4  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:44:51.0857 0x07f4  mrxsmb - ok
16:44:51.0904 0x07f4  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:44:51.0904 0x07f4  mrxsmb10 - ok
16:44:51.0966 0x07f4  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:44:51.0966 0x07f4  mrxsmb20 - ok
16:44:52.0029 0x07f4  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:44:52.0029 0x07f4  msahci - ok
16:44:52.0091 0x07f4  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:44:52.0091 0x07f4  msdsm - ok
16:44:52.0122 0x07f4  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
16:44:52.0122 0x07f4  MSDTC - ok
16:44:52.0185 0x07f4  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:44:52.0185 0x07f4  Msfs - ok
16:44:52.0216 0x07f4  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:44:52.0216 0x07f4  mshidkmdf - ok
16:44:52.0278 0x07f4  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:44:52.0278 0x07f4  msisadrv - ok
16:44:52.0341 0x07f4  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:44:52.0341 0x07f4  MSiSCSI - ok
16:44:52.0356 0x07f4  msiserver - ok
16:44:52.0403 0x07f4  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:44:52.0403 0x07f4  MSKSSRV - ok
16:44:52.0512 0x07f4  [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:44:52.0512 0x07f4  MsMpSvc - ok
16:44:52.0528 0x07f4  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:44:52.0528 0x07f4  MSPCLOCK - ok
16:44:52.0544 0x07f4  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:44:52.0544 0x07f4  MSPQM - ok
16:44:52.0575 0x07f4  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:44:52.0590 0x07f4  MsRPC - ok
16:44:52.0622 0x07f4  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:44:52.0622 0x07f4  mssmbios - ok
16:44:52.0622 0x07f4  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:44:52.0637 0x07f4  MSTEE - ok
16:44:52.0653 0x07f4  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:44:52.0653 0x07f4  MTConfig - ok
16:44:52.0668 0x07f4  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:44:52.0668 0x07f4  Mup - ok
16:44:52.0731 0x07f4  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
16:44:52.0746 0x07f4  napagent - ok
16:44:52.0856 0x07f4  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:44:52.0856 0x07f4  NativeWifiP - ok
16:44:52.0949 0x07f4  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:44:52.0980 0x07f4  NDIS - ok
16:44:52.0996 0x07f4  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:44:53.0012 0x07f4  NdisCap - ok
16:44:53.0043 0x07f4  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:44:53.0043 0x07f4  NdisTapi - ok
16:44:53.0090 0x07f4  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:44:53.0090 0x07f4  Ndisuio - ok
16:44:53.0136 0x07f4  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:44:53.0136 0x07f4  NdisWan - ok
16:44:53.0168 0x07f4  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:44:53.0168 0x07f4  NDProxy - ok
16:44:53.0246 0x07f4  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:44:53.0246 0x07f4  NetBIOS - ok
16:44:53.0308 0x07f4  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:44:53.0308 0x07f4  NetBT - ok
16:44:53.0339 0x07f4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
16:44:53.0339 0x07f4  Netlogon - ok
16:44:53.0402 0x07f4  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
16:44:53.0417 0x07f4  Netman - ok
16:44:53.0464 0x07f4  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
16:44:53.0495 0x07f4  netprofm - ok
16:44:53.0558 0x07f4  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:44:53.0558 0x07f4  NetTcpPortSharing - ok
16:44:53.0604 0x07f4  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:44:53.0604 0x07f4  nfrd960 - ok
16:44:53.0667 0x07f4  [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:44:53.0667 0x07f4  NisDrv - ok
16:44:53.0745 0x07f4  [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:44:53.0760 0x07f4  NisSrv - ok
16:44:53.0838 0x07f4  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:44:53.0854 0x07f4  NlaSvc - ok
16:44:53.0870 0x07f4  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:44:53.0870 0x07f4  Npfs - ok
16:44:53.0932 0x07f4  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
16:44:53.0948 0x07f4  nsi - ok
16:44:53.0963 0x07f4  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:44:53.0963 0x07f4  nsiproxy - ok
16:44:54.0088 0x07f4  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:44:54.0135 0x07f4  Ntfs - ok
16:44:54.0166 0x07f4  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
16:44:54.0166 0x07f4  Null - ok
16:44:54.0213 0x07f4  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:44:54.0228 0x07f4  nvraid - ok
16:44:54.0291 0x07f4  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:44:54.0291 0x07f4  nvstor - ok
16:44:54.0322 0x07f4  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:44:54.0322 0x07f4  nv_agp - ok
16:44:54.0478 0x07f4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:44:54.0509 0x07f4  odserv - ok
16:44:54.0572 0x07f4  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:44:54.0572 0x07f4  ohci1394 - ok
16:44:54.0650 0x07f4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:44:54.0650 0x07f4  ose - ok
16:44:54.0712 0x07f4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:44:54.0728 0x07f4  p2pimsvc - ok
16:44:54.0806 0x07f4  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:44:54.0821 0x07f4  p2psvc - ok
16:44:54.0884 0x07f4  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:44:54.0884 0x07f4  Parport - ok
16:44:54.0946 0x07f4  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:44:54.0946 0x07f4  partmgr - ok
16:44:54.0977 0x07f4  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
16:44:54.0977 0x07f4  Parvdm - ok
16:44:55.0008 0x07f4  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:44:55.0024 0x07f4  PcaSvc - ok
16:44:55.0055 0x07f4  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
16:44:55.0055 0x07f4  pci - ok
16:44:55.0118 0x07f4  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:44:55.0118 0x07f4  pciide - ok
16:44:55.0164 0x07f4  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:44:55.0180 0x07f4  pcmcia - ok
16:44:55.0211 0x07f4  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:44:55.0211 0x07f4  pcw - ok
16:44:55.0274 0x07f4  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:44:55.0305 0x07f4  PEAUTH - ok
16:44:55.0414 0x07f4  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:44:55.0461 0x07f4  PeerDistSvc - ok
16:44:55.0617 0x07f4  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
16:44:55.0710 0x07f4  pla - ok
16:44:55.0820 0x07f4  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:44:55.0835 0x07f4  PlugPlay - ok
16:44:55.0913 0x07f4  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:44:55.0913 0x07f4  PNRPAutoReg - ok
16:44:55.0944 0x07f4  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:44:55.0960 0x07f4  PNRPsvc - ok
16:44:56.0022 0x07f4  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:44:56.0022 0x07f4  PolicyAgent - ok
16:44:56.0100 0x07f4  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
16:44:56.0100 0x07f4  Power - ok
16:44:56.0178 0x07f4  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:44:56.0194 0x07f4  PptpMiniport - ok
16:44:56.0210 0x07f4  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:44:56.0210 0x07f4  Processor - ok
16:44:56.0303 0x07f4  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:44:56.0303 0x07f4  ProfSvc - ok
16:44:56.0334 0x07f4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:44:56.0334 0x07f4  ProtectedStorage - ok
16:44:56.0412 0x07f4  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:44:56.0428 0x07f4  Psched - ok
16:44:56.0522 0x07f4  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:44:56.0584 0x07f4  ql2300 - ok
16:44:56.0615 0x07f4  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:44:56.0615 0x07f4  ql40xx - ok
16:44:56.0693 0x07f4  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
16:44:56.0709 0x07f4  QWAVE - ok
16:44:56.0740 0x07f4  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:44:56.0740 0x07f4  QWAVEdrv - ok
16:44:56.0756 0x07f4  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:44:56.0756 0x07f4  RasAcd - ok
16:44:56.0834 0x07f4  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:44:56.0834 0x07f4  RasAgileVpn - ok
16:44:56.0849 0x07f4  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
16:44:56.0865 0x07f4  RasAuto - ok
16:44:56.0896 0x07f4  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:44:56.0896 0x07f4  Rasl2tp - ok
16:44:56.0958 0x07f4  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
16:44:56.0974 0x07f4  RasMan - ok
16:44:57.0005 0x07f4  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:44:57.0021 0x07f4  RasPppoe - ok
16:44:57.0068 0x07f4  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:44:57.0068 0x07f4  RasSstp - ok
16:44:57.0130 0x07f4  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:44:57.0146 0x07f4  rdbss - ok
16:44:57.0161 0x07f4  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:44:57.0161 0x07f4  rdpbus - ok
16:44:57.0224 0x07f4  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:44:57.0224 0x07f4  RDPCDD - ok
16:44:57.0302 0x07f4  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:44:57.0302 0x07f4  RDPDR - ok
16:44:57.0348 0x07f4  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:44:57.0348 0x07f4  RDPENCDD - ok
16:44:57.0364 0x07f4  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:44:57.0364 0x07f4  RDPREFMP - ok
16:44:57.0442 0x07f4  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:44:57.0458 0x07f4  RDPWD - ok
