Jump to content

Recommended Posts

MalwareBytes has been run a few times, in both a regular windows boot and in safe mode, as well as Panda cloud cleaner. I also ran TrendMicro housecall which came back reporting nothing found but there are obvious remaining issues with adware popups and returning software such as surftastic, which I removed once already via control panel. Thanks in advance for all that you folks do.
 
DDS (Ver_2012-11-20.01) - NTFS_x86 
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.51.2
Run by Administrator at 21:06:54 on 2014-03-19
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1527.864 [GMT -4:00]
.
AV: Panda Cloud Antivirus *Enabled/Updated* {5AD27692-540A-464E-B625-78275FA38393}
FW: Cloud Antivirus Firewall *Disabled* 
.
============== Running Processes ================
.
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Analog Devices\SoundMAX\DrvLsnr.exe
C:\Program Files\COMPAQ\Easy Access Button Support\StartEAK.exe
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\Common Files\AOL\1334598415\ee\AOLSoftware.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAMain.exe
C:\Compaq\EAKDRV\EAUSBKBD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe
C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe
C:\Program Files\Select-N-Go-soft\Select-N-Go155.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Surftastic\updateSurftastic.exe
C:\Program Files\Surftastic\Surftastic.FirstRun.exe
C:\Program Files\Surftastic\bin\utilSurftastic.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\WINDOWS\TEMP\tmp149.exe
C:\WINDOWS\TEMP\is-2JFFB.tmp\tmp149.tmp
C:\WINDOWS\TEMP\setup__6965.exe
C:\Program Files\Bin\UpdateTool\UpdaterToolService.exe
C:\Program Files\Compaq\Easy Access Button Support\CPQEAKSYSTEMTRAY.EXE
C:\Program Files\Compaq\Easy Access Button Support\CPQEADM.EXE
C:\PROGRA~1\Compaq\EASYAC~1\BttnServ.exe
C:\Program Files\TightVNC\tvnserver.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uInternet Connection Wizard,ShellNext = "c:\program files\outlook express\msimn.exe"
uProxyServer = hxxp=127.0.0.1:13828
uURLSearchHooks: <No Name>: {5fdeb94c-c7bf-4da6-93ea-2f03a243fa10} - c:\program files\howtosimplified_8e\bar\1.bin\8eSrcAs.dll
uURLSearchHooks: <No Name>: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - c:\program files\mapsgalaxy_39\bar\1.bin\39SrcAs.dll
mURLSearchHooks: AOL Toolbar Search Class: {f0e98552-8e47-4c6c-9b3a-11ab0549f94d} - c:\program files\aol toolbar\aoltb.dll
mURLSearchHooks: AOL Mail Toolbar Search Class: {98572e47-b5fe-43de-9aea-492a1d3064cd} - c:\program files\aol mail toolbar\aolmailtb.dll
dURLSearchHooks: <No Name>: {26842a09-ffa8-4e2c-ae12-0c80f01c3295} - c:\program files\mapsgalaxy_39\bar\1.bin\39SrcAs.dll
dURLSearchHooks: <No Name>: {5fdeb94c-c7bf-4da6-93ea-2f03a243fa10} - c:\program files\howtosimplified_8e\bar\1.bin\8eSrcAs.dll
BHO: Toolbar BHO: {1e91a655-bb4b-4693-a05e-2edebc4c9d89} - c:\program files\mapsgalaxy_39\bar\1.bin\39bar.dll
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\realnetworks\realdownloader\browserplugins\ie\rndlbrowserrecordplugin.dll
BHO: AOL Toolbar Loader: {3ef64538-8b54-4573-b48f-4d34b0238ab2} - c:\program files\aol toolbar\aoltb.dll
BHO: ConvertFilesforFree: {59A062A1-5ECA-4a1a-BC44-B2A9283A8ACB} - c:\program files\convert files for free\ConvertFilesforFree.dll
BHO: Toolbar BHO: {61673209-76a0-4a62-ab12-014ce1a1b00e} - c:\program files\howtosimplified_8e\bar\1.bin\8ebar.dll
