WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Can't connect to internet in normal boot [Solved]

Started by maldini , Dec 20 2013 09:20 PM

This topic is locked

55 replies to this topic

#1 maldini

Authentic Member

Authentic Member
214 posts

Posted 20 December 2013 - 09:20 PM

Hello,

My nephew gave me his Windows 7 Dell Inspiron 1525 laptop to look at as he has been having a lot of problems with it.

When I boot into either normal mode or into safe mode with networking, during the boot cycle I hear approx. 20-25 fast beeps.

The computer will eventually boot but everything after that works slowly, and it will not connect to the internet in normal mode. It will connect to the internet (very slowly) in safe mode.

I realize that the beeps could be a hardware error code but I wanted to double check that he did not pick up some sort of virus/problem.

Since I can only get to the net in safe mode I am unsure what program you would like me to run first.

Thank you very much for taking the time to help.

Maldini

Edited by maldini, 21 December 2013 - 02:14 PM.

Advertisements

Register to Remove

#2 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 22 December 2013 - 01:58 PM

Hi and Welcome!!

My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

The fixes are specific to your problem and should only be used for the issues on this machine.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
If you happen to have a flash drive/thumb drive please have that ready in the event that we need to use it.
Please be sure to subscribe to the topic if you have not already done so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your operating system and losing all your programs and data.

Having said that.... Let's get going!!
----------

Please download DDS from either of these links

LINK 1
LINK 2

and save it to your desktop.

Disable any antivirus programs during the scan (If you have difficulty properly disabling your protective programs, refer to this link here )
Double click dds to run the tool.
When done, two DDS.txt's will open.
Save both reports to your desktop.

---------------------------------------------------
Please include the contents of the following in your next reply:

DDS.txt

Attach.txt
----------

Please download TDSSKiller

Double click TDSSKiller.exe
Press Start Scan but do nothing else as we are just looking for what is there.
If Malicious objects are found, select Skip by changing the Cure dropdown in the upper right.
Attach the log in your next reply
- A copy of the log will be saved automatically to the root of the drive (typically C:\)

----------

AdwCleaner

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

----------

#3 maldini

Authentic Member

Authentic Member
214 posts

Posted 22 December 2013 - 03:57 PM

Hello Jeff,

Thank you very much for engaging with me!

I have completed all requested.

I will be posting the log files in the next 3 posts (first DDS, second TDSkiller and third adwCleaner

#4 maldini

Authentic Member

Authentic Member
214 posts

Posted 22 December 2013 - 04:00 PM

DDS Logs

DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK
Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2
Run by Busa at 16:37:17 on 2013-12-22
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.1014.564 [GMT -5:00]
.
AV: Microsoft Security Essentials *Enabled/Outdated* {641105E6-77ED-3F35-A304-765193BCB75F}
AV: McAfee VirusScan Enterprise *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Microsoft Security Essentials *Enabled/Outdated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\mfevtps.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uURLSearchHooks: UrlSearchHook Class: {00000000-6E41-4FD3-8538-502F5495E5FC} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20111003083355.dll
BHO: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
TB: Ask Toolbar: {D4027C7F-154A-4066-A1AD-4243D8127440} - c:\program files\ask.com\GenericAskToolbar.dll
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\udaterui.exe" /StartedFromRunKey
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [ApnUpdater] "c:\program files\ask.com\updater\Updater.exe"
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.1.121\SSScheduler.exe
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{72D083C3-A821-439F-A31E-A594F5DB5A7B} : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96}\2457E63686 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96}\2457E6368623 : DHCPNameServer = 10.0.0.1
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96}\4303648503 : DHCPNameServer = 192.168.1.1 71.243.0.12
TCP: Interfaces\{B6C80CD4-418F-4A94-B84C-AE25D721DC96}\D4354727565647 : DHCPNameServer = 192.168.1.1
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
Hosts: 127.0.0.1 validation.sls.microsoft.com
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;c:\windows\system32\drivers\mfehidk.sys [2011-10-3 436728]
R0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-10-3 162928]
R2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-3 145936]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\drivers\yk62x86.sys [2009-9-28 315392]
S0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
S1 MpKsl05c06806;MpKsl05c06806;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl05c06806.sys [2013-12-14 40392]
S1 MpKsl0a723b1b;MpKsl0a723b1b;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl0a723b1b.sys [2013-12-13 40392]
S1 MpKsl173b0bfe;MpKsl173b0bfe;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl173b0bfe.sys [2013-12-13 40392]
S1 MpKsl3ec561c4;MpKsl3ec561c4;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl3ec561c4.sys [2013-12-13 40392]
S1 MpKsl42d20d8c;MpKsl42d20d8c;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl42d20d8c.sys [2013-12-15 40392]
S1 MpKsl433457a4;MpKsl433457a4;c:\windows\system32\mpenginestore\MpKsl433457a4.sys [2013-10-28 40392]
S1 MpKsl531712b5;MpKsl531712b5;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl531712b5.sys [2013-12-20 40392]
S1 MpKsl56479291;MpKsl56479291;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl56479291.sys [2013-12-13 40392]
S1 MpKsl567cd4ca;MpKsl567cd4ca;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl567cd4ca.sys [2013-12-20 40392]
S1 MpKsl5c09c013;MpKsl5c09c013;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl5c09c013.sys [2013-12-13 40392]
S1 MpKsl62582d91;MpKsl62582d91;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl62582d91.sys [2013-12-13 40392]
S1 MpKsl6b852b6f;MpKsl6b852b6f;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl6b852b6f.sys [2013-12-13 40392]
S1 MpKsl6d1a139a;MpKsl6d1a139a;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl6d1a139a.sys [2013-12-13 40392]
S1 MpKsl72991219;MpKsl72991219;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl72991219.sys [2013-12-13 40392]
S1 MpKsl783f7958;MpKsl783f7958;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl783f7958.sys [2013-12-15 40392]
S1 MpKsl8c99a18f;MpKsl8c99a18f;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl8c99a18f.sys [2013-12-13 40392]
S1 MpKsl9d9e2965;MpKsl9d9e2965;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl9d9e2965.sys [2013-12-13 40392]
S1 MpKsl9e5d3c7a;MpKsl9e5d3c7a;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl9e5d3c7a.sys [2013-12-13 40392]
S1 MpKsla090ee3b;MpKsla090ee3b;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsla090ee3b.sys [2013-12-13 40392]
S1 MpKslb1514709;MpKslb1514709;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslb1514709.sys [2013-12-17 40392]
S1 MpKslb1b46087;MpKslb1b46087;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslb1b46087.sys [2013-12-13 40392]
S1 MpKslbaeaec6f;MpKslbaeaec6f;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslbaeaec6f.sys [2013-12-13 40392]
S1 MpKslbc126b3d;MpKslbc126b3d;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslbc126b3d.sys [2013-12-13 40392]
S1 MpKslc2ea08a6;MpKslc2ea08a6;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc2ea08a6.sys [2013-12-20 40392]
S1 MpKslc5965bac;MpKslc5965bac;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc5965bac.sys [2013-12-13 40392]
S1 MpKslc7c28cb0;MpKslc7c28cb0;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc7c28cb0.sys [2013-12-20 40392]
S1 MpKsld6bd47db;MpKsld6bd47db;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsld6bd47db.sys [2013-12-18 40392]
S1 MpKsld81027f9;MpKsld81027f9;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsld81027f9.sys [2013-12-13 40392]
S1 MpKsld849d12f;MpKsld849d12f;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsld849d12f.sys [2013-12-18 40392]
S1 MpKslda6f8fb7;MpKslda6f8fb7;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslda6f8fb7.sys [2013-12-20 40392]
S1 MpKslddc61595;MpKslddc61595;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslddc61595.sys [2013-12-13 40392]
S1 MpKsleff99713;MpKsleff99713;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsleff99713.sys [2013-12-13 40392]
S1 MpKslf28e4fd4;MpKslf28e4fd4;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslf28e4fd4.sys [2013-12-16 40392]
S1 MpKslface65c7;MpKslface65c7;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslface65c7.sys [2013-12-20 40392]
S1 MpKslfba52fc5;MpKslfba52fc5;c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslfba52fc5.sys [2013-12-15 40392]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2009-6-23 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2009-6-23 72944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2011-1-12 120128]
S2 McShield;McAfee McShield;c:\program files\common files\mcafee\systemcore\mcshield.exe [2011-10-3 159320]
S2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\VsTskMgr.exe [2011-1-12 209760]
S3 androidusb;ADB Interface Driver;c:\windows\system32\drivers\androidusb.sys [2012-12-10 32408]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\ieetwcollector.exe [2013-12-12 108032]
S3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2012-12-10 15896]
S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.1.121\McCHSvc.exe [2010-9-3 227232]
S3 mfeavfk;McAfee Inc. mfeavfk;c:\windows\system32\drivers\mfeavfk.sys [2011-10-3 171296]
S3 mfebopk;McAfee Inc. mfebopk;c:\windows\system32\drivers\mfebopk.sys [2011-10-3 58456]
S3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-3 85152]
S3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2011-4-27 104768]
S3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2009-6-23 7408]
S3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\drivers\VSTAZL3.SYS [2009-7-13 207360]
S3 SrvHsfV92;SrvHsfV92;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
S3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\drivers\VSTCNXT3.SYS [2009-7-13 661504]
S3 StorSvc;Storage Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-13 20992]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-8-25 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-8-24 1343400]
S3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\drivers\zghsmdm.sys [2012-12-10 113432]
.
=============== Created Last 30 ================
.
2013-12-21 03:02:28   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc7c28cb0.sys
2013-12-21 01:07:02   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc2ea08a6.sys
2013-12-20 22:23:02   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslface65c7.sys
2013-12-20 22:12:06   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslda6f8fb7.sys
2013-12-20 21:52:11   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl531712b5.sys
2013-12-18 23:53:48   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsld849d12f.sys
2013-12-17 12:41:40   --------   d-----w-   C:\2877ecef3e25d9c8e3
2013-12-17 11:44:09   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslb1514709.sys
2013-12-17 01:12:13   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslf28e4fd4.sys
2013-12-16 02:26:58   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl783f7958.sys
2013-12-15 23:22:40   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl42d20d8c.sys
2013-12-15 22:44:31   62576   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\offreg.dll
2013-12-15 22:38:37   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2013-12-15 22:36:46   --------   d-----w-   c:\program files\SUPERAntiSpyware
2013-12-15 22:36:45   --------   d-----w-   c:\users\busa\appdata\roaming\SUPERAntiSpyware.com
2013-12-15 22:35:27   --------   d-----w-   c:\program files\common files\Wise Installation Wizard
2013-12-15 22:33:16   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslfba52fc5.sys
2013-12-14 20:02:00   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl05c06806.sys
2013-12-14 01:28:36   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl9d9e2965.sys
2013-12-13 22:41:06   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl72991219.sys
2013-12-13 21:40:20   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKslc5965bac.sys
2013-12-13 14:54:16   40392   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\MpKsl6b852b6f.sys
2013-12-13 09:23:43   7772552   ----a-w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{bd4a00f3-bea8-4cb8-8925-37fbf3249625}\mpengine.dll
2013-12-12 23:33:01   2724864   ----a-w-   c:\windows\system32\mshtml.tlb
2013-12-12 23:33:00   251392   ----a-w-   c:\program files\internet explorer\IEShims.dll
2013-12-12 23:33:00   235216   ----a-w-   c:\program files\internet explorer\sqmapi.dll
2013-12-12 23:25:59   12625408   ----a-w-   c:\windows\system32\wmploc.DLL
2013-12-12 23:25:46   164864   ----a-w-   c:\program files\windows media player\wmplayer.exe
2013-12-12 05:27:03   7772552   ------w-   c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2013-12-11 23:03:08   301568   ----a-w-   c:\windows\system32\msieftp.dll
2013-12-11 23:03:02   417792   ----a-w-   c:\windows\system32\WMPhoto.dll
2013-12-11 23:03:01   159232   ----a-w-   c:\windows\system32\imagehlp.dll
2013-12-11 23:02:59   163840   ----a-w-   c:\windows\system32\scrrun.dll
2013-12-11 23:02:59   141824   ----a-w-   c:\windows\system32\wscript.exe
2013-12-11 23:02:59   121856   ----a-w-   c:\windows\system32\wshom.ocx
2013-12-11 23:02:58   126976   ----a-w-   c:\windows\system32\cscript.exe
2013-12-11 23:02:48   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-12-11 23:02:09   2349056   ----a-w-   c:\windows\system32\win32k.sys
2013-12-11 23:01:59   177152   ----a-w-   c:\windows\system32\drivers\portcls.sys
2013-12-11 23:01:54   81408   ----a-w-   c:\windows\system32\drivers\drmk.sys
2013-12-07 19:57:55   719224   ------w-   c:\programdata\microsoft\microsoft antimalware\definition updates\{a90f2866-45e4-484d-a96d-b0606be5a1ee}\gapaengine.dll
.
==================== Find3M ====================
.
2013-12-10 23:35:24   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-10 23:35:24   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-11-26 09:22:11   4096   ----a-w-   c:\windows\system32\ieetwcollectorres.dll
2013-11-26 08:53:56   61952   ----a-w-   c:\windows\system32\iesetup.dll
2013-11-26 08:52:26   51200   ----a-w-   c:\windows\system32\ieetwproxystub.dll
2013-11-26 08:29:55   112128   ----a-w-   c:\windows\system32\ieUnatt.exe
2013-11-26 08:29:52   108032   ----a-w-   c:\windows\system32\ieetwcollector.exe
2013-11-26 08:28:16   553472   ----a-w-   c:\windows\system32\jscript9diag.dll
2013-11-26 08:16:12   4243968   ----a-w-   c:\windows\system32\jscript9.dll
2013-11-26 07:32:06   1928192   ----a-w-   c:\windows\system32\inetcpl.cpl
2013-11-26 06:33:33   1820160   ----a-w-   c:\windows\system32\wininet.dll
2013-11-19 10:21:30   230048   ------w-   c:\windows\system32\MpSigStub.exe
2013-10-17 23:05:17   94632   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
2013-10-12 02:03:08   656896   ----a-w-   c:\windows\system32\nshwfp.dll
2013-10-12 02:01:41   679424   ----a-w-   c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01:25   216576   ----a-w-   c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57:25   1168384   ----a-w-   c:\windows\system32\crypt32.dll
2013-10-04 01:58:50   152576   ----a-w-   c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56:25   168960   ----a-w-   c:\windows\system32\credui.dll
2013-10-04 01:56:00   1796096   ----a-w-   c:\windows\system32\authui.dll
2013-10-03 01:58:07   305152   ----a-w-   c:\windows\system32\gdi32.dll
2013-09-27 14:53:06   214696   ----a-w-   c:\windows\system32\drivers\MpFilter.sys
2013-09-27 14:53:06   104768   ----a-w-   c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:01:08   136640   ----a-w-   c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01:06   67520   ----a-w-   c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57:46   99840   ----a-w-   c:\windows\system32\sspicli.dll
2013-09-25 01:57:26   22016   ----a-w-   c:\windows\system32\secur32.dll
2013-09-25 01:57:24   247808   ----a-w-   c:\windows\system32\schannel.dll
2013-09-25 01:56:42   220160   ----a-w-   c:\windows\system32\ncrypt.dll
2013-09-25 01:56:02   1038848   ----a-w-   c:\windows\system32\lsasrv.dll
2013-09-25 00:49:20   22016   ----a-w-   c:\windows\system32\lsass.exe
2013-09-25 00:49:18   15872   ----a-w-   c:\windows\system32\sspisrv.dll
.
============= FINISH: 16:39:35.42 ===============

==================================================================================

