TishB
-
Posts
48 -
Joined
-
Last visited
-
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Mr. C, I'm sorry to do this but I have an appointment at my clinic at 1:30 p.m. So I need to step away for about an hour maybe two. I shall be back as quickly as possible. Just letting you know so you wouldn't think I'm not paying attention. -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
I have. It's already posted along with the MBR dat file you requested. I don't know how to zip a file. I used winrar instead. -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Started to run mbar but found this. Do you want a newer report? Malwarebytes Anti-Rootkit BETA 1.07.0.1005 www.malwarebytes.org Database version: v2013.09.30.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Shauna :: LITTLEBIRD2 [administrator] 9/30/2013 9:00:06 AM mbar-log-2013-09-30 (09-00-06).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 0 Time elapsed: 1 minute(s), 18 second(s) [aborted] Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Here you go, Mr. C. 08:57:14.0093 0x0580 TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03 08:57:14.0296 0x0580 ============================================================ 08:57:14.0296 0x0580 Current date / time: 2013/10/02 08:57:14.0296 08:57:14.0296 0x0580 SystemInfo: 08:57:14.0296 0x0580 08:57:14.0296 0x0580 OS Version: 5.1.2600 ServicePack: 3.0 08:57:14.0296 0x0580 Product type: Workstation 08:57:14.0296 0x0580 ComputerName: LITTLEBIRD2 08:57:14.0296 0x0580 UserName: Shauna 08:57:14.0296 0x0580 Windows directory: C:\WINDOWS 08:57:14.0296 0x0580 System windows directory: C:\WINDOWS 08:57:14.0296 0x0580 Processor architecture: Intel x86 08:57:14.0296 0x0580 Number of processors: 2 08:57:14.0296 0x0580 Page size: 0x1000 08:57:14.0296 0x0580 Boot type: Safe boot 08:57:14.0296 0x0580 ============================================================ 08:57:24.0781 0x0580 System UUID: {17ECC73A-109A-A8A1-8C80-07B6A9877A1A} 08:57:28.0015 0x0580 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 08:57:28.0031 0x0580 ============================================================ 08:57:28.0031 0x0580 \Device\Harddisk0\DR0: 08:57:28.0031 0x0580 MBR partitions: 08:57:28.0031 0x0580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A14400 08:57:28.0031 0x0580 ============================================================ 08:57:28.0078 0x0580 C: <-> \Device\Harddisk0\DR0\Partition1 08:57:28.0078 0x0580 ============================================================ 08:57:28.0078 0x0580 Initialize success 08:57:28.0078 0x0580 ============================================================ 08:58:12.0828 0x031c ============================================================ 08:58:12.0828 0x031c Scan started 08:58:12.0828 0x031c Mode: Manual; 08:58:12.0828 0x031c ============================================================ 08:58:12.0828 0x031c KSN ping started 08:58:13.0218 0x031c KSN ping finished: false 08:58:13.0781 0x031c ================ Scan system memory ======================== 08:58:13.0781 0x031c System memory - ok 08:58:13.0781 0x031c ================ Scan services ============================= 08:58:14.0312 0x031c 26069313 - ok 08:58:14.0531 0x031c [ D0091301536E1D630AA10121001B89BE, 0267C7F556184ACB5B481CEA1A4EDAB37E6BE536A38610353D64453F427458C6 ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe 08:58:14.0546 0x031c 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok 08:58:15.0000 0x031c Abiosdsk - ok 08:58:15.0078 0x031c [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 08:58:15.0078 0x031c abp480n5 - ok 08:58:15.0218 0x031c [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 08:58:15.0234 0x031c ACPI - ok 08:58:15.0265 0x031c [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 08:58:15.0265 0x031c ACPIEC - ok 08:58:15.0343 0x031c [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys 08:58:15.0359 0x031c adpu160m - ok 08:58:15.0500 0x031c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys 08:58:15.0515 0x031c aec - ok 08:58:15.0609 0x031c [ F0F8212D86EF2BFDD5AD01F6AB7B017C, 013B9B6B1910EBC8539FC57F234143035C4D542F790340AA7AEDA35AB4D675F6 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys 08:58:15.0625 0x031c AESTAud - ok 08:58:15.0765 0x031c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys 08:58:15.0781 0x031c AFD - ok 08:58:15.0828 0x031c [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys 08:58:15.0843 0x031c agp440 - ok 08:58:15.0890 0x031c [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 08:58:15.0890 0x031c agpCPQ - ok 08:58:15.0921 0x031c [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys 08:58:15.0921 0x031c Aha154x - ok 08:58:15.0984 0x031c [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys 08:58:15.0984 0x031c aic78u2 - ok 08:58:16.0046 0x031c [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys 08:58:16.0046 0x031c aic78xx - ok 08:58:16.0109 0x031c [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 08:58:16.0109 0x031c Alerter - ok 08:58:16.0171 0x031c [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe 08:58:16.0203 0x031c ALG - ok 08:58:16.0218 0x031c [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 08:58:16.0218 0x031c AliIde - ok 08:58:16.0281 0x031c [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys 08:58:16.0281 0x031c alim1541 - ok 08:58:16.0328 0x031c [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys 08:58:16.0328 0x031c amdagp - ok 08:58:16.0375 0x031c [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys 08:58:16.0390 0x031c amsint - ok 08:58:16.0531 0x031c [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 08:58:16.0546 0x031c Apple Mobile Device - ok 08:58:16.0578 0x031c AppMgmt - ok 08:58:16.0640 0x031c [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 08:58:16.0640 0x031c Arp1394 - ok 08:58:16.0687 0x031c [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys 08:58:16.0687 0x031c asc - ok 08:58:16.0718 0x031c [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys 08:58:16.0718 0x031c asc3350p - ok 08:58:16.0750 0x031c [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys 08:58:16.0750 0x031c asc3550 - ok 08:58:17.0000 0x031c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 08:58:17.0062 0x031c aspnet_state - ok 08:58:17.0125 0x031c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 08:58:17.0125 0x031c AsyncMac - ok 08:58:17.0250 0x031c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 08:58:17.0265 0x031c atapi - ok 08:58:17.0281 0x031c Atdisk - ok 08:58:17.0343 0x031c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 08:58:17.0343 0x031c Atmarpc - ok 08:58:17.0437 0x031c [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 08:58:17.0468 0x031c AudioSrv - ok 08:58:17.0500 0x031c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 08:58:17.0500 0x031c audstub - ok 08:58:17.0578 0x031c [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 08:58:17.0578 0x031c avgtp - ok 08:58:18.0671 0x031c [ 10CF810CBC0B7090C436BB15496B3328, ABD3B951836183C23B8CA30D82C7FD85E69E98379C6FEA81F8A9EAA9FEE484BC ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 08:58:18.0796 0x031c BCM43XX - ok 08:58:18.0875 0x031c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys 08:58:18.0875 0x031c Beep - ok 08:58:19.0156 0x031c [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll 08:58:19.0375 0x031c BITS - ok 08:58:19.0593 0x031c [ 73BAA2AB3666CCFF2CBC7BE23B08F60D, 7C0A0194AE2EAE6F905DAE49CA8F9E8A7520C80FA699EF61B28F0390822D68E6 ] BOTService C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe 08:58:19.0609 0x031c BOTService - ok 08:58:19.0718 0x031c [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll 08:58:19.0750 0x031c Browser - ok 08:58:20.0046 0x031c catchme - ok 08:58:20.0109 0x031c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 08:58:20.0109 0x031c cbidf - ok 08:58:20.0140 0x031c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 08:58:20.0140 0x031c cbidf2k - ok 08:58:20.0203 0x031c [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 08:58:20.0203 0x031c CCDECODE - ok 08:58:20.0234 0x031c [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 08:58:20.0234 0x031c cd20xrnt - ok 08:58:20.0281 0x031c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 08:58:20.0296 0x031c Cdaudio - ok 08:58:20.0375 0x031c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 08:58:20.0375 0x031c Cdfs - ok 08:58:20.0453 0x031c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 08:58:20.0468 0x031c Cdrom - ok 08:58:20.0484 0x031c Changer - ok 08:58:20.0562 0x031c [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe 08:58:20.0562 0x031c CiSvc - ok 08:58:20.0609 0x031c [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 08:58:20.0625 0x031c ClipSrv - ok 08:58:20.0734 0x031c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 08:58:20.0812 0x031c clr_optimization_v2.0.50727_32 - ok 08:58:20.0859 0x031c [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 08:58:20.0875 0x031c CmBatt - ok 08:58:20.0937 0x031c [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys 08:58:20.0937 0x031c CmdIde - ok 08:58:20.0984 0x031c [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 08:58:20.0984 0x031c Compbatt - ok 08:58:21.0015 0x031c COMSysApp - ok 08:58:21.0093 0x031c [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys 08:58:21.0093 0x031c Cpqarray - ok 08:58:21.0156 0x031c [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 08:58:21.0187 0x031c CryptSvc - ok 08:58:21.0312 0x031c [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 08:58:21.0328 0x031c dac2w2k - ok 08:58:21.0359 0x031c [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys 08:58:21.0359 0x031c dac960nt - ok 08:58:21.0625 0x031c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 08:58:21.0843 0x031c DcomLaunch - ok 08:58:21.0953 0x031c [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 08:58:22.0031 0x031c Dhcp - ok 08:58:22.0078 0x031c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 08:58:22.0078 0x031c Disk - ok 08:58:22.0109 0x031c dmadmin - ok 08:58:22.0593 0x031c [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 08:58:22.0656 0x031c dmboot - ok 08:58:22.0750 0x031c [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys 08:58:22.0765 0x031c dmio - ok 08:58:22.0796 0x031c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys 08:58:22.0796 0x031c dmload - ok 08:58:22.0843 0x031c [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll 08:58:22.0859 0x031c dmserver - ok 08:58:22.0937 0x031c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 08:58:22.0953 0x031c DMusic - ok 08:58:23.0046 0x031c [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 08:58:23.0062 0x031c Dnscache - ok 08:58:23.0234 0x031c [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 08:58:23.0296 0x031c Dot3svc - ok 08:58:23.0328 0x031c [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys 08:58:23.0343 0x031c dpti2o - ok 08:58:23.0359 0x031c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 08:58:23.0359 0x031c drmkaud - ok 08:58:23.0500 0x031c [ 8C2B6BBC82AD12CD9A2E73E5DCBBA705, 7BCABBFEA6129FD1E3FAA0CC81BAD0BEBA3DC2AAB77B963D7151F155F6D09B7D ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys 08:58:23.0515 0x031c eamon - ok 08:58:23.0562 0x031c [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll 08:58:23.0593 0x031c EapHost - ok 08:58:23.0703 0x031c [ 5412ED24FFFCA64E2F0168399B86C952, 175A35196B18F87B119EF82C4B2FBD71633105AD1AE16A1371DABF2A4181998F ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys 08:58:23.0718 0x031c ehdrv - ok 08:58:24.0312 0x031c [ AD4FAADE819E0DA9933BEA7C01D2C763, C29A9FEF45AA7B9D80C545715006C0EDA4729D4E50BB400136619459601449EA ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 08:58:24.0796 0x031c ekrn - ok 08:58:24.0906 0x031c [ CF1108161DFEDD82AE811307A3763E1C, CDFDCEF81B9831C75249A532AB02480D553CAC5A78317145578C54389C5F60BD ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys 08:58:24.0921 0x031c epfwtdir - ok 08:58:24.0968 0x031c [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll 08:58:24.0984 0x031c ERSvc - ok 08:58:25.0109 0x031c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe 08:58:25.0109 0x031c Eventlog - ok 08:58:25.0312 0x031c [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll 08:58:25.0453 0x031c EventSystem - ok 08:58:25.0562 0x031c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 08:58:25.0578 0x031c Fastfat - ok 08:58:25.0718 0x031c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 08:58:25.0796 0x031c FastUserSwitchingCompatibility - ok 08:58:25.0859 0x031c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 08:58:25.0859 0x031c Fdc - ok 08:58:25.0906 0x031c [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys 08:58:25.0906 0x031c Fips - ok 08:58:25.0937 0x031c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 08:58:25.0937 0x031c Flpydisk - ok 08:58:26.0046 0x031c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 08:58:26.0046 0x031c FltMgr - ok 08:58:26.0156 0x031c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 08:58:26.0187 0x031c FontCache3.0.0.0 - ok 08:58:26.0203 0x031c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 08:58:26.0218 0x031c Fs_Rec - ok 08:58:26.0296 0x031c [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 08:58:26.0312 0x031c Ftdisk - ok 08:58:26.0375 0x031c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 08:58:26.0375 0x031c Gpc - ok 08:58:26.0578 0x031c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 08:58:26.0593 0x031c gupdate - ok 08:58:26.0687 0x031c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 08:58:26.0703 0x031c gupdatem - ok 08:58:26.0828 0x031c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 08:58:26.0843 0x031c HDAudBus - ok 08:58:26.0984 0x031c [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 08:58:27.0000 0x031c helpsvc - ok 08:58:27.0031 0x031c HidServ - ok 08:58:27.0093 0x031c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 08:58:27.0093 0x031c HidUsb - ok 08:58:27.0187 0x031c [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 08:58:27.0234 0x031c hkmsvc - ok 08:58:27.0281 0x031c [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys 08:58:27.0281 0x031c hpn - ok 08:58:27.0468 0x031c [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 08:58:27.0546 0x031c hpqwmiex - ok 08:58:27.0750 0x031c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 08:58:27.0781 0x031c HTTP - ok 08:58:27.0875 0x031c [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 08:58:27.0875 0x031c HTTPFilter - ok 08:58:27.0937 0x031c [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys 08:58:27.0937 0x031c i2omgmt - ok 08:58:27.0984 0x031c [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys 08:58:27.0984 0x031c i2omp - ok 08:58:28.0078 0x031c [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 08:58:28.0078 0x031c i8042prt - ok 08:58:31.0437 0x031c [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 08:58:31.0875 0x031c ialm - ok 08:58:32.0046 0x031c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 08:58:32.0093 0x031c IDriverT - ok 08:58:32.0671 0x031c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 08:58:33.0187 0x031c idsvc - ok 08:58:33.0265 0x031c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 08:58:33.0281 0x031c Imapi - ok 08:58:33.0390 0x031c [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe 08:58:33.0468 0x031c ImapiService - ok 08:58:33.0515 0x031c [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys 08:58:33.0515 0x031c ini910u - ok 08:58:33.0593 0x031c [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 08:58:33.0593 0x031c IntelIde - ok 08:58:33.0625 0x031c [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 08:58:33.0640 0x031c intelppm - ok 08:58:33.0718 0x031c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 08:58:33.0718 0x031c Ip6Fw - ok 08:58:33.0781 0x031c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 08:58:33.0796 0x031c IpFilterDriver - ok 08:58:33.0828 0x031c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 08:58:33.0828 0x031c IpInIp - ok 08:58:33.0968 0x031c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 08:58:33.0984 0x031c IpNat - ok 08:58:34.0062 0x031c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 08:58:34.0078 0x031c IPSec - ok 08:58:34.0125 0x031c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 08:58:34.0125 0x031c IRENUM - ok 08:58:34.0187 0x031c [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 08:58:34.0203 0x031c isapnp - ok 08:58:34.0500 0x031c [ A5937B2A94424CF1B13A4AD503AF6B2E, E96CE4E526E053FB410987BD444627BC7B26FCE48DC0A61916ADD0A69EFA6941 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe 08:58:34.0515 0x031c JavaQuickStarterService - ok 08:58:34.0578 0x031c [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 08:58:34.0578 0x031c Kbdclass - ok 08:58:34.0703 0x031c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 08:58:34.0718 0x031c kmixer - ok 08:58:34.0812 0x031c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 08:58:34.0812 0x031c KSecDD - ok 08:58:34.0890 0x031c [ 6C8658587E91EA25B0FD2E71781AD228, EFD9D5E73264175C7E598D8B2DB2CE44A70A0D8B18290338E4FBDE585AA607AF ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys 08:58:34.0906 0x031c L1c - ok 08:58:35.0015 0x031c [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 08:58:35.0062 0x031c LanmanServer - ok 08:58:35.0203 0x031c [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 08:58:35.0281 0x031c lanmanworkstation - ok 08:58:35.0296 0x031c lbrtfdc - ok 08:58:35.0421 0x031c [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 08:58:35.0421 0x031c LmHosts - ok 08:58:35.0500 0x031c [ B749B05D5A7AD704E47D4565B4894D99, 3B1A2B8CCD1FEA88FA1CA91F65A34517367BC5AC90E371FA6FE452867128F18F ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys 08:58:35.0515 0x031c mbamchameleon - ok 08:58:35.0593 0x031c [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 08:58:35.0593 0x031c MBAMProtector - ok 08:58:35.0890 0x031c [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 08:58:35.0921 0x031c MBAMScheduler - ok 08:58:36.0328 0x031c [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 08:58:36.0375 0x031c MBAMService - ok 08:58:36.0640 0x031c [ DDCC236009C707761D60E5C76D639176, 7D88944E4DC258C9B7B23E44CAF515BBB2A6E3831CF059AC03DF2CDB3953A04C ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe 08:58:36.0765 0x031c McComponentHostService - ok 08:58:36.0781 0x031c MEMSWEEP2 - ok 08:58:36.0859 0x031c [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll 08:58:36.0890 0x031c Messenger - ok 08:58:36.0937 0x031c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 08:58:36.0937 0x031c mnmdd - ok 08:58:37.0015 0x031c [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 08:58:37.0031 0x031c mnmsrvc - ok 08:58:37.0078 0x031c [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys 08:58:37.0078 0x031c Modem - ok 08:58:37.0140 0x031c [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 08:58:37.0140 0x031c Mouclass - ok 08:58:37.0218 0x031c [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 08:58:37.0218 0x031c mouhid - ok 08:58:37.0265 0x031c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 08:58:37.0265 0x031c MountMgr - ok 08:58:37.0421 0x031c [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 08:58:37.0484 0x031c MozillaMaintenance - ok 08:58:37.0515 0x031c [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys 08:58:37.0531 0x031c mraid35x - ok 08:58:37.0656 0x031c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 08:58:37.0671 0x031c MRxDAV - ok 08:58:37.0968 0x031c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 08:58:38.0000 0x031c MRxSmb - ok 08:58:38.0046 0x031c [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe 08:58:38.0062 0x031c MSDTC - ok 08:58:38.0109 0x031c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 08:58:38.0109 0x031c Msfs - ok 08:58:38.0140 0x031c MSIServer - ok 08:58:38.0218 0x031c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 08:58:38.0218 0x031c MSKSSRV - ok 08:58:38.0296 0x031c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 08:58:38.0296 0x031c MSPCLOCK - ok 08:58:38.0312 0x031c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 08:58:38.0312 0x031c MSPQM - ok 08:58:38.0359 0x031c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 08:58:38.0375 0x031c mssmbios - ok 08:58:38.0390 0x031c [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 08:58:38.0406 0x031c MSTEE - ok 08:58:38.0500 0x031c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 08:58:38.0515 0x031c Mup - ok 08:58:38.0593 0x031c [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 08:58:38.0593 0x031c NABTSFEC - ok 08:58:38.0828 0x031c [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll 08:58:38.0984 0x031c napagent - ok 08:58:39.0140 0x031c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 08:58:39.0140 0x031c NDIS - ok 08:58:39.0218 0x031c [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 08:58:39.0218 0x031c NdisIP - ok 08:58:39.0375 0x031c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 08:58:39.0375 0x031c NdisTapi - ok 08:58:39.0437 0x031c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 08:58:39.0437 0x031c Ndisuio - ok 08:58:39.0515 0x031c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 08:58:39.0515 0x031c NdisWan - ok 08:58:39.0609 0x031c [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 08:58:39.0625 0x031c NDProxy - ok 08:58:39.0671 0x031c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 08:58:39.0687 0x031c NetBIOS - ok 08:58:39.0812 0x031c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 08:58:39.0843 0x031c NetBT - ok 08:58:39.0953 0x031c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe 08:58:40.0015 0x031c NetDDE - ok 08:58:40.0093 0x031c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 08:58:40.0109 0x031c NetDDEdsdm - ok 08:58:40.0140 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe 08:58:40.0156 0x031c Netlogon - ok 08:58:40.0296 0x031c [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll 08:58:40.0406 0x031c Netman - ok 08:58:40.0562 0x031c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 08:58:40.0625 0x031c NetTcpPortSharing - ok 08:58:40.0703 0x031c [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 08:58:40.0703 0x031c NIC1394 - ok 08:58:40.0890 0x031c [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll 08:58:41.0015 0x031c Nla - ok 08:58:41.0093 0x031c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 08:58:41.0093 0x031c Npfs - ok 08:58:41.0421 0x031c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 08:58:41.0468 0x031c Ntfs - ok 08:58:41.0500 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 08:58:41.0500 0x031c NtLmSsp - ok 08:58:41.0796 0x031c [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 08:58:42.0031 0x031c NtmsSvc - ok 08:58:42.0078 0x031c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys 08:58:42.0078 0x031c Null - ok 08:58:42.0109 0x031c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 08:58:42.0109 0x031c NwlnkFlt - ok 08:58:42.0156 0x031c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 08:58:42.0156 0x031c NwlnkFwd - ok 08:58:42.0562 0x031c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 08:58:42.0812 0x031c odserv - ok 08:58:42.0953 0x031c [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 08:58:42.0968 0x031c ohci1394 - ok 08:58:43.0078 0x031c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 08:58:43.0156 0x031c ose - ok 08:58:43.0234 0x031c [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys 08:58:43.0250 0x031c Parport - ok 08:58:43.0281 0x031c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 08:58:43.0281 0x031c PartMgr - ok 08:58:43.0312 0x031c [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 08:58:43.0312 0x031c ParVdm - ok 08:58:43.0375 0x031c [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 08:58:43.0390 0x031c PCI - ok 08:58:43.0406 0x031c PCIDump - ok 08:58:43.0437 0x031c [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 08:58:43.0437 0x031c PCIIde - ok 08:58:43.0531 0x031c [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 08:58:43.0546 0x031c Pcmcia - ok 08:58:43.0562 0x031c PDCOMP - ok 08:58:43.0593 0x031c PDFRAME - ok 08:58:43.0625 0x031c PDRELI - ok 08:58:43.0656 0x031c PDRFRAME - ok 08:58:43.0703 0x031c [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys 08:58:43.0703 0x031c perc2 - ok 08:58:43.0734 0x031c [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys 08:58:43.0734 0x031c perc2hib - ok 08:58:43.0890 0x031c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe 08:58:43.0906 0x031c PlugPlay - ok 08:58:43.0968 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 08:58:43.0984 0x031c PolicyAgent - ok 08:58:44.0078 0x031c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 08:58:44.0093 0x031c PptpMiniport - ok 08:58:44.0203 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 08:58:44.0203 0x031c ProtectedStorage - ok 08:58:44.0265 0x031c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 08:58:44.0265 0x031c PSched - ok 08:58:44.0296 0x031c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 08:58:44.0296 0x031c Ptilink - ok 08:58:44.0359 0x031c [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 08:58:44.0375 0x031c PxHelp20 - ok 08:58:44.0421 0x031c [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys 08:58:44.0421 0x031c ql1080 - ok 08:58:44.0468 0x031c [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 08:58:44.0468 0x031c Ql10wnt - ok 08:58:44.0515 0x031c [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys 08:58:44.0515 0x031c ql12160 - ok 08:58:44.0562 0x031c [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys 08:58:44.0562 0x031c ql1240 - ok 08:58:44.0609 0x031c [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys 08:58:44.0609 0x031c ql1280 - ok 08:58:44.0656 0x031c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 08:58:44.0656 0x031c RasAcd - ok 08:58:44.0765 0x031c [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll 08:58:44.0828 0x031c RasAuto - ok 08:58:44.0906 0x031c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 08:58:44.0906 0x031c Rasl2tp - ok 08:58:45.0062 0x031c [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll 08:58:45.0156 0x031c RasMan - ok 08:58:45.0203 0x031c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 08:58:45.0203 0x031c RasPppoe - ok 08:58:45.0234 0x031c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 08:58:45.0250 0x031c Raspti - ok 08:58:45.0359 0x031c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 08:58:45.0375 0x031c Rdbss - ok 08:58:45.0406 0x031c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 08:58:45.0406 0x031c RDPCDD - ok 08:58:45.0578 0x031c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 08:58:45.0593 0x031c rdpdr - ok 08:58:45.0734 0x031c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 08:58:45.0750 0x031c RDPWD - ok 08:58:45.0875 0x031c [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 08:58:45.0953 0x031c RDSessMgr - ok 08:58:46.0000 0x031c [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 08:58:46.0015 0x031c redbook - ok 08:58:46.0093 0x031c [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 08:58:46.0125 0x031c RemoteAccess - ok 08:58:46.0218 0x031c [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe 08:58:46.0250 0x031c RpcLocator - ok 08:58:46.0500 0x031c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll 08:58:46.0546 0x031c RpcSs - ok 08:58:46.0562 0x031c RSUSBSTOR - ok 08:58:46.0671 0x031c [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe 08:58:46.0750 0x031c RSVP - ok 08:58:46.0765 0x031c Rts516xIR - ok 08:58:46.0812 0x031c [ 0B2D5D2341437D7D7E1A6C7BBCE3786A, E28F6FF902963CD725CE8DEDA6A96AEDDC108533BAEC3110380227992BF3C2CF ] SahdIa32 C:\WINDOWS\system32\Drivers\SahdIa32.sys 08:58:46.0828 0x031c SahdIa32 - ok 08:58:46.0875 0x031c [ 7A5F65B16249AF2BC9D18D815F5D7172, 65B99EC99F92D0A8E7231BE66CAC2C075BF8D0B814E6DFA85A0C87BFBCE270CC ] SaibIa32 C:\WINDOWS\system32\Drivers\SaibIa32.sys 08:58:46.0875 0x031c SaibIa32 - ok 08:58:46.0953 0x031c [ E333C9515822DE586A3FF759A0C9B7BF, 8633B6A469F1F4CC348B80C2E0B686C119BBC970EE9360A86A42AC16EFC58073 ] SaibVd32 C:\WINDOWS\system32\Drivers\SaibVd32.sys 08:58:46.0953 0x031c SaibVd32 - ok 08:58:47.0000 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe 08:58:47.0000 0x031c SamSs - ok 08:58:47.0093 0x031c [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 08:58:47.0140 0x031c SCardSvr - ok 08:58:47.0296 0x031c [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll 08:58:47.0390 0x031c Schedule - ok 08:58:47.0500 0x031c [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 08:58:47.0500 0x031c sdbus - ok 08:58:47.0546 0x031c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 08:58:47.0562 0x031c Secdrv - ok 08:58:47.0609 0x031c [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll 08:58:47.0625 0x031c seclogon - ok 08:58:47.0671 0x031c [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll 08:58:47.0687 0x031c SENS - ok 08:58:47.0750 0x031c [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys 08:58:47.0765 0x031c Serial - ok 08:58:47.0828 0x031c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 08:58:47.0843 0x031c Sfloppy - ok 08:58:48.0062 0x031c [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 08:58:48.0250 0x031c SharedAccess - ok 08:58:48.0375 0x031c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 08:58:48.0390 0x031c ShellHWDetection - ok 08:58:48.0406 0x031c Simbad - ok 08:58:48.0468 0x031c [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys 08:58:48.0468 0x031c sisagp - ok 08:58:48.0531 0x031c [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 08:58:48.0531 0x031c SLIP - ok 08:58:48.0593 0x031c [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys 08:58:48.0593 0x031c Sparrow - ok 08:58:48.0656 0x031c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys 08:58:48.0656 0x031c splitter - ok 08:58:48.0750 0x031c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe 08:58:48.0750 0x031c Spooler - ok 08:58:48.0843 0x031c [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 08:58:48.0843 0x031c sr - ok 08:58:48.0984 0x031c [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll 08:58:49.0078 0x031c srservice - ok 08:58:49.0312 0x031c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 08:58:49.0343 0x031c Srv - ok 08:58:49.0421 0x031c [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 08:58:49.0468 0x031c SSDPSRV - ok 08:58:49.0687 0x031c [ 7C43EE429B6F503EB6ADAFFF3C20A305, 885A5F480349784002547DF2375E29506A57BDFA632866624405813262223EE4 ] STacSV c:\program files\idt\wdm\STacSV.exe 08:58:49.0718 0x031c STacSV - ok 08:58:50.0656 0x031c [ DC3489F1EF71AD75B34740D0E6979187, BD6BE706073622B7EB98A869CEB915F75448C66021F5CD54441AB4A73DBCD38D ] STHDA C:\WINDOWS\system32\drivers\sthda.sys 