16:44:57.0536 0x07f4  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:44:57.0536 0x07f4  rdyboost - ok
16:44:57.0629 0x07f4  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:44:57.0645 0x07f4  RemoteAccess - ok
16:44:57.0707 0x07f4  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:44:57.0707 0x07f4  RemoteRegistry - ok
16:44:57.0770 0x07f4  [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
16:44:57.0770 0x07f4  rismxdp - ok
16:44:57.0801 0x07f4  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:44:57.0801 0x07f4  RpcEptMapper - ok
16:44:57.0863 0x07f4  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
16:44:57.0879 0x07f4  RpcLocator - ok
16:44:57.0941 0x07f4  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
16:44:57.0957 0x07f4  RpcSs - ok
16:44:58.0019 0x07f4  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:44:58.0019 0x07f4  rspndr - ok
16:44:58.0082 0x07f4  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:44:58.0082 0x07f4  s3cap - ok
16:44:58.0097 0x07f4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
16:44:58.0097 0x07f4  SamSs - ok
16:44:58.0206 0x07f4  [ 5BF35C4EA3F00FA8D3F1E5BF03D24584, F2B57EACE3E5259793D245243530537123EA87304432B91F12C1397F14D5D8D6 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:44:58.0222 0x07f4  SASDIFSV - ok
16:44:58.0284 0x07f4  [ A22F08C98AC2F44587BF3A1FB52BF8CD, 9FEBA5491AE674C7B37C5089E491E2FF74A444DA902E3CE2B15867DDE5166901 ] SASENUM         C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
16:44:58.0284 0x07f4  SASENUM - ok
16:44:58.0331 0x07f4  [ 81C02EA5F88CA4125E579384DFD75E3A, 78E34E4BE437EECECEE3F2B81155D55A65B43E0B02E9E8580E0B4BE29167AF39 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
16:44:58.0331 0x07f4  SASKUTIL - ok
16:44:58.0378 0x07f4  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:44:58.0378 0x07f4  sbp2port - ok
16:44:58.0456 0x07f4  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:44:58.0456 0x07f4  SCardSvr - ok
16:44:58.0472 0x07f4  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:44:58.0472 0x07f4  scfilter - ok
16:44:58.0581 0x07f4  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
16:44:58.0628 0x07f4  Schedule - ok
16:44:58.0659 0x07f4  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:44:58.0659 0x07f4  SCPolicySvc - ok
16:44:58.0721 0x07f4  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
16:44:58.0721 0x07f4  sdbus - ok
16:44:58.0784 0x07f4  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:44:58.0799 0x07f4  SDRSVC - ok
16:44:58.0846 0x07f4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:44:58.0846 0x07f4  secdrv - ok
16:44:58.0908 0x07f4  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
16:44:58.0908 0x07f4  seclogon - ok
16:44:58.0924 0x07f4  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
16:44:58.0940 0x07f4  SENS - ok
16:44:59.0002 0x07f4  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:44:59.0018 0x07f4  SensrSvc - ok
16:44:59.0033 0x07f4  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:44:59.0033 0x07f4  Serenum - ok
16:44:59.0064 0x07f4  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:44:59.0064 0x07f4  Serial - ok
16:44:59.0111 0x07f4  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:44:59.0127 0x07f4  sermouse - ok
16:44:59.0205 0x07f4  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:44:59.0220 0x07f4  SessionEnv - ok
16:44:59.0252 0x07f4  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:44:59.0267 0x07f4  sffdisk - ok
16:44:59.0267 0x07f4  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:44:59.0267 0x07f4  sffp_mmc - ok
16:44:59.0298 0x07f4  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:44:59.0298 0x07f4  sffp_sd - ok
16:44:59.0330 0x07f4  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:44:59.0345 0x07f4  sfloppy - ok
16:44:59.0423 0x07f4  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:44:59.0423 0x07f4  SharedAccess - ok
16:44:59.0470 0x07f4  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:44:59.0486 0x07f4  ShellHWDetection - ok
16:44:59.0548 0x07f4  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:44:59.0548 0x07f4  sisagp - ok
16:44:59.0610 0x07f4  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:44:59.0610 0x07f4  SiSRaid2 - ok
16:44:59.0642 0x07f4  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:44:59.0657 0x07f4  SiSRaid4 - ok
16:44:59.0688 0x07f4  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:44:59.0688 0x07f4  Smb - ok
16:44:59.0766 0x07f4  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:44:59.0766 0x07f4  SNMPTRAP - ok
16:44:59.0782 0x07f4  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:44:59.0798 0x07f4  spldr - ok
16:44:59.0860 0x07f4  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
16:44:59.0876 0x07f4  Spooler - ok
16:45:00.0078 0x07f4  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
16:45:00.0219 0x07f4  sppsvc - ok
16:45:00.0297 0x07f4  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:45:00.0312 0x07f4  sppuinotify - ok
16:45:00.0390 0x07f4  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:45:00.0406 0x07f4  srv - ok
16:45:00.0437 0x07f4  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:45:00.0468 0x07f4  srv2 - ok
16:45:00.0578 0x07f4  [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:45:00.0593 0x07f4  SrvHsfHDA - ok
16:45:00.0656 0x07f4  [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:45:00.0702 0x07f4  SrvHsfV92 - ok
16:45:00.0765 0x07f4  [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:45:00.0796 0x07f4  SrvHsfWinac - ok
16:45:00.0858 0x07f4  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:45:00.0874 0x07f4  srvnet - ok
16:45:00.0936 0x07f4  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:45:00.0952 0x07f4  SSDPSRV - ok
16:45:00.0983 0x07f4  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:45:00.0999 0x07f4  SstpSvc - ok
16:45:01.0046 0x07f4  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:45:01.0046 0x07f4  stexstor - ok
16:45:01.0139 0x07f4  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
16:45:01.0170 0x07f4  StiSvc - ok
16:45:01.0248 0x07f4  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:45:01.0248 0x07f4  storflt - ok
16:45:01.0311 0x07f4  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
16:45:01.0311 0x07f4  StorSvc - ok
16:45:01.0373 0x07f4  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:45:01.0373 0x07f4  storvsc - ok
16:45:01.0436 0x07f4  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:45:01.0436 0x07f4  swenum - ok
16:45:01.0467 0x07f4  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
16:45:01.0482 0x07f4  swprv - ok
16:45:01.0607 0x07f4  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
16:45:01.0685 0x07f4  SysMain - ok
16:45:01.0763 0x07f4  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
16:45:01.0763 0x07f4  TabletInputService - ok
16:45:01.0826 0x07f4  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:45:01.0841 0x07f4  TapiSrv - ok
16:45:01.0888 0x07f4  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
16:45:01.0904 0x07f4  TBS - ok
16:45:01.0982 0x07f4  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:45:02.0060 0x07f4  Tcpip - ok
16:45:02.0153 0x07f4  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:45:02.0184 0x07f4  TCPIP6 - ok
16:45:02.0262 0x07f4  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:45:02.0262 0x07f4  tcpipreg - ok
16:45:02.0325 0x07f4  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:45:02.0325 0x07f4  TDPIPE - ok
16:45:02.0372 0x07f4  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:45:02.0387 0x07f4  TDTCP - ok
16:45:02.0434 0x07f4  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:45:02.0434 0x07f4  tdx - ok
16:45:02.0496 0x07f4  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:45:02.0496 0x07f4  TermDD - ok
16:45:02.0590 0x07f4  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
16:45:02.0606 0x07f4  TermService - ok
16:45:02.0668 0x07f4  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
16:45:02.0684 0x07f4  Themes - ok
16:45:02.0715 0x07f4  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
16:45:02.0715 0x07f4  THREADORDER - ok
16:45:02.0762 0x07f4  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
16:45:02.0777 0x07f4  TrkWks - ok
16:45:02.0886 0x07f4  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:45:02.0886 0x07f4  TrustedInstaller - ok
16:45:02.0964 0x07f4  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:45:02.0964 0x07f4  tssecsrv - ok
16:45:03.0058 0x07f4  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:45:03.0058 0x07f4  TsUsbFlt - ok
16:45:03.0152 0x07f4  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:45:03.0152 0x07f4  tunnel - ok
16:45:03.0214 0x07f4  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:45:03.0214 0x07f4  uagp35 - ok
16:45:03.0245 0x07f4  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:45:03.0261 0x07f4  udfs - ok
16:45:03.0339 0x07f4  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:45:03.0339 0x07f4  UI0Detect - ok
16:45:03.0370 0x07f4  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:45:03.0370 0x07f4  uliagpkx - ok
16:45:03.0432 0x07f4  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:45:03.0432 0x07f4  umbus - ok
16:45:03.0479 0x07f4  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:45:03.0479 0x07f4  UmPass - ok
16:45:03.0557 0x07f4  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:45:03.0573 0x07f4  UmRdpService - ok
16:45:03.0635 0x07f4  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
16:45:03.0651 0x07f4  upnphost - ok
16:45:03.0713 0x07f4  [ 71D97F1A3CC47A56728F7A400A3F8295, ED3FDB73D8A98D9BAF702C0F5C7AD79D525D19DCE1487D442536913BEA5C7F15 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:45:03.0713 0x07f4  usbccgp - ok