BHO: Search Assistant BHO: {71c1d63a-c944-428a-a5bd-ba513190e5d2} - c:\program files\mapsgalaxy_39\bar\1.bin\39SrcAs.dll
BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.9012.1008\swg.dll
BHO: Surftastic: {c6673938-a52b-4dc6-af05-783e7e2c8b65} - c:\program files\surftastic\Surftasticbho.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
BHO: Search Assistant BHO: {ebf859ec-4900-40d5-b5e5-74766b5f407d} - c:\program files\howtosimplified_8e\bar\1.bin\8eSrcAs.dll
BHO: AOL Mail Toolbar Loader: {fbea8524-8c72-4208-9d12-7fb73e9926eb} - c:\program files\aol mail toolbar\aolmailtb.dll
TB: AOL Mail Toolbar: {A3704FA3-DBF6-46B5-B95E-0677DFD39577} - c:\program files\aol mail toolbar\aolmailtb.dll
TB: AOL Toolbar: {BA00B7B1-0351-477A-B948-23E3EE5A73D4} - c:\program files\aol toolbar\aoltb.dll
TB: MapsGalaxy: {364EA597-E728-4CE4-BB4A-ED846EF47970} - c:\program files\mapsgalaxy_39\bar\1.bin\39bar.dll
TB: AOL Mail Toolbar: {a3704fa3-dbf6-46b5-b95e-0677dfd39577} - c:\program files\aol mail toolbar\aolmailtb.dll
TB: AOL Toolbar: {ba00b7b1-0351-477a-b948-23e3ee5a73d4} - c:\program files\aol toolbar\aoltb.dll
TB: MapsGalaxy: {364ea597-e728-4ce4-bb4a-ed846ef47970} - c:\program files\mapsgalaxy_39\bar\1.bin\39bar.dll
TB: HowToSimplified: {e0c22e6b-a7bd-43f6-b5cc-020e06d11a45} - c:\program files\howtosimplified_8e\bar\1.bin\8ebar.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
mRun: [igfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [smapp] c:\program files\analog devices\soundmax\SMTray.exe
mRun: [DrvLsnr] c:\program files\analog devices\soundmax\DrvLsnr.exe
mRun: [srmclean] c:\cpqs\scom\srmclean.exe
mRun: [setRefresh] c:\program files\compaq\setrefresh\SetRefresh.exe
mRun: [CPQEASYACC] c:\program files\compaq\easy access button support\StartEAK.exe
mRun: [lxccmon.exe] "c:\program files\lexmark 3300 series\lxccmon.exe"
mRun: [FaxCenterServer] "c:\program files\lexmark fax solutions\fm3032.exe" /s
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [tvncontrol] "c:\program files\tightvnc\tvnserver.exe" -controlservice -slave
mRun: [HostManager] c:\program files\common files\aol\1334598415\ee\AOLSoftware.exe
mRun: [LXCCCATS] rundll32 c:\windows\system32\spool\drivers\w32x86\3\LXCCtime.dll,_RunDLLEntry@16
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [PSUAMain] "c:\program files\panda security\panda cloud antivirus\PSUAMain.exe" /LaunchSysTray
mRun: [MapsGalaxy Home Page Guard 32 bit] "c:\progra~1\mapsga~2\bar\1.bin\AppIntegrator.exe"
mRun: [MapsGalaxy Search Scope Monitor] "c:\progra~1\mapsga~2\bar\1.bin\39srchmn.exe" /m=2 /w /h
mRun: [HowToSimplified Home Page Guard 32 bit] "c:\progra~1\howtos~2\bar\1.bin\AppIntegrator.exe"
mRun: [HowToSimplified Search Scope Monitor] "c:\progra~1\howtos~2\bar\1.bin\8esrchmn.exe" /m=2 /w /h
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office\OSA9.EXE
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0014-0002-0001-ABCDEFFEDCBC} - <orphaned>
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
TCP: NameServer = 72.240.13.7 72.240.13.5 156.154.70.43
TCP: Interfaces\{C4EBA40F-32D3-4EB3-9A03-3E1E234EDB73} : DHCPNameServer = 72.240.13.7 72.240.13.5 156.154.70.43
Handler: inbox - {37540F19-DD4C-478B-B2DF-C19281BCAF27} - 
Notify: igfxcui - igfxsrvc.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
Hosts: 54.225.95.126 gcbkfpidjhchgnokamccdemjfamackdh
============= SERVICES / DRIVERS ===============
.