08:58:50.0781 0x031c STHDA - ok 08:58:51.0031 0x031c [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll 08:58:51.0234 0x031c stisvc - ok 08:58:51.0265 0x031c [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 08:58:51.0281 0x031c streamip - ok 08:58:51.0328 0x031c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 08:58:51.0328 0x031c swenum - ok 08:58:51.0375 0x031c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 08:58:51.0390 0x031c swmidi - ok 08:58:51.0453 0x031c SwPrv - ok 08:58:51.0546 0x031c [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys 08:58:51.0562 0x031c symc810 - ok 08:58:51.0687 0x031c [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys 08:58:51.0687 0x031c symc8xx - ok 08:58:51.0906 0x031c [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys 08:58:51.0906 0x031c sym_hi - ok 08:58:51.0953 0x031c [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys 08:58:51.0953 0x031c sym_u3 - ok 08:58:52.0109 0x031c [ 8DA49473F997D4C5D821F1E358F94F2D, A1C2C3B0DAAD6560758FC77CEDF0D641DFD155F3975BC2C5FFA37776EFA9528B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 08:58:52.0125 0x031c SynTP - ok 08:58:52.0218 0x031c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 08:58:52.0218 0x031c sysaudio - ok 08:58:52.0343 0x031c [ 806284D876063CE0395C178124E708D3, 7F5CEFCC83066B67B3E532D5EAD75CE88F97FE04E8BE7E8B6C8D9AC4FFC494F1 ] SysCow C:\WINDOWS\system32\drivers\syscow32x.sys 08:58:52.0343 0x031c SysCow - ok 08:58:52.0437 0x031c [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 08:58:52.0484 0x031c SysmonLog - ok 08:58:52.0656 0x031c [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 08:58:52.0796 0x031c TapiSrv - ok 08:58:53.0015 0x031c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 08:58:53.0046 0x031c Tcpip - ok 08:58:53.0078 0x031c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 08:58:53.0078 0x031c TDPIPE - ok 08:58:53.0109 0x031c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 08:58:53.0125 0x031c TDTCP - ok 08:58:53.0171 0x031c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 08:58:53.0187 0x031c TermDD - ok 08:58:53.0390 0x031c [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll 08:58:53.0546 0x031c TermService - ok 08:58:53.0656 0x031c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll 08:58:53.0671 0x031c Themes - ok 08:58:53.0718 0x031c [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys 08:58:53.0718 0x031c TosIde - ok 08:58:53.0812 0x031c [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll 08:58:53.0875 0x031c TrkWks - ok 08:58:53.0890 0x031c TrueSight - ok 08:58:53.0968 0x031c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 08:58:53.0984 0x031c Udfs - ok 08:58:54.0015 0x031c [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys 08:58:54.0015 0x031c ultra - ok 08:58:54.0265 0x031c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 08:58:54.0296 0x031c Update - ok 08:58:54.0421 0x031c [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll 08:58:54.0531 0x031c upnphost - ok 08:58:54.0578 0x031c [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe 08:58:54.0593 0x031c UPS - ok 08:58:54.0656 0x031c [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 08:58:54.0671 0x031c USBAAPL - ok 08:58:54.0734 0x031c [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 08:58:54.0750 0x031c usbccgp - ok 08:58:54.0765 0x031c USBCCID - ok 08:58:54.0843 0x031c [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 08:58:54.0859 0x031c usbehci - ok 08:58:54.0921 0x031c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 08:58:54.0921 0x031c usbhub - ok 08:58:55.0031 0x031c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 08:58:55.0031 0x031c USBSTOR - ok 08:58:55.0062 0x031c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 08:58:55.0078 0x031c usbuhci - ok 08:58:55.0156 0x031c [ 63BBFCA7F390F4C49ED4B96BFB1633E0, AEB89CF43376709CDD715D844E8CBB8F2BE24D39795F45F7C84F21962F3A52AB ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys 08:58:55.0156 0x031c usbvideo - ok 08:58:55.0203 0x031c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 08:58:55.0203 0x031c VgaSave - ok 08:58:55.0265 0x031c [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys 08:58:55.0265 0x031c viaagp - ok 08:58:55.0312 0x031c [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 08:58:55.0312 0x031c ViaIde - ok 08:58:55.0359 0x031c [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 08:58:55.0375 0x031c VolSnap - ok 08:58:55.0593 0x031c [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe 08:58:55.0750 0x031c VSS - ok 08:58:55.0765 0x031c vToolbarUpdater17.0.1 - ok 08:58:55.0890 0x031c [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll 08:58:56.0000 0x031c W32Time - ok 08:58:56.0078 0x031c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 08:58:56.0078 0x031c Wanarp - ok 08:58:56.0406 0x031c [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 08:58:56.0453 0x031c Wdf01000 - ok 08:58:56.0468 0x031c WDICA - ok 08:58:56.0546 0x031c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 08:58:56.0546 0x031c wdmaud - ok 08:58:56.0640 0x031c [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll 08:58:56.0687 0x031c WebClient - ok 08:58:56.0890 0x031c [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 08:58:56.0906 0x031c winmgmt - ok 08:58:57.0000 0x031c [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 08:58:57.0015 0x031c WmdmPmSN - ok 08:58:57.0031 0x031c [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 08:58:57.0031 0x031c WmiAcpi - ok 08:58:57.0171 0x031c [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 08:58:57.0234 0x031c WmiApSrv - ok 08:58:57.0828 0x031c [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 08:58:58.0343 0x031c WMPNetworkSvc - ok 08:58:58.0421 0x031c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 08:58:58.0421 0x031c WS2IFSL - ok 08:58:58.0515 0x031c [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 08:58:58.0562 0x031c wscsvc - ok 08:58:58.0593 0x031c [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 08:58:58.0609 0x031c WSTCODEC - ok 08:58:58.0640 0x031c [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll 08:58:58.0656 0x031c wuauserv - ok 08:58:58.0718 0x031c [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 08:58:58.0718 0x031c WudfPf - ok 08:58:58.0796 0x031c [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 08:58:58.0812 0x031c WudfRd - ok 08:58:58.0859 0x031c [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 08:58:58.0906 0x031c WudfSvc - ok 08:58:59.0203 0x031c [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 08:58:59.0453 0x031c WZCSVC - ok 08:58:59.0578 0x031c [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll 08:58:59.0640 0x031c xmlprov - ok 08:58:59.0671 0x031c ================ Scan global =============================== 08:58:59.0734 0x031c [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll 08:58:59.0968 0x031c [ 8C7DCA4B158BF16894120786A7A5F366, E232E82B45412A636F936567036CB966F28F5C3730982145B8A8239B485E4A7E ] C:\WINDOWS\system32\winsrv.dll 08:59:00.0296 0x031c [ 8C7DCA4B158BF16894120786A7A5F366, E232E82B45412A636F936567036CB966F28F5C3730982145B8A8239B485E4A7E ] C:\WINDOWS\system32\winsrv.dll 08:59:00.0390 0x031c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe 08:59:00.0406 0x031c [ Global ] - ok 08:59:00.0406 0x031c ================ Scan MBR ================================== 08:59:00.0453 0x031c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 08:59:01.0687 0x031c \Device\Harddisk0\DR0 - ok 08:59:01.0687 0x031c ================ Scan VBR ================================== 08:59:01.0703 0x031c [ 9C2D03201E1349E134412D97BCCA42AA ] \Device\Harddisk0\DR0\Partition1 08:59:01.0703 0x031c \Device\Harddisk0\DR0\Partition1 - ok 08:59:01.0859 0x031c AV detected via SS1: ESET NOD32 Antivirus 5.2, 5.2, enabled, outofdate 08:59:01.0937 0x031c ============================================================ 08:59:01.0937 0x031c Scan finished 08:59:01.0937 0x031c ============================================================ 08:59:01.0984 0x0524 Detected object count: 0 08:59:01.0984 0x0524 Actual detected object count: 0 09:00:31.0390 0x0588 Deinitialize success MBR.rar -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
No sir, I haven't. Not sure why...I'd have to go back through the posts to see. I can try again. BRB. Hopefully it'll work. -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Thanks...I'm looking at the TDSS reports now. Just be aware they were run last night in safe mode...without the module option. If I hadn't they'd of never loaded completely, I believe. Here are those reports: RogueKiller V8.7.0 [sep 30 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://tigzyrk.blogspot.com/ Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version Started in : Normal mode User : Shauna [Admin rights] Mode : Scan -- Date : 10/02/2013 11:55:26 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 7 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\RunOnce : SpUninstallDeleteDir (rmdir /s /q "C:\Documents and Settings\Shauna\Application Data\SearchProtect" [x]) -> FOUND [RUN][sUSP PATH] HKUS\S-1-5-21-1226193511-2892163551-3241378241-1006\[...]\RunOnce : SpUninstallDeleteDir (rmdir /s /q "C:\Documents and Settings\Shauna\Application Data\SearchProtect" [x]) -> FOUND [sERVICE][ROGUE ST] HKLM\[...]\CCSet\[...]\Services : 26069313 (C:\WINDOWS\system32\drivers\10837736.sys [x]) -> FOUND [sERVICE][ROGUE ST] HKLM\[...]\CS002\[...]\Services : 26069313 (C:\WINDOWS\system32\drivers\10837736.sys [x]) -> FOUND [sERVICE][ROGUE ST] HKLM\[...]\CS003\[...]\Services : 26069313 (C:\WINDOWS\system32\drivers\10837736.sys [x]) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ][PUM] HKLM\[...]\SystemRestore : DisableSR (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 1 ¤¤¤ [FF][PROXY] g7yufipz.default : user_pref("network.proxy.type", 4); -> FOUND ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [LOADED] ¤¤¤ [inline] EAT @explorer.exe (??_7?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@6B@) : MSVCP60.dll -> HOOKED (Unknown @ 0x768381A1) [inline] EAT @explorer.exe (??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@) : MSVCP100.dll -> HOOKED (Unknown @ 0x4B7D2083) [inline] EAT @explorer.exe (_pctype) : MSVCR80.dll -> HOOKED (Unknown @ 0xEE97AB35) [inline] EAT @firefox.exe (_wpgmptr) : MSVCR100.dll -> HOOKED (Unknown @ 0x652DEC70) [inline] EAT @firefox.exe (??_7?$basic_ostringstream@GU?$char_traits@G@std@@V?$allocator@G@2@@std@@6B@) : MSVCP60.dll -> HOOKED (Unknown @ 0x768381A1) ¤¤¤ External Hives: ¤¤¤ ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 www.100888290cs.com 127.0.0.1 100888290cs.com 127.0.0.1 100sexlinks.com [...] ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - WDC WD1600BEVT-60ZCT1 +++++ --- User --- [MBR] 4d32227ea6f80138149a3e3352c3b752 [bSP] 44af34bf80aacd4065657a6dc8994ac4 : Windows Vista MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 152616 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_10022013_115526.txt >> RKreport[0]_S_10012013_233546.txt ------------------------------------------------------------------------------------------------------------------------ 08:57:14.0093 0x0580 TDSS rootkit removing tool 3.0.0.11 Sep 30 2013 09:17:03 08:57:14.0296 0x0580 ============================================================ 08:57:14.0296 0x0580 Current date / time: 2013/10/02 08:57:14.0296 08:57:14.0296 0x0580 SystemInfo: 08:57:14.0296 0x0580 08:57:14.0296 0x0580 OS Version: 5.1.2600 ServicePack: 3.0 08:57:14.0296 0x0580 Product type: Workstation 08:57:14.0296 0x0580 ComputerName: LITTLEBIRD2 08:57:14.0296 0x0580 UserName: Shauna 08:57:14.0296 0x0580 Windows directory: C:\WINDOWS 08:57:14.0296 0x0580 System windows directory: C:\WINDOWS 08:57:14.0296 0x0580 Processor architecture: Intel x86 08:57:14.0296 0x0580 Number of processors: 2 08:57:14.0296 0x0580 Page size: 0x1000 08:57:14.0296 0x0580 Boot type: Safe boot 08:57:14.0296 0x0580 ============================================================ 08:57:24.0781 0x0580 System UUID: {17ECC73A-109A-A8A1-8C80-07B6A9877A1A} 08:57:28.0015 0x0580 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 08:57:28.0031 0x0580 ============================================================ 08:57:28.0031 0x0580 \Device\Harddisk0\DR0: 08:57:28.0031 0x0580 MBR partitions: 08:57:28.0031 0x0580 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x12A14400 08:57:28.0031 0x0580 ============================================================ 08:57:28.0078 0x0580 C: <-> \Device\Harddisk0\DR0\Partition1 08:57:28.0078 0x0580 ============================================================ 08:57:28.0078 0x0580 Initialize success 08:57:28.0078 0x0580 ============================================================ 08:58:12.0828 0x031c ============================================================ 08:58:12.0828 0x031c Scan started 08:58:12.0828 0x031c Mode: Manual; 08:58:12.0828 0x031c ============================================================ 08:58:12.0828 0x031c KSN ping started 08:58:13.0218 0x031c KSN ping finished: false 08:58:13.0781 0x031c ================ Scan system memory ======================== 08:58:13.0781 0x031c System memory - ok 08:58:13.0781 0x031c ================ Scan services ============================= 08:58:14.0312 0x031c 26069313 - ok 08:58:14.0531 0x031c [ D0091301536E1D630AA10121001B89BE, 0267C7F556184ACB5B481CEA1A4EDAB37E6BE536A38610353D64453F427458C6 ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe 08:58:14.0546 0x031c 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok 08:58:15.0000 0x031c Abiosdsk - ok 08:58:15.0078 0x031c [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS 08:58:15.0078 0x031c abp480n5 - ok 08:58:15.0218 0x031c [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys 08:58:15.0234 0x031c ACPI - ok 08:58:15.0265 0x031c [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys 08:58:15.0265 0x031c ACPIEC - ok 08:58:15.0343 0x031c [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys 08:58:15.0359 0x031c adpu160m - ok 08:58:15.0500 0x031c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys 08:58:15.0515 0x031c aec - ok 08:58:15.0609 0x031c [ F0F8212D86EF2BFDD5AD01F6AB7B017C, 013B9B6B1910EBC8539FC57F234143035C4D542F790340AA7AEDA35AB4D675F6 ] AESTAud C:\WINDOWS\system32\drivers\AESTAud.sys 08:58:15.0625 0x031c AESTAud - ok 08:58:15.0765 0x031c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys 08:58:15.0781 0x031c AFD - ok 08:58:15.0828 0x031c [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys 08:58:15.0843 0x031c agp440 - ok 08:58:15.0890 0x031c [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys 08:58:15.0890 0x031c agpCPQ - ok 08:58:15.0921 0x031c [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys 08:58:15.0921 0x031c Aha154x - ok 08:58:15.0984 0x031c [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys 08:58:15.0984 0x031c aic78u2 - ok 08:58:16.0046 0x031c [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys 08:58:16.0046 0x031c aic78xx - ok 08:58:16.0109 0x031c [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll 08:58:16.0109 0x031c Alerter - ok 08:58:16.0171 0x031c [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe 08:58:16.0203 0x031c ALG - ok 08:58:16.0218 0x031c [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys 08:58:16.0218 0x031c AliIde - ok 08:58:16.0281 0x031c [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys 08:58:16.0281 0x031c alim1541 - ok 08:58:16.0328 0x031c [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys 08:58:16.0328 0x031c amdagp - ok 08:58:16.0375 0x031c [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys 08:58:16.0390 0x031c amsint - ok 08:58:16.0531 0x031c [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe 08:58:16.0546 0x031c Apple Mobile Device - ok 08:58:16.0578 0x031c AppMgmt - ok 08:58:16.0640 0x031c [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys 08:58:16.0640 0x031c Arp1394 - ok 08:58:16.0687 0x031c [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys 08:58:16.0687 0x031c asc - ok 08:58:16.0718 0x031c [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys 08:58:16.0718 0x031c asc3350p - ok 08:58:16.0750 0x031c [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys 08:58:16.0750 0x031c asc3550 - ok 08:58:17.0000 0x031c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe 08:58:17.0062 0x031c aspnet_state - ok 08:58:17.0125 0x031c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 08:58:17.0125 0x031c AsyncMac - ok 08:58:17.0250 0x031c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys 08:58:17.0265 0x031c atapi - ok 08:58:17.0281 0x031c Atdisk - ok 08:58:17.0343 0x031c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys 08:58:17.0343 0x031c Atmarpc - ok 08:58:17.0437 0x031c [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll 08:58:17.0468 0x031c AudioSrv - ok 08:58:17.0500 0x031c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys 08:58:17.0500 0x031c audstub - ok 08:58:17.0578 0x031c [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys 08:58:17.0578 0x031c avgtp - ok 08:58:18.0671 0x031c [ 10CF810CBC0B7090C436BB15496B3328, ABD3B951836183C23B8CA30D82C7FD85E69E98379C6FEA81F8A9EAA9FEE484BC ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 08:58:18.0796 0x031c BCM43XX - ok 08:58:18.0875 0x031c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys 08:58:18.0875 0x031c Beep - ok 08:58:19.0156 0x031c [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll 08:58:19.0375 0x031c BITS - ok 08:58:19.0593 0x031c [ 73BAA2AB3666CCFF2CBC7BE23B08F60D, 7C0A0194AE2EAE6F905DAE49CA8F9E8A7520C80FA699EF61B28F0390822D68E6 ] BOTService C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe 08:58:19.0609 0x031c BOTService - ok 08:58:19.0718 0x031c [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll 08:58:19.0750 0x031c Browser - ok 08:58:20.0046 0x031c catchme - ok 08:58:20.0109 0x031c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys 08:58:20.0109 0x031c cbidf - ok 08:58:20.0140 0x031c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys 08:58:20.0140 0x031c cbidf2k - ok 08:58:20.0203 0x031c [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 08:58:20.0203 0x031c CCDECODE - ok 08:58:20.0234 0x031c [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys 08:58:20.0234 0x031c cd20xrnt - ok 08:58:20.0281 0x031c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys 08:58:20.0296 0x031c Cdaudio - ok 08:58:20.0375 0x031c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys 08:58:20.0375 0x031c Cdfs - ok 08:58:20.0453 0x031c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys 08:58:20.0468 0x031c Cdrom - ok 08:58:20.0484 0x031c Changer - ok 08:58:20.0562 0x031c [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe 08:58:20.0562 0x031c CiSvc - ok 08:58:20.0609 0x031c [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe 08:58:20.0625 0x031c ClipSrv - ok 08:58:20.0734 0x031c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 08:58:20.0812 0x031c clr_optimization_v2.0.50727_32 - ok 08:58:20.0859 0x031c [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys 08:58:20.0875 0x031c CmBatt - ok 08:58:20.0937 0x031c [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys 08:58:20.0937 0x031c CmdIde - ok 08:58:20.0984 0x031c [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys 08:58:20.0984 0x031c Compbatt - ok 08:58:21.0015 0x031c COMSysApp - ok 08:58:21.0093 0x031c [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys 08:58:21.0093 0x031c Cpqarray - ok 08:58:21.0156 0x031c [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll 08:58:21.0187 0x031c CryptSvc - ok 08:58:21.0312 0x031c [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys 08:58:21.0328 0x031c dac2w2k - ok 08:58:21.0359 0x031c [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys 08:58:21.0359 0x031c dac960nt - ok 08:58:21.0625 0x031c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 08:58:21.0843 0x031c DcomLaunch - ok 08:58:21.0953 0x031c [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll 08:58:22.0031 0x031c Dhcp - ok 08:58:22.0078 0x031c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys 08:58:22.0078 0x031c Disk - ok 08:58:22.0109 0x031c dmadmin - ok 08:58:22.0593 0x031c [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys 08:58:22.0656 0x031c dmboot - ok 08:58:22.0750 0x031c [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys 08:58:22.0765 0x031c dmio - ok 08:58:22.0796 0x031c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys 08:58:22.0796 0x031c dmload - ok 08:58:22.0843 0x031c [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll 08:58:22.0859 0x031c dmserver - ok 08:58:22.0937 0x031c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys 08:58:22.0953 0x031c DMusic - ok 08:58:23.0046 0x031c [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 08:58:23.0062 0x031c Dnscache - ok 08:58:23.0234 0x031c [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll 08:58:23.0296 0x031c Dot3svc - ok 08:58:23.0328 0x031c [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys 08:58:23.0343 0x031c dpti2o - ok 08:58:23.0359 0x031c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 08:58:23.0359 0x031c drmkaud - ok 08:58:23.0500 0x031c [ 8C2B6BBC82AD12CD9A2E73E5DCBBA705, 7BCABBFEA6129FD1E3FAA0CC81BAD0BEBA3DC2AAB77B963D7151F155F6D09B7D ] eamon C:\WINDOWS\system32\DRIVERS\eamon.sys 08:58:23.0515 0x031c eamon - ok 08:58:23.0562 0x031c [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll 08:58:23.0593 0x031c EapHost - ok 08:58:23.0703 0x031c [ 5412ED24FFFCA64E2F0168399B86C952, 175A35196B18F87B119EF82C4B2FBD71633105AD1AE16A1371DABF2A4181998F ] ehdrv C:\WINDOWS\system32\DRIVERS\ehdrv.sys 08:58:23.0718 0x031c ehdrv - ok 08:58:24.0312 0x031c [ AD4FAADE819E0DA9933BEA7C01D2C763, C29A9FEF45AA7B9D80C545715006C0EDA4729D4E50BB400136619459601449EA ] ekrn C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 08:58:24.0796 0x031c ekrn - ok 08:58:24.0906 0x031c [ CF1108161DFEDD82AE811307A3763E1C, CDFDCEF81B9831C75249A532AB02480D553CAC5A78317145578C54389C5F60BD ] epfwtdir C:\WINDOWS\system32\DRIVERS\epfwtdir.sys 08:58:24.0921 0x031c epfwtdir - ok 08:58:24.0968 0x031c [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll 08:58:24.0984 0x031c ERSvc - ok 08:58:25.0109 0x031c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe 08:58:25.0109 0x031c Eventlog - ok 08:58:25.0312 0x031c [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll 08:58:25.0453 0x031c EventSystem - ok 08:58:25.0562 0x031c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys 08:58:25.0578 0x031c Fastfat - ok 08:58:25.0718 0x031c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll 08:58:25.0796 0x031c FastUserSwitchingCompatibility - ok 08:58:25.0859 0x031c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys 08:58:25.0859 0x031c Fdc - ok 08:58:25.0906 0x031c [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys 08:58:25.0906 0x031c Fips - ok 08:58:25.0937 0x031c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys 08:58:25.0937 0x031c Flpydisk - ok 08:58:26.0046 0x031c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys 08:58:26.0046 0x031c FltMgr - ok 08:58:26.0156 0x031c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 08:58:26.0187 0x031c FontCache3.0.0.0 - ok 08:58:26.0203 0x031c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 08:58:26.0218 0x031c Fs_Rec - ok 08:58:26.0296 0x031c [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys 08:58:26.0312 0x031c Ftdisk - ok 08:58:26.0375 0x031c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys 08:58:26.0375 0x031c Gpc - ok 08:58:26.0578 0x031c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe 08:58:26.0593 0x031c gupdate - ok 08:58:26.0687 0x031c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe 08:58:26.0703 0x031c gupdatem - ok 08:58:26.0828 0x031c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 08:58:26.0843 0x031c HDAudBus - ok 08:58:26.0984 0x031c [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 08:58:27.0000 0x031c helpsvc - ok 08:58:27.0031 0x031c HidServ - ok 08:58:27.0093 0x031c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys 08:58:27.0093 0x031c HidUsb - ok 08:58:27.0187 0x031c [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll 08:58:27.0234 0x031c hkmsvc - ok 08:58:27.0281 0x031c [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys 08:58:27.0281 0x031c hpn - ok 08:58:27.0468 0x031c [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe 08:58:27.0546 0x031c hpqwmiex - ok 08:58:27.0750 0x031c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys 08:58:27.0781 0x031c HTTP - ok 08:58:27.0875 0x031c [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll 08:58:27.0875 0x031c HTTPFilter - ok 08:58:27.0937 0x031c [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys 08:58:27.0937 0x031c i2omgmt - ok 08:58:27.0984 0x031c [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys 08:58:27.0984 0x031c i2omp - ok 08:58:28.0078 0x031c [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys 08:58:28.0078 0x031c i8042prt - ok 08:58:31.0437 0x031c [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 08:58:31.0875 0x031c ialm - ok 08:58:32.0046 0x031c [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe 08:58:32.0093 0x031c IDriverT - ok 08:58:32.0671 0x031c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 08:58:33.0187 0x031c idsvc - ok 08:58:33.0265 0x031c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys 08:58:33.0281 0x031c Imapi - ok 08:58:33.0390 0x031c [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe 08:58:33.0468 0x031c ImapiService - ok 08:58:33.0515 0x031c [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys 08:58:33.0515 0x031c ini910u - ok 08:58:33.0593 0x031c [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys 08:58:33.0593 0x031c IntelIde - ok 08:58:33.0625 0x031c [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys 08:58:33.0640 0x031c intelppm - ok 08:58:33.0718 0x031c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 08:58:33.0718 0x031c Ip6Fw - ok 08:58:33.0781 0x031c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 08:58:33.0796 0x031c IpFilterDriver - ok 08:58:33.0828 0x031c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys 08:58:33.0828 0x031c IpInIp - ok 08:58:33.0968 0x031c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys 08:58:33.0984 0x031c IpNat - ok 08:58:34.0062 0x031c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys 08:58:34.0078 0x031c IPSec - ok 08:58:34.0125 0x031c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys 08:58:34.0125 0x031c IRENUM - ok 08:58:34.0187 0x031c [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys 08:58:34.0203 0x031c isapnp - ok 08:58:34.0500 0x031c [ A5937B2A94424CF1B13A4AD503AF6B2E, E96CE4E526E053FB410987BD444627BC7B26FCE48DC0A61916ADD0A69EFA6941 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe 08:58:34.0515 0x031c JavaQuickStarterService - ok 08:58:34.0578 0x031c [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys 08:58:34.0578 0x031c Kbdclass - ok 08:58:34.0703 0x031c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys 08:58:34.0718 0x031c kmixer - ok 08:58:34.0812 0x031c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys 08:58:34.0812 0x031c KSecDD - ok 08:58:34.0890 0x031c [ 6C8658587E91EA25B0FD2E71781AD228, EFD9D5E73264175C7E598D8B2DB2CE44A70A0D8B18290338E4FBDE585AA607AF ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys 08:58:34.0906 0x031c L1c - ok 08:58:35.0015 0x031c [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll 08:58:35.0062 0x031c LanmanServer - ok 08:58:35.0203 0x031c [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll 08:58:35.0281 0x031c lanmanworkstation - ok 08:58:35.0296 0x031c lbrtfdc - ok 08:58:35.0421 0x031c [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll 08:58:35.0421 0x031c LmHosts - ok 08:58:35.0500 0x031c [ B749B05D5A7AD704E47D4565B4894D99, 3B1A2B8CCD1FEA88FA1CA91F65A34517367BC5AC90E371FA6FE452867128F18F ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys 08:58:35.0515 0x031c mbamchameleon - ok 08:58:35.0593 0x031c [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys 08:58:35.0593 0x031c MBAMProtector - ok 08:58:35.0890 0x031c [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe 08:58:35.0921 0x031c MBAMScheduler - ok 08:58:36.0328 0x031c [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 08:58:36.0375 0x031c MBAMService - ok 08:58:36.0640 0x031c [ DDCC236009C707761D60E5C76D639176, 7D88944E4DC258C9B7B23E44CAF515BBB2A6E3831CF059AC03DF2CDB3953A04C ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe 08:58:36.0765 0x031c McComponentHostService - ok 08:58:36.0781 0x031c MEMSWEEP2 - ok 08:58:36.0859 0x031c [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll 08:58:36.0890 0x031c Messenger - ok 08:58:36.0937 0x031c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys 08:58:36.0937 0x031c mnmdd - ok 08:58:37.0015 0x031c [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe 08:58:37.0031 0x031c mnmsrvc - ok 08:58:37.0078 0x031c [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys 08:58:37.0078 0x031c Modem - ok 08:58:37.0140 0x031c [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys 08:58:37.0140 0x031c Mouclass - ok 08:58:37.0218 0x031c [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys 08:58:37.0218 0x031c mouhid - ok 08:58:37.0265 0x031c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys 08:58:37.0265 0x031c MountMgr - ok 08:58:37.0421 0x031c [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe 08:58:37.0484 0x031c MozillaMaintenance - ok 08:58:37.0515 0x031c [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys 08:58:37.0531 0x031c mraid35x - ok 08:58:37.0656 0x031c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys 08:58:37.0671 0x031c MRxDAV - ok 08:58:37.0968 0x031c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 08:58:38.0000 0x031c MRxSmb - ok 08:58:38.0046 0x031c [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe 08:58:38.0062 0x031c MSDTC - ok 08:58:38.0109 0x031c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 08:58:38.0109 0x031c Msfs - ok 08:58:38.0140 0x031c MSIServer - ok 08:58:38.0218 0x031c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 08:58:38.0218 0x031c MSKSSRV - ok 08:58:38.0296 0x031c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 08:58:38.0296 0x031c MSPCLOCK - ok 08:58:38.0312 0x031c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 08:58:38.0312 0x031c MSPQM - ok 08:58:38.0359 0x031c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys 08:58:38.0375 0x031c mssmbios - ok 08:58:38.0390 0x031c [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 08:58:38.0406 0x031c MSTEE - ok 08:58:38.0500 0x031c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys 08:58:38.0515 0x031c Mup - ok 08:58:38.0593 0x031c [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 08:58:38.0593 0x031c NABTSFEC - ok 08:58:38.0828 0x031c [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll 08:58:38.0984 0x031c napagent - ok 08:58:39.0140 0x031c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys 08:58:39.0140 0x031c NDIS - ok 08:58:39.0218 0x031c [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys 08:58:39.0218 0x031c NdisIP - ok 08:58:39.0375 0x031c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 08:58:39.0375 0x031c NdisTapi - ok 08:58:39.0437 0x031c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 08:58:39.0437 0x031c Ndisuio - ok 08:58:39.0515 0x031c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 08:58:39.0515 0x031c NdisWan - ok 08:58:39.0609 0x031c [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 08:58:39.0625 0x031c NDProxy - ok 08:58:39.0671 0x031c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 08:58:39.0687 0x031c NetBIOS - ok 08:58:39.0812 0x031c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 08:58:39.0843 0x031c NetBT - ok 08:58:39.0953 0x031c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe 08:58:40.0015 0x031c NetDDE - ok 08:58:40.0093 0x031c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe 08:58:40.0109 0x031c NetDDEdsdm - ok 08:58:40.0140 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe 08:58:40.0156 0x031c Netlogon - ok 08:58:40.0296 0x031c [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll 08:58:40.0406 0x031c Netman - ok 08:58:40.0562 0x031c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe 08:58:40.0625 0x031c NetTcpPortSharing - ok 08:58:40.0703 0x031c [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys 08:58:40.0703 0x031c NIC1394 - ok 08:58:40.0890 0x031c [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll 08:58:41.0015 0x031c Nla - ok 08:58:41.0093 0x031c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 08:58:41.0093 0x031c Npfs - ok 08:58:41.0421 0x031c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 08:58:41.0468 0x031c Ntfs - ok 08:58:41.0500 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe 08:58:41.0500 0x031c NtLmSsp - ok 08:58:41.0796 0x031c [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll 08:58:42.0031 0x031c NtmsSvc - ok 08:58:42.0078 0x031c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys 08:58:42.0078 0x031c Null - ok 08:58:42.0109 0x031c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 08:58:42.0109 0x031c NwlnkFlt - ok 08:58:42.0156 0x031c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 08:58:42.0156 0x031c NwlnkFwd - ok 08:58:42.0562 0x031c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE 08:58:42.0812 0x031c odserv - ok 08:58:42.0953 0x031c [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys 08:58:42.0968 0x031c ohci1394 - ok 08:58:43.0078 0x031c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 08:58:43.0156 0x031c ose - ok 08:58:43.0234 0x031c [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\drivers\Parport.sys 08:58:43.0250 0x031c Parport - ok 08:58:43.0281 0x031c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys 08:58:43.0281 0x031c PartMgr - ok 08:58:43.0312 0x031c [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys 08:58:43.0312 0x031c ParVdm - ok 08:58:43.0375 0x031c [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys 08:58:43.0390 0x031c PCI - ok 08:58:43.0406 0x031c PCIDump - ok 08:58:43.0437 0x031c [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys 08:58:43.0437 0x031c PCIIde - ok 08:58:43.0531 0x031c [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys 08:58:43.0546 0x031c Pcmcia - ok 08:58:43.0562 0x031c PDCOMP - ok 08:58:43.0593 0x031c PDFRAME - ok 08:58:43.0625 0x031c PDRELI - ok 08:58:43.0656 0x031c PDRFRAME - ok 08:58:43.0703 0x031c [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys 08:58:43.0703 0x031c perc2 - ok 08:58:43.0734 0x031c [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys 08:58:43.0734 0x031c perc2hib - ok 08:58:43.0890 0x031c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe 08:58:43.0906 0x031c PlugPlay - ok 08:58:43.0968 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe 08:58:43.0984 0x031c PolicyAgent - ok 08:58:44.0078 0x031c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 08:58:44.0093 0x031c PptpMiniport - ok 08:58:44.0203 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe 08:58:44.0203 0x031c ProtectedStorage - ok 08:58:44.0265 0x031c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys 08:58:44.0265 0x031c PSched - ok 08:58:44.0296 0x031c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys 08:58:44.0296 0x031c Ptilink - ok 08:58:44.0359 0x031c [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys 08:58:44.0375 0x031c PxHelp20 - ok 08:58:44.0421 0x031c [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys 08:58:44.0421 0x031c ql1080 - ok 08:58:44.0468 0x031c [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys 08:58:44.0468 0x031c Ql10wnt - ok 08:58:44.0515 0x031c [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys 08:58:44.0515 0x031c ql12160 - ok 08:58:44.0562 0x031c [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys 08:58:44.0562 0x031c ql1240 - ok 08:58:44.0609 0x031c [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys 08:58:44.0609 0x031c ql1280 - ok 08:58:44.0656 0x031c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 08:58:44.0656 0x031c RasAcd - ok 08:58:44.0765 0x031c [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll 08:58:44.0828 0x031c RasAuto - ok 08:58:44.0906 0x031c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 08:58:44.0906 0x031c Rasl2tp - ok 08:58:45.0062 0x031c [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll 08:58:45.0156 0x031c RasMan - ok 08:58:45.0203 0x031c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 08:58:45.0203 0x031c RasPppoe - ok 08:58:45.0234 0x031c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys 08:58:45.0250 0x031c Raspti - ok 08:58:45.0359 0x031c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 08:58:45.0375 0x031c Rdbss - ok 08:58:45.0406 0x031c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 08:58:45.0406 0x031c RDPCDD - ok 08:58:45.0578 0x031c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys 08:58:45.0593 0x031c rdpdr - ok 08:58:45.0734 0x031c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys 08:58:45.0750 0x031c RDPWD - ok 08:58:45.0875 0x031c [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe 08:58:45.0953 0x031c RDSessMgr - ok 08:58:46.0000 0x031c [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys 08:58:46.0015 0x031c redbook - ok 08:58:46.0093 0x031c [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 08:58:46.0125 0x031c RemoteAccess - ok 08:58:46.0218 0x031c [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe 08:58:46.0250 0x031c RpcLocator - ok 08:58:46.0500 0x031c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll 08:58:46.0546 0x031c RpcSs - ok 08:58:46.0562 0x031c RSUSBSTOR - ok 08:58:46.0671 0x031c [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe 08:58:46.0750 0x031c RSVP - ok 08:58:46.0765 0x031c Rts516xIR - ok 08:58:46.0812 0x031c [ 0B2D5D2341437D7D7E1A6C7BBCE3786A, E28F6FF902963CD725CE8DEDA6A96AEDDC108533BAEC3110380227992BF3C2CF ] SahdIa32 C:\WINDOWS\system32\Drivers\SahdIa32.sys 08:58:46.0828 0x031c SahdIa32 - ok 08:58:46.0875 0x031c [ 7A5F65B16249AF2BC9D18D815F5D7172, 65B99EC99F92D0A8E7231BE66CAC2C075BF8D0B814E6DFA85A0C87BFBCE270CC ] SaibIa32 C:\WINDOWS\system32\Drivers\SaibIa32.sys 08:58:46.0875 0x031c SaibIa32 - ok 08:58:46.0953 0x031c [ E333C9515822DE586A3FF759A0C9B7BF, 8633B6A469F1F4CC348B80C2E0B686C119BBC970EE9360A86A42AC16EFC58073 ] SaibVd32 C:\WINDOWS\system32\Drivers\SaibVd32.sys 08:58:46.0953 0x031c SaibVd32 - ok 08:58:47.0000 0x031c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe 08:58:47.0000 0x031c SamSs - ok 08:58:47.0093 0x031c [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe 08:58:47.0140 0x031c SCardSvr - ok 08:58:47.0296 0x031c [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll 08:58:47.0390 0x031c Schedule - ok 08:58:47.0500 0x031c [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys 08:58:47.0500 0x031c sdbus - ok 08:58:47.0546 0x031c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys 08:58:47.0562 0x031c Secdrv - ok 08:58:47.0609 0x031c [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll 08:58:47.0625 0x031c seclogon - ok 08:58:47.0671 0x031c [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll 08:58:47.0687 0x031c SENS - ok 08:58:47.0750 0x031c [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\drivers\Serial.sys 08:58:47.0765 0x031c Serial - ok 08:58:47.0828 0x031c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys 08:58:47.0843 0x031c Sfloppy - ok 08:58:48.0062 0x031c [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 08:58:48.0250 0x031c SharedAccess - ok 08:58:48.0375 0x031c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 08:58:48.0390 0x031c ShellHWDetection - ok 08:58:48.0406 0x031c Simbad - ok 08:58:48.0468 0x031c [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys 08:58:48.0468 0x031c sisagp - ok 08:58:48.0531 0x031c [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys 08:58:48.0531 0x031c SLIP - ok 08:58:48.0593 0x031c [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys 08:58:48.0593 0x031c Sparrow - ok 08:58:48.0656 0x031c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys 08:58:48.0656 0x031c splitter - ok 08:58:48.0750 0x031c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe 08:58:48.0750 0x031c Spooler - ok 08:58:48.0843 0x031c [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys 08:58:48.0843 0x031c sr - ok 08:58:48.0984 0x031c [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll 08:58:49.0078 0x031c srservice - ok 08:58:49.0312 0x031c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys 08:58:49.0343 0x031c Srv - ok 08:58:49.0421 0x031c [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 08:58:49.0468 0x031c SSDPSRV - ok 08:58:49.0687 0x031c [ 7C43EE429B6F503EB6ADAFFF3C20A305, 885A5F480349784002547DF2375E29506A57BDFA632866624405813262223EE4 ] STacSV c:\program files\idt\wdm\STacSV.exe 08:58:49.0718 0x031c STacSV - ok 08:58:50.0656 0x031c [ DC3489F1EF71AD75B34740D0E6979187, BD6BE706073622B7EB98A869CEB915F75448C66021F5CD54441AB4A73DBCD38D ] STHDA C:\WINDOWS\system32\drivers\sthda.sys 08:58:50.0781 0x031c STHDA - ok 08:58:51.0031 0x031c [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll 08:58:51.0234 0x031c stisvc - ok 08:58:51.0265 0x031c [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys 08:58:51.0281 0x031c streamip - ok 08:58:51.0328 0x031c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys 08:58:51.0328 0x031c swenum - ok 08:58:51.0375 0x031c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys 08:58:51.0390 0x031c swmidi - ok 08:58:51.0453 0x031c SwPrv - ok 08:58:51.0546 0x031c [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys 08:58:51.0562 0x031c symc810 - ok 08:58:51.0687 0x031c [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys 08:58:51.0687 0x031c symc8xx - ok 08:58:51.0906 0x031c [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys 08:58:51.0906 0x031c sym_hi - ok 08:58:51.0953 0x031c [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys 08:58:51.0953 0x031c sym_u3 - ok 08:58:52.0109 0x031c [ 8DA49473F997D4C5D821F1E358F94F2D, A1C2C3B0DAAD6560758FC77CEDF0D641DFD155F3975BC2C5FFA37776EFA9528B ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys 08:58:52.0125 0x031c SynTP - ok 08:58:52.0218 0x031c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys 08:58:52.0218 0x031c sysaudio - ok 08:58:52.0343 0x031c [ 806284D876063CE0395C178124E708D3, 7F5CEFCC83066B67B3E532D5EAD75CE88F97FE04E8BE7E8B6C8D9AC4FFC494F1 ] SysCow C:\WINDOWS\system32\drivers\syscow32x.sys 08:58:52.0343 0x031c SysCow - ok 08:58:52.0437 0x031c [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe 08:58:52.0484 0x031c SysmonLog - ok 08:58:52.0656 0x031c [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 08:58:52.0796 0x031c TapiSrv - ok 08:58:53.0015 0x031c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys 08:58:53.0046 0x031c Tcpip - ok 08:58:53.0078 0x031c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys 08:58:53.0078 0x031c TDPIPE - ok 08:58:53.0109 0x031c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys 08:58:53.0125 0x031c TDTCP - ok 08:58:53.0171 0x031c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys 08:58:53.0187 0x031c TermDD - ok 08:58:53.0390 0x031c [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll 08:58:53.0546 0x031c TermService - ok 08:58:53.0656 0x031c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll 08:58:53.0671 0x031c Themes - ok 08:58:53.0718 0x031c [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys 08:58:53.0718 0x031c TosIde - ok 08:58:53.0812 0x031c [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll 08:58:53.0875 0x031c TrkWks - ok 08:58:53.0890 0x031c TrueSight - ok 08:58:53.0968 0x031c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys 08:58:53.0984 0x031c Udfs - ok 08:58:54.0015 0x031c [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys 08:58:54.0015 0x031c ultra - ok 08:58:54.0265 0x031c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys 08:58:54.0296 0x031c Update - ok 08:58:54.0421 0x031c [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll 08:58:54.0531 0x031c upnphost - ok 08:58:54.0578 0x031c [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe 08:58:54.0593 0x031c UPS - ok 08:58:54.0656 0x031c [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys 08:58:54.0671 0x031c USBAAPL - ok 08:58:54.0734 0x031c [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys 08:58:54.0750 0x031c usbccgp - ok 08:58:54.0765 0x031c USBCCID - ok 08:58:54.0843 0x031c [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys 08:58:54.0859 0x031c usbehci - ok 08:58:54.0921 0x031c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys 08:58:54.0921 0x031c usbhub - ok 08:58:55.0031 0x031c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 08:58:55.0031 0x031c USBSTOR - ok 08:58:55.0062 0x031c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys 08:58:55.0078 0x031c usbuhci - ok 08:58:55.0156 0x031c [ 63BBFCA7F390F4C49ED4B96BFB1633E0, AEB89CF43376709CDD715D844E8CBB8F2BE24D39795F45F7C84F21962F3A52AB ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys 08:58:55.0156 0x031c usbvideo - ok 08:58:55.0203 0x031c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys 08:58:55.0203 0x031c VgaSave - ok 08:58:55.0265 0x031c [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys 08:58:55.0265 0x031c viaagp - ok 08:58:55.0312 0x031c [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys 08:58:55.0312 0x031c ViaIde - ok 08:58:55.0359 0x031c [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys 08:58:55.0375 0x031c VolSnap - ok 08:58:55.0593 0x031c [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe 08:58:55.0750 0x031c VSS - ok 08:58:55.0765 0x031c vToolbarUpdater17.0.1 - ok 08:58:55.0890 0x031c [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll 08:58:56.0000 0x031c W32Time - ok 08:58:56.0078 0x031c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys 08:58:56.0078 0x031c Wanarp - ok 08:58:56.0406 0x031c [ BBCFEAB7E871CDDAC2D397EE7FA91FDC, 06FC132E0E256B9A4E4DDD05D3AF4D75E40C750ECCF94A76251B104C65CFFCDF ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys 08:58:56.0453 