16:45:03.0776 0x07f4  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:45:03.0776 0x07f4  usbcir - ok
16:45:03.0807 0x07f4  [ C4FB8E7ADEA9B5CEEA885A1B504B7E40, 3E0AE5D236890452F2EA33504309A7E5FE49C567FF6F68A83A5987F05ED01BF0 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:45:03.0807 0x07f4  usbehci - ok
16:45:03.0838 0x07f4  [ 86AA95ACB611001E26CD2C0145F2225A, 584D26E8C9407A4E717DCBF2D3819DB441C2D455B5FDA6654FBA3794E19B4D51 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:45:03.0854 0x07f4  usbhub - ok
16:45:03.0885 0x07f4  [ DCDF9855145A14DFCA0AB32308871961, 9A21013AD032195D54CE655DE5363E78BB74CC55C40B889520B478892F4BA40A ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:45:03.0885 0x07f4  usbohci - ok
16:45:03.0916 0x07f4  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:45:03.0916 0x07f4  usbprint - ok
16:45:03.0947 0x07f4  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:45:03.0947 0x07f4  USBSTOR - ok
16:45:03.0978 0x07f4  [ 8E51D04175BAA14C4F79AA5F6D248770, 6CE2E45E272734A5D1D0C4CE2BD7B61C61C7538903E87203E376495D198EFBD0 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:45:03.0978 0x07f4  usbuhci - ok
16:45:04.0041 0x07f4  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
16:45:04.0056 0x07f4  UxSms - ok
16:45:04.0072 0x07f4  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
16:45:04.0072 0x07f4  VaultSvc - ok
16:45:04.0103 0x07f4  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:45:04.0103 0x07f4  vdrvroot - ok
16:45:04.0197 0x07f4  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
16:45:04.0228 0x07f4  vds - ok
16:45:04.0290 0x07f4  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:45:04.0290 0x07f4  vga - ok
16:45:04.0306 0x07f4  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:45:04.0306 0x07f4  VgaSave - ok
16:45:04.0384 0x07f4  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:45:04.0384 0x07f4  vhdmp - ok
16:45:04.0400 0x07f4  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:45:04.0415 0x07f4  viaagp - ok
16:45:04.0431 0x07f4  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
16:45:04.0431 0x07f4  ViaC7 - ok
16:45:04.0493 0x07f4  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:45:04.0493 0x07f4  viaide - ok
16:45:04.0571 0x07f4  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:45:04.0571 0x07f4  vmbus - ok
16:45:04.0634 0x07f4  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:45:04.0634 0x07f4  VMBusHID - ok
16:45:04.0649 0x07f4  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:45:04.0649 0x07f4  volmgr - ok
16:45:04.0696 0x07f4  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:45:04.0696 0x07f4  volmgrx - ok
16:45:04.0727 0x07f4  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:45:04.0774 0x07f4  volsnap - ok
16:45:04.0805 0x07f4  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:45:04.0821 0x07f4  vsmraid - ok
16:45:04.0914 0x07f4  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
16:45:04.0977 0x07f4  VSS - ok
16:45:04.0992 0x07f4  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:45:04.0992 0x07f4  vwifibus - ok
16:45:05.0039 0x07f4  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:45:05.0039 0x07f4  vwififlt - ok
16:45:05.0133 0x07f4  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
16:45:05.0133 0x07f4  W32Time - ok
16:45:05.0164 0x07f4  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:45:05.0164 0x07f4  WacomPen - ok
16:45:05.0242 0x07f4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:45:05.0242 0x07f4  WANARP - ok
16:45:05.0258 0x07f4  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:45:05.0258 0x07f4  Wanarpv6 - ok
16:45:05.0382 0x07f4  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:45:05.0445 0x07f4  WatAdminSvc - ok
16:45:05.0538 0x07f4  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
16:45:05.0616 0x07f4  wbengine - ok
16:45:05.0648 0x07f4  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:45:05.0663 0x07f4  WbioSrvc - ok
16:45:05.0726 0x07f4  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:45:05.0741 0x07f4  wcncsvc - ok
16:45:05.0757 0x07f4  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:45:05.0757 0x07f4  WcsPlugInService - ok
16:45:05.0819 0x07f4  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:45:05.0819 0x07f4  Wd - ok
16:45:05.0913 0x07f4  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:45:05.0944 0x07f4  Wdf01000 - ok
16:45:05.0975 0x07f4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:45:05.0975 0x07f4  WdiServiceHost - ok
16:45:06.0006 0x07f4  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:45:06.0006 0x07f4  WdiSystemHost - ok
16:45:06.0069 0x07f4  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
16:45:06.0084 0x07f4  WebClient - ok
16:45:06.0116 0x07f4  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:45:06.0131 0x07f4  Wecsvc - ok
16:45:06.0147 0x07f4  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:45:06.0162 0x07f4  wercplsupport - ok
16:45:06.0209 0x07f4  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
16:45:06.0225 0x07f4  WerSvc - ok
16:45:06.0256 0x07f4  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:45:06.0256 0x07f4  WfpLwf - ok
16:45:06.0272 0x07f4  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:45:06.0272 0x07f4  WIMMount - ok
16:45:06.0381 0x07f4  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:45:06.0428 0x07f4  WinDefend - ok
16:45:06.0443 0x07f4  WinHttpAutoProxySvc - ok
16:45:06.0552 0x07f4  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:45:06.0568 0x07f4  Winmgmt - ok
16:45:06.0677 0x07f4  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
16:45:06.0740 0x07f4  WinRM - ok
16:45:06.0833 0x07f4  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:45:06.0833 0x07f4  WinUsb - ok
16:45:06.0927 0x07f4  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:45:06.0974 0x07f4  Wlansvc - ok
16:45:07.0052 0x07f4  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:45:07.0052 0x07f4  WmiAcpi - ok
16:45:07.0114 0x07f4  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:45:07.0130 0x07f4  wmiApSrv - ok
16:45:07.0254 0x07f4  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:45:07.0301 0x07f4  WMPNetworkSvc - ok
16:45:07.0379 0x07f4  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:45:07.0379 0x07f4  WPCSvc - ok
16:45:07.0442 0x07f4  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:45:07.0442 0x07f4  WPDBusEnum - ok
16:45:07.0520 0x07f4  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:45:07.0520 0x07f4  ws2ifsl - ok
16:45:07.0535 0x07f4  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:45:07.0535 0x07f4  wscsvc - ok
16:45:07.0566 0x07f4  WSearch - ok
16:45:07.0722 0x07f4  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:45:07.0816 0x07f4  wuauserv - ok
16:45:07.0894 0x07f4  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:45:07.0894 0x07f4  WudfPf - ok
16:45:07.0956 0x07f4  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:45:07.0956 0x07f4  WUDFRd - ok
16:45:08.0034 0x07f4  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:45:08.0034 0x07f4  wudfsvc - ok
16:45:08.0066 0x07f4  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:45:08.0081 0x07f4  WwanSvc - ok
16:45:08.0175 0x07f4  [ 30B73EB97218A16CBC6DE535782A1B35, 5B034F39FA5B902BD6899717F7696871CDAFB8698B48BB0E95DAE51234715A28 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
16:45:08.0206 0x07f4  yukonw7 - ok
16:45:08.0284 0x07f4  [ 5CBAFE90E78C13C0429971E2FA05B48A, 6B976C1A60BAD30C891E0E8093C084B9822D61871FC2EFAD21BA75A72E6429BE ] zghsmdm         C:\Windows\system32\DRIVERS\zghsmdm.sys
16:45:08.0300 0x07f4  zghsmdm - ok
16:45:08.0315 0x07f4  ================ Scan global ===============================
16:45:08.0393 0x07f4  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
16:45:08.0456 0x07f4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
16:45:08.0487 0x07f4  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
16:45:08.0549 0x07f4  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
16:45:08.0612 0x07f4  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
16:45:08.0627 0x07f4  [ Global ] - ok
16:45:08.0627 0x07f4  ================ Scan MBR ==================================
16:45:08.0643 0x07f4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:45:08.0939 0x07f4  \Device\Harddisk0\DR0 - ok
16:45:08.0955 0x07f4  ================ Scan VBR ==================================
16:45:08.0970 0x07f4  [ 9EA8E62D85B654ABFA42FE70A6F953B3 ] \Device\Harddisk0\DR0\Partition1
16:45:08.0970 0x07f4  \Device\Harddisk0\DR0\Partition1 - ok
16:45:09.0002 0x07f4  [ 91F5318EF98BE317131B8C3B8BDB0A6D ] \Device\Harddisk0\DR0\Partition2
16:45:09.0002 0x07f4  \Device\Harddisk0\DR0\Partition2 - ok
16:45:09.0002 0x07f4  Waiting for KSN requests completion. In queue: 235
16:45:10.0016 0x07f4  Waiting for KSN requests completion. In queue: 235
16:45:11.0030 0x07f4  Waiting for KSN requests completion. In queue: 235
16:45:12.0059 0x07f4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61010 ( enabled : outofdate )
16:45:12.0059 0x07f4  AV detected via SS2: McAfee VirusScan Enterprise, "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /!REMEDIATE (  ), 0x40010 ( disabled : outofdate )
16:45:12.0122 0x07f4  Win FW state via NFP2: enabled
16:45:14.0961 0x07f4  ============================================================
16:45:14.0961 0x07f4  Scan finished
16:45:14.0961 0x07f4  ============================================================
16:45:14.0976 0x0750  Detected object count: 14
16:45:14.0976 0x0750  Actual detected object count: 14
 