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional
Boot Device: \Device\HarddiskVolume3
Install Date: 8/24/2011 6:52:48 PM
System Uptime: 12/21/2013 1:37:30 AM (39 hours ago)
.
Motherboard: Dell Inc. | | 0U990C
Processor: Intel® Celeron® CPU          550 @ 2.00GHz | Microprocessor | 1995/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 62 GiB total, 15.682 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 9.689 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_022F1028&REV_12\4&277C618&0&4AF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0843&SUBSYS_022F1028&REV_12\4&277C618&0&4AF0
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID:
Description: Base System Device
Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_022F1028&REV_12\4&277C618&0&4BF0
Manufacturer:
Name: Base System Device
PNP Device ID: PCI\VEN_1180&DEV_0592&SUBSYS_022F1028&REV_12\4&277C618&0&4BF0
Service:
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Adobe AIR
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Reader X (10.1.8)
Adobe Shockwave Player 11.6
AppInventor Setup
Apple Application Support
Apple Software Update
FileZilla Client 3.5.1
Intel® Graphics Media Accelerator Driver
Intel® TV Wizard
Java 7 Update 45
Java Auto Updater
Java SE Development Kit 7 Update 9
Java™ 6 Update 27
Malwarebytes Anti-Malware version 1.75.0.1300
McAfee Agent
McAfee Security Scan Plus
McAfee VirusScan Enterprise
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office PowerPoint 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word 2007
Microsoft Office Word MUI (English) 2007
Microsoft Security Client
Microsoft Security Essentials
Microsoft Silverlight
QuickTime
Scratch
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827329) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Visio 2007 suites (KB2596595) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2827330) 32-Bit Edition
Sketchpad
SUPERAntiSpyware Free Edition
swMSM
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update for Microsoft Office Word 2007 Help (KB963665)
ZTE Handset USB Driver 5.2066.1.8B02
.
==== Event Viewer Messages From Past Week ========
.
12/22/2013 4:35:38 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
12/22/2013 4:28:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
12/22/2013 4:28:23 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
12/22/2013 2:28:54 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 0.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 0.0.0.0     Error code: 0x80070002     Error description: The system cannot find the file specified.
12/22/2013 2:28:48 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/22/2013 2:28:48 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/22/2013 2:28:28 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/22/2013 1:48:32 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 0.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 0.0.0.0     Error code: 0x80070002     Error description: The system cannot find the file specified.
12/22/2013 1:48:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/22/2013 1:48:27 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/22/2013 1:48:06 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/22/2013 1:48:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
12/22/2013 1:48:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
12/21/2013 2:08:31 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 0.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 0.0.0.0     Error code: 0x80070002     Error description: The system cannot find the file specified.
12/21/2013 2:08:25 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/21/2013 2:08:25 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/21/2013 2:08:05 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/21/2013 1:48:36 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 0.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 0.0.0.0     Error code: 0x80070002     Error description: The system cannot find the file specified.
12/21/2013 1:48:31 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/21/2013 1:48:31 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/21/2013 1:48:09 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/21/2013 1:40:09 AM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/21/2013 1:38:51 AM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort1.
12/21/2013 1:38:43 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 0.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 0.0.0.0     Error code: 0x80070002     Error description: The system cannot find the file specified.
12/21/2013 1:38:26 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12/21/2013 1:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/21/2013 1:38:11 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/21/2013 1:38:10 AM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/21/2013 1:38:09 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter SASDIFSV SASKUTIL spldr Wanarpv6
12/20/2013 5:21:49 PM, Error: volmgr [46] - Crash dump initialization failed!
12/20/2013 5:13:20 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 109.61.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 2.1.10003.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 5:13:20 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 5:13:19 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 5:13:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/20/2013 5:06:43 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
12/20/2013 5:05:59 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 5:05:59 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 5:05:59 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 0.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 0.0.0.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 5:05:57 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/20/2013 5:05:51 PM, Error: Service Control Manager [7001] - The Microsoft Network Inspection System service depends on the Microsoft Malware Protection Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/20/2013 4:43:26 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 0.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 0.0.0.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 4:43:25 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 4:43:25 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 4:43:23 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/20/2013 4:38:35 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the AeLookupSvc service.
12/20/2013 4:38:35 PM, Error: Service Control Manager [7000] - The Application Experience service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/20/2013 10:11:01 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 109.61.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 2.1.10003.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 10:10:19 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 10:10:19 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/20/2013 10:09:35 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/20/2013 10:08:55 PM, Error: Service Control Manager [7034] - The McAfee McShield service terminated unexpectedly. It has done this 6 time(s).
12/20/2013 10:08:15 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 5 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/20/2013 10:07:35 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 4 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/20/2013 10:06:53 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 3 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/20/2013 10:05:32 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Network Inspection System     Error Code: 0x800705b4     Error description: This operation returned because the timeout period expired.     Reason: The Network Inspection System did not successfully start due to an error.
12/20/2013 10:05:09 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/20/2013 10:05:09 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
12/20/2013 10:03:56 PM, Error: Service Control Manager [7031] - The McAfee McShield service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.
12/18/2013 8:35:27 PM, Error: Service Control Manager [7043] - The Windows Update service did not shut down properly after receiving a preshutdown control.
12/18/2013 8:33:02 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 109.61.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 2.1.10003.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/18/2013 8:32:56 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/18/2013 8:32:56 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/18/2013 8:32:55 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8024402c     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/18/2013 8:30:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Framework Service service to connect.
12/18/2013 8:30:53 PM, Error: Service Control Manager [7000] - The McAfee Framework Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/18/2013 8:28:21 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
12/18/2013 8:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
12/18/2013 8:28:20 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
12/18/2013 8:28:14 PM, Error: Service Control Manager [7001] - The WinHTTP Web Proxy Auto-Discovery Service service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
12/18/2013 8:28:14 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/18/2013 8:28:14 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/18/2013 8:28:14 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/18/2013 8:28:14 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 0.0.0.0     Update Source: Microsoft Malware Protection Center     Update Stage: Search     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: Network Inspection System     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 0.0.0.0     Error code: 0x80072ee7     Error description: The server name or address could not be resolved
12/18/2013 8:27:53 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD CSC DfsC discache mfehidk MpFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
12/18/2013 8:27:53 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
12/18/2013 7:23:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/18/2013 7:23:18 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Malware Protection Center     Update Stage: Install     Source Path: http://go.microsoft....5D-99752CCA7094     Signature Type: AntiSpyware     Update Type: Full     User: NT AUTHORITY\NETWORK SERVICE     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8000ffff     Error description: Catastrophic failure
12/18/2013 6:54:22 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Appinfo service.
12/18/2013 6:54:22 PM, Error: Service Control Manager [7000] - The Application Information service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/18/2013 1:48:35 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xc0419268, 0xc0000185, 0x029e7860, 0x8324dfbb). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 121813-23634-01.
12/17/2013 1:19:59 AM, Error: Service Control Manager [7043] - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
12/16/2013 9:11:41 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/16/2013 9:02:38 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.
12/16/2013 8:42:07 AM, Error: volsnap [14] - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
12/16/2013 8:15:31 PM, Error: Microsoft Antimalware [3002] - Microsoft Antimalware Real-Time Protection feature has encountered an error and failed.     Feature: Network Inspection System     Error Code: 0x800705b4     Error description: This operation returned because the timeout period expired.     Reason: The Network Inspection System did not successfully start due to an error.
12/16/2013 4:28:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the NlaSvc service.
12/16/2013 4:28:15 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Netman service.
12/15/2013 7:01:39 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: Default URL     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8007043c     Error description: This service cannot be started in Safe Mode
12/15/2013 6:27:14 PM, Error: Microsoft-Windows-WMPNSS-Service [14332] - Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.
12/15/2013 6:25:37 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
12/15/2013 6:02:15 PM, Error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures.     New Signature Version:     Previous Signature Version: 1.163.1798.0     Update Source: Microsoft Update Server     Update Stage: Search     Source Path: http://www.microsoft.com     Signature Type: AntiVirus     Update Type: Full     User: NT AUTHORITY\SYSTEM     Current Engine Version:     Previous Engine Version: 1.1.10100.0     Error code: 0x8024001e     Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.
12/15/2013 5:34:27 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.
12/15/2013 5:34:27 PM, Error: Service Control Manager [7000] - The Google Update Service (gupdate) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/15/2013 5:33:47 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the iphlpsvc service.
12/15/2013 5:25:48 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the DPS service.
12/15/2013 5:15:44 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the BFE service.
12/15/2013 5:15:14 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FDResPub service.
12/15/2013 5:14:43 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the upnphost service.
12/15/2013 10:36:59 PM, Error: Microsoft-Windows-HAL [12] - The platform firmware has corrupted memory across the previous system power transition. Please check for updated firmware for your system.
.
==== End Of File ===========================