0x031c Wdf01000 - ok 08:58:56.0468 0x031c WDICA - ok 08:58:56.0546 0x031c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys 08:58:56.0546 0x031c wdmaud - ok 08:58:56.0640 0x031c [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll 08:58:56.0687 0x031c WebClient - ok 08:58:56.0890 0x031c [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 08:58:56.0906 0x031c winmgmt - ok 08:58:57.0000 0x031c [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll 08:58:57.0015 0x031c WmdmPmSN - ok 08:58:57.0031 0x031c [ C42584FD66CE9E17403AEBCA199F7BDB, E3F2E1066F36AE5D33D4482239B2E556BE0C137923C9A120DFB36EC82F2E77B0 ] WmiAcpi C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 08:58:57.0031 0x031c WmiAcpi - ok 08:58:57.0171 0x031c [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe 08:58:57.0234 0x031c WmiApSrv - ok 08:58:57.0828 0x031c [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe 08:58:58.0343 0x031c WMPNetworkSvc - ok 08:58:58.0421 0x031c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys 08:58:58.0421 0x031c WS2IFSL - ok 08:58:58.0515 0x031c [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll 08:58:58.0562 0x031c wscsvc - ok 08:58:58.0593 0x031c [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 08:58:58.0609 0x031c WSTCODEC - ok 08:58:58.0640 0x031c [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll 08:58:58.0656 0x031c wuauserv - ok 08:58:58.0718 0x031c [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys 08:58:58.0718 0x031c WudfPf - ok 08:58:58.0796 0x031c [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys 08:58:58.0812 0x031c WudfRd - ok 08:58:58.0859 0x031c [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll 08:58:58.0906 0x031c WudfSvc - ok 08:58:59.0203 0x031c [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll 08:58:59.0453 0x031c WZCSVC - ok 08:58:59.0578 0x031c [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll 08:58:59.0640 0x031c xmlprov - ok 08:58:59.0671 0x031c ================ Scan global =============================== 08:58:59.0734 0x031c [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll 08:58:59.0968 0x031c [ 8C7DCA4B158BF16894120786A7A5F366, E232E82B45412A636F936567036CB966F28F5C3730982145B8A8239B485E4A7E ] C:\WINDOWS\system32\winsrv.dll 08:59:00.0296 0x031c [ 8C7DCA4B158BF16894120786A7A5F366, E232E82B45412A636F936567036CB966F28F5C3730982145B8A8239B485E4A7E ] C:\WINDOWS\system32\winsrv.dll 08:59:00.0390 0x031c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe 08:59:00.0406 0x031c [ Global ] - ok 08:59:00.0406 0x031c ================ Scan MBR ================================== 08:59:00.0453 0x031c [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0 08:59:01.0687 0x031c \Device\Harddisk0\DR0 - ok 08:59:01.0687 0x031c ================ Scan VBR ================================== 08:59:01.0703 0x031c [ 9C2D03201E1349E134412D97BCCA42AA ] \Device\Harddisk0\DR0\Partition1 08:59:01.0703 0x031c \Device\Harddisk0\DR0\Partition1 - ok 08:59:01.0859 0x031c AV detected via SS1: ESET NOD32 Antivirus 5.2, 5.2, enabled, outofdate 08:59:01.0937 0x031c ============================================================ 08:59:01.0937 0x031c Scan finished 08:59:01.0937 0x031c ============================================================ 08:59:01.0984 0x0524 Detected object count: 0 08:59:01.0984 0x0524 Actual detected object count: 0 09:00:31.0390 0x0588 Deinitialize success -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
I'm running RK now...and I am looking for that TDSS text that it gave me last night when I told you I uncheck the module section because it fails to load (initialize). Kept stalling out at 70% three times. I did however run it without checking that module box. I'm looking for the file now. I'll post as soon as RK is finished...and/or if I can find the TDSS report. -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Oh I forgot one you asked for earlier. It's those combofix reports. Here: 2013-10-01 17:17:01 . 2013-10-01 17:17:01 1,284 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-{3764E0E0-6AAE-11DE-6784-0C73653918BE}.reg.dat 2013-10-01 17:17:01 . 2013-10-01 17:17:01 1,348 ----a-w- C:\Qoobox\Quarantine\Registry_backups\AddRemove-RealPlayer 15.0.reg.dat 2013-10-01 17:15:31 . 2013-10-01 17:15:32 143 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-vProt.reg.dat 2013-10-01 17:15:30 . 2013-10-01 17:15:30 317 ----a-w- C:\Qoobox\Quarantine\Registry_backups\HKLM-Run-HP BTW Detect Program.reg.dat 2013-10-01 17:15:23 . 2013-10-01 17:15:23 157 ----a-w- C:\Qoobox\Quarantine\Registry_backups\BHO-{95B7759C-8C7F-4BF1-B163-73684A933233}.reg.dat 2013-10-01 15:33:41 . 2013-10-01 17:03:24 7,496 ----a-w- C:\Qoobox\Quarantine\Registry_backups\tcpip.reg 2013-10-01 15:20:26 . 2013-10-01 16:54:00 512 ----a-w- C:\Qoobox\Quarantine\MBR_HardDisk0.mbr 2013-10-01 14:52:21 . 2013-10-01 16:51:44 153 ----a-w- C:\Qoobox\Quarantine\catchme.log 2013-09-28 20:41:59 . 2013-09-28 20:41:00 10,988 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\8c724a5f17eba621.fb.vir 2013-09-19 01:26:34 . 2013-09-19 01:25:29 10,805 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\8d63d5e913d4f079.fb.vir 2013-09-18 00:32:27 . 2013-09-30 18:43:26 124,084 ----a-w- C:\Qoobox\Quarantine\C\Documents and Settings\Shauna\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences.vir 2013-08-13 01:06:13 . 2013-08-13 01:06:13 494,162 ----a-w- C:\Qoobox\Quarantine\C\Program Files\SaveShare\uninstall.exe.vir 2013-07-30 02:46:54 . 2013-07-30 02:45:46 10,805 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\683e0115093f8e87.fb.vir 2013-06-27 12:06:42 . 2013-06-27 12:05:50 10,726 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\f12d14ec2e6e84f2.fb.vir 2013-05-20 22:35:10 . 2013-05-20 22:34:26 11,064 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\1b5d40be231f78ee.fb.vir 2013-02-19 01:19:45 . 2013-09-28 20:40:59 577 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\95f567698be8a182.fb.vir 2013-02-19 01:19:45 . 2013-09-28 20:40:59 636 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\26c630d098e22dd5.fb.vir 2013-02-19 01:19:44 . 2013-02-19 01:19:12 10,783 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\0c93d3cf6ac8f14b.fb.vir 2013-02-10 15:17:51 . 2013-02-10 15:17:07 10,993 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\18916bba685a0aba.fb.vir 2013-01-09 20:15:52 . 2013-09-28 20:40:59 639 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\590ba23ce359fd0c.fb.vir 2013-01-09 20:15:52 . 2013-09-28 20:40:59 630 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\272512937d9e61a4.fb.vir 2013-01-09 20:15:52 . 2013-09-28 20:40:59 398 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\6c59ac5e7e7a3ad0.fb.vir 2013-01-09 20:15:52 . 2013-01-09 20:14:43 669 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\a8556537add6dfc5.fb.vir 2013-01-09 20:15:52 . 2013-05-20 22:34:26 627 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\651c5d3cdbfb8bd1.fb.vir 2013-01-09 20:15:52 . 2013-09-28 20:40:59 1,045 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d201ef9910cd39de.fb.vir 2013-01-09 20:15:52 . 2013-09-28 20:40:59 586 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\c4d28dca2e7648be.fb.vir 2013-01-09 20:15:51 . 2013-09-28 20:40:59 663 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\c1fa887b03019701.fb.vir 2013-01-09 20:15:51 . 2013-09-28 20:40:59 668 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\6d03dad1035885d3.fb.vir 2013-01-09 20:15:50 . 2013-09-28 20:40:59 1,071 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\f998975c9cc711ee.fb.vir 2013-01-09 20:15:50 . 2013-09-28 20:40:59 661 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\32c84fe32bb74d60.fb.vir 2013-01-09 20:15:50 . 2013-09-28 20:40:59 366 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\ad10a52aff5e038d.fb.vir 2013-01-09 20:15:50 . 2013-09-28 20:40:59 622 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\287204568329e189.fb.vir 2013-01-09 20:15:50 . 2013-09-28 20:40:59 628 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\31a0997e9a5b5eb3.fb.vir 2013-01-09 20:15:50 . 2013-09-28 20:40:59 365 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\610289e025a3ee9a.fb.vir 2013-01-09 20:15:50 . 2013-09-28 20:40:59 627 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d79b9dfe81484ec4.fb.vir 2013-01-09 20:15:49 . 2013-09-28 20:40:59 567 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\d2e94710a5708128.fb.vir 2013-01-09 20:15:49 . 2013-09-28 20:40:59 1,022 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\3917078cb68ec657.fb.vir 2013-01-09 20:15:48 . 2013-09-28 20:40:59 1,291 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\28bc8f716fd76a47.fb.vir 2013-01-09 20:15:48 . 2013-01-09 20:14:44 10,936 ----a-w- C:\Qoobox\Quarantine\C\WINDOWS\system32\cache\ea65b3487a7c0349.fb.vir 2009-06-15 00:49:21 . 2009-03-30 23:02:08 319,488 ----a-w- C:\Qoobox\Quarantine\C\Program Files\HP\HPBTWD.exe.vir --------------------------------------------------------------------------- Acrobat.com Activation Assistant for the 2007 Microsoft Office suites Adobe AIR Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader XI (11.0.04) AIM 6 Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Boggle Supreme Broadcom 802.11 Wireless LAN Adapter calibre Compatibility Pack for the 2007 Office system Default Manager ESET NOD32 Antivirus Fishdom Seasons Under the Sea 1.00 GoforFiles Google Chrome HijackThis 1.99.1 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Internet Explorer 7 (KB947864) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB2756822) Hotfix for Windows XP (KB949764) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) HP BatteryCheck 2.10 A2 HP Doc Viewer HP Help and Support HP Mobile Broadband Setup Utility HP User Guides 0139 HP Wireless Assistant HpSdpAppCoreApp IDT Audio Intel® Graphics Media Accelerator Driver Invision Java 7 Update 40 Java Auto Updater Java 6 Update 11 Malwarebytes Anti-Malware version 1.75.0.1300 McAfee Security Scan Plus Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2656353) Microsoft .NET Framework 1.1 Security Update (KB2656370) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Internationalized Domain Names Mitigation APIs Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Live Search Toolbar Microsoft National Language Support Downlevel APIs Microsoft Office Excel MUI (English) 2007 Microsoft Office Home and Student 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft VC9 runtime libraries Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Works Mozilla Firefox 24.0 (x86 en-US) Mozilla Maintenance Service MSXML 6.0 Parser Mystery Solitaire Secret Island 1.00 OpenAL Pirate Solitaire 1.00 RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 Roxio BackOnTrack Roxio Disaster Recovery Roxio Instant Restore Roxio Instant Restore Recovery Disk Roxio Update Manager Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 7 (KB2544521) Security Update for Windows Internet Explorer 7 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Internet Explorer 8 (KB2722913) Security Update for Windows Internet Explorer 8 (KB2744842) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2481109) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2510581) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135) Security Update for Windows XP (KB2724197) Security Update for Windows XP (KB2731847) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Sophos Anti-Rootkit 1.5.20 Spybot - Search & Destroy SpywareBlaster 4.6 Synaptics Pointing Device Driver syncables desktop Text Twist 2 1.00 Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Office 2007 (KB934528) Update for Windows XP (KB2345886) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2718704) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB898461) Update for Windows XP (KB951978) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB973815) USB2.0 Card Reader Software WebFldrs XP Windows Backup Utility Windows Internet Explorer 7 Windows Internet Explorer 8 Windows Media Format 11 runtime Windows Media Player 11 WinRAR 4.20 (32-bit) Xvid Video Codec Yahoo! Toolbar -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Mr. Charlie, Just a quick note to let you know that through trial and error I have managed to retake my PC system. Oddly enough, it apparently only needed me to simply dump the TDSSK into the garbage bin and restart out of safe mode. At least that is what I believe to be so. Prior to doing so I ran roguekiller, malwarebyte, FRST, HiJackThis, and spybot in safe mode. No apparent change in any of them from their safe mode reports compared to earlier reports. Frustrated I trashed the TDSSK.exe. Backed out and rebooted. Froze just once but subsequent reboots have been pretty smooth. Go figure. I have no idea what was the problem and I'm content to assign the blame to TDSSK and leave it at that. I'm learning too much about Windows then I ever really wanted to know. My homepage and browser selection are back to normal. Search bar still has Amazon, but I'll head to the Firefox website you gave me in an earlier post to address how to fix it. No arbitrary odd web windows have been popping up so far. I'll deal with that later at the Firefox help site if they do. My task manager tells me I'm running approximately 56 processes...which seems to me to be pretty high. So maybe I need to find a site that deals with processes running on windows. Shouldn't be terribly difficult to do that. I'm posting an mbam-log as well as a recently run FRST report for you to look at. I am hoping they'll show no sign of infection. It may be that all we've done so far has done some good I hope so. If you see something that looks worrisome, please let me know. If it looks good to you I am content to address other issues elsewhere as noted above. I can't tell you how grateful I am for all you've done to help me. Thank you. Here are those reports for you to look over. If you want any other report please let me know...with the one caveat that it's not TDSSK. Malwarebytes Anti-Malware (PRO) 1.75.0.1300 www.malwarebytes.org Database version: v2013.10.01.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Shauna :: LITTLEBIRD2 [administrator] Protection: Enabled 10/2/2013 9:59:50 AM mbam-log-2013-10-02 (09-59-50).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 282996 Time elapsed: 34 minute(s), 7 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) (end) --------------------------------------------------------------------------------------------------------------------- Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-09-2013 01 Ran by Shauna (administrator) on LITTLEBIRD2 on 02-10-2013 10:45:58 Running from C:\Documents and Settings\Shauna\Desktop\FRST Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US) Internet Explorer Version 8 Boot Mode: Normal ==================== Processes (Whitelisted) =================== (Sonic Solutions) C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe (IDT, Inc.) c:\program files\idt\wdm\STacSV.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe (Andrea Electronics Corporation) C:\WINDOWS\system32\AESTFltr.exe (syncables, LLC) C:\Program Files\syncables\syncables desktop\Syncables.exe (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Sun Microsystems, Inc.) C:\Program Files\syncables\syncables desktop\jre\bin\javaw.exe (Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe () C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe (Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe (Microsoft Corporation) C:\WINDOWS\system32\taskmgr.exe (syncables, LLC) C:\Program Files\syncables\syncables desktop\MigoMapi.