#6 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 22 December 2013 - 04:02 PM

adwCleaner log

 

# AdwCleaner v3.015 - Report created 22/12/2013 at 16:50:15
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Busa - DELL-PC
# Running from : C:\Users\Busa\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found C:\Program Files\Ask.com
Folder Found C:\ProgramData\Ask
Folder Found C:\Users\Busa\AppData\Local\apn
Folder Found C:\Users\Busa\AppData\LocalLow\AskToolbar
Folder Found C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428


*************************

AdwCleaner[R0].txt - [5845 octets] - [22/12/2013 16:50:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5905 octets] ##########
 



#7 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 22 December 2013 - 05:00 PM

Good job! 
 
ComboFix

Download Combofix from either of the links below, and save it to your desktop.  
Link 1
Link 2

**Note:  It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.



--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the C:\ComboFix.txt for further review.

Posted Image
 
 

#8 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 22 December 2013 - 05:50 PM

I have completed comboFix and the log file is below.

 

I should note that I have run everyone of these programs from safe mode only.

 

 

=============================================

 

ComboFix 13-12-21.01 - Busa 12/22/2013  18:38:55.1.1 - x86 NETWORK
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.1014.407 [GMT -5:00]
Running from: c:\users\Busa\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: Microsoft Security Essentials *Enabled/Outdated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Microsoft Security Essentials *Enabled/Outdated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-22 to 2013-12-22  )))))))))))))))))))))))))))))))
.
.
2013-12-22 23:45 . 2013-12-22 23:45    --------    d-----w-    c:\users\Busa\AppData\Local\temp
2013-12-22 23:45 . 2013-12-22 23:45    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-12-22 21:49 . 2013-12-22 21:50    --------    d-----w-    C:\AdwCleaner
2013-12-21 03:02 . 2013-12-21 03:02    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys
2013-12-21 01:07 . 2013-12-21 01:07    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys
2013-12-20 22:23 . 2013-12-20 22:23    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys
2013-12-20 22:12 . 2013-12-20 22:12    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys
2013-12-20 21:52 . 2013-12-20 21:52    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys
2013-12-18 23:53 . 2013-12-18 23:53    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys
2013-12-17 12:41 . 2013-12-18 04:41    --------    d-----w-    C:\2877ecef3e25d9c8e3
2013-12-17 11:44 . 2013-12-17 11:44    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys
2013-12-17 01:12 . 2013-12-17 01:12    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys
2013-12-16 02:26 . 2013-12-16 02:26    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys
2013-12-15 23:22 . 2013-12-15 23:22    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys
2013-12-15 22:44 . 2013-12-22 07:29    62576    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\offreg.dll
2013-12-15 22:38 . 2013-12-15 22:38    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2013-12-15 22:36 . 2013-12-15 22:37    --------    d-----w-    c:\program files\SUPERAntiSpyware
2013-12-15 22:36 . 2013-12-15 22:36    --------    d-----w-    c:\users\Busa\AppData\Roaming\SUPERAntiSpyware.com
2013-12-15 22:35 . 2013-12-15 22:35    --------    d-----w-    c:\program files\Common Files\Wise Installation Wizard
2013-12-15 22:33 . 2013-12-15 22:33    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys
2013-12-14 20:02 . 2013-12-14 20:02    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys
2013-12-14 01:28 . 2013-12-14 01:28    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys
2013-12-13 22:41 . 2013-12-13 22:41    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys
2013-12-13 21:40 . 2013-12-13 21:40    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys
2013-12-13 14:54 . 2013-12-13 14:54    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys
2013-12-13 09:23 . 2013-11-08 01:15    7772552    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\mpengine.dll
2013-12-12 23:33 . 2013-11-26 09:23    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-12-12 23:33 . 2013-11-27 00:20    235216    ----a-w-    c:\program files\Internet Explorer\sqmapi.dll
2013-12-12 23:33 . 2013-11-26 06:41    251392    ----a-w-    c:\program files\Internet Explorer\IEShims.dll
2013-12-12 23:25 . 2013-05-10 04:56    12625408    ----a-w-    c:\windows\system32\wmploc.DLL
2013-12-12 23:25 . 2013-05-10 03:48    164864    ----a-w-    c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 05:27 . 2013-11-08 01:15    7772552    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-11 23:03 . 2013-10-30 02:19    301568    ----a-w-    c:\windows\system32\msieftp.dll
2013-12-11 23:03 . 2013-11-23 18:26    417792    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-12-11 23:03 . 2013-10-19 01:36    159232    ----a-w-    c:\windows\system32\imagehlp.dll
2013-12-11 23:02 . 2013-10-12 02:04    121856    ----a-w-    c:\windows\system32\wshom.ocx
2013-12-11 23:02 . 2013-10-12 02:03    163840    ----a-w-    c:\windows\system32\scrrun.dll
2013-12-11 23:02 . 2013-10-12 01:15    141824    ----a-w-    c:\windows\system32\wscript.exe
2013-12-11 23:02 . 2013-10-12 01:15    126976    ----a-w-    c:\windows\system32\cscript.exe
2013-12-11 23:02 . 2013-11-12 02:07    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-12-11 23:02 . 2013-10-30 01:27    2349056    ----a-w-    c:\windows\system32\win32k.sys
2013-12-11 23:01 . 2013-10-04 01:17    177152    ----a-w-    c:\windows\system32\drivers\portcls.sys
2013-12-11 23:01 . 2013-10-04 01:49    81408    ----a-w-    c:\windows\system32\drivers\drmk.sys
2013-12-07 19:57 . 2013-10-19 18:08    719224    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A90F2866-45E4-484D-A96D-B0606BE5A1EE}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 23:35 . 2012-04-27 01:00    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-12-10 23:35 . 2011-08-25 04:47    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-20 20:13 . 2013-11-20 20:13    646144    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 20:13 . 2013-11-20 20:13    194048    ----a-w-    c:\windows\system32\elshyph.dll
2013-11-20 20:13 . 2013-11-20 20:13    645120    ----a-w-    c:\windows\system32\jsIntl.dll
2013-11-20 20:13 . 2013-11-20 20:13    71680    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 20:13 . 2013-11-20 20:13    62464    ----a-w-    c:\windows\system32\tdc.ocx
2013-11-20 20:13 . 2013-11-20 20:13    34816    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 20:13 . 2013-11-20 20:13    337408    ----a-w-    c:\windows\system32\html.iec
2013-11-20 20:13 . 2013-11-20 20:13    182272    ----a-w-    c:\windows\system32\msls31.dll
2013-11-20 20:13 . 2013-11-20 20:13    454656    ----a-w-    c:\windows\system32\vbscript.dll
2013-11-20 20:13 . 2013-11-20 20:13    24576    ----a-w-    c:\windows\system32\licmgr10.dll
2013-11-20 20:13 . 2013-11-20 20:13    151552    ----a-w-    c:\windows\system32\iexpress.exe
2013-11-20 20:13 . 2013-11-20 20:13    139264    ----a-w-    c:\windows\system32\wextract.exe
2013-11-20 20:13 . 2013-11-20 20:13    1051136    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-11-20 20:13 . 2013-11-20 20:13    61952    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-11-20 20:13 . 2013-11-20 20:13    36352    ----a-w-    c:\windows\system32\imgutil.dll
2013-11-20 20:13 . 2013-11-20 20:13    13312    ----a-w-    c:\windows\system32\mshta.exe
2013-11-20 20:13 . 2013-11-20 20:13    86016    ----a-w-    c:\windows\system32\iesysprep.dll