R1 NNSALPC;NNSAlpc;c:\windows\system32\drivers\NNSAlpc.sys [2013-5-28 84200]
R1 NNSHTTP;NNSHttp;c:\windows\system32\drivers\NNSHttp.sys [2013-5-28 126184]
R1 NNSHTTPS;NNSHttps;c:\windows\system32\drivers\NNSHttps.sys [2013-5-28 107752]
R1 NNSIDS;NNSids;c:\windows\system32\drivers\NNSIds.sys [2013-5-28 124648]
R1 NNSPICC;NNSPicc;c:\windows\system32\drivers\NNSpicc.sys [2013-5-28 95464]
R1 NNSPOP3;NNSPop3;c:\windows\system32\drivers\NNSPop3.sys [2013-5-28 106344]
R1 NNSPROT;NNSProt;c:\windows\system32\drivers\NNSProt.sys [2013-5-28 287336]
R1 NNSPRV;NNSPrv;c:\windows\system32\drivers\NNSPrv.sys [2013-5-28 161384]
R1 NNSSMTP;NNSSmtp;c:\windows\system32\drivers\NNSSmtp.sys [2013-5-28 108904]
R1 NNSSTRM;NNSStrm;c:\windows\system32\drivers\NNSStrm.sys [2013-5-28 230376]
R1 NNSTLSC;NNSTlsc;c:\windows\system32\drivers\NNStlsc.sys [2013-5-28 93928]
R1 PSINKNC;PSINKnc;c:\windows\system32\drivers\PSINKNC.sys [2013-10-11 179944]
R2 ConvertFilesforFreeUpdt;ConvertFilesforFreeUpdt;c:\program files\convert files for free\ConvertFilesforFreeUpdt.exe [2014-1-28 252928]
R2 NanoServiceMain;Panda Cloud Antivirus Service;c:\program files\panda security\panda cloud antivirus\PSANHost.exe [2013-10-3 140768]
R2 PSINAflt;PSINAflt;c:\windows\system32\drivers\PSINAflt.sys [2013-10-17 145640]
R2 PSINFile;PSINFile;c:\windows\system32\drivers\PSINFile.sys [2013-10-11 103528]
R2 PSINProc;PSINProc;c:\windows\system32\drivers\PSINProc.sys [2013-10-11 115048]
R2 PSINProt;PSINProt;c:\windows\system32\drivers\PSINProt.sys [2013-10-11 128232]
R2 PSUAService;Panda Product Service;c:\program files\panda security\panda cloud antivirus\PSUAService.exe [2013-10-19 37344]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\realnetworks\realdownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 ReimageRealTimeProtection;Reimage Real Time Protection;c:\program files\reimage\reimage repair\ReiGuard.exe [2014-1-15 4030824]
R2 Select-N-Go;Select-N-Go;c:\program files\select-n-go-soft\Select-N-Go155.exe [2014-3-3 193536]
R2 tvnserver;TightVNC Server;c:\program files\tightvnc\tvnserver.exe [2011-8-3 828944]
R2 Update Surftastic;Update Surftastic;c:\program files\surftastic\updateSurftastic.exe [2014-3-17 348960]
R2 UpdateServiceTool;UpdateSoftware;c:\program files\bin\updatetool\UpdaterToolService.exe [2014-3-2 6656]
R2 Util Surftastic;Util Surftastic;c:\program files\surftastic\bin\utilSurftastic.exe [2014-3-18 348960]
R3 PSKMAD;PSKMAD;c:\windows\system32\drivers\PSKMAD.sys [2014-3-17 47632]
S2 40030ae4;Supporter;c:\windows\system32\rundll32.exe [2001-8-18 33280]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 cpuz134;cpuz134;\??\c:\docume~1\admini~1\locals~1\temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\admini~1\locals~1\temp\cpuz134\cpuz134_x32.sys [?]
S3 PSINReg;PSINReg;c:\windows\system32\drivers\PSINReg.sys [2013-10-11 97896]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2001-8-18 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-7-20 754856]
S4 ca82e1a5;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe [2001-8-18 33280]
S4 NNSPIHS;NNSPihs;c:\windows\system32\drivers\NNSpihs.sys [2013-5-28 52328]
.
=============== Created Last 30 ================
.