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) \\?\C:\WINDOWS\system32\WBEM\WMIADAP.EXE (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe (Microsoft Corporation) C:\WINDOWS\SoftwareDistribution\Download\a7dede2f34b584ebf88fe3c2b593c234\update\update.exe (Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [HotKeysCmds] - C:\WINDOWS\system32\hkcmd.exe [ ] () HKLM\...\Run: [sysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [483428 2009-03-30] (IDT, Inc.) HKLM\...\Run: [AESTFltr] - C:\Windows\system32\AESTFltr.exe [737280 2009-02-18] (Andrea Electronics Corporation) HKLM\...\Run: [HP Mobile Broadband] - c:\SWsetup\HPQWWAN\HPMobileBroadband.exe [455224 2009-01-09] (Hewlett-Packard Company) HKLM\...\Run: [syncables] - C:\Program Files\syncables\syncables desktop\Syncables.exe [173360 2009-04-02] (syncables, LLC) HKLM\...\Run: [Microsoft Default Manager] - c:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [224616 2009-02-06] (Microsoft Corp.) HKLM\...\Run: [PININST] - C:\SYSTEM.SAV\UTIL\PININST.EXE [94208 2006-02-25] () HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [3117344 2012-03-07] (ESET) HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM\...\Run: [HP BTW Detect Program] - C:\Program Files\HP\HPBTWD.exe HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1418536 2009-01-15] (Synaptics, Inc.) HKLM\...\Run: [sunJavaUpdateSched] - C:\Program Files\Java\jre6\bin\jusched.exe [136600 2009-06-14] (Sun Microsystems, Inc.) HKCU\...\Run: [spybotSD TeaTimer] - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited) HKCU\...\Run: [Xvid] - C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] () HKCU\...\Runonce: [spUninstallDeleteDir] - rmdir /s /q "C:\Documents and Settings\Shauna\Application Data\SearchProtect" Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM - {C44A8427-A5BA-4FA9-945A-7936B0D694F2} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF SearchScopes: HKLM - {F636501E-CE16-4CE0-9FB8-8B4C6B9E5574} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpl SearchScopes: HKCU - {C44A8427-A5BA-4FA9-945A-7936B0D694F2} URL = http://search.live.com/results.aspx?q={searchTerms}&FORM=HPNTDF&src=IE-SearchBox SearchScopes: HKCU - {D4F130FD-E0B8-4770-8AAD-BF28F263B5A0} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3291326&CUI=UN20604546432976931&UM=2 SearchScopes: HKCU - {F636501E-CE16-4CE0-9FB8-8B4C6B9E5574} URL = BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer) BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files\MSN\Toolbar\3.0.0559.0\msneshellx.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: No Name - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - No File Toolbar: HKLM - Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files\MSN\Toolbar\3.0.0559.0\msneshellx.dll (Microsoft Corp.) Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\system32\ieframe.dll (Microsoft Corporation) Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_11-windows-i586.cab Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Documents and Settings\Shauna\Application Data\Mozilla\Firefox\Profiles\g7yufipz.default FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", ""); FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Keyword.URL: user_pref("keyword.URL", ""); FF NetworkProxy: "type", 4 FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin: @real.com/nppl3260;version=15.0.5.109 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprjplug;version=15.0.5.109 - c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprphtml5videoshim;version=15.0.5.109 - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.) FF Plugin: @real.com/nprpplugin;version=15.0.5.109 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF Extension: jid0-HVSBDzuc3UFGvmtex3x0IZzgCM8 - C:\Documents and Settings\Shauna\Application Data\Mozilla\Firefox\Profiles\g7yufipz.default\Extensions\jid0-HVSBDzuc3UFGvmtex3x0IZzgCM8@jetpack.xpi FF Extension: personas - C:\Documents and Settings\Shauna\Application Data\Mozilla\Firefox\Profiles\g7yufipz.default\Extensions\personas@christopher.beard.xpi FF Extension: trtv3 - C:\Documents and Settings\Shauna\Application Data\Mozilla\Firefox\Profiles\g7yufipz.default\Extensions\trtv3@trtv.com.xpi FF HKLM\...\Firefox\Extensions: [{C3949AC2-4B17-43ee-B4F1-D26B9D42404D}] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: RealPlayer Browser Record Plugin - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird Chrome: ======= CHR Extension: (Docs) - C:\DOCUME~1\Shauna\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0 CHR Extension: (Google Drive) - C:\DOCUME~1\Shauna\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0 CHR Extension: (YouTube) - C:\DOCUME~1\Shauna\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0 CHR Extension: (Google Search) - C:\DOCUME~1\Shauna\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0 CHR Extension: (RealPlayer HTML5Video Downloader Extension) - C:\DOCUME~1\Shauna\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0 CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\Shauna\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0 CHR Extension: (Gmail) - C:\DOCUME~1\Shauna\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0 CHR HKLM\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\Documents and Settings\All Users\Application Data\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx ========================== Services (Whitelisted) ================= R2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [125424 2008-12-12] () R2 BOTService; C:\Program Files\Roxio\BackOnTrack\Instant Restore\BOTService.exe [203248 2009-03-19] (Sonic Solutions) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [913144 2012-03-07] (ESET) R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.) R2 STacSV; c:\program files\idt\wdm\STacSV.exe [254042 2009-03-30] (IDT, Inc.) R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf" S2 vToolbarUpdater17.0.1; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.1\ToolbarUpdater.exe [x] ==================== Drivers (Whitelisted) ==================== R3 AESTAud; C:\Windows\System32\drivers\AESTAud.sys [113664 2009-03-19] (Andrea Electronics Corporation) R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx86.sys [37664 2013-09-28] (AVG Technologies) R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl5.sys [1735040 2009-09-17] (Broadcom Corporation) R1 eamon; C:\Windows\System32\DRIVERS\eamon.sys [160816 2012-03-14] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [120152 2012-03-14] (ESET) R1 epfwtdir; C:\Windows\System32\DRIVERS\epfwtdir.sys [104160 2012-03-14] (ESET) R3 L1c; C:\Windows\System32\DRIVERS\l1c51x86.sys [38912 2009-03-02] (Atheros Communications, Inc.) S3 mbamchameleon; C:\WINDOWS\system32\drivers\mbamchameleon.sys [48728 2013-09-30] (MalwareBytes) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation) S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation) R3 STHDA; C:\Windows\System32\drivers\sthda.sys [1550891 2009-03-30] (IDT, Inc.) R0 SysCow; C:\Windows\System32\drivers\syscow32x.sys [103792 2008-09-25] (Sonic Solutions) S0 26069313; system32\drivers\10837736.sys [x] S3 catchme; \??\C:\DOCUME~1\Shauna\LOCALS~1\Temp\catchme.sys [x] S3 MEMSWEEP2; \??\C:\WINDOWS\system32\1F86.tmp [x] U4 RemoteRegistry; S3 RSUSBSTOR; System32\Drivers\RTS5121.sys [x] S3 Rts516xIR; system32\DRIVERS\Rts516xIR.sys [x] U3 TlntSvr; U3 TrueSight; \??\C:\WINDOWS\system32\TrueSight.sys [x] S3 USBCCID; system32\DRIVERS\Rts5161ccid.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-02 10:47 - 2013-10-02 10:48 - 00008301 _____ C:\WINDOWS\KB2820197.log 2013-10-02 10:47 - 2013-10-02 10:47 - 00006396 _____ C:\WINDOWS\KB2863058.log 2013-10-02 10:47 - 2013-10-02 10:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$ 2013-10-02 10:47 - 2013-10-02 10:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$ 2013-10-02 10:47 - 2013-10-02 10:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2820197$ 2013-10-02 10:46 - 2013-10-02 10:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2727528$ 2013-10-02 10:45 - 2013-10-02 10:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2813345$ 2013-10-02 10:44 - 2013-10-02 10:44 - 00000000 ____D C:\WINDOWS\LastGood 2013-10-02 10:21 - 2013-10-02 10:21 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-10-02 09:02 - 2013-10-02 09:02 - 00000000 ____D C:\WINDOWS\ERUNT 2013-10-01 23:37 - 2013-10-01 23:37 - 00002353 _____ C:\Documents and Settings\Shauna\Desktop\safe-RKreport[0]_S_10012013_233546.txt 2013-10-01 23:35 - 2013-10-01 23:35 - 00002353 _____ C:\Documents and Settings\Shauna\Desktop\RKreport[0]_S_10012013_233546.txt 2013-10-01 23:27 - 2013-10-01 23:35 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\RK_Quarantine 2013-10-01 23:11 - 2013-10-01 23:11 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Calibre Library 2013-10-01 23:10 - 2013-10-01 23:10 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\My Documents\Calibre Library 2013-10-01 23:09 - 2013-10-01 23:14 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Application Data\calibre 2013-10-01 22:53 - 2013-10-01 22:53 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\Mozilla 2013-10-01 22:53 - 2013-10-01 22:53 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Application Data\Mozilla 2013-10-01 19:58 - 2013-10-01 19:58 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\Google 2013-10-01 19:54 - 2013-10-01 19:54 - 00055496 _____ C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2013-10-01 19:50 - 2013-10-01 23:17 - 00000178 ___SH C:\Documents and Settings\Administrator.LITTLEBIRD2\ntuser.ini 2013-10-01 19:50 - 2013-10-01 23:11 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2 2013-10-01 19:50 - 2012-07-27 06:07 - 00000000 __SHD C:\Documents and Settings\Administrator.LITTLEBIRD2\IETldCache 2013-10-01 19:50 - 2009-06-14 21:17 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\HP Mobile Broadband 2013-10-01 19:50 - 2009-06-14 21:00 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Application Data\Macromedia 2013-10-01 19:50 - 2009-06-14 21:00 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Application Data\Adobe 2013-10-01 19:50 - 2009-06-14 20:58 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Application Data\Sun 2013-10-01 19:50 - 2009-06-14 20:55 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\Seven Zip 2013-10-01 19:50 - 2009-06-14 20:51 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\Microsoft Help 2013-10-01 19:50 - 2009-06-14 20:49 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Application Data\InstallShield 2013-10-01 19:50 - 2009-06-14 20:23 - 00000803 _____ C:\Documents and Settings\Administrator.LITTLEBIRD2\Start Menu\Programs\Internet Explorer.lnk 2013-10-01 19:50 - 2009-06-14 20:23 - 00000738 _____ C:\Documents and Settings\Administrator.LITTLEBIRD2\Start Menu\Programs\Outlook Express.lnk 2013-10-01 19:50 - 2009-06-14 19:17 - 00000000 ___RD C:\Documents and Settings\Administrator.LITTLEBIRD2\Start Menu\Programs\Accessories 2013-10-01 19:50 - 2008-06-24 21:12 - 00001503 _____ C:\Documents and Settings\Administrator.LITTLEBIRD2\Start Menu\Programs\Remote Assistance.lnk 2013-10-01 13:18 - 2013-10-01 13:18 - 00012153 _____ C:\ComboFix.txt 2013-10-01 13:13 - 2013-10-01 13:13 - 00000227 _____ C:\WINDOWS\system.ini 2013-10-01 12:30 - 2013-10-02 10:48 - 00004752 _____ C:\WINDOWS\KB2757638.log 2013-10-01 12:29 - 2013-10-01 12:31 - 00004178 _____ C:\WINDOWS\KB2758857.log 2013-10-01 12:29 - 2013-10-01 12:31 - 00004094 _____ C:\WINDOWS\KB2802968.log 2013-10-01 12:29 - 2013-10-01 12:31 - 00004009 _____ C:\WINDOWS\KB2780091.log 2013-10-01 12:28 - 2013-10-01 12:31 - 00004526 _____ C:\WINDOWS\KB2876315.log 2013-10-01 12:28 - 2013-10-01 12:31 - 00004009 _____ C:\WINDOWS\KB2876217.log 2013-10-01 12:28 - 2013-10-01 12:31 - 00004009 _____ C:\WINDOWS\KB2845187.log 2013-10-01 12:28 - 2013-10-01 12:30 - 00004007 _____ C:\WINDOWS\KB2864063.log 2013-10-01 12:28 - 2013-10-01 12:30 - 00003922 _____ C:\WINDOWS\KB2850869.log 2013-10-01 12:27 - 2013-10-01 12:30 - 00004350 _____ C:\WINDOWS\KB2859537.log 2013-10-01 12:27 - 2013-10-01 12:30 - 00003841 _____ C:\WINDOWS\KB2820917.log 2013-10-01 12:27 - 2013-07-16 20:46 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzchange.exe 2013-10-01 12:26 - 2013-10-02 10:46 - 00013494 _____ C:\WINDOWS\KB2813345.log 2013-10-01 12:26 - 2013-10-02 10:46 - 00011940 _____ C:\WINDOWS\KB2727528.log 2013-10-01 11:02 - 2013-10-01 11:02 - 00000000 _RSHD C:\cmdcons 2013-10-01 11:02 - 2012-07-20 19:24 - 00000245 _____ C:\Boot.bak 2013-10-01 11:02 - 2004-08-03 23:00 - 00260272 __RSH C:\cmldr 2013-10-01 10:52 - 2013-10-01 13:18 - 00000000 ____D C:\Qoobox 2013-10-01 10:52 - 2011-06-26 02:45 - 00256000 _____ C:\WINDOWS\PEV.exe 2013-10-01 10:52 - 2010-11-07 13:20 - 00208896 _____ C:\WINDOWS\MBR.exe 2013-10-01 10:52 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe 2013-10-01 10:52 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe 2013-10-01 10:52 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe 2013-10-01 10:52 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe 2013-10-01 10:52 - 2000-08-30 20:00 - 00098816 _____ C:\WINDOWS\sed.exe 2013-10-01 10:52 - 2000-08-30 20:00 - 00080412 _____ C:\WINDOWS\grep.exe 2013-10-01 10:52 - 2000-08-30 20:00 - 00068096 _____ C:\WINDOWS\zip.exe 2013-10-01 10:51 - 2013-10-01 13:14 - 00000000 ____D C:\WINDOWS\erdnt 2013-10-01 09:58 - 2013-10-01 10:50 - 05132885 ____R (Swearware) C:\Documents and Settings\Shauna\Desktop\ComboFix.exe 2013-10-01 08:28 - 2013-10-01 08:28 - 03958206 _____ C:\Documents and Settings\Shauna\Desktop\AutorunRemover.zip 2013-09-30 20:04 - 2013-09-30 20:04 - 00000000 ____D C:\Documents and Settings\Shauna\Local Settings\Application Data\Sun 2013-09-30 18:03 - 2013-10-01 09:01 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Documents and Settings\Shauna\Desktop\SpyHunter-Installer.exe 2013-09-30 17:39 - 2013-09-30 17:39 - 00000000 ____D C:\Program Files\Common Files\Java 2013-09-30 17:39 - 2013-09-30 17:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun 2013-09-30 17:38 - 2013-09-30 17:38 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java 2013-09-30 17:38 - 2013-09-30 17:37 - 00868264 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll 2013-09-30 17:38 - 2013-09-30 17:37 - 00790440 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll 2013-09-30 17:38 - 2013-09-30 17:37 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2013-09-30 17:38 - 2013-09-30 17:37 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2013-09-30 17:38 - 2013-09-30 17:37 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2013-09-30 17:38 - 2013-09-30 17:37 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2013-09-30 17:04 - 2013-09-30 17:04 - 00201728 _____ (OldTimer Tools) C:\Documents and Settings\Shauna\Desktop\OTC.exe 2013-09-30 12:06 - 2013-09-30 12:06 - 00090112 _____ C:\WINDOWS\Minidump\Mini093013-01.dmp 2013-09-30 11:22 - 2013-10-02 10:45 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\FRST 2013-09-30 10:16 - 2013-09-30 20:00 - 00000000 ____D C:\FRST 2013-09-30 08:59 - 2013-09-30 11:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) 