2013-11-20 20:13 . 2013-11-20 20:13    74240    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 20:13 . 2013-11-20 20:13    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-11-20 20:13 . 2013-11-20 20:13    111616    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-11-19 10:21 . 2011-08-24 23:22    230048    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-19 18:08 . 2011-10-11 20:16    719224    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-17 23:05 . 2013-10-17 23:05    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-10-12 02:03 . 2013-11-17 19:27    656896    ----a-w-    c:\windows\system32\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 19:27    679424    ----a-w-    c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01 . 2013-11-17 19:27    216576    ----a-w-    c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57 . 2013-11-17 19:27    1168384    ----a-w-    c:\windows\system32\crypt32.dll
2013-10-04 01:58 . 2013-11-17 19:34    152576    ----a-w-    c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-17 19:34    168960    ----a-w-    c:\windows\system32\credui.dll
2013-10-04 01:56 . 2013-11-17 19:34    1796096    ----a-w-    c:\windows\system32\authui.dll
2013-10-03 01:58 . 2013-11-17 19:27    305152    ----a-w-    c:\windows\system32\gdi32.dll
2013-09-27 14:53 . 2013-09-27 14:53    214696    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-09-27 14:53 . 2011-04-27 19:25    104768    ----a-w-    c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:01 . 2013-11-17 19:35    136640    ----a-w-    c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01 . 2013-11-17 19:35    67520    ----a-w-    c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57 . 2013-11-17 19:34    99840    ----a-w-    c:\windows\system32\sspicli.dll
2013-09-25 01:57 . 2013-11-17 19:34    22016    ----a-w-    c:\windows\system32\secur32.dll
2013-09-25 01:57 . 2013-11-17 19:35    247808    ----a-w-    c:\windows\system32\schannel.dll
2013-09-25 01:56 . 2013-11-17 19:34    220160    ----a-w-    c:\windows\system32\ncrypt.dll
2013-09-25 01:56 . 2013-11-17 19:35    1038848    ----a-w-    c:\windows\system32\lsasrv.dll
2013-09-25 00:49 . 2013-11-17 19:34    22016    ----a-w-    c:\windows\system32\lsass.exe
2013-09-25 00:49 . 2013-11-17 19:34    15872    ----a-w-    c:\windows\system32\sspisrv.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2013-03-31 1520776]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-06-23 1830128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-01-13 215360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2013-03-31 1646216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-3 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 17:05    356352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06    958576    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
2013-03-31 18:57    1646216    ----a-w-    c:\program files\Ask.com\Updater\Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-12 02:56    59280    ----a-w-    c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 08:12    421888    ----a-w-    c:\program files\QuickTime\QTTask.exe
.
R1 MpKsl05c06806;MpKsl05c06806;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys [2013-12-14 40392]
R1 MpKsl0a723b1b;MpKsl0a723b1b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl0a723b1b.sys [2013-12-13 40392]
R1 MpKsl173b0bfe;MpKsl173b0bfe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl173b0bfe.sys [2013-12-13 40392]
R1 MpKsl3ec561c4;MpKsl3ec561c4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys [2013-12-13 40392]
R1 MpKsl42d20d8c;MpKsl42d20d8c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys [2013-12-15 40392]
R1 MpKsl433457a4;MpKsl433457a4;c:\windows\system32\MpEngineStore\MpKsl433457a4.sys [2013-10-28 40392]
R1 MpKsl531712b5;MpKsl531712b5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys [2013-12-20 40392]
R1 MpKsl56479291;MpKsl56479291;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl56479291.sys [2013-12-13 40392]
R1 MpKsl567cd4ca;MpKsl567cd4ca;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl567cd4ca.sys [2013-12-20 40392]
R1 MpKsl5c09c013;MpKsl5c09c013;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl5c09c013.sys [2013-12-13 40392]
R1 MpKsl62582d91;MpKsl62582d91;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl62582d91.sys [2013-12-13 40392]
R1 MpKsl6b852b6f;MpKsl6b852b6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys [2013-12-13 40392]
R1 MpKsl6d1a139a;MpKsl6d1a139a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6d1a139a.sys [2013-12-13 40392]
R1 MpKsl72991219;MpKsl72991219;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys [2013-12-13 40392]
R1 MpKsl783f7958;MpKsl783f7958;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys [2013-12-16 40392]
R1 MpKsl8c99a18f;MpKsl8c99a18f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys [2013-12-14 40392]
R1 MpKsl9d9e2965;MpKsl9d9e2965;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys [2013-12-14 40392]
R1 MpKsl9e5d3c7a;MpKsl9e5d3c7a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys [2013-12-13 40392]
R1 MpKsla090ee3b;MpKsla090ee3b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys [2013-12-13 40392]
R1 MpKslb1514709;MpKslb1514709;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys [2013-12-17 40392]
R1 MpKslb1b46087;MpKslb1b46087;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys [2013-12-13 40392]
R1 MpKslbaeaec6f;MpKslbaeaec6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbaeaec6f.sys [2013-12-14 40392]
R1 MpKslbc126b3d;MpKslbc126b3d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbc126b3d.sys [2013-12-13 40392]
R1 MpKslc2ea08a6;MpKslc2ea08a6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys [2013-12-21 40392]
R1 MpKslc5965bac;MpKslc5965bac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys [2013-12-13 40392]
R1 MpKslc7c28cb0;MpKslc7c28cb0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys [2013-12-21 40392]
R1 MpKsld6bd47db;MpKsld6bd47db;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld6bd47db.sys [2013-12-18 40392]
R1 MpKsld81027f9;MpKsld81027f9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys [2013-12-13 40392]
R1 MpKsld849d12f;MpKsld849d12f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys [2013-12-18 40392]
R1 MpKslda6f8fb7;MpKslda6f8fb7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys [2013-12-20 40392]
R1 MpKslddc61595;MpKslddc61595;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys [2013-12-13 40392]
R1 MpKsleff99713;MpKsleff99713;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsleff99713.sys [2013-12-14 40392]
R1 MpKslf28e4fd4;MpKslf28e4fd4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys [2013-12-17 40392]
R1 MpKslface65c7;MpKslface65c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys [2013-12-20 40392]
R1 MpKslfba52fc5;MpKslfba52fc5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys [2013-12-15 40392]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-06-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-06-23 72944]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-10-18 32408]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2011-03-07 15896]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-09-03 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-03 85152]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-06-23 7408]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-25 1343400]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-03-07 113432]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-10-03 162928]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-03 145936]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 26079075
*Deregistered* - 26079075
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 23:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-22  18:48:25
ComboFix-quarantined-files.txt  2013-12-22 23:48
.
Pre-Run: 16,723,066,880 bytes free
Post-Run: 20,392,808,448 bytes free
.
- - End Of File - - D284F3CEEAFA58673DBB80EA718742C6
A36C5E4F47E84449FF07ED3517B43A31
 