#5 maldini

Authentic Member

Authentic Member
214 posts

Posted 22 December 2013 - 04:01 PM

TDSKiller Log

16:42:25.0700 0x04fc TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
16:42:30.0646 0x04fc ============================================================
16:42:30.0646 0x04fc Current date / time: 2013/12/22 16:42:30.0646
16:42:30.0646 0x04fc SystemInfo:
16:42:30.0646 0x04fc
16:42:30.0646 0x04fc OS Version: 6.1.7601 ServicePack: 1.0
16:42:30.0646 0x04fc Product type: Workstation
16:42:30.0646 0x04fc ComputerName: DELL-PC
16:42:30.0646 0x04fc UserName: Busa
16:42:30.0646 0x04fc Windows directory: C:\Windows
16:42:30.0646 0x04fc System windows directory: C:\Windows
16:42:30.0646 0x04fc Processor architecture: Intel x86
16:42:30.0646 0x04fc Number of processors: 1
16:42:30.0646 0x04fc Page size: 0x1000
16:42:30.0646 0x04fc Boot type: Safe boot with network
16:42:30.0646 0x04fc ============================================================
16:42:32.0939 0x04fc KLMD registered as C:\Windows\system32\drivers\60947139.sys
16:42:33.0048 0x04fc System UUID: {458874E6-C36C-BE7A-AB05-AEDA39718D87}
16:42:33.0641 0x04fc Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:42:33.0641 0x04fc ============================================================
16:42:33.0641 0x04fc \Device\Harddisk0\DR0:
16:42:33.0641 0x04fc MBR partitions:
16:42:33.0641 0x04fc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1388000
16:42:33.0641 0x04fc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x139C000, BlocksNum 0x7C730A8
16:42:33.0672 0x04fc ============================================================
16:42:33.0735 0x04fc C: <-> \Device\Harddisk0\DR0\Partition2
16:42:33.0750 0x04fc D: <-> \Device\Harddisk0\DR0\Partition1
16:42:33.0750 0x04fc ============================================================
16:42:33.0750 0x04fc Initialize success
16:42:33.0750 0x04fc ============================================================
16:42:40.0193 0x07f4 ============================================================
16:42:40.0193 0x07f4 Scan started
16:42:40.0193 0x07f4 Mode: Manual;
16:42:40.0193 0x07f4 ============================================================
16:42:40.0193 0x07f4 KSN ping started
16:42:43.0110 0x07f4 KSN ping finished: true
16:42:43.0921 0x07f4 ================ Scan system memory ========================
16:42:43.0921 0x07f4 System memory - ok
16:42:43.0921 0x07f4 ================ Scan services =============================
16:42:44.0202 0x07f4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:42:44.0202 0x07f4 1394ohci - ok
16:42:44.0311 0x07f4 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:42:44.0327 0x07f4 ACPI - ok
16:42:44.0389 0x07f4 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:42:44.0389 0x07f4 AcpiPmi - ok
16:42:44.0561 0x07f4 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
16:42:44.0561 0x07f4 AdobeARMservice - ok
16:42:44.0717 0x07f4 [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
16:42:44.0733 0x07f4 AdobeFlashPlayerUpdateSvc - ok
16:42:44.0826 0x07f4 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:42:44.0842 0x07f4 adp94xx - ok
16:42:44.0873 0x07f4 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:42:44.0889 0x07f4 adpahci - ok
16:42:44.0920 0x07f4 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:42:44.0920 0x07f4 adpu320 - ok
16:42:44.0998 0x07f4 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:42:44.0998 0x07f4 AeLookupSvc - ok
16:42:45.0076 0x07f4 [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
16:42:45.0091 0x07f4 AFD - ok
16:42:45.0154 0x07f4 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
16:42:45.0154 0x07f4 agp440 - ok
16:42:45.0247 0x07f4 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
16:42:45.0247 0x07f4 aic78xx - ok
16:42:45.0310 0x07f4 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
16:42:45.0325 0x07f4 ALG - ok
16:42:45.0403 0x07f4 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:42:45.0403 0x07f4 aliide - ok
16:42:45.0450 0x07f4 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
16:42:45.0466 0x07f4 amdagp - ok
16:42:45.0513 0x07f4 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:42:45.0513 0x07f4 amdide - ok
16:42:45.0591 0x07f4 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:42:45.0591 0x07f4 AmdK8 - ok
16:42:45.0653 0x07f4 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:42:45.0653 0x07f4 AmdPPM - ok
16:42:45.0731 0x07f4 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:42:45.0731 0x07f4 amdsata - ok
16:42:45.0778 0x07f4 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:42:45.0793 0x07f4 amdsbs - ok
16:42:45.0809 0x07f4 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:42:45.0809 0x07f4 amdxata - ok
16:42:45.0887 0x07f4 [ 0E46FDA73FD47FA4C61223E45187F7D5, 52241FBBAB07150C865B461D3F065250C3653A4D1BD80E4A21A65FFCB8CDA6B6 ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
16:42:45.0887 0x07f4 androidusb - ok
16:42:45.0965 0x07f4 [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
16:42:45.0965 0x07f4 AppID - ok
16:42:46.0027 0x07f4 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:42:46.0027 0x07f4 AppIDSvc - ok
16:42:46.0121 0x07f4 [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
16:42:46.0121 0x07f4 Appinfo - ok
16:42:46.0199 0x07f4 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:42:46.0199 0x07f4 AppMgmt - ok
16:42:46.0261 0x07f4 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:42:46.0261 0x07f4 arc - ok
16:42:46.0293 0x07f4 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:42:46.0308 0x07f4 arcsas - ok
16:42:46.0339 0x07f4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:46.0339 0x07f4 AsyncMac - ok
16:42:46.0402 0x07f4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:42:46.0402 0x07f4 atapi - ok
16:42:46.0495 0x07f4 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:42:46.0511 0x07f4 AudioEndpointBuilder - ok
16:42:46.0542 0x07f4 [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
16:42:46.0558 0x07f4 Audiosrv - ok
16:42:46.0636 0x07f4 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:42:46.0636 0x07f4 AxInstSV - ok
16:42:46.0729 0x07f4 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
16:42:46.0745 0x07f4 b06bdrv - ok
16:42:46.0839 0x07f4 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
16:42:46.0854 0x07f4 b57nd60x - ok
16:42:47.0057 0x07f4 [ F9CE9B5E049EFC66B8E6C73C18EE8438, 8B43B84F59810DAFA961EEA13E354FF9A0796A185E2C8D6642D8660AAC1B96F4 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
16:42:47.0182 0x07f4 BCM43XX - ok
16:42:47.0244 0x07f4 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
16:42:47.0260 0x07f4 BDESVC - ok
16:42:47.0291 0x07f4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:42:47.0291 0x07f4 Beep - ok
16:42:47.0385 0x07f4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
16:42:47.0431 0x07f4 BFE - ok
16:42:47.0509 0x07f4 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
16:42:47.0541 0x07f4 BITS - ok
16:42:47.0587 0x07f4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:42:47.0587 0x07f4 blbdrive - ok
16:42:47.0650 0x07f4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:42:47.0650 0x07f4 bowser - ok
16:42:47.0665 0x07f4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:42:47.0665 0x07f4 BrFiltLo - ok
16:42:47.0681 0x07f4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:42:47.0681 0x07f4 BrFiltUp - ok
16:42:47.0743 0x07f4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
16:42:47.0743 0x07f4 Browser - ok
16:42:47.0790 0x07f4 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:42:47.0806 0x07f4 Brserid - ok
16:42:47.0821 0x07f4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:47.0821 0x07f4 BrSerWdm - ok
16:42:47.0853 0x07f4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:47.0853 0x07f4 BrUsbMdm - ok
16:42:47.0868 0x07f4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:47.0868 0x07f4 BrUsbSer - ok
16:42:47.0884 0x07f4 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:42:47.0884 0x07f4 BTHMODEM - ok
16:42:47.0993 0x07f4 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
16:42:47.0993 0x07f4 bthserv - ok
16:42:48.0040 0x07f4 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:42:48.0055 0x07f4 cdfs - ok
16:42:48.0149 0x07f4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:42:48.0149 0x07f4 cdrom - ok
16:42:48.0227 0x07f4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:42:48.0227 0x07f4 CertPropSvc - ok
16:42:48.0289 0x07f4 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:42:48.0289 0x07f4 circlass - ok
16:42:48.0367 0x07f4 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
16:42:48.0367 0x07f4 CLFS - ok
16:42:48.0539 0x07f4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:48.0539 0x07f4 clr_optimization_v2.0.50727_32 - ok
16:42:48.0695 0x07f4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:42:48.0711 0x07f4 clr_optimization_v4.0.30319_32 - ok
16:42:48.0726 0x07f4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:42:48.0726 0x07f4 CmBatt - ok
16:42:48.0789 0x07f4 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:42:48.0789 0x07f4 cmdide - ok
16:42:48.0867 0x07f4 [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:42:48.0882 0x07f4 CNG - ok
16:42:48.0960 0x07f4 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:42:48.0960 0x07f4 Compbatt - ok
16:42:49.0054 0x07f4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:42:49.0054 0x07f4 CompositeBus - ok
16:42:49.0069 0x07f4 COMSysApp - ok
16:42:49.0101 0x07f4 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:42:49.0101 0x07f4 crcdisk - ok
16:42:49.0179 0x07f4 [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:42:49.0179 0x07f4 CryptSvc - ok
16:42:49.0257 0x07f4 [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
16:42:49.0303 0x07f4 CSC - ok
16:42:49.0381 0x07f4 [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
16:42:49.0413 0x07f4 CscService - ok
16:42:49.0444 0x07f4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:42:49.0475 0x07f4 DcomLaunch - ok
16:42:49.0537 0x07f4 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
16:42:49.0537 0x07f4 defragsvc - ok
16:42:49.0615 0x07f4 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:42:49.0615 0x07f4 DfsC - ok
16:42:49.0693 0x07f4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:42:49.0693 0x07f4 Dhcp - ok
16:42:49.0756 0x07f4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
16:42:49.0756 0x07f4 discache - ok
16:42:49.0803 0x07f4 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:42:49.0803 0x07f4 Disk - ok
16:42:49.0865 0x07f4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:42:49.0865 0x07f4 Dnscache - ok
16:42:49.0943 0x07f4 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:42:49.0943 0x07f4 dot3svc - ok
16:42:50.0021 0x07f4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
16:42:50.0021 0x07f4 DPS - ok
16:42:50.0099 0x07f4 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:42:50.0099 0x07f4 drmkaud - ok
16:42:50.0193 0x07f4 [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:42:50.0224 0x07f4 DXGKrnl - ok
16:42:50.0302 0x07f4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
16:42:50.0302 0x07f4 EapHost - ok
16:42:50.0520 0x07f4 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
16:42:50.0661 0x07f4 ebdrv - ok
16:42:50.0739 0x07f4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
16:42:50.0739 0x07f4 EFS - ok
16:42:50.0848 0x07f4 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:42:50.0879 0x07f4 ehRecvr - ok
16:42:50.0926 0x07f4 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
16:42:50.0941 0x07f4 ehSched - ok
16:42:51.0035 0x07f4 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:42:51.0051 0x07f4 elxstor - ok
16:42:51.0113 0x07f4 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:42:51.0113 0x07f4 ErrDev - ok
16:42:51.0207 0x07f4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
16:42:51.0222 0x07f4 EventSystem - ok
16:42:51.0238 0x07f4 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:42:51.0253 0x07f4 exfat - ok
16:42:51.0316 0x07f4 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:42:51.0316 0x07f4 fastfat - ok
16:42:51.0409 0x07f4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
16:42:51.0425 0x07f4 Fax - ok
16:42:51.0456 0x07f4 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:42:51.0456 0x07f4 fdc - ok
16:42:51.0472 0x07f4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
16:42:51.0487 0x07f4 fdPHost - ok
16:42:51.0503 0x07f4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:42:51.0503 0x07f4 FDResPub - ok
16:42:51.0550 0x07f4 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:42:51.0550 0x07f4 FileInfo - ok
16:42:51.0581 0x07f4 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:42:51.0581 0x07f4 Filetrace - ok
16:42:51.0597 0x07f4 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:42:51.0597 0x07f4 flpydisk - ok
16:42:51.0659 0x07f4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:42:51.0659 0x07f4 FltMgr - ok
16:42:51.0768 0x07f4 [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
16:42:51.0815 0x07f4 FontCache - ok
16:42:51.0955 0x07f4 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:42:51.0955 0x07f4 FontCache3.0.0.0 - ok
16:42:51.0987 0x07f4 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:42:51.0987 0x07f4 FsDepends - ok
16:42:52.0049 0x07f4 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:42:52.0049 0x07f4 Fs_Rec - ok
16:42:52.0111 0x07f4 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:42:52.0111 0x07f4 fvevol - ok
16:42:52.0189 0x07f4 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:42:52.0205 0x07f4 gagp30kx - ok
16:42:52.0283 0x07f4 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:42:52.0330 0x07f4 gpsvc - ok
16:42:52.0377 0x07f4 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:42:52.0377 0x07f4 hcw85cir - ok
16:42:52.0470 0x07f4 [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:42:52.0486 0x07f4 HdAudAddService - ok
16:42:52.0533 0x07f4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:42:52.0548 0x07f4 HDAudBus - ok
16:42:52.0564 0x07f4 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:42:52.0564 0x07f4 HidBatt - ok
16:42:52.0595 0x07f4 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:42:52.0595 0x07f4 HidBth - ok
16:42:52.0642 0x07f4 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:42:52.0642 0x07f4 HidIr - ok
16:42:52.0704 0x07f4 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
16:42:52.0704 0x07f4 hidserv - ok
16:42:52.0767 0x07f4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
16:42:52.0767 0x07f4 HidUsb - ok
16:42:52.0829 0x07f4 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:42:52.0829 0x07f4 hkmsvc - ok
16:42:52.0891 0x07f4 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:52.0907 0x07f4 HomeGroupListener - ok
16:42:52.0985 0x07f4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:52.0985 0x07f4 HomeGroupProvider - ok
16:42:53.0032 0x07f4 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:42:53.0032 0x07f4 HpSAMD - ok
16:42:53.0110 0x07f4 [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:42:53.0141 0x07f4 HTTP - ok
16:42:53.0188 0x07f4 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:42:53.0188 0x07f4 hwpolicy - ok
16:42:53.0250 0x07f4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:42:53.0250 0x07f4 i8042prt - ok
16:42:53.0297 0x07f4 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:42:53.0328 0x07f4 iaStorV - ok
16:42:53.0453 0x07f4 [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:42:53.0500 0x07f4 idsvc - ok
16:42:53.0547 0x07f4 IEEtwCollectorService - ok
16:42:53.0874 0x07f4 [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
16:42:54.0108 0x07f4 igfx - ok
16:42:54.0202 0x07f4 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:42:54.0202 0x07f4 iirsp - ok
16:42:54.0295 0x07f4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:42:54.0327 0x07f4 IKEEXT - ok
16:42:54.0389 0x07f4 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:42:54.0389 0x07f4 intelide - ok
16:42:54.0436 0x07f4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:42:54.0436 0x07f4 intelppm - ok
16:42:54.0529 0x07f4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:42:54.0529 0x07f4 IPBusEnum - ok
16:42:54.0545 0x07f4 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:54.0545 0x07f4 IpFilterDriver - ok
16:42:54.0623 0x07f4 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:42:54.0654 0x07f4 iphlpsvc - ok
16:42:54.0717 0x07f4 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:42:54.0717 0x07f4 IPMIDRV - ok
16:42:54.0748 0x07f4 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:42:54.0748 0x07f4 IPNAT - ok
16:42:54.0779 0x07f4 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:42:54.0779 0x07f4 IRENUM - ok
16:42:54.0810 0x07f4 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:42:54.0810 0x07f4 isapnp - ok
16:42:54.0873 0x07f4 [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:42:54.0888 0x07f4 iScsiPrt - ok
16:42:54.0919 0x07f4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:42:54.0919 0x07f4 kbdclass - ok
16:42:54.0997 0x07f4 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:42:54.0997 0x07f4 kbdhid - ok
16:42:55.0029 0x07f4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
16:42:55.0029 0x07f4 KeyIso - ok
16:42:55.0107 0x07f4 [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:42:55.0107 0x07f4 KSecDD - ok
16:42:55.0138 0x07f4 [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:42:55.0138 0x07f4 KSecPkg - ok
16:42:55.0216 0x07f4 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:42:55.0216 0x07f4 KtmRm - ok
16:42:55.0309 0x07f4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:42:55.0309 0x07f4 LanmanServer - ok
16:42:55.0341 0x07f4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:55.0341 0x07f4 LanmanWorkstation - ok
16:42:55.0419 0x07f4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:42:55.0419 0x07f4 lltdio - ok
16:42:55.0481 0x07f4 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:42:55.0497 0x07f4 lltdsvc - ok
16:42:55.0528 0x07f4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:42:55.0528 0x07f4 lmhosts - ok
16:42:55.0575 0x07f4 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:42:55.0575 0x07f4 LSI_FC - ok
16:42:55.0637 0x07f4 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:42:55.0637 0x07f4 LSI_SAS - ok
16:42:55.0684 0x07f4 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:42:55.0684 0x07f4 LSI_SAS2 - ok
16:42:55.0715 0x07f4 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:42:55.0715 0x07f4 LSI_SCSI - ok
16:42:55.0762 0x07f4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:42:55.0762 0x07f4 luafv - ok
16:42:55.0840 0x07f4 [ 3C7B3072C3C5CC23F5FD46F8DFDA7480, E685963025BA3C0A4D1C806C0563B224BC976CA4C99FBCDCF22EDA30B11A596A ] massfilter_hs   C:\Windows\system32\drivers\massfilter_hs.sys
16:42:55.0840 0x07f4 massfilter_hs - ok
16:42:55.0980 0x07f4 [ 062D80F13D762F7BC2F38430D60F5048, 214D5B01F4C8FFD34DF2E390B5F39E6B3140CF362756548E0AC05B50EDA99E6C ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
16:42:55.0980 0x07f4 McAfeeFramework - ok
16:42:56.0136 0x07f4 [ FD3AD5E1ECDAA94A89D6697F5C5465D6, 63DA8E601B90DA558F0B089E89DD559C3C930430270D85CACAC0C0C8D08E5BB2 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.1.121\McCHSvc.exe
16:42:56.0136 0x07f4 McComponentHostService - ok
16:42:56.0245 0x07f4 [ 50182E471B44C7A0F63B46E2DEF08B0F, 0597114145A64FF19F046855CB59EFFDE60C1273CB2F3A23FF6B71E963CCD3A9 ] McShield        C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe
16:42:56.0245 0x07f4 McShield - ok
16:42:56.0323 0x07f4 [ 113C20EB4982C5670F49718441BEE76D, 01C577CB91A3550C18E98EAA646DABBA828C753FC94505C78F46A7E600FD496A ] McTaskManager   C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
16:42:56.0339 0x07f4 McTaskManager - ok
16:42:56.0386 0x07f4 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:42:56.0401 0x07f4 Mcx2Svc - ok
16:42:56.0464 0x07f4 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:42:56.0464 0x07f4 megasas - ok
16:42:56.0511 0x07f4 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:42:56.0526 0x07f4 MegaSR - ok
16:42:56.0604 0x07f4 [ C0D975D64C1AF8057F2D75B1297A6979, B6EDDDD701A2876EE4331F20422936CD70A51D842F0C58FF16E19D29EF525450 ] mfeapfk         C:\Windows\system32\drivers\mfeapfk.sys
16:42:56.0604 0x07f4 mfeapfk - ok
16:42:56.0651 0x07f4 [ C169326049A8A03D5F905B34F5A65F8C, 0A6B7C681854B77CE434C6A4BA1CA1BE56EF6B47EBE42FD5754394823C92CAFB ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
16:42:56.0667 0x07f4 mfeavfk - ok
16:42:56.0682 0x07f4 [ 50B0253B2484A306A20D8695C5AE5858, CAFAAAD49B666679163FCED79BCF29312214F8A45EE45075DE0E7A89D9665D6A ] mfebopk         C:\Windows\system32\drivers\mfebopk.sys
16:42:56.0682 0x07f4 mfebopk - ok
16:42:56.0760 0x07f4 [ 188B40866DB2AB8EF262FEBC65291687, BB28BBFC0800B3A635A5C620A9DD276DD370116D13D7F0DA49FFE790BCB70EFC ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
16:42:56.0791 0x07f4 mfehidk - ok
16:42:56.0823 0x07f4 [ C1B30AF2E18E69BF8CEB39B33F32D3C1, 32D5476D2CEB0D0D16B6B300EB6B326F4C5AC3E68DAE21720F16EFDE9389C802 ] mferkdet        C:\Windows\system32\drivers\mferkdet.sys
16:42:56.0823 0x07f4 mferkdet - ok
16:42:56.0854 0x07f4 [ 49C8E20D178BE981FF28523A942A570F, 28431B5849161F77991B0E0EDAE035D41DC1B4B01E21DBC9D77F5CDB0885EBD7 ] mfevtp          C:\Windows\system32\mfevtps.exe
16:42:56.0869 0x07f4 mfevtp - ok
16:42:56.0932 0x07f4 [ 451B49F0E10D6058CED5B56852D82C8B, D29F84AA77E2AA62997A7C88CFF40F8AC3F443D008BA1A0181AAD5887202F772 ] mfewfpk         C:\Windows\system32\drivers\mfewfpk.sys
16:42:56.0932 0x07f4 mfewfpk - ok
16:42:57.0010 0x07f4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
16:42:57.0010 0x07f4 MMCSS - ok
16:42:57.0072 0x07f4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
16:42:57.0072 0x07f4 Modem - ok
16:42:57.0119 0x07f4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:42:57.0119 0x07f4 monitor - ok
16:42:57.0150 0x07f4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:42:57.0150 0x07f4 mouclass - ok
16:42:57.0197 0x07f4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:42:57.0213 0x07f4 mouhid - ok
16:42:57.0259 0x07f4 [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:42:57.0259 0x07f4 mountmgr - ok