2013-09-30 08:58 - 2013-09-30 08:58 - 00048728 _____ (MalwareBytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2013-09-30 06:50 - 2013-09-30 06:50 - 01030305 _____ (Thisisu) C:\Documents and Settings\Shauna\Desktop\JRT.exe 2013-09-29 23:33 - 2013-09-30 14:43 - 00000000 ____D C:\AdwCleaner 2013-09-24 09:40 - 2013-09-24 09:40 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-09-24 09:40 - 2013-09-24 09:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware 2013-09-24 09:40 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2013-09-22 21:13 - 2013-09-30 11:33 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\round-up 2013-09-19 21:50 - 2013-10-02 08:56 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\Calibre Library 2013-09-18 12:30 - 2013-09-28 16:42 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-09-17 20:13 - 2013-09-17 20:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome 2013-09-07 16:40 - 2013-09-07 16:40 - 00000000 ____D C:\Documents and Settings\Shauna\Calibre Library ==================== One Month Modified Files and Folders ======= 2013-10-02 10:48 - 2013-10-02 10:47 - 00008301 _____ C:\WINDOWS\KB2820197.log 2013-10-02 10:48 - 2013-10-01 12:30 - 00006081 _____ C:\WINDOWS\KB2757638.log 2013-10-02 10:48 - 2008-06-24 21:48 - 01912328 _____ C:\WINDOWS\WindowsUpdate.log 2013-10-02 10:48 - 2008-06-24 21:48 - 00665744 _____ C:\WINDOWS\setupapi.log 2013-10-02 10:48 - 2008-06-24 21:32 - 00380213 _____ C:\WINDOWS\tsoc.log 2013-10-02 10:48 - 2008-06-24 21:32 - 00150574 _____ C:\WINDOWS\iis6.log 2013-10-02 10:48 - 2008-06-24 21:25 - 00971946 _____ C:\WINDOWS\FaxSetup.log 2013-10-02 10:48 - 2008-06-24 21:25 - 00492432 _____ C:\WINDOWS\ocgen.log 2013-10-02 10:48 - 2008-06-24 21:25 - 00330862 _____ C:\WINDOWS\comsetup.log 2013-10-02 10:48 - 2008-06-24 21:25 - 00201317 _____ C:\WINDOWS\ntdtcsetup.log 2013-10-02 10:48 - 2008-06-24 21:25 - 00053994 _____ C:\WINDOWS\ocmsn.log 2013-10-02 10:48 - 2008-06-24 21:25 - 00049176 _____ C:\WINDOWS\msgsocm.log 2013-10-02 10:48 - 2008-06-24 21:25 - 00001374 _____ C:\WINDOWS\imsins.log 2013-10-02 10:47 - 2013-10-02 10:47 - 00006396 _____ C:\WINDOWS\KB2863058.log 2013-10-02 10:47 - 2013-10-02 10:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2863058$ 2013-10-02 10:47 - 2013-10-02 10:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2849470$ 2013-10-02 10:47 - 2013-10-02 10:47 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2820197$ 2013-10-02 10:47 - 2012-07-26 21:50 - 00017242 _____ C:\WINDOWS\system32\TZLog.log 2013-10-02 10:47 - 2009-06-14 19:17 - 00000000 ___HD C:\WINDOWS\$hf_mig$ 2013-10-02 10:47 - 2008-06-24 21:25 - 00001374 _____ C:\WINDOWS\imsins.BAK 2013-10-02 10:47 - 2008-06-24 21:24 - 00099661 _____ C:\WINDOWS\updspapi.log 2013-10-02 10:46 - 2013-10-02 10:46 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2727528$ 2013-10-02 10:46 - 2013-10-01 12:26 - 00013494 _____ C:\WINDOWS\KB2813345.log 2013-10-02 10:46 - 2013-10-01 12:26 - 00011940 _____ C:\WINDOWS\KB2727528.log 2013-10-02 10:45 - 2013-10-02 10:45 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2813345$ 2013-10-02 10:45 - 2013-09-30 11:22 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\FRST 2013-10-02 10:44 - 2013-10-02 10:44 - 00000000 ____D C:\WINDOWS\LastGood 2013-10-02 10:44 - 2009-06-14 19:17 - 00000000 ____D C:\WINDOWS\Microsoft.NET 2013-10-02 10:43 - 2008-06-24 21:26 - 00502516 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2013-10-02 10:38 - 2009-09-17 04:10 - 00000282 _____ C:\WINDOWS\Tasks\BackOnTrack Instant Restore Idle.job 2013-10-02 10:34 - 2012-07-27 06:06 - 00000000 ____D C:\WINDOWS\system32\XPSViewer 2013-10-02 10:31 - 2013-10-02 10:21 - 00000000 ____D C:\WINDOWS\system32\MRT 2013-10-02 10:22 - 2012-07-22 22:40 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2013-10-02 09:56 - 2012-07-24 14:15 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2013-10-02 09:49 - 2013-06-10 18:03 - 00000424 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{B1F49AD2-9F9C-4279-A3B5-B260CFC4E382}.job 2013-10-02 09:47 - 2012-07-22 22:44 - 00000288 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-1226193511-2892163551-3241378241-1006.job 2013-10-02 09:47 - 2012-07-22 22:44 - 00000280 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-1226193511-2892163551-3241378241-1006.job 2013-10-02 09:46 - 2008-06-24 14:08 - 00000157 _____ C:\WINDOWS\wiadebug.log 2013-10-02 09:46 - 2008-06-24 14:08 - 00000049 _____ C:\WINDOWS\wiaservc.log 2013-10-02 09:45 - 2012-07-22 22:40 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2013-10-02 09:45 - 2008-06-24 21:48 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2013-10-02 09:40 - 2013-08-13 19:02 - 00000282 _____ C:\WINDOWS\Tasks\GoforFilesUpdate.job 2013-10-02 09:40 - 2013-06-15 11:59 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job 2013-10-02 09:34 - 2012-07-24 14:29 - 00000000 ____D C:\Program Files\stinger 2013-10-02 09:02 - 2013-10-02 09:02 - 00000000 ____D C:\WINDOWS\ERUNT 2013-10-02 08:56 - 2013-09-19 21:50 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\Calibre Library 2013-10-01 23:37 - 2013-10-01 23:37 - 00002353 _____ C:\Documents and Settings\Shauna\Desktop\safe-RKreport[0]_S_10012013_233546.txt 2013-10-01 23:35 - 2013-10-01 23:35 - 00002353 _____ C:\Documents and Settings\Shauna\Desktop\RKreport[0]_S_10012013_233546.txt 2013-10-01 23:35 - 2013-10-01 23:27 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\RK_Quarantine 2013-10-01 23:17 - 2013-10-01 19:50 - 00000178 ___SH C:\Documents and Settings\Administrator.LITTLEBIRD2\ntuser.ini 2013-10-01 23:17 - 2012-07-10 17:37 - 00000000 ____D C:\Calibre 2013-10-01 23:14 - 2013-10-01 23:09 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Application Data\calibre 2013-10-01 23:11 - 2013-10-01 23:11 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Calibre Library 2013-10-01 23:11 - 2013-10-01 19:50 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2 2013-10-01 23:10 - 2013-10-01 23:10 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\My Documents\Calibre Library 2013-10-01 22:53 - 2013-10-01 22:53 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\Mozilla 2013-10-01 22:53 - 2013-10-01 22:53 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Application Data\Mozilla 2013-10-01 20:23 - 2012-07-22 20:58 - 00000000 ____D C:\Program Files\HijackThis 2013-10-01 20:05 - 2008-06-24 21:09 - 00000356 ___SH C:\boot.ini 2013-10-01 19:58 - 2013-10-01 19:58 - 00000000 ____D C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\Google 2013-10-01 19:54 - 2013-10-01 19:54 - 00055496 _____ C:\Documents and Settings\Administrator.LITTLEBIRD2\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2013-10-01 19:41 - 2009-09-17 04:08 - 00000178 ___SH C:\Documents and Settings\Shauna\ntuser.ini 2013-10-01 19:41 - 2009-09-17 04:08 - 00000000 ____D C:\Documents and Settings\Shauna 2013-10-01 19:41 - 2008-06-24 21:48 - 00032382 _____ C:\WINDOWS\SchedLgU.Txt 2013-10-01 17:29 - 2012-07-25 13:36 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\Protection 2013-10-01 15:25 - 2009-06-14 19:17 - 00000000 ____D C:\WINDOWS\system32\Restore 2013-10-01 13:18 - 2013-10-01 13:18 - 00012153 _____ C:\ComboFix.txt 2013-10-01 13:18 - 2013-10-01 10:52 - 00000000 ____D C:\Qoobox 2013-10-01 13:14 - 2013-10-01 10:51 - 00000000 ____D C:\WINDOWS\erdnt 2013-10-01 13:13 - 2013-10-01 13:13 - 00000227 _____ C:\WINDOWS\system.ini 2013-10-01 12:31 - 2013-10-01 12:29 - 00004178 _____ C:\WINDOWS\KB2758857.log 2013-10-01 12:31 - 2013-10-01 12:29 - 00004094 _____ C:\WINDOWS\KB2802968.log 2013-10-01 12:31 - 2013-10-01 12:29 - 00004009 _____ C:\WINDOWS\KB2780091.log 2013-10-01 12:31 - 2013-10-01 12:28 - 00004526 _____ C:\WINDOWS\KB2876315.log 2013-10-01 12:31 - 2013-10-01 12:28 - 00004009 _____ C:\WINDOWS\KB2876217.log 2013-10-01 12:31 - 2013-10-01 12:28 - 00004009 _____ C:\WINDOWS\KB2845187.log 2013-10-01 12:30 - 2013-10-01 12:28 - 00004007 _____ C:\WINDOWS\KB2864063.log 2013-10-01 12:30 - 2013-10-01 12:28 - 00003922 _____ C:\WINDOWS\KB2850869.log 2013-10-01 12:30 - 2013-10-01 12:27 - 00004350 _____ C:\WINDOWS\KB2859537.log 2013-10-01 12:30 - 2013-10-01 12:27 - 00003841 _____ C:\WINDOWS\KB2820917.log 2013-10-01 11:41 - 2009-06-14 20:49 - 00000000 ____D C:\Program Files\HP 2013-10-01 11:02 - 2013-10-01 11:02 - 00000000 _RSHD C:\cmdcons 2013-10-01 10:50 - 2013-10-01 09:58 - 05132885 ____R (Swearware) C:\Documents and Settings\Shauna\Desktop\ComboFix.exe 2013-10-01 09:01 - 2013-09-30 18:03 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Documents and Settings\Shauna\Desktop\SpyHunter-Installer.exe 2013-10-01 08:28 - 2013-10-01 08:28 - 03958206 _____ C:\Documents and Settings\Shauna\Desktop\AutorunRemover.zip 2013-09-30 20:04 - 2013-09-30 20:04 - 00000000 ____D C:\Documents and Settings\Shauna\Local Settings\Application Data\Sun 2013-09-30 20:00 - 2013-09-30 10:16 - 00000000 ____D C:\FRST 2013-09-30 17:57 - 2012-07-12 08:17 - 00000000 ____D C:\Games 2013-09-30 17:53 - 2012-11-05 17:35 - 00000000 ____D C:\Program Files\Detective Stories Hollywood 2013-09-30 17:39 - 2013-09-30 17:39 - 00000000 ____D C:\Program Files\Common Files\Java 2013-09-30 17:39 - 2013-09-30 17:39 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Sun 2013-09-30 17:38 - 2013-09-30 17:38 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java 2013-09-30 17:37 - 2013-09-30 17:38 - 00868264 _____ (Oracle Corporation) C:\WINDOWS\system32\npDeployJava1.dll 2013-09-30 17:37 - 2013-09-30 17:38 - 00790440 _____ (Oracle Corporation) C:\WINDOWS\system32\deployJava1.dll 2013-09-30 17:37 - 2013-09-30 17:38 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2013-09-30 17:37 - 2013-09-30 17:38 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2013-09-30 17:37 - 2013-09-30 17:38 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2013-09-30 17:37 - 2013-09-30 17:38 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2013-09-30 17:37 - 2009-06-14 20:59 - 00144896 _____ (Oracle Corporation) C:\WINDOWS\system32\javacpl.cpl 2013-09-30 17:36 - 2009-06-14 20:58 - 00000000 ____D C:\Program Files\Java 2013-09-30 17:04 - 2013-09-30 17:04 - 00201728 _____ (OldTimer Tools) C:\Documents and Settings\Shauna\Desktop\OTC.exe 2013-09-30 16:20 - 2009-06-14 19:17 - 00000000 ____D C:\WINDOWS\twain_32 2013-09-30 14:43 - 2013-09-29 23:33 - 00000000 ____D C:\AdwCleaner 2013-09-30 12:28 - 2013-04-21 11:16 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\New Books 2013-09-30 12:06 - 2013-09-30 12:06 - 00090112 _____ C:\WINDOWS\Minidump\Mini093013-01.dmp 2013-09-30 12:06 - 2012-07-22 19:10 - 00000000 ____D C:\WINDOWS\Minidump 2013-09-30 11:45 - 2013-09-30 08:59 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes' Anti-Malware (portable) 2013-09-30 11:33 - 2013-09-22 21:13 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\round-up 2013-09-30 08:58 - 2013-09-30 08:58 - 00048728 _____ (MalwareBytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2013-09-30 06:50 - 2013-09-30 06:50 - 01030305 _____ (Thisisu) C:\Documents and Settings\Shauna\Desktop\JRT.exe 2013-09-29 23:48 - 2012-07-26 21:55 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB952287$ 2013-09-28 16:42 - 2013-09-18 12:30 - 00000000 ____D C:\Program Files\Mozilla Firefox 2013-09-28 16:42 - 2013-05-20 18:34 - 00003727 _____ C:\Program Files\Mozilla Firefoxavg-secure-search.xml 2013-09-28 16:41 - 2013-01-03 19:32 - 00037664 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx86.sys 2013-09-25 20:30 - 2009-06-14 19:17 - 00000000 ____D C:\WINDOWS\Registration 2013-09-24 09:40 - 2013-09-24 09:40 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware 2013-09-24 09:40 - 2013-09-24 09:40 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware 2013-09-23 18:02 - 2013-01-03 19:37 - 00000000 ____D C:\Documents and Settings\Shauna\Application Data\mIRC 2013-09-23 04:49 - 2013-05-03 16:22 - 00000000 ____D C:\mIRCa 2013-09-20 13:04 - 2012-07-25 13:17 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service 2013-09-19 10:53 - 2008-06-24 21:48 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl 2013-09-19 10:50 - 2008-06-24 21:12 - 00001507 _____ C:\Documents and Settings\All Users\Start Menu\Windows Update.lnk 2013-09-19 06:29 - 2013-06-15 13:04 - 00000000 ____D C:\Documents and Settings\Shauna\Desktop\calibre & ebook progs 2013-09-17 20:17 - 2013-01-09 17:31 - 00002347 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Adobe Reader XI.lnk 2013-09-17 20:13 - 2013-09-17 20:13 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome 2013-09-17 20:12 - 2012-07-22 22:35 - 00000000 ____D C:\Program Files\Google 2013-09-07 16:40 - 2013-09-07 16:40 - 00000000 ____D C:\Documents and Settings\Shauna\Calibre Library Some content of TEMP: ==================== C:\Documents and Settings\Shauna\Local Settings\Temp\ntdll_dump.dll C:\Documents and Settings\Shauna\Local Settings\Temp\{2F4B2B39-673C-4C47-A763-EFC28FD5444B}.exe C:\Documents and Settings\Shauna\Local Settings\Temp\{88C900A5-850D-434F-BCBC-2C269C5B344B}.exe ==================== Bamital & volsnap Check ================= C:\Windows\explorer.exe => MD5 is legit C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit ==================== End Of Log ============================ -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Okay, I have a target. Let me see if it'll work. BRB. Oh, and thank you. I sure do love that roguekiller. -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Oh...and when I did initially have task manager up...there was nothing in the running section that said tdsskiller. What does it call itself in task manager. Maybe I can get to it quickly before it freezes. -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
It froze my task manager in normal mode. I am now in safe mode. Will task manager open in safe mode? That's what I'm trying to suss out. How to stop tdssk and get my windows back. -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
It's a good thing I still have it on my pc's desktop. I'm on my Mac writing this. I won't be able to post the logs until can reaccess my pc and windows without freezing up. I'll go and do what I can. I should be able to do this in safe mode correct? Do i understand you correctly. This running of mbar will stop tdssk from attempting to initialize? -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Mr. C. I know this is getting to be a pain in the sitdown and for that I apologize. I went ahead and tried the cure. It accepted it and wanted to shut down. It did so. Unfortunately when it tried to reboot...tdssk tried again to initialize. Again freezing me out completely. I've somehow managed to get into safe mode. Is there something that I can do to actually stop tdss from initializing? I've looked in the add/remove in my control panel. It isn't in there. I've checked the start up section. I can't see it in there. I've also looked in the program files for it and only found a quarantine folder titled tdssk. Not the actual program. I have a feeling if I could just get it to not start I should be okay. Would simply deleting the program stop it? -
Home Page & Search Bar HiJacked / Odd Windows Pop Up
TishB replied to TishB's topic in Resolved Malware Removal Logs
Then that's what I'll do. I just reread your instructions to use tdssk and I saw where you mentioned that Ddevice Hard DRO and wasn't certain if that was it or not. That's why I've asked. okay...brb. Let the adventure begin. I'll keep you informed.