#9 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 23 December 2013 - 08:45 AM

just checking to see if you are still with me :)



#10 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 23 December 2013 - 09:25 AM

Hi,

 

Yes I am.....just checking on something with a colleague about your system.  I will return as quickly as I can.  :)


Posted Image
 
 

    Advertisements

Register to Remove


#11 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 24 December 2013 - 07:32 AM

Hi,
 
I notice that you have both Microsoft Security Essentials and McAfee antivirus on your computer.  We need to uninstall one of those so that they are not conflicting with each other.  A good rule of thumb is to have one antivirus and one firewall on your system along with one antimalware program.  Choose which antivirus program you would like to uninstall and remove it via Control Program >> Programs and Features
 
Once this is complete, run a new scan with ComboFix and post the newly made log.  :)


Posted Image
 
 

#12 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 24 December 2013 - 09:24 AM

I am having horrendous luck with this seemingly simple step :(

 

Here is what I have tried

 

1) In safe mode, I tried to uninstall the programs and each time I tried to uninstall, the system said there was an error that the needed service to complete the operation was not installed.  (note: outside of that error, the computer seems to function well doing basic items in safe mode)

 

2) Assuming the error in 1 was due to safe mode, I rebooted the computer into normal mode.  The computer is semi crippled in this mode. Simple items like just bringing up the control panel take over a minute to do.

 

3) I first tried to uninstall Microsoft Security Essentials.  After a long time of trying, it eventually came back with a generic error code that just said there was a problem in the process.