16:42:57.0353 0x07f4 [ E77DC03DD3C8E5A388BF9EED2A28F3D1, ED0DAA975D1EC35CE036F02596218E15CC6A054167628D12A0A5AD91B841F422 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:42:57.0353 0x07f4 MpFilter - ok
16:42:57.0384 0x07f4 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:42:57.0400 0x07f4 mpio - ok
16:42:57.0634 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl05c06806   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys
16:42:57.0634 0x07f4 MpKsl05c06806 - ok
16:42:57.0727 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl0a723b1b   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl0a723b1b.sys
16:42:57.0727 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl0a723b1b.sys. Real md5: 06D4F934E09C359B0EFBFB3146F1D910, sha256: 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:42:57.0727 0x07f4 MpKsl0a723b1b - detected ForgedFile.Multi.Generic ( 1 )
16:43:00.0613 0x07f4 Detect skipped due to KSN trusted
16:43:00.0613 0x07f4 MpKsl0a723b1b - ok
16:43:00.0738 0x07f4 [ DA18EDA484DB9C6D08143525FD951A8B, 54E78AF283D6E77DB7409E92159A2EEFEE7833CB742571F1B266C80E7038609C ] MpKsl173b0bfe   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl173b0bfe.sys
16:43:00.0738 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl173b0bfe.sys. Real md5: DA18EDA484DB9C6D08143525FD951A8B, sha256: 54E78AF283D6E77DB7409E92159A2EEFEE7833CB742571F1B266C80E7038609C, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:00.0738 0x07f4 MpKsl173b0bfe - detected ForgedFile.Multi.Generic ( 1 )
16:43:03.0780 0x07f4 MpKsl173b0bfe ( ForgedFile.Multi.Generic ) - warning
16:43:06.0729 0x07f4 [ 0F841E1080AF625FC81EBDC8BEC7B59B, 218390D71200643FC51C0A74AB1281F20BA84B800CB297B29DB113CE75D521CB ] MpKsl3ec561c4   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys
16:43:06.0729 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys. Real md5: 0F841E1080AF625FC81EBDC8BEC7B59B, sha256: 218390D71200643FC51C0A74AB1281F20BA84B800CB297B29DB113CE75D521CB, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:06.0729 0x07f4 MpKsl3ec561c4 - detected ForgedFile.Multi.Generic ( 1 )
16:43:09.0739 0x07f4 MpKsl3ec561c4 ( ForgedFile.Multi.Generic ) - warning
16:43:09.0739 0x07f4 Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys
16:43:13.0031 0x07f4 Object send P2P result: true
16:43:15.0933 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl42d20d8c   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys
16:43:15.0933 0x07f4 MpKsl42d20d8c - ok
16:43:16.0011 0x07f4 [ 0298FF58FCAB0C9424D43DE1EE8A96A7, 393AC1EDC5B724C866F23331252DD8BC2B92078BFCAB9F77D50BB9A3CEACF7A5 ] MpKsl433457a4   C:\Windows\system32\MpEngineStore\MpKsl433457a4.sys
16:43:16.0011 0x07f4 Suspicious file ( Forged ): C:\Windows\system32\MpEngineStore\MpKsl433457a4.sys. Real md5: 0298FF58FCAB0C9424D43DE1EE8A96A7, sha256: 393AC1EDC5B724C866F23331252DD8BC2B92078BFCAB9F77D50BB9A3CEACF7A5, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:16.0011 0x07f4 MpKsl433457a4 - detected ForgedFile.Multi.Generic ( 1 )
16:43:18.0959 0x07f4 MpKsl433457a4 ( ForgedFile.Multi.Generic ) - warning
16:43:24.0903 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl531712b5   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys
16:43:24.0903 0x07f4 MpKsl531712b5 - ok
16:43:24.0949 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl56479291   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl56479291.sys
16:43:24.0949 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl56479291.sys. Real md5: 06D4F934E09C359B0EFBFB3146F1D910, sha256: 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:24.0949 0x07f4 MpKsl56479291 - detected ForgedFile.Multi.Generic ( 1 )
16:43:24.0949 0x07f4 Detect skipped due to KSN trusted
16:43:24.0949 0x07f4 MpKsl56479291 - ok
16:43:25.0043 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl567cd4ca   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl567cd4ca.sys
16:43:25.0043 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl567cd4ca.sys. Real md5: 06D4F934E09C359B0EFBFB3146F1D910, sha256: 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:25.0043 0x07f4 MpKsl567cd4ca - detected ForgedFile.Multi.Generic ( 1 )
16:43:25.0043 0x07f4 Detect skipped due to KSN trusted
16:43:25.0043 0x07f4 MpKsl567cd4ca - ok
16:43:25.0105 0x07f4 [ DFF9A8E0319977851460434FC1D42050, B5DAE48081E1E56B9D1E442767D91E0C5B6B3150973E02E71F96D8260E6088A7 ] MpKsl5c09c013   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl5c09c013.sys
16:43:25.0105 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl5c09c013.sys. Real md5: DFF9A8E0319977851460434FC1D42050, sha256: B5DAE48081E1E56B9D1E442767D91E0C5B6B3150973E02E71F96D8260E6088A7, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:25.0105 0x07f4 MpKsl5c09c013 - detected ForgedFile.Multi.Generic ( 1 )
16:43:27.0976 0x07f4 MpKsl5c09c013 ( ForgedFile.Multi.Generic ) - warning
16:43:30.0924 0x07f4 [ 2F47372DED99406CF563818C870E51FA, 8B58713891EF38055135571DC059EA450A555FDDD19C1F0A2149943EFB4747E1 ] MpKsl62582d91   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl62582d91.sys
16:43:30.0924 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl62582d91.sys. Real md5: 2F47372DED99406CF563818C870E51FA, sha256: 8B58713891EF38055135571DC059EA450A555FDDD19C1F0A2149943EFB4747E1, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:30.0924 0x07f4 MpKsl62582d91 - detected ForgedFile.Multi.Generic ( 1 )
16:43:33.0904 0x07f4 MpKsl62582d91 ( ForgedFile.Multi.Generic ) - warning
16:43:36.0805 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl6b852b6f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys
16:43:36.0805 0x07f4 MpKsl6b852b6f - ok
16:43:36.0868 0x07f4 [ 7851848466CC57D1478A6814DFF0349C, 48AE5F33A59310160A8A26429504D792930F7B61E0845868A0BE5FC229B14D3F ] MpKsl6d1a139a   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6d1a139a.sys
16:43:36.0868 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6d1a139a.sys. Real md5: 7851848466CC57D1478A6814DFF0349C, sha256: 48AE5F33A59310160A8A26429504D792930F7B61E0845868A0BE5FC229B14D3F, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:36.0868 0x07f4 MpKsl6d1a139a - detected ForgedFile.Multi.Generic ( 1 )
16:43:39.0879 0x07f4 MpKsl6d1a139a ( ForgedFile.Multi.Generic ) - warning
16:43:42.0780 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl72991219   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys
16:43:42.0780 0x07f4 MpKsl72991219 - ok
16:43:42.0858 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl783f7958   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys
16:43:42.0858 0x07f4 MpKsl783f7958 - ok
16:43:42.0921 0x07f4 [ 4FA7C1861594AA0C198AA9B572DD5A07, 8BD28840A1BC66B9C1A41CF39B84C96C69281A96C78FE2B38B05E7901DC0C590 ] MpKsl8c99a18f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys
16:43:42.0921 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys. Real md5: 4FA7C1861594AA0C198AA9B572DD5A07, sha256: 8BD28840A1BC66B9C1A41CF39B84C96C69281A96C78FE2B38B05E7901DC0C590, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:42.0936 0x07f4 MpKsl8c99a18f - detected ForgedFile.Multi.Generic ( 1 )
16:43:45.0807 0x07f4 MpKsl8c99a18f ( ForgedFile.Multi.Generic ) - warning
16:43:45.0807 0x07f4 Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys
16:43:48.0802 0x07f4 Object send P2P result: true
16:43:51.0703 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsl9d9e2965   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys
16:43:51.0703 0x07f4 MpKsl9d9e2965 - ok
16:43:51.0719 0x07f4 [ B2864BE5293594128825FE993317525B, 56C28267488E5DED934E69B01628A2698C36FCEC97F593E1286E2A170FEA3129 ] MpKsl9e5d3c7a   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys
16:43:51.0735 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys. Real md5: B2864BE5293594128825FE993317525B, sha256: 56C28267488E5DED934E69B01628A2698C36FCEC97F593E1286E2A170FEA3129, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:43:51.0735 0x07f4 MpKsl9e5d3c7a - detected ForgedFile.Multi.Generic ( 1 )
16:43:54.0730 0x07f4 MpKsl9e5d3c7a ( ForgedFile.Multi.Generic ) - warning
16:43:54.0730 0x07f4 Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys
16:44:00.0315 0x07f4 Object send P2P result: true
16:44:03.0201 0x07f4 [ 73BEFBBA67D65254DB792812FB3FB286, 82163AA7ADF52430D82D245BE2CB85FBF5E57469CB546A05618DDB3D9B844F2B ] MpKsla090ee3b   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys
16:44:03.0201 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys. Real md5: 73BEFBBA67D65254DB792812FB3FB286, sha256: 82163AA7ADF52430D82D245BE2CB85FBF5E57469CB546A05618DDB3D9B844F2B, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:03.0201 0x07f4 MpKsla090ee3b - detected ForgedFile.Multi.Generic ( 1 )
16:44:06.0118 0x07f4 MpKsla090ee3b ( ForgedFile.Multi.Generic ) - warning
16:44:06.0118 0x07f4 Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys
16:44:09.0144 0x07f4 Object send P2P result: true
16:44:12.0077 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslb1514709   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys
16:44:12.0077 0x07f4 MpKslb1514709 - ok
16:44:12.0139 0x07f4 [ B5EBBCB1892BCEFEE370B36250ECACBE, 310A7A0E77A4A201BCFD987F64067A3DC8CE187EFE98D20CE490DD2A0B7F0131 ] MpKslb1b46087   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys
16:44:12.0139 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys. Real md5: B5EBBCB1892BCEFEE370B36250ECACBE, sha256: 310A7A0E77A4A201BCFD987F64067A3DC8CE187EFE98D20CE490DD2A0B7F0131, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:12.0139 0x07f4 MpKslb1b46087 - detected ForgedFile.Multi.Generic ( 1 )
16:44:15.0135 0x07f4 MpKslb1b46087 ( ForgedFile.Multi.Generic ) - warning
16:44:15.0135 0x07f4 Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys
16:44:18.0145 0x07f4 Object send P2P result: true
16:44:21.0031 0x07f4 [ 59C67E1BADC5E79A577E2F427490B33C, 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85 ] MpKslbaeaec6f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbaeaec6f.sys
16:44:21.0031 0x07f4 MpKslbaeaec6f - ok
16:44:21.0109 0x07f4 [ AD589DEF2D8CF7405924D165F674FEC1, 940DABB8CBA8E8F1125540C582EE04A2914C8AC52AE26F22136C3A7F85F00B00 ] MpKslbc126b3d   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbc126b3d.sys
16:44:21.0109 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbc126b3d.sys. Real md5: AD589DEF2D8CF7405924D165F674FEC1, sha256: 940DABB8CBA8E8F1125540C582EE04A2914C8AC52AE26F22136C3A7F85F00B00, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:21.0109 0x07f4 MpKslbc126b3d - detected ForgedFile.Multi.Generic ( 1 )
16:44:23.0949 0x07f4 MpKslbc126b3d ( ForgedFile.Multi.Generic ) - warning
16:44:26.0882 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslc2ea08a6   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys
16:44:26.0882 0x07f4 MpKslc2ea08a6 - ok
16:44:26.0944 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslc5965bac   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys
16:44:26.0944 0x07f4 MpKslc5965bac - ok
16:44:27.0022 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslc7c28cb0   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys
16:44:27.0022 0x07f4 MpKslc7c28cb0 - ok
16:44:27.0100 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsld6bd47db   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld6bd47db.sys
16:44:27.0100 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld6bd47db.sys. Real md5: 06D4F934E09C359B0EFBFB3146F1D910, sha256: 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:27.0100 0x07f4 MpKsld6bd47db - detected ForgedFile.Multi.Generic ( 1 )
16:44:27.0100 0x07f4 Detect skipped due to KSN trusted
16:44:27.0100 0x07f4 MpKsld6bd47db - ok
16:44:27.0162 0x07f4 [ 223722269F40985947C67E95D2352073, 444A9DA1F9532C34112AB6B2FDF7773AE81EB3DC279D4D2368D255686EACE0BC ] MpKsld81027f9   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys
16:44:27.0162 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys. Real md5: 223722269F40985947C67E95D2352073, sha256: 444A9DA1F9532C34112AB6B2FDF7773AE81EB3DC279D4D2368D255686EACE0BC, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:27.0162 0x07f4 MpKsld81027f9 - detected ForgedFile.Multi.Generic ( 1 )
16:44:30.0189 0x07f4 MpKsld81027f9 ( ForgedFile.Multi.Generic ) - warning
16:44:30.0189 0x07f4 Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys
16:44:33.0168 0x07f4 Object send P2P result: true
16:44:36.0179 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKsld849d12f   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys
16:44:36.0195 0x07f4 MpKsld849d12f - ok
16:44:36.0351 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslda6f8fb7   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys
16:44:36.0351 0x07f4 MpKslda6f8fb7 - ok
16:44:36.0413 0x07f4 [ 33845CF2C874B3199376D1FE7FE7A4EC, 6C53AEC282CA684BBDFFEA484C97B379498338F4CE611A9BF8ACBA690049B1F9 ] MpKslddc61595   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys
16:44:36.0413 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys. Real md5: 33845CF2C874B3199376D1FE7FE7A4EC, sha256: 6C53AEC282CA684BBDFFEA484C97B379498338F4CE611A9BF8ACBA690049B1F9, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:36.0413 0x07f4 MpKslddc61595 - detected ForgedFile.Multi.Generic ( 1 )
16:44:39.0284 0x07f4 MpKslddc61595 ( ForgedFile.Multi.Generic ) - warning
16:44:39.0284 0x07f4 Force sending object to P2P due to detect: c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys
16:44:42.0388 0x07f4 Object send P2P result: true
16:44:45.0352 0x07f4 [ 7E431D600686802D4DE8236B2F2F02A3, 55B98F4038C5112E30D56F55B3C9EBBBD86E363791C9DB82EF6C6CA526B2CCBA ] MpKsleff99713   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsleff99713.sys
16:44:45.0352 0x07f4 Suspicious file ( Forged ): c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsleff99713.sys. Real md5: 7E431D600686802D4DE8236B2F2F02A3, sha256: 55B98F4038C5112E30D56F55B3C9EBBBD86E363791C9DB82EF6C6CA526B2CCBA, fake md5: 59C67E1BADC5E79A577E2F427490B33C, fake sha256: 4CAF8B27BF052C4629A036291DB0079A25DC61F104A62D7862EE4B10743E6B85
16:44:45.0352 0x07f4 MpKsleff99713 - detected ForgedFile.Multi.Generic ( 1 )
16:44:48.0519 0x07f4 MpKsleff99713 ( ForgedFile.Multi.Generic ) - warning
16:44:51.0436 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslf28e4fd4   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys
16:44:51.0452 0x07f4 MpKslf28e4fd4 - ok
16:44:51.0483 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslface65c7   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys
16:44:51.0483 0x07f4 MpKslface65c7 - ok
16:44:51.0530 0x07f4 [ 06D4F934E09C359B0EFBFB3146F1D910, 484F57CD6F8757137F3B3491B8AC8ECF6C6385A666CD1671833DDD9E962AAB4A ] MpKslfba52fc5   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys
16:44:51.0530 0x07f4 MpKslfba52fc5 - ok
16:44:51.0608 0x07f4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:44:51.0608 0x07f4 mpsdrv - ok
16:44:51.0686 0x07f4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:44:51.0732 0x07f4 MpsSvc - ok
16:44:51.0795 0x07f4 [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:44:51.0795 0x07f4 MRxDAV - ok
16:44:51.0857 0x07f4 [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:44:51.0857 0x07f4 mrxsmb - ok
16:44:51.0904 0x07f4 [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:44:51.0904 0x07f4 mrxsmb10 - ok
16:44:51.0966 0x07f4 [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:44:51.0966 0x07f4 mrxsmb20 - ok
16:44:52.0029 0x07f4 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:44:52.0029 0x07f4 msahci - ok
16:44:52.0091 0x07f4 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:44:52.0091 0x07f4 msdsm - ok
16:44:52.0122 0x07f4 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
16:44:52.0122 0x07f4 MSDTC - ok
16:44:52.0185 0x07f4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:44:52.0185 0x07f4 Msfs - ok
16:44:52.0216 0x07f4 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:44:52.0216 0x07f4 mshidkmdf - ok
16:44:52.0278 0x07f4 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:44:52.0278 0x07f4 msisadrv - ok
16:44:52.0341 0x07f4 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:44:52.0341 0x07f4 MSiSCSI - ok
16:44:52.0356 0x07f4 msiserver - ok
16:44:52.0403 0x07f4 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:44:52.0403 0x07f4 MSKSSRV - ok
16:44:52.0512 0x07f4 [ B0F49DA36F30922F5DDC3B623B778FCE, EE025AEFA4A2095AFEABFB3A49639DA77D78068A3F5EEDA6C15D34853AFD5609 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:44:52.0512 0x07f4 MsMpSvc - ok
16:44:52.0528 0x07f4 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:44:52.0528 0x07f4 MSPCLOCK - ok
16:44:52.0544 0x07f4 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:44:52.0544 0x07f4 MSPQM - ok
16:44:52.0575 0x07f4 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:44:52.0590 0x07f4 MsRPC - ok
16:44:52.0622 0x07f4 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:44:52.0622 0x07f4 mssmbios - ok
16:44:52.0622 0x07f4 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:44:52.0637 0x07f4 MSTEE - ok
16:44:52.0653 0x07f4 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:44:52.0653 0x07f4 MTConfig - ok
16:44:52.0668 0x07f4 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:44:52.0668 0x07f4 Mup - ok
16:44:52.0731 0x07f4 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
16:44:52.0746 0x07f4 napagent - ok
16:44:52.0856 0x07f4 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:44:52.0856 0x07f4 NativeWifiP - ok
16:44:52.0949 0x07f4 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:44:52.0980 0x07f4 NDIS - ok
16:44:52.0996 0x07f4 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:44:53.0012 0x07f4 NdisCap - ok
16:44:53.0043 0x07f4 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:44:53.0043 0x07f4 NdisTapi - ok
16:44:53.0090 0x07f4 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:44:53.0090 0x07f4 Ndisuio - ok
16:44:53.0136 0x07f4 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:44:53.0136 0x07f4 NdisWan - ok
16:44:53.0168 0x07f4 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:44:53.0168 0x07f4 NDProxy - ok
16:44:53.0246 0x07f4 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:44:53.0246 0x07f4 NetBIOS - ok
16:44:53.0308 0x07f4 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:44:53.0308 0x07f4 NetBT - ok
16:44:53.0339 0x07f4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
16:44:53.0339 0x07f4 Netlogon - ok
16:44:53.0402 0x07f4 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
16:44:53.0417 0x07f4 Netman - ok
16:44:53.0464 0x07f4 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
16:44:53.0495 0x07f4 netprofm - ok
16:44:53.0558 0x07f4 [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:44:53.0558 0x07f4 NetTcpPortSharing - ok
16:44:53.0604 0x07f4 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:44:53.0604 0x07f4 nfrd960 - ok
16:44:53.0667 0x07f4 [ 32FF06EC6D946EF791D98D6C838A3090, 319BDD491CB22D0CCCCE76A2854CF469D7AF046289F9C56CD03AE3D3CBC0275E ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:44:53.0667 0x07f4 NisDrv - ok
16:44:53.0745 0x07f4 [ 42D33042371BFB1A7D40834590CAFD30, 53DA3618EC10293B2DF686E291A4EF6ACBBD41D116EC762D54106D201A784E87 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:44:53.0760 0x07f4 NisSrv - ok
16:44:53.0838 0x07f4 [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:44:53.0854 0x07f4 NlaSvc - ok
16:44:53.0870 0x07f4 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:44:53.0870 0x07f4 Npfs - ok
16:44:53.0932 0x07f4 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
16:44:53.0948 0x07f4 nsi - ok
16:44:53.0963 0x07f4 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:44:53.0963 0x07f4 nsiproxy - ok
16:44:54.0088 0x07f4 [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:44:54.0135 0x07f4 Ntfs - ok
16:44:54.0166 0x07f4 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
16:44:54.0166 0x07f4 Null - ok
16:44:54.0213 0x07f4 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:44:54.0228 0x07f4 nvraid - ok
16:44:54.0291 0x07f4 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:44:54.0291 0x07f4 nvstor - ok
16:44:54.0322 0x07f4 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:44:54.0322 0x07f4 nv_agp - ok
16:44:54.0478 0x07f4 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:44:54.0509 0x07f4 odserv - ok
16:44:54.0572 0x07f4 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:44:54.0572 0x07f4 ohci1394 - ok
16:44:54.0650 0x07f4 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:44:54.0650 0x07f4 ose - ok
16:44:54.0712 0x07f4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:44:54.0728 0x07f4 p2pimsvc - ok
16:44:54.0806 0x07f4 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:44:54.0821 0x07f4 p2psvc - ok
16:44:54.0884 0x07f4 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:44:54.0884 0x07f4 Parport - ok
16:44:54.0946 0x07f4 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:44:54.0946 0x07f4 partmgr - ok
16:44:54.0977 0x07f4 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
16:44:54.0977 0x07f4 Parvdm - ok
16:44:55.0008 0x07f4 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:44:55.0024 0x07f4 PcaSvc - ok
16:44:55.0055 0x07f4 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
16:44:55.0055 0x07f4 pci - ok
16:44:55.0118 0x07f4 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:44:55.0118 0x07f4 pciide - ok
16:44:55.0164 0x07f4 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:44:55.0180 0x07f4 pcmcia - ok
16:44:55.0211 0x07f4 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:44:55.0211 0x07f4 pcw - ok
16:44:55.0274 0x07f4 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:44:55.0305 0x07f4 PEAUTH - ok
16:44:55.0414 0x07f4 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:44:55.0461 0x07f4 PeerDistSvc - ok
16:44:55.0617 0x07f4 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
16:44:55.0710 0x07f4 pla - ok
16:44:55.0820 0x07f4 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:44:55.0835 0x07f4 PlugPlay - ok
16:44:55.0913 0x07f4 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:44:55.0913 0x07f4 PNRPAutoReg - ok
16:44:55.0944 0x07f4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:44:55.0960 0x07f4 PNRPsvc - ok
16:44:56.0022 0x07f4 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:44:56.0022 0x07f4 PolicyAgent - ok
16:44:56.0100 0x07f4 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
16:44:56.0100 0x07f4 Power - ok
16:44:56.0178 0x07f4 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:44:56.0194 0x07f4 PptpMiniport - ok
16:44:56.0210 0x07f4 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:44:56.0210 0x07f4 Processor - ok
16:44:56.0303 0x07f4 [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:44:56.0303 0x07f4 ProfSvc - ok
16:44:56.0334 0x07f4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:44:56.0334 0x07f4 ProtectedStorage - ok
16:44:56.0412 0x07f4 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:44:56.0428 0x07f4 Psched - ok
16:44:56.0522 0x07f4 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:44:56.0584 0x07f4 ql2300 - ok
16:44:56.0615 0x07f4 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:44:56.0615 0x07f4 ql40xx - ok
16:44:56.0693 0x07f4 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
16:44:56.0709 0x07f4 QWAVE - ok
16:44:56.0740 0x07f4 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:44:56.0740 0x07f4 QWAVEdrv - ok
16:44:56.0756 0x07f4 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:44:56.0756 0x07f4 RasAcd - ok
16:44:56.0834 0x07f4 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:44:56.0834 0x07f4 RasAgileVpn - ok
16:44:56.0849 0x07f4 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
16:44:56.0865 0x07f4 RasAuto - ok
16:44:56.0896 0x07f4 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:44:56.0896 0x07f4 Rasl2tp - ok
16:44:56.0958 0x07f4 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
16:44:56.0974 0x07f4 RasMan - ok
16:44:57.0005 0x07f4 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:44:57.0021 0x07f4 RasPppoe - ok
16:44:57.0068 0x07f4 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:44:57.0068 0x07f4 RasSstp - ok
16:44:57.0130 0x07f4 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:44:57.0146 0x07f4 rdbss - ok
16:44:57.0161 0x07f4 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:44:57.0161 0x07f4 rdpbus - ok
16:44:57.0224 0x07f4 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:44:57.0224 0x07f4 RDPCDD - ok
16:44:57.0302 0x07f4 [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:44:57.0302 0x07f4 RDPDR - ok
16:44:57.0348 0x07f4 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:44:57.0348 0x07f4 RDPENCDD - ok
16:44:57.0364 0x07f4 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:44:57.0364 0x07f4 RDPREFMP - ok
16:44:57.0442 0x07f4 [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:44:57.0458 0x07f4 RDPWD - ok
16:44:57.0536 0x07f4 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:44:57.0536 0x07f4 rdyboost - ok
16:44:57.0629 0x07f4 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:44:57.0645 0x07f4 RemoteAccess - ok
16:44:57.0707 0x07f4 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:44:57.0707 0x07f4 RemoteRegistry - ok
16:44:57.0770 0x07f4 [ 6C1F93C0760C9F79A1869D07233DF39D, 70DD037E76F6E89CE9630175772707BB8588324058079B5F18C505B31306BACE ] rismxdp         C:\Windows\system32\DRIVERS\rixdptsk.sys
16:44:57.0770 0x07f4 rismxdp - ok
16:44:57.0801 0x07f4 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:44:57.0801 0x07f4 RpcEptMapper - ok
16:44:57.0863 0x07f4 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
16:44:57.0879 0x07f4 RpcLocator - ok
16:44:57.0941 0x07f4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
16:44:57.0957 0x07f4 RpcSs - ok
16:44:58.0019 0x07f4 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:44:58.0019 0x07f4 rspndr - ok
16:44:58.0082 0x07f4 [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:44:58.0082 0x07f4 s3cap - ok
16:44:58.0097 0x07f4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
16:44:58.0097 0x07f4 SamSs - ok
16:44:58.0206 0x07f4 [ 5BF35C4EA3F00FA8D3F1E5BF03D24584, F2B57EACE3E5259793D245243530537123EA87304432B91F12C1397F14D5D8D6 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
16:44:58.0222 0x07f4 SASDIFSV - ok
16:44:58.0284 0x07f4 [ A22F08C98AC2F44587BF3A1FB52BF8CD, 9FEBA5491AE674C7B37C5089E491E2FF74A444DA902E3CE2B15867DDE5166901 ] SASENUM         C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
16:44:58.0284 0x07f4 SASENUM - ok
16:44:58.0331 0x07f4 [ 81C02EA5F88CA4125E579384DFD75E3A, 78E34E4BE437EECECEE3F2B81155D55A65B43E0B02E9E8580E0B4BE29167AF39 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
16:44:58.0331 0x07f4 SASKUTIL - ok
16:44:58.0378 0x07f4 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:44:58.0378 0x07f4 sbp2port - ok
16:44:58.0456 0x07f4 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:44:58.0456 0x07f4 SCardSvr - ok
16:44:58.0472 0x07f4 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:44:58.0472 0x07f4 scfilter - ok
16:44:58.0581 0x07f4 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
16:44:58.0628 0x07f4 Schedule - ok
16:44:58.0659 0x07f4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:44:58.0659 0x07f4 SCPolicySvc - ok
16:44:58.0721 0x07f4 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
16:44:58.0721 0x07f4 sdbus - ok
16:44:58.0784 0x07f4 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:44:58.0799 0x07f4 SDRSVC - ok
16:44:58.0846 0x07f4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:44:58.0846 0x07f4 secdrv - ok
16:44:58.0908 0x07f4 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
16:44:58.0908 0x07f4 seclogon - ok
16:44:58.0924 0x07f4 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
16:44:58.0940 0x07f4 SENS - ok
16:44:59.0002 0x07f4 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:44:59.0018 0x07f4 SensrSvc - ok
16:44:59.0033 0x07f4 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:44:59.0033 0x07f4 Serenum - ok
16:44:59.0064 0x07f4 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:44:59.0064 0x07f4 Serial - ok
16:44:59.0111 0x07f4 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:44:59.0127 0x07f4 sermouse - ok
16:44:59.0205 0x07f4 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:44:59.0220 0x07f4 SessionEnv - ok
16:44:59.0252 0x07f4 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:44:59.0267 0x07f4 sffdisk - ok
16:44:59.0267 0x07f4 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:44:59.0267 0x07f4 sffp_mmc - ok
16:44:59.0298 0x07f4 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:44:59.0298 0x07f4 sffp_sd - ok
16:44:59.0330 0x07f4 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:44:59.0345 0x07f4 sfloppy - ok
16:44:59.0423 0x07f4 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:44:59.0423 0x07f4 SharedAccess - ok
16:44:59.0470 0x07f4 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:44:59.0486 0x07f4 ShellHWDetection - ok
16:44:59.0548 0x07f4 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
16:44:59.0548 0x07f4 sisagp - ok
16:44:59.0610 0x07f4 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:44:59.0610 0x07f4 SiSRaid2 - ok
16:44:59.0642 0x07f4 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:44:59.0657 0x07f4 SiSRaid4 - ok
16:44:59.0688 0x07f4 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:44:59.0688 0x07f4 Smb - ok
16:44:59.0766 0x07f4 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:44:59.0766 0x07f4 SNMPTRAP - ok
16:44:59.0782 0x07f4 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:44:59.0798 0x07f4 spldr - ok
16:44:59.0860 0x07f4 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
16:44:59.0876 0x07f4 Spooler - ok
16:45:00.0078 0x07f4 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
16:45:00.0219 0x07f4 sppsvc - ok
16:45:00.0297 0x07f4 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:45:00.0312 0x07f4 sppuinotify - ok
16:45:00.0390 0x07f4 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:45:00.0406 0x07f4 srv - ok
16:45:00.0437 0x07f4 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:45:00.0468 0x07f4 srv2 - ok
16:45:00.0578 0x07f4 [ E00FDFAFF025E94F9821153750C35A6D, 6ECDC5F314A29B859B0DCB7FF114CACE0718612556299B16412C21F9539DC9B5 ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL3.SYS
16:45:00.0593 0x07f4 SrvHsfHDA - ok
16:45:00.0656 0x07f4 [ CEB4E3B6890E1E42DCA6694D9E59E1A0, 00D841690A88F1051A238F67AACCE905E8A59C86070F215A8D31FA3E68C6BF35 ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV3.SYS
16:45:00.0702 0x07f4 SrvHsfV92 - ok
16:45:00.0765 0x07f4 [ BC0C7EA89194C299F051C24119000E17, F5FB21F7AD7370F3D5DF7C23F33118ECF19865B995AF12E9A8A8D893E7E6264F ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
16:45:00.0796 0x07f4 SrvHsfWinac - ok
16:45:00.0858 0x07f4 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:45:00.0874 0x07f4 srvnet - ok
16:45:00.0936 0x07f4 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:45:00.0952 0x07f4 SSDPSRV - ok
16:45:00.0983 0x07f4 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:45:00.0999 0x07f4 SstpSvc - ok
16:45:01.0046 0x07f4 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:45:01.0046 0x07f4 stexstor - ok
16:45:01.0139 0x07f4 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
16:45:01.0170 0x07f4 StiSvc - ok
16:45:01.0248 0x07f4 [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:45:01.0248 0x07f4 storflt - ok
16:45:01.0311 0x07f4 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
16:45:01.0311 0x07f4 StorSvc - ok
16:45:01.0373 0x07f4 [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:45:01.0373 0x07f4 storvsc - ok
16:45:01.0436 0x07f4 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:45:01.0436 0x07f4 swenum - ok
16:45:01.0467 0x07f4 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
16:45:01.0482 0x07f4 swprv - ok
16:45:01.0607 0x07f4 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
16:45:01.0685 0x07f4 SysMain - ok
16:45:01.0763 0x07f4 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
16:45:01.0763 0x07f4 TabletInputService - ok
16:45:01.0826 0x07f4 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:45:01.0841 0x07f4 TapiSrv - ok
16:45:01.0888 0x07f4 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
16:45:01.0904 0x07f4 TBS - ok
16:45:01.0982 0x07f4 [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:45:02.0060 0x07f4 Tcpip - ok
16:45:02.0153 0x07f4 [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:45:02.0184 0x07f4 TCPIP6 - ok
16:45:02.0262 0x07f4 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:45:02.0262 0x07f4 tcpipreg - ok
16:45:02.0325 0x07f4 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:45:02.0325 0x07f4 TDPIPE - ok
16:45:02.0372 0x07f4 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:45:02.0387 0x07f4 TDTCP - ok
16:45:02.0434 0x07f4 [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:45:02.0434 0x07f4 tdx - ok
16:45:02.0496 0x07f4 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:45:02.0496 0x07f4 TermDD - ok
16:45:02.0590 0x07f4 [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
16:45:02.0606 0x07f4 TermService - ok
16:45:02.0668 0x07f4 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
16:45:02.0684 0x07f4 Themes - ok
16:45:02.0715 0x07f4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
16:45:02.0715 0x07f4 THREADORDER - ok
16:45:02.0762 0x07f4 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
16:45:02.0777 0x07f4 TrkWks - ok
16:45:02.0886 0x07f4 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:45:02.0886 0x07f4 TrustedInstaller - ok
16:45:02.0964 0x07f4 [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:45:02.0964 0x07f4 tssecsrv - ok
16:45:03.0058 0x07f4 [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:45:03.0058 0x07f4 TsUsbFlt - ok
16:45:03.0152 0x07f4 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:45:03.0152 0x07f4 tunnel - ok
16:45:03.0214 0x07f4 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:45:03.0214 0x07f4 uagp35 - ok
16:45:03.0245 0x07f4 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:45:03.0261 0x07f4 udfs - ok
16:45:03.0339 0x07f4 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:45:03.0339 0x07f4 UI0Detect - ok
16:45:03.0370 0x07f4 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:45:03.0370 0x07f4 uliagpkx - ok
16:45:03.0432 0x07f4 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:45:03.0432 0x07f4 umbus - ok
16:45:03.0479 0x07f4 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:45:03.0479 0x07f4 UmPass - ok
16:45:03.0557 0x07f4 [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:45:03.0573 0x07f4 UmRdpService - ok
16:45:03.0635 0x07f4 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
16:45:03.0651 0x07f4 upnphost - ok
16:45:03.0713 0x07f4 [ 71D97F1A3CC47A56728F7A400A3F8295, ED3FDB73D8A98D9BAF702C0F5C7AD79D525D19DCE1487D442536913BEA5C7F15 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:45:03.0713 0x07f4 usbccgp - ok
16:45:03.0776 0x07f4 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:45:03.0776 0x07f4 usbcir - ok
16:45:03.0807 0x07f4 [ C4FB8E7ADEA9B5CEEA885A1B504B7E40, 3E0AE5D236890452F2EA33504309A7E5FE49C567FF6F68A83A5987F05ED01BF0 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:45:03.0807 0x07f4 usbehci - ok
16:45:03.0838 0x07f4 [ 86AA95ACB611001E26CD2C0145F2225A, 584D26E8C9407A4E717DCBF2D3819DB441C2D455B5FDA6654FBA3794E19B4D51 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:45:03.0854 0x07f4 usbhub - ok
16:45:03.0885 0x07f4 [ DCDF9855145A14DFCA0AB32308871961, 9A21013AD032195D54CE655DE5363E78BB74CC55C40B889520B478892F4BA40A ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:45:03.0885 0x07f4 usbohci - ok
16:45:03.0916 0x07f4 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:45:03.0916 0x07f4 usbprint - ok
16:45:03.0947 0x07f4 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:45:03.0947 0x07f4 USBSTOR - ok
16:45:03.0978 0x07f4 [ 8E51D04175BAA14C4F79AA5F6D248770, 6CE2E45E272734A5D1D0C4CE2BD7B61C61C7538903E87203E376495D198EFBD0 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
16:45:03.0978 0x07f4 usbuhci - ok
16:45:04.0041 0x07f4 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
16:45:04.0056 0x07f4 UxSms - ok
16:45:04.0072 0x07f4 [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
16:45:04.0072 0x07f4 VaultSvc - ok
16:45:04.0103 0x07f4 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:45:04.0103 0x07f4 vdrvroot - ok
16:45:04.0197 0x07f4 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
16:45:04.0228 0x07f4 vds - ok
16:45:04.0290 0x07f4 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:45:04.0290 0x07f4 vga - ok
16:45:04.0306 0x07f4 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:45:04.0306 0x07f4 VgaSave - ok
16:45:04.0384 0x07f4 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:45:04.0384 0x07f4 vhdmp - ok
16:45:04.0400 0x07f4 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
16:45:04.0415 0x07f4 viaagp - ok
16:45:04.0431 0x07f4 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
16:45:04.0431 0x07f4 ViaC7 - ok
16:45:04.0493 0x07f4 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:45:04.0493 0x07f4 viaide - ok
16:45:04.0571 0x07f4 [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:45:04.0571 0x07f4 vmbus - ok
16:45:04.0634 0x07f4 [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:45:04.0634 0x07f4 VMBusHID - ok
16:45:04.0649 0x07f4 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:45:04.0649 0x07f4 volmgr - ok
16:45:04.0696 0x07f4 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:45:04.0696 0x07f4 volmgrx - ok
16:45:04.0727 0x07f4 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:45:04.0774 0x07f4 volsnap - ok
16:45:04.0805 0x07f4 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:45:04.0821 0x07f4 vsmraid - ok
16:45:04.0914 0x07f4 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
16:45:04.0977 0x07f4 VSS - ok
16:45:04.0992 0x07f4 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:45:04.0992 0x07f4 vwifibus - ok
16:45:05.0039 0x07f4 [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:45:05.0039 0x07f4 vwififlt - ok
16:45:05.0133 0x07f4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
16:45:05.0133 0x07f4 W32Time - ok
16:45:05.0164 0x07f4 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:45:05.0164 0x07f4 WacomPen - ok
16:45:05.0242 0x07f4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:45:05.0242 0x07f4 WANARP - ok
16:45:05.0258 0x07f4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:45:05.0258 0x07f4 Wanarpv6 - ok
16:45:05.0382 0x07f4 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:45:05.0445 0x07f4 WatAdminSvc - ok
16:45:05.0538 0x07f4 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
16:45:05.0616 0x07f4 wbengine - ok
16:45:05.0648 0x07f4 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:45:05.0663 0x07f4 WbioSrvc - ok
16:45:05.0726 0x07f4 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:45:05.0741 0x07f4 wcncsvc - ok
16:45:05.0757 0x07f4 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:45:05.0757 0x07f4 WcsPlugInService - ok
16:45:05.0819 0x07f4 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:45:05.0819 0x07f4 Wd - ok
16:45:05.0913 0x07f4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:45:05.0944 0x07f4 Wdf01000 - ok
16:45:05.0975 0x07f4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:45:05.0975 0x07f4 WdiServiceHost - ok
16:45:06.0006 0x07f4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:45:06.0006 0x07f4 WdiSystemHost - ok
16:45:06.0069 0x07f4 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
16:45:06.0084 0x07f4 WebClient - ok
16:45:06.0116 0x07f4 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:45:06.0131 0x07f4 Wecsvc - ok
16:45:06.0147 0x07f4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:45:06.0162 0x07f4 wercplsupport - ok
16:45:06.0209 0x07f4 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
16:45:06.0225 0x07f4 WerSvc - ok
16:45:06.0256 0x07f4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:45:06.0256 0x07f4 WfpLwf - ok
16:45:06.0272 0x07f4 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:45:06.0272 0x07f4 WIMMount - ok
16:45:06.0381 0x07f4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
16:45:06.0428 0x07f4 WinDefend - ok
16:45:06.0443 0x07f4 WinHttpAutoProxySvc - ok
16:45:06.0552 0x07f4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:45:06.0568 0x07f4 Winmgmt - ok
16:45:06.0677 0x07f4 [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
16:45:06.0740 0x07f4 WinRM - ok
16:45:06.0833 0x07f4 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:45:06.0833 0x07f4 WinUsb - ok
16:45:06.0927 0x07f4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:45:06.0974 0x07f4 Wlansvc - ok
16:45:07.0052 0x07f4 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:45:07.0052 0x07f4 WmiAcpi - ok
16:45:07.0114 0x07f4 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:45:07.0130 0x07f4 wmiApSrv - ok
16:45:07.0254 0x07f4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
16:45:07.0301 0x07f4 WMPNetworkSvc - ok
16:45:07.0379 0x07f4 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:45:07.0379 0x07f4 WPCSvc - ok
16:45:07.0442 0x07f4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:45:07.0442 0x07f4 WPDBusEnum - ok
16:45:07.0520 0x07f4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:45:07.0520 0x07f4 ws2ifsl - ok
16:45:07.0535 0x07f4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
16:45:07.0535 0x07f4 wscsvc - ok
16:45:07.0566 0x07f4 WSearch - ok
16:45:07.0722 0x07f4 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:45:07.0816 0x07f4 wuauserv - ok
16:45:07.0894 0x07f4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:45:07.0894 0x07f4 WudfPf - ok
16:45:07.0956 0x07f4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:45:07.0956 0x07f4 WUDFRd - ok
16:45:08.0034 0x07f4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:45:08.0034 0x07f4 wudfsvc - ok
16:45:08.0066 0x07f4 [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:45:08.0081 0x07f4 WwanSvc - ok
16:45:08.0175 0x07f4 [ 30B73EB97218A16CBC6DE535782A1B35, 5B034F39FA5B902BD6899717F7696871CDAFB8698B48BB0E95DAE51234715A28 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x86.sys
16:45:08.0206 0x07f4 yukonw7 - ok
16:45:08.0284 0x07f4 [ 5CBAFE90E78C13C0429971E2FA05B48A, 6B976C1A60BAD30C891E0E8093C084B9822D61871FC2EFAD21BA75A72E6429BE ] zghsmdm         C:\Windows\system32\DRIVERS\zghsmdm.sys
16:45:08.0300 0x07f4 zghsmdm - ok
16:45:08.0315 0x07f4 ================ Scan global ===============================
16:45:08.0393 0x07f4 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
16:45:08.0456 0x07f4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
16:45:08.0487 0x07f4 [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
16:45:08.0549 0x07f4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
16:45:08.0612 0x07f4 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
16:45:08.0627 0x07f4 [ Global ] - ok
16:45:08.0627 0x07f4 ================ Scan MBR ==================================
16:45:08.0643 0x07f4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:45:08.0939 0x07f4 \Device\Harddisk0\DR0 - ok
16:45:08.0955 0x07f4 ================ Scan VBR ==================================
16:45:08.0970 0x07f4 [ 9EA8E62D85B654ABFA42FE70A6F953B3 ] \Device\Harddisk0\DR0\Partition1
16:45:08.0970 0x07f4 \Device\Harddisk0\DR0\Partition1 - ok
16:45:09.0002 0x07f4 [ 91F5318EF98BE317131B8C3B8BDB0A6D ] \Device\Harddisk0\DR0\Partition2
16:45:09.0002 0x07f4 \Device\Harddisk0\DR0\Partition2 - ok
16:45:09.0002 0x07f4 Waiting for KSN requests completion. In queue: 235
16:45:10.0016 0x07f4 Waiting for KSN requests completion. In queue: 235
16:45:11.0030 0x07f4 Waiting for KSN requests completion. In queue: 235
16:45:12.0059 0x07f4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x61010 ( enabled : outofdate )
16:45:12.0059 0x07f4 AV detected via SS2: McAfee VirusScan Enterprise, "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /!REMEDIATE ( ), 0x40010 ( disabled : outofdate )
16:45:12.0122 0x07f4 Win FW state via NFP2: enabled
16:45:14.0961 0x07f4 ============================================================
16:45:14.0961 0x07f4 Scan finished
16:45:14.0961 0x07f4 ============================================================
16:45:14.0976 0x0750 Detected object count: 14
16:45:14.0976 0x0750 Actual detected object count: 14