 

4) I then tried to uninstall McAfee.  There are 3 items with the name McAfee attached to them.  McAfee Agent, McAfee Security Scan Plus and McAfee VirusScanPlus

 

5) I first tried to uninstall McAfee Agent but after a long time it said it could not be uninstalled because it was being used by other programs.

 

6) I next tried to uninstall McAfee Virus Scan Enterprise, and while it is still running, I am insure it is making any progress.  It took a long time to proceed down the normal uninstall path and it made it to a screen where it now says "Please wait while Windows configures McAfee Virus Scan Enterprise, Time Remaining: 10 seconds".   That was 25 minutes ago.

 

I will continue to let this run for a while but I figured I would post this in the mean time in case you want me to take a different direction.

 

I will update this thread should anything change on the screen.



#13 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 24 December 2013 - 11:14 AM

Just to update the previous post, nothing has changed from step 6.  It still is saying 10 seconds remaining.

 

I won't reboot into safe mode until we decide how to proceed next but it appears uninstalling the traditional way is going to be problematic with the state of the computer right now.



#14 jeffce

jeffce

    Malware Guy

  • Authentic Member
  • PipPipPipPipPipPip
  • 8,693 posts

Posted 25 December 2013 - 12:21 PM

Ok....please run ComboFix once more and post the newly made log.  If it asks if you want to update it, please accept.  :)


Posted Image
 
 

#15 maldini

maldini

    Authentic Member

  • Authentic Member
  • PipPip
  • 203 posts

Posted 25 December 2013 - 01:16 PM

This is the latest combo fix run from safe mode with networking.  It did perform an update.

 

===================================================

 