#6 maldini

Authentic Member

Authentic Member
214 posts

Posted 22 December 2013 - 04:02 PM

adwCleaner log

# AdwCleaner v3.015 - Report created 22/12/2013 at 16:50:15
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (32 bits)
# Username : Busa - DELL-PC
# Running from : C:\Users\Busa\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar
Folder Found C:\Program Files\Ask.com
Folder Found C:\ProgramData\Ask
Folder Found C:\Users\Busa\AppData\Local\apn
Folder Found C:\Users\Busa\AppData\LocalLow\AskToolbar
Folder Found C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\APN
Key Found : HKCU\Software\AppDataLow\Software\AskToolbar
Key Found : HKCU\Software\Ask.com
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04D2B915-19FF-41E9-994D-95DC898BEA43}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\Software\APN
Key Found : HKLM\Software\AskToolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd
Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaojmikegpiepcfdkkjaplodkpfmlo
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Found : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

*************************

AdwCleaner[R0].txt - [5845 octets] - [22/12/2013 16:50:15]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5905 octets] ##########

#7 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 22 December 2013 - 05:00 PM

Good job!

ComboFix

Download Combofix from either of the links below, and save it to your desktop.
Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**
If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.

--------------------------------------------------------------------

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

--------------------------------------------------------------------

Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.

When finished, it will produce a report for you.
Please post the C:\ComboFix.txt for further review.

#8 maldini

Authentic Member

Authentic Member
214 posts

Posted 22 December 2013 - 05:50 PM

I have completed comboFix and the log file is below.

I should note that I have run everyone of these programs from safe mode only.

=============================================

ComboFix 13-12-21.01 - Busa 12/22/2013 18:38:55.1.1 - x86 NETWORK
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.1014.407 [GMT -5:00]
Running from: c:\users\Busa\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: Microsoft Security Essentials *Enabled/Outdated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Microsoft Security Essentials *Enabled/Outdated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\Install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-22 to 2013-12-22 )))))))))))))))))))))))))))))))
.
.
2013-12-22 23:45 . 2013-12-22 23:45   --------   d-----w-   c:\users\Busa\AppData\Local\temp
2013-12-22 23:45 . 2013-12-22 23:45   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-12-22 21:49 . 2013-12-22 21:50   --------   d-----w-   C:\AdwCleaner
2013-12-21 03:02 . 2013-12-21 03:02   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys
2013-12-21 01:07 . 2013-12-21 01:07   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys
2013-12-20 22:23 . 2013-12-20 22:23   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys
2013-12-20 22:12 . 2013-12-20 22:12   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys
2013-12-20 21:52 . 2013-12-20 21:52   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys
2013-12-18 23:53 . 2013-12-18 23:53   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys
2013-12-17 12:41 . 2013-12-18 04:41   --------   d-----w-   C:\2877ecef3e25d9c8e3
2013-12-17 11:44 . 2013-12-17 11:44   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys
2013-12-17 01:12 . 2013-12-17 01:12   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys
2013-12-16 02:26 . 2013-12-16 02:26   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys
2013-12-15 23:22 . 2013-12-15 23:22   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys
2013-12-15 22:44 . 2013-12-22 07:29   62576   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\offreg.dll
2013-12-15 22:38 . 2013-12-15 22:38   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2013-12-15 22:36 . 2013-12-15 22:37   --------   d-----w-   c:\program files\SUPERAntiSpyware
2013-12-15 22:36 . 2013-12-15 22:36   --------   d-----w-   c:\users\Busa\AppData\Roaming\SUPERAntiSpyware.com
2013-12-15 22:35 . 2013-12-15 22:35   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2013-12-15 22:33 . 2013-12-15 22:33   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys
2013-12-14 20:02 . 2013-12-14 20:02   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys
2013-12-14 01:28 . 2013-12-14 01:28   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys
2013-12-13 22:41 . 2013-12-13 22:41   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys
2013-12-13 21:40 . 2013-12-13 21:40   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys
2013-12-13 14:54 . 2013-12-13 14:54   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys
2013-12-13 09:23 . 2013-11-08 01:15   7772552   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\mpengine.dll
2013-12-12 23:33 . 2013-11-26 09:23   2724864   ----a-w-   c:\windows\system32\mshtml.tlb
2013-12-12 23:33 . 2013-11-27 00:20   235216   ----a-w-   c:\program files\Internet Explorer\sqmapi.dll
2013-12-12 23:33 . 2013-11-26 06:41   251392   ----a-w-   c:\program files\Internet Explorer\IEShims.dll
2013-12-12 23:25 . 2013-05-10 04:56   12625408   ----a-w-   c:\windows\system32\wmploc.DLL
2013-12-12 23:25 . 2013-05-10 03:48   164864   ----a-w-   c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 05:27 . 2013-11-08 01:15   7772552   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-11 23:03 . 2013-10-30 02:19   301568   ----a-w-   c:\windows\system32\msieftp.dll
2013-12-11 23:03 . 2013-11-23 18:26   417792   ----a-w-   c:\windows\system32\WMPhoto.dll
2013-12-11 23:03 . 2013-10-19 01:36   159232   ----a-w-   c:\windows\system32\imagehlp.dll
2013-12-11 23:02 . 2013-10-12 02:04   121856   ----a-w-   c:\windows\system32\wshom.ocx
2013-12-11 23:02 . 2013-10-12 02:03   163840   ----a-w-   c:\windows\system32\scrrun.dll
2013-12-11 23:02 . 2013-10-12 01:15   141824   ----a-w-   c:\windows\system32\wscript.exe
2013-12-11 23:02 . 2013-10-12 01:15   126976   ----a-w-   c:\windows\system32\cscript.exe
2013-12-11 23:02 . 2013-11-12 02:07   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-12-11 23:02 . 2013-10-30 01:27   2349056   ----a-w-   c:\windows\system32\win32k.sys
2013-12-11 23:01 . 2013-10-04 01:17   177152   ----a-w-   c:\windows\system32\drivers\portcls.sys
2013-12-11 23:01 . 2013-10-04 01:49   81408   ----a-w-   c:\windows\system32\drivers\drmk.sys
2013-12-07 19:57 . 2013-10-19 18:08   719224   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A90F2866-45E4-484D-A96D-B0606BE5A1EE}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 23:35 . 2012-04-27 01:00   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-12-10 23:35 . 2011-08-25 04:47   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-20 20:13 . 2013-11-20 20:13   646144   ----a-w-   c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 20:13 . 2013-11-20 20:13   194048   ----a-w-   c:\windows\system32\elshyph.dll
2013-11-20 20:13 . 2013-11-20 20:13   645120   ----a-w-   c:\windows\system32\jsIntl.dll
2013-11-20 20:13 . 2013-11-20 20:13   71680   ----a-w-   c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 20:13 . 2013-11-20 20:13   62464   ----a-w-   c:\windows\system32\tdc.ocx
2013-11-20 20:13 . 2013-11-20 20:13   34816   ----a-w-   c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 20:13 . 2013-11-20 20:13   337408   ----a-w-   c:\windows\system32\html.iec
2013-11-20 20:13 . 2013-11-20 20:13   182272   ----a-w-   c:\windows\system32\msls31.dll
2013-11-20 20:13 . 2013-11-20 20:13   454656   ----a-w-   c:\windows\system32\vbscript.dll
2013-11-20 20:13 . 2013-11-20 20:13   24576   ----a-w-   c:\windows\system32\licmgr10.dll
2013-11-20 20:13 . 2013-11-20 20:13   151552   ----a-w-   c:\windows\system32\iexpress.exe
2013-11-20 20:13 . 2013-11-20 20:13   139264   ----a-w-   c:\windows\system32\wextract.exe
2013-11-20 20:13 . 2013-11-20 20:13   1051136   ----a-w-   c:\windows\system32\mshtmlmedia.dll
2013-11-20 20:13 . 2013-11-20 20:13   61952   ----a-w-   c:\windows\system32\MshtmlDac.dll
2013-11-20 20:13 . 2013-11-20 20:13   36352   ----a-w-   c:\windows\system32\imgutil.dll
2013-11-20 20:13 . 2013-11-20 20:13   13312   ----a-w-   c:\windows\system32\mshta.exe
2013-11-20 20:13 . 2013-11-20 20:13   86016   ----a-w-   c:\windows\system32\iesysprep.dll
2013-11-20 20:13 . 2013-11-20 20:13   74240   ----a-w-   c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 20:13 . 2013-11-20 20:13   48640   ----a-w-   c:\windows\system32\mshtmler.dll
2013-11-20 20:13 . 2013-11-20 20:13   111616   ----a-w-   c:\windows\system32\IEAdvpack.dll
2013-11-19 10:21 . 2011-08-24 23:22   230048   ------w-   c:\windows\system32\MpSigStub.exe
2013-10-19 18:08 . 2011-10-11 20:16   719224   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-17 23:05 . 2013-10-17 23:05   94632   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
2013-10-12 02:03 . 2013-11-17 19:27   656896   ----a-w-   c:\windows\system32\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 19:27   679424   ----a-w-   c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01 . 2013-11-17 19:27   216576   ----a-w-   c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57 . 2013-11-17 19:27   1168384   ----a-w-   c:\windows\system32\crypt32.dll
2013-10-04 01:58 . 2013-11-17 19:34   152576   ----a-w-   c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-17 19:34   168960   ----a-w-   c:\windows\system32\credui.dll
2013-10-04 01:56 . 2013-11-17 19:34   1796096   ----a-w-   c:\windows\system32\authui.dll
2013-10-03 01:58 . 2013-11-17 19:27   305152   ----a-w-   c:\windows\system32\gdi32.dll
2013-09-27 14:53 . 2013-09-27 14:53   214696   ----a-w-   c:\windows\system32\drivers\MpFilter.sys
2013-09-27 14:53 . 2011-04-27 19:25   104768   ----a-w-   c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-25 02:01 . 2013-11-17 19:35   136640   ----a-w-   c:\windows\system32\drivers\ksecpkg.sys
2013-09-25 02:01 . 2013-11-17 19:35   67520   ----a-w-   c:\windows\system32\drivers\ksecdd.sys
2013-09-25 01:57 . 2013-11-17 19:34   99840   ----a-w-   c:\windows\system32\sspicli.dll
2013-09-25 01:57 . 2013-11-17 19:34   22016   ----a-w-   c:\windows\system32\secur32.dll
2013-09-25 01:57 . 2013-11-17 19:35   247808   ----a-w-   c:\windows\system32\schannel.dll
2013-09-25 01:56 . 2013-11-17 19:34   220160   ----a-w-   c:\windows\system32\ncrypt.dll
2013-09-25 01:56 . 2013-11-17 19:35   1038848   ----a-w-   c:\windows\system32\lsasrv.dll
2013-09-25 00:49 . 2013-11-17 19:34   22016   ----a-w-   c:\windows\system32\lsass.exe
2013-09-25 00:49 . 2013-11-17 19:34   15872   ----a-w-   c:\windows\system32\sspisrv.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2013-03-31 1520776]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-06-23 1830128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-01-13 215360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2013-03-31 1646216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-3 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 17:05   356352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06   958576   ----a-w-   c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
2013-03-31 18:57   1646216   ----a-w-   c:\program files\Ask.com\Updater\Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-12 02:56   59280   ----a-w-   c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 08:12   421888   ----a-w-   c:\program files\QuickTime\QTTask.exe
.
R1 MpKsl05c06806;MpKsl05c06806;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys [2013-12-14 40392]
R1 MpKsl0a723b1b;MpKsl0a723b1b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl0a723b1b.sys [2013-12-13 40392]
R1 MpKsl173b0bfe;MpKsl173b0bfe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl173b0bfe.sys [2013-12-13 40392]
R1 MpKsl3ec561c4;MpKsl3ec561c4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys [2013-12-13 40392]
R1 MpKsl42d20d8c;MpKsl42d20d8c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys [2013-12-15 40392]
R1 MpKsl433457a4;MpKsl433457a4;c:\windows\system32\MpEngineStore\MpKsl433457a4.sys [2013-10-28 40392]
R1 MpKsl531712b5;MpKsl531712b5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys [2013-12-20 40392]
R1 MpKsl56479291;MpKsl56479291;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl56479291.sys [2013-12-13 40392]
R1 MpKsl567cd4ca;MpKsl567cd4ca;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl567cd4ca.sys [2013-12-20 40392]
R1 MpKsl5c09c013;MpKsl5c09c013;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl5c09c013.sys [2013-12-13 40392]
R1 MpKsl62582d91;MpKsl62582d91;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl62582d91.sys [2013-12-13 40392]
R1 MpKsl6b852b6f;MpKsl6b852b6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys [2013-12-13 40392]
R1 MpKsl6d1a139a;MpKsl6d1a139a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6d1a139a.sys [2013-12-13 40392]
R1 MpKsl72991219;MpKsl72991219;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys [2013-12-13 40392]
R1 MpKsl783f7958;MpKsl783f7958;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys [2013-12-16 40392]
R1 MpKsl8c99a18f;MpKsl8c99a18f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys [2013-12-14 40392]
R1 MpKsl9d9e2965;MpKsl9d9e2965;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys [2013-12-14 40392]
R1 MpKsl9e5d3c7a;MpKsl9e5d3c7a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys [2013-12-13 40392]
R1 MpKsla090ee3b;MpKsla090ee3b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys [2013-12-13 40392]
R1 MpKslb1514709;MpKslb1514709;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys [2013-12-17 40392]
R1 MpKslb1b46087;MpKslb1b46087;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys [2013-12-13 40392]
R1 MpKslbaeaec6f;MpKslbaeaec6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbaeaec6f.sys [2013-12-14 40392]
R1 MpKslbc126b3d;MpKslbc126b3d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbc126b3d.sys [2013-12-13 40392]
R1 MpKslc2ea08a6;MpKslc2ea08a6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys [2013-12-21 40392]
R1 MpKslc5965bac;MpKslc5965bac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys [2013-12-13 40392]
R1 MpKslc7c28cb0;MpKslc7c28cb0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys [2013-12-21 40392]
R1 MpKsld6bd47db;MpKsld6bd47db;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld6bd47db.sys [2013-12-18 40392]
R1 MpKsld81027f9;MpKsld81027f9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys [2013-12-13 40392]
R1 MpKsld849d12f;MpKsld849d12f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys [2013-12-18 40392]
R1 MpKslda6f8fb7;MpKslda6f8fb7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys [2013-12-20 40392]
R1 MpKslddc61595;MpKslddc61595;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys [2013-12-13 40392]
R1 MpKsleff99713;MpKsleff99713;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsleff99713.sys [2013-12-14 40392]
R1 MpKslf28e4fd4;MpKslf28e4fd4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys [2013-12-17 40392]
R1 MpKslface65c7;MpKslface65c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys [2013-12-20 40392]
R1 MpKslfba52fc5;MpKslfba52fc5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys [2013-12-15 40392]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-06-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-06-23 72944]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-10-18 32408]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2011-03-07 15896]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-09-03 227232]
R3 mferkdet;McAfee Inc. mferkdet;c:\windows\system32\drivers\mferkdet.sys [2011-10-03 85152]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-06-23 7408]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-25 1343400]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-03-07 113432]
S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [2011-10-03 162928]
S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [2011-10-03 145936]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 26079075
*Deregistered* - 26079075
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 23:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-swg - c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-22 18:48:25
ComboFix-quarantined-files.txt 2013-12-22 23:48
.
Pre-Run: 16,723,066,880 bytes free
Post-Run: 20,392,808,448 bytes free
.
- - End Of File - - D284F3CEEAFA58673DBB80EA718742C6
A36C5E4F47E84449FF07ED3517B43A31

#9 maldini

Authentic Member

Authentic Member
214 posts

Posted 23 December 2013 - 08:45 AM

just checking to see if you are still with me

#10 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 23 December 2013 - 09:25 AM

Hi,

Yes I am.....just checking on something with a colleague about your system. I will return as quickly as I can.

Advertisements

Register to Remove

#11 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 24 December 2013 - 07:32 AM

Hi,

I notice that you have both Microsoft Security Essentials and McAfee antivirus on your computer. We need to uninstall one of those so that they are not conflicting with each other. A good rule of thumb is to have one antivirus and one firewall on your system along with one antimalware program. Choose which antivirus program you would like to uninstall and remove it via Control Program >> Programs and Features.

Once this is complete, run a new scan with ComboFix and post the newly made log.

#12 maldini

Authentic Member

Authentic Member
214 posts

Posted 24 December 2013 - 09:24 AM

I am having horrendous luck with this seemingly simple step

Here is what I have tried

1) In safe mode, I tried to uninstall the programs and each time I tried to uninstall, the system said there was an error that the needed service to complete the operation was not installed. (note: outside of that error, the computer seems to function well doing basic items in safe mode)

2) Assuming the error in 1 was due to safe mode, I rebooted the computer into normal mode. The computer is semi crippled in this mode. Simple items like just bringing up the control panel take over a minute to do.

3) I first tried to uninstall Microsoft Security Essentials. After a long time of trying, it eventually came back with a generic error code that just said there was a problem in the process.

4) I then tried to uninstall McAfee. There are 3 items with the name McAfee attached to them. McAfee Agent, McAfee Security Scan Plus and McAfee VirusScanPlus

5) I first tried to uninstall McAfee Agent but after a long time it said it could not be uninstalled because it was being used by other programs.

6) I next tried to uninstall McAfee Virus Scan Enterprise, and while it is still running, I am insure it is making any progress. It took a long time to proceed down the normal uninstall path and it made it to a screen where it now says "Please wait while Windows configures McAfee Virus Scan Enterprise, Time Remaining: 10 seconds". That was 25 minutes ago.

I will continue to let this run for a while but I figured I would post this in the mean time in case you want me to take a different direction.

I will update this thread should anything change on the screen.

#13 maldini

Authentic Member

Authentic Member
214 posts

Posted 24 December 2013 - 11:14 AM

Just to update the previous post, nothing has changed from step 6. It still is saying 10 seconds remaining.

I won't reboot into safe mode until we decide how to proceed next but it appears uninstalling the traditional way is going to be problematic with the state of the computer right now.

#14 jeffce

Malware Guy

Authentic Member
8,693 posts

Posted 25 December 2013 - 12:21 PM

Ok....please run ComboFix once more and post the newly made log. If it asks if you want to update it, please accept.

#15 maldini

Authentic Member

Authentic Member
214 posts

Posted 25 December 2013 - 01:16 PM

This is the latest combo fix run from safe mode with networking. It did perform an update.