ComboFix 13-12-24.02 - Busa 12/25/2013  13:55:41.2.1 - x86 NETWORK
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.1014.426 [GMT -5:00]
Running from: c:\users\Busa\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-25 to 2013-12-25  )))))))))))))))))))))))))))))))
.
.
2013-12-25 19:02 . 2013-12-25 19:02    --------    d-----w-    c:\users\Default\AppData\Local\temp
2013-12-22 23:48 . 2013-12-25 19:02    --------    d-----w-    c:\users\Busa\AppData\Local\temp
2013-12-22 21:49 . 2013-12-22 21:50    --------    d-----w-    C:\AdwCleaner
2013-12-21 03:02 . 2013-12-21 03:02    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys
2013-12-21 01:07 . 2013-12-21 01:07    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys
2013-12-20 22:23 . 2013-12-20 22:23    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys
2013-12-20 22:12 . 2013-12-20 22:12    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys
2013-12-20 21:52 . 2013-12-20 21:52    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys
2013-12-18 23:53 . 2013-12-18 23:53    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys
2013-12-17 12:41 . 2013-12-18 04:41    --------    d-----w-    C:\2877ecef3e25d9c8e3
2013-12-17 11:44 . 2013-12-17 11:44    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys
2013-12-17 01:12 . 2013-12-17 01:12    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys
2013-12-16 02:26 . 2013-12-16 02:26    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys
2013-12-15 23:22 . 2013-12-15 23:22    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys
2013-12-15 22:38 . 2013-12-15 22:38    --------    d-----w-    c:\programdata\SUPERAntiSpyware.com
2013-12-15 22:36 . 2013-12-15 22:37    --------    d-----w-    c:\program files\SUPERAntiSpyware
2013-12-15 22:36 . 2013-12-15 22:36    --------    d-----w-    c:\users\Busa\AppData\Roaming\SUPERAntiSpyware.com
2013-12-15 22:35 . 2013-12-15 22:35    --------    d-----w-    c:\program files\Common Files\Wise Installation Wizard
2013-12-15 22:33 . 2013-12-15 22:33    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys
2013-12-14 20:02 . 2013-12-14 20:02    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys
2013-12-14 01:28 . 2013-12-14 01:28    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys
2013-12-13 22:41 . 2013-12-13 22:41    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys
2013-12-13 21:40 . 2013-12-13 21:40    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys
2013-12-13 14:54 . 2013-12-13 14:54    40392    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys
2013-12-13 09:23 . 2013-11-08 01:15    7772552    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\mpengine.dll
2013-12-12 23:33 . 2013-11-26 09:23    2724864    ----a-w-    c:\windows\system32\mshtml.tlb
2013-12-12 23:33 . 2013-11-27 00:20    235216    ----a-w-    c:\program files\Internet Explorer\sqmapi.dll
2013-12-12 23:33 . 2013-11-26 06:41    251392    ----a-w-    c:\program files\Internet Explorer\IEShims.dll
2013-12-12 23:25 . 2013-05-10 04:56    12625408    ----a-w-    c:\windows\system32\wmploc.DLL
2013-12-12 23:25 . 2013-05-10 03:48    164864    ----a-w-    c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 05:27 . 2013-11-08 01:15    7772552    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-11 23:03 . 2013-10-30 02:19    301568    ----a-w-    c:\windows\system32\msieftp.dll
2013-12-11 23:03 . 2013-11-23 18:26    417792    ----a-w-    c:\windows\system32\WMPhoto.dll
2013-12-11 23:03 . 2013-10-19 01:36    159232    ----a-w-    c:\windows\system32\imagehlp.dll
2013-12-11 23:02 . 2013-10-12 02:04    121856    ----a-w-    c:\windows\system32\wshom.ocx
2013-12-11 23:02 . 2013-10-12 02:03    163840    ----a-w-    c:\windows\system32\scrrun.dll
2013-12-11 23:02 . 2013-10-12 01:15    141824    ----a-w-    c:\windows\system32\wscript.exe
2013-12-11 23:02 . 2013-10-12 01:15    126976    ----a-w-    c:\windows\system32\cscript.exe
2013-12-11 23:02 . 2013-11-12 02:07    2048    ----a-w-    c:\windows\system32\tzres.dll
2013-12-11 23:02 . 2013-10-30 01:27    2349056    ----a-w-    c:\windows\system32\win32k.sys
2013-12-11 23:01 . 2013-10-04 01:17    177152    ----a-w-    c:\windows\system32\drivers\portcls.sys
2013-12-11 23:01 . 2013-10-04 01:49    81408    ----a-w-    c:\windows\system32\drivers\drmk.sys
2013-12-07 19:57 . 2013-10-19 18:08    719224    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A90F2866-45E4-484D-A96D-B0606BE5A1EE}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 23:35 . 2012-04-27 01:00    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-12-10 23:35 . 2011-08-25 04:47    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-20 20:13 . 2013-11-20 20:13    646144    ----a-w-    c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 20:13 . 2013-11-20 20:13    194048    ----a-w-    c:\windows\system32\elshyph.dll
2013-11-20 20:13 . 2013-11-20 20:13    645120    ----a-w-    c:\windows\system32\jsIntl.dll
2013-11-20 20:13 . 2013-11-20 20:13    71680    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 20:13 . 2013-11-20 20:13    62464    ----a-w-    c:\windows\system32\tdc.ocx
2013-11-20 20:13 . 2013-11-20 20:13    34816    ----a-w-    c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 20:13 . 2013-11-20 20:13    337408    ----a-w-    c:\windows\system32\html.iec
2013-11-20 20:13 . 2013-11-20 20:13    182272    ----a-w-    c:\windows\system32\msls31.dll
2013-11-20 20:13 . 2013-11-20 20:13    454656    ----a-w-    c:\windows\system32\vbscript.dll
2013-11-20 20:13 . 2013-11-20 20:13    24576    ----a-w-    c:\windows\system32\licmgr10.dll
2013-11-20 20:13 . 2013-11-20 20:13    151552    ----a-w-    c:\windows\system32\iexpress.exe
2013-11-20 20:13 . 2013-11-20 20:13    139264    ----a-w-    c:\windows\system32\wextract.exe
2013-11-20 20:13 . 2013-11-20 20:13    1051136    ----a-w-    c:\windows\system32\mshtmlmedia.dll
2013-11-20 20:13 . 2013-11-20 20:13    61952    ----a-w-    c:\windows\system32\MshtmlDac.dll
2013-11-20 20:13 . 2013-11-20 20:13    36352    ----a-w-    c:\windows\system32\imgutil.dll
2013-11-20 20:13 . 2013-11-20 20:13    13312    ----a-w-    c:\windows\system32\mshta.exe
2013-11-20 20:13 . 2013-11-20 20:13    86016    ----a-w-    c:\windows\system32\iesysprep.dll
2013-11-20 20:13 . 2013-11-20 20:13    74240    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 20:13 . 2013-11-20 20:13    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2013-11-20 20:13 . 2013-11-20 20:13    111616    ----a-w-    c:\windows\system32\IEAdvpack.dll
2013-11-19 10:21 . 2011-08-24 23:22    230048    ------w-    c:\windows\system32\MpSigStub.exe
2013-10-19 18:08 . 2011-10-11 20:16    719224    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-17 23:05 . 2013-10-17 23:05    94632    ----a-w-    c:\windows\system32\WindowsAccessBridge.dll
2013-10-12 02:03 . 2013-11-17 19:27    656896    ----a-w-    c:\windows\system32\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 19:27    679424    ----a-w-    c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01 . 2013-11-17 19:27    216576    ----a-w-    c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57 . 2013-11-17 19:27    1168384    ----a-w-    c:\windows\system32\crypt32.dll
2013-10-04 01:58 . 2013-11-17 19:34    152576    ----a-w-    c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-17 19:34    168960    ----a-w-    c:\windows\system32\credui.dll
2013-10-04 01:56 . 2013-11-17 19:34    1796096    ----a-w-    c:\windows\system32\authui.dll
2013-10-03 01:58 . 2013-11-17 19:27    305152    ----a-w-    c:\windows\system32\gdi32.dll
2013-09-27 14:53 . 2013-09-27 14:53    214696    ----a-w-    c:\windows\system32\drivers\MpFilter.sys
2013-09-27 14:53 . 2011-04-27 19:25    104768    ----a-w-    c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2013-03-31 1520776]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-06-23 1830128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-01-13 215360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2013-03-31 1646216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-3 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 17:05    356352    ----a-w-    c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06    958576    ----a-w-    c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
2013-03-31 18:57    1646216    ----a-w-    c:\program files\Ask.com\Updater\Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-12 02:56    59280    ----a-w-    c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 08:12    421888    ----a-w-    c:\program files\QuickTime\QTTask.exe
.
R1 MpKsl05c06806;MpKsl05c06806;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys [2013-12-14 40392]
R1 MpKsl0a723b1b;MpKsl0a723b1b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl0a723b1b.sys [2013-12-13 40392]
R1 MpKsl173b0bfe;MpKsl173b0bfe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl173b0bfe.sys [2013-12-13 40392]
R1 MpKsl3ec561c4;MpKsl3ec561c4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys [2013-12-13 40392]
R1 MpKsl42d20d8c;MpKsl42d20d8c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys [2013-12-15 40392]
R1 MpKsl433457a4;MpKsl433457a4;c:\windows\system32\MpEngineStore\MpKsl433457a4.sys [2013-10-28 40392]
R1 MpKsl531712b5;MpKsl531712b5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys [2013-12-20 40392]
R1 MpKsl56479291;MpKsl56479291;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl56479291.sys [2013-12-13 40392]
R1 MpKsl567cd4ca;MpKsl567cd4ca;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl567cd4ca.sys [2013-12-20 40392]
R1 MpKsl5c09c013;MpKsl5c09c013;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl5c09c013.sys [2013-12-13 40392]
R1 MpKsl62582d91;MpKsl62582d91;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl62582d91.sys [2013-12-13 40392]
R1 MpKsl6b852b6f;MpKsl6b852b6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys [2013-12-13 40392]
R1 MpKsl6d1a139a;MpKsl6d1a139a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6d1a139a.sys [2013-12-13 40392]
R1 MpKsl72991219;MpKsl72991219;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys [2013-12-13 40392]
R1 MpKsl783f7958;MpKsl783f7958;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys [2013-12-16 40392]
R1 MpKsl8c99a18f;MpKsl8c99a18f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys [2013-12-14 40392]
R1 MpKsl9d9e2965;MpKsl9d9e2965;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys [2013-12-14 40392]
R1 MpKsl9e5d3c7a;MpKsl9e5d3c7a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys [2013-12-13 40392]
R1 MpKsla090ee3b;MpKsla090ee3b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys [2013-12-13 40392]
R1 MpKslb1514709;MpKslb1514709;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys [2013-12-17 40392]
R1 MpKslb1b46087;MpKslb1b46087;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys [2013-12-13 40392]
R1 MpKslbaeaec6f;MpKslbaeaec6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbaeaec6f.sys [2013-12-14 40392]
R1 MpKslbc126b3d;MpKslbc126b3d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbc126b3d.sys [2013-12-13 40392]
R1 MpKslc2ea08a6;MpKslc2ea08a6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys [2013-12-21 40392]
R1 MpKslc5965bac;MpKslc5965bac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys [2013-12-13 40392]
R1 MpKslc7c28cb0;MpKslc7c28cb0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys [2013-12-21 40392]
R1 MpKsld6bd47db;MpKsld6bd47db;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld6bd47db.sys [2013-12-18 40392]
R1 MpKsld81027f9;MpKsld81027f9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys [2013-12-13 40392]
R1 MpKsld849d12f;MpKsld849d12f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys [2013-12-18 40392]
R1 MpKslda6f8fb7;MpKslda6f8fb7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys [2013-12-20 40392]
R1 MpKslddc61595;MpKslddc61595;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys [2013-12-13 40392]
R1 MpKsleff99713;MpKsleff99713;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsleff99713.sys [2013-12-14 40392]
R1 MpKslf28e4fd4;MpKslf28e4fd4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys [2013-12-17 40392]
R1 MpKslface65c7;MpKslface65c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys [2013-12-20 40392]
R1 MpKslfba52fc5;MpKslfba52fc5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys [2013-12-15 40392]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-06-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-06-23 72944]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-10-18 32408]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2011-03-07 15896]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-09-03 227232]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-06-23 7408]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-25 1343400]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-03-07 113432]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 23:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-RunOnce-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-25  14:05:22
ComboFix-quarantined-files.txt  2013-12-25 19:05
ComboFix2.txt  2013-12-22 23:48
.
Pre-Run: 20,108,349,440 bytes free
Post-Run: 20,013,211,648 bytes free
.
- - End Of File - - E8D159CACA5E369CA17AF0AE96EAA918
A36C5E4F47E84449FF07ED3517B43A31
 


Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users