===================================================

ComboFix 13-12-24.02 - Busa 12/25/2013 13:55:41.2.1 - x86 NETWORK
Microsoft Windows 7 Professional   6.1.7601.1.1252.1.1033.18.1014.426 [GMT -5:00]
Running from: c:\users\Busa\Desktop\ComboFix.exe
AV: McAfee VirusScan Enterprise *Disabled/Outdated* {86355677-4064-3EA7-ABB3-1B136EB04637}
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: McAfee VirusScan Enterprise Antispyware Module *Disabled/Outdated* {3D54B793-665E-3129-9103-206115370C8A}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
(((((((((((((((((((((((((   Files Created from 2013-11-25 to 2013-12-25 )))))))))))))))))))))))))))))))
.
.
2013-12-25 19:02 . 2013-12-25 19:02   --------   d-----w-   c:\users\Default\AppData\Local\temp
2013-12-22 23:48 . 2013-12-25 19:02   --------   d-----w-   c:\users\Busa\AppData\Local\temp
2013-12-22 21:49 . 2013-12-22 21:50   --------   d-----w-   C:\AdwCleaner
2013-12-21 03:02 . 2013-12-21 03:02   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys
2013-12-21 01:07 . 2013-12-21 01:07   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys
2013-12-20 22:23 . 2013-12-20 22:23   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys
2013-12-20 22:12 . 2013-12-20 22:12   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys
2013-12-20 21:52 . 2013-12-20 21:52   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys
2013-12-18 23:53 . 2013-12-18 23:53   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys
2013-12-17 12:41 . 2013-12-18 04:41   --------   d-----w-   C:\2877ecef3e25d9c8e3
2013-12-17 11:44 . 2013-12-17 11:44   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys
2013-12-17 01:12 . 2013-12-17 01:12   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys
2013-12-16 02:26 . 2013-12-16 02:26   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys
2013-12-15 23:22 . 2013-12-15 23:22   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys
2013-12-15 22:38 . 2013-12-15 22:38   --------   d-----w-   c:\programdata\SUPERAntiSpyware.com
2013-12-15 22:36 . 2013-12-15 22:37   --------   d-----w-   c:\program files\SUPERAntiSpyware
2013-12-15 22:36 . 2013-12-15 22:36   --------   d-----w-   c:\users\Busa\AppData\Roaming\SUPERAntiSpyware.com
2013-12-15 22:35 . 2013-12-15 22:35   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2013-12-15 22:33 . 2013-12-15 22:33   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys
2013-12-14 20:02 . 2013-12-14 20:02   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys
2013-12-14 01:28 . 2013-12-14 01:28   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys
2013-12-13 22:41 . 2013-12-13 22:41   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys
2013-12-13 21:40 . 2013-12-13 21:40   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys
2013-12-13 14:54 . 2013-12-13 14:54   40392   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys
2013-12-13 09:23 . 2013-11-08 01:15   7772552   ----a-w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\mpengine.dll
2013-12-12 23:33 . 2013-11-26 09:23   2724864   ----a-w-   c:\windows\system32\mshtml.tlb
2013-12-12 23:33 . 2013-11-27 00:20   235216   ----a-w-   c:\program files\Internet Explorer\sqmapi.dll
2013-12-12 23:33 . 2013-11-26 06:41   251392   ----a-w-   c:\program files\Internet Explorer\IEShims.dll
2013-12-12 23:25 . 2013-05-10 04:56   12625408   ----a-w-   c:\windows\system32\wmploc.DLL
2013-12-12 23:25 . 2013-05-10 03:48   164864   ----a-w-   c:\program files\Windows Media Player\wmplayer.exe
2013-12-12 05:27 . 2013-11-08 01:15   7772552   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-11 23:03 . 2013-10-30 02:19   301568   ----a-w-   c:\windows\system32\msieftp.dll
2013-12-11 23:03 . 2013-11-23 18:26   417792   ----a-w-   c:\windows\system32\WMPhoto.dll
2013-12-11 23:03 . 2013-10-19 01:36   159232   ----a-w-   c:\windows\system32\imagehlp.dll
2013-12-11 23:02 . 2013-10-12 02:04   121856   ----a-w-   c:\windows\system32\wshom.ocx
2013-12-11 23:02 . 2013-10-12 02:03   163840   ----a-w-   c:\windows\system32\scrrun.dll
2013-12-11 23:02 . 2013-10-12 01:15   141824   ----a-w-   c:\windows\system32\wscript.exe
2013-12-11 23:02 . 2013-10-12 01:15   126976   ----a-w-   c:\windows\system32\cscript.exe
2013-12-11 23:02 . 2013-11-12 02:07   2048   ----a-w-   c:\windows\system32\tzres.dll
2013-12-11 23:02 . 2013-10-30 01:27   2349056   ----a-w-   c:\windows\system32\win32k.sys
2013-12-11 23:01 . 2013-10-04 01:17   177152   ----a-w-   c:\windows\system32\drivers\portcls.sys
2013-12-11 23:01 . 2013-10-04 01:49   81408   ----a-w-   c:\windows\system32\drivers\drmk.sys
2013-12-07 19:57 . 2013-10-19 18:08   719224   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{A90F2866-45E4-484D-A96D-B0606BE5A1EE}\gapaengine.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-12-10 23:35 . 2012-04-27 01:00   692616   ----a-w-   c:\windows\system32\FlashPlayerApp.exe
2013-12-10 23:35 . 2011-08-25 04:47   71048   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2013-11-20 20:13 . 2013-11-20 20:13   646144   ----a-w-   c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-20 20:13 . 2013-11-20 20:13   194048   ----a-w-   c:\windows\system32\elshyph.dll
2013-11-20 20:13 . 2013-11-20 20:13   645120   ----a-w-   c:\windows\system32\jsIntl.dll
2013-11-20 20:13 . 2013-11-20 20:13   71680   ----a-w-   c:\windows\system32\RegisterIEPKEYs.exe
2013-11-20 20:13 . 2013-11-20 20:13   62464   ----a-w-   c:\windows\system32\tdc.ocx
2013-11-20 20:13 . 2013-11-20 20:13   34816   ----a-w-   c:\windows\system32\JavaScriptCollectionAgent.dll
2013-11-20 20:13 . 2013-11-20 20:13   337408   ----a-w-   c:\windows\system32\html.iec
2013-11-20 20:13 . 2013-11-20 20:13   182272   ----a-w-   c:\windows\system32\msls31.dll
2013-11-20 20:13 . 2013-11-20 20:13   454656   ----a-w-   c:\windows\system32\vbscript.dll
2013-11-20 20:13 . 2013-11-20 20:13   24576   ----a-w-   c:\windows\system32\licmgr10.dll
2013-11-20 20:13 . 2013-11-20 20:13   151552   ----a-w-   c:\windows\system32\iexpress.exe
2013-11-20 20:13 . 2013-11-20 20:13   139264   ----a-w-   c:\windows\system32\wextract.exe
2013-11-20 20:13 . 2013-11-20 20:13   1051136   ----a-w-   c:\windows\system32\mshtmlmedia.dll
2013-11-20 20:13 . 2013-11-20 20:13   61952   ----a-w-   c:\windows\system32\MshtmlDac.dll
2013-11-20 20:13 . 2013-11-20 20:13   36352   ----a-w-   c:\windows\system32\imgutil.dll
2013-11-20 20:13 . 2013-11-20 20:13   13312   ----a-w-   c:\windows\system32\mshta.exe
2013-11-20 20:13 . 2013-11-20 20:13   86016   ----a-w-   c:\windows\system32\iesysprep.dll
2013-11-20 20:13 . 2013-11-20 20:13   74240   ----a-w-   c:\windows\system32\SetIEInstalledDate.exe
2013-11-20 20:13 . 2013-11-20 20:13   48640   ----a-w-   c:\windows\system32\mshtmler.dll
2013-11-20 20:13 . 2013-11-20 20:13   111616   ----a-w-   c:\windows\system32\IEAdvpack.dll
2013-11-19 10:21 . 2011-08-24 23:22   230048   ------w-   c:\windows\system32\MpSigStub.exe
2013-10-19 18:08 . 2011-10-11 20:16   719224   ------w-   c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-10-17 23:05 . 2013-10-17 23:05   94632   ----a-w-   c:\windows\system32\WindowsAccessBridge.dll
2013-10-12 02:03 . 2013-11-17 19:27   656896   ----a-w-   c:\windows\system32\nshwfp.dll
2013-10-12 02:01 . 2013-11-17 19:27   679424   ----a-w-   c:\windows\system32\IKEEXT.DLL
2013-10-12 02:01 . 2013-11-17 19:27   216576   ----a-w-   c:\windows\system32\FWPUCLNT.DLL
2013-10-05 19:57 . 2013-11-17 19:27   1168384   ----a-w-   c:\windows\system32\crypt32.dll
2013-10-04 01:58 . 2013-11-17 19:34   152576   ----a-w-   c:\windows\system32\SmartcardCredentialProvider.dll
2013-10-04 01:56 . 2013-11-17 19:34   168960   ----a-w-   c:\windows\system32\credui.dll
2013-10-04 01:56 . 2013-11-17 19:34   1796096   ----a-w-   c:\windows\system32\authui.dll
2013-10-03 01:58 . 2013-11-17 19:27   305152   ----a-w-   c:\windows\system32\gdi32.dll
2013-09-27 14:53 . 2013-09-27 14:53   214696   ----a-w-   c:\windows\system32\drivers\MpFilter.sys
2013-09-27 14:53 . 2011-04-27 19:25   104768   ----a-w-   c:\windows\system32\drivers\NisDrvWFP.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{00000000-6E41-4FD3-8538-502F5495E5FC}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2013-03-31 1520776]
.
[HKEY_CLASSES_ROOT\clsid\{00000000-6e41-4fd3-8538-502f5495e5fc}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-06-23 1830128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 150552]
"McAfeeUpdaterUI"="c:\program files\McAfee\Common Framework\udaterui.exe" [2011-01-12 161088]
"ShStatEXE"="c:\program files\McAfee\VirusScan Enterprise\SHSTAT.EXE" [2011-01-13 215360]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 948440]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2012-10-25 421888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-10-12 59280]
"ApnUpdater"="c:\program files\Ask.com\Updater\Updater.exe" [2013-03-31 1646216]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.1.121\SSScheduler.exe [2010-9-3 255536]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 17:05   356352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2013-04-04 21:06   958576   ----a-w-   c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater]
2013-03-31 18:57   1646216   ----a-w-   c:\program files\Ask.com\Updater\Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2012-10-12 02:56   59280   ----a-w-   c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2012-10-25 08:12   421888   ----a-w-   c:\program files\QuickTime\QTTask.exe
.
R1 MpKsl05c06806;MpKsl05c06806;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl05c06806.sys [2013-12-14 40392]
R1 MpKsl0a723b1b;MpKsl0a723b1b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl0a723b1b.sys [2013-12-13 40392]
R1 MpKsl173b0bfe;MpKsl173b0bfe;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl173b0bfe.sys [2013-12-13 40392]
R1 MpKsl3ec561c4;MpKsl3ec561c4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl3ec561c4.sys [2013-12-13 40392]
R1 MpKsl42d20d8c;MpKsl42d20d8c;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl42d20d8c.sys [2013-12-15 40392]
R1 MpKsl433457a4;MpKsl433457a4;c:\windows\system32\MpEngineStore\MpKsl433457a4.sys [2013-10-28 40392]
R1 MpKsl531712b5;MpKsl531712b5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl531712b5.sys [2013-12-20 40392]
R1 MpKsl56479291;MpKsl56479291;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl56479291.sys [2013-12-13 40392]
R1 MpKsl567cd4ca;MpKsl567cd4ca;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl567cd4ca.sys [2013-12-20 40392]
R1 MpKsl5c09c013;MpKsl5c09c013;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl5c09c013.sys [2013-12-13 40392]
R1 MpKsl62582d91;MpKsl62582d91;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl62582d91.sys [2013-12-13 40392]
R1 MpKsl6b852b6f;MpKsl6b852b6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6b852b6f.sys [2013-12-13 40392]
R1 MpKsl6d1a139a;MpKsl6d1a139a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl6d1a139a.sys [2013-12-13 40392]
R1 MpKsl72991219;MpKsl72991219;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl72991219.sys [2013-12-13 40392]
R1 MpKsl783f7958;MpKsl783f7958;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl783f7958.sys [2013-12-16 40392]
R1 MpKsl8c99a18f;MpKsl8c99a18f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl8c99a18f.sys [2013-12-14 40392]
R1 MpKsl9d9e2965;MpKsl9d9e2965;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9d9e2965.sys [2013-12-14 40392]
R1 MpKsl9e5d3c7a;MpKsl9e5d3c7a;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsl9e5d3c7a.sys [2013-12-13 40392]
R1 MpKsla090ee3b;MpKsla090ee3b;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsla090ee3b.sys [2013-12-13 40392]
R1 MpKslb1514709;MpKslb1514709;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1514709.sys [2013-12-17 40392]
R1 MpKslb1b46087;MpKslb1b46087;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslb1b46087.sys [2013-12-13 40392]
R1 MpKslbaeaec6f;MpKslbaeaec6f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbaeaec6f.sys [2013-12-14 40392]
R1 MpKslbc126b3d;MpKslbc126b3d;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslbc126b3d.sys [2013-12-13 40392]
R1 MpKslc2ea08a6;MpKslc2ea08a6;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc2ea08a6.sys [2013-12-21 40392]
R1 MpKslc5965bac;MpKslc5965bac;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc5965bac.sys [2013-12-13 40392]
R1 MpKslc7c28cb0;MpKslc7c28cb0;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslc7c28cb0.sys [2013-12-21 40392]
R1 MpKsld6bd47db;MpKsld6bd47db;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld6bd47db.sys [2013-12-18 40392]
R1 MpKsld81027f9;MpKsld81027f9;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld81027f9.sys [2013-12-13 40392]
R1 MpKsld849d12f;MpKsld849d12f;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsld849d12f.sys [2013-12-18 40392]
R1 MpKslda6f8fb7;MpKslda6f8fb7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslda6f8fb7.sys [2013-12-20 40392]
R1 MpKslddc61595;MpKslddc61595;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslddc61595.sys [2013-12-13 40392]
R1 MpKsleff99713;MpKsleff99713;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKsleff99713.sys [2013-12-14 40392]
R1 MpKslf28e4fd4;MpKslf28e4fd4;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslf28e4fd4.sys [2013-12-17 40392]
R1 MpKslface65c7;MpKslface65c7;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslface65c7.sys [2013-12-20 40392]
R1 MpKslfba52fc5;MpKslfba52fc5;c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{BD4A00F3-BEA8-4CB8-8925-37FBF3249625}\MpKslfba52fc5.sys [2013-12-15 40392]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-06-23 9968]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-06-23 72944]
R3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys [2010-10-18 32408]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]
R3 massfilter_hs;ZTE HandSet Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_hs.sys [2011-03-07 15896]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.1.121\McCHSvc.exe [2010-09-03 227232]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2013-09-27 104768]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2013-10-23 280288]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-06-23 7408]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2011-08-25 1343400]
R3 zghsmdm;ZTE General Handset USB Modem Proprietary;c:\windows\system32\DRIVERS\zghsmdm.sys [2011-03-07 113432]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x86.sys [2009-09-28 315392]
.
.
Contents of the 'Scheduled Tasks' folder
.
2013-12-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-27 23:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-RunOnce-<NO NAME> - (no file)
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-12-25 14:05:22
ComboFix-quarantined-files.txt 2013-12-25 19:05
ComboFix2.txt 2013-12-22 23:48
.
Pre-Run: 20,108,349,440 bytes free
Post-Run: 20,013,211,648 bytes free
.
- - End Of File - - E8D159CACA5E369CA17AF0AE96EAA918
A36C5E4F47E84449FF07ED3517B43A31

Body Background

skin color theme