2014-03-17 13:28:24 -------- d-----w- c:\program files\Surftastic
2014-03-17 12:19:55 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Sun
2014-03-17 12:18:25 145408 ----a-w- c:\windows\system32\javacpl.cpl
2014-03-17 12:18:15 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
2014-03-17 11:37:09 47632 ----a-w- c:\windows\system32\drivers\PSKMAD.sys
2014-03-17 11:36:47 -------- d-----w- c:\documents and settings\administrator\application data\Panda Security
2014-03-17 11:36:03 -------- d-----w- c:\program files\Panda Security
2014-03-17 11:36:03 -------- d-----w- c:\documents and settings\all users\application data\Panda Security
2014-03-17 10:35:47 13312 ------w- c:\windows\system32\xp_eos.exe
2014-03-17 10:35:47 13312 ------w- c:\windows\system32\dllcache\xp_eos.exe
2014-03-16 16:03:29 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes
2014-03-16 16:03:14 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes
2014-03-16 16:03:11 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-03-16 16:03:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2014-03-10 16:19:58 -------- d-----w- c:\program files\Lightspark 0.5.3-git
2014-03-10 15:59:27 -------- d-----w- c:\program files\Information
2014-03-10 15:56:00 -------- d-----w- c:\program files\Bench
2014-03-10 15:55:33 -------- d-----w- c:\documents and settings\administrator\local settings\application data\emaze
2014-03-10 15:55:07 -------- d-----w- c:\program files\File Type Helper
2014-03-10 15:55:05 -------- d-----w- c:\program files\Convert Files for Free
2014-03-10 15:53:07 -------- d-----w- c:\documents and settings\administrator\application data\RealNetworks
2014-03-10 15:53:02 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Real
2014-03-10 15:52:32 -------- d-----w- c:\program files\RealNetworks
2014-03-10 15:52:29 -------- d-----w- c:\documents and settings\all users\application data\RealNetworks
2014-03-10 15:52:13 -------- d-----w- c:\program files\common files\xing shared
2014-03-08 19:35:38 -------- d-----w- C:\Support
2014-03-08 19:35:29 -------- d-----w- c:\program files\Supporter
2014-03-08 19:34:11 -------- d-----w- c:\documents and settings\all users\application data\8ea0439b30eb392e
2014-03-08 19:34:10 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Torch
2014-03-08 19:34:10 -------- d-----w- c:\documents and settings\administrator\AppData
2014-03-08 19:34:09 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Google
2014-03-08 19:34:09 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Comodo
2014-03-06 19:10:23 35328 ----a-w- c:\windows\system32\drivers\pcntpci5.sys
2014-03-06 19:10:23 14208 ----a-w- c:\windows\system32\drivers\battc.sys
2014-03-06 19:10:23 13952 ----a-w- c:\windows\system32\drivers\CmBatt.sys
2014-03-06 19:10:23 10240 ----a-w- c:\windows\system32\drivers\compbatt.sys
2014-03-06 18:34:18 9216 ----a-w- c:\windows\system32\Native.exe
2014-03-06 18:34:13 -------- d-----w- C:\ReimageUndo
2014-03-06 17:51:18 -------- d-----w- c:\documents and settings\administrator\local settings\application data\LogMeIn Rescue Applet
2014-03-03 04:40:58 -------- d-----w- c:\program files\Conduit
2014-03-03 04:39:26 -------- d-----w- c:\program files\Select-N-Go-soft
2014-03-03 03:45:14 -------- d-----w- c:\documents and settings\all users\application data\CDB
2014-03-03 03:43:35 -------- d-----w- c:\program files\Reimage
2014-03-03 03:43:33 -------- d-----w- C:\rei
2014-03-03 03:38:37 -------- d-----w- c:\program files\TempInstaller
2014-03-03 03:37:10 -------- d-----w- c:\program files\TidyNetwork
2014-03-03 03:36:06 -------- d-----w- c:\program files\Re-markit-soft
2014-03-03 03:32:33 -------- d-----w- c:\documents and settings\administrator\local settings\application data\SearchProtect
2014-03-03 03:32:12 -------- d-----w- c:\documents and settings\administrator\application data\Optimizer Pro
2014-03-03 03:31:57 -------- d-----w- c:\program files\Optimizer Pro
2014-03-03 03:30:32 -------- d-----w- c:\program files\WiseConvert
2014-03-03 03:30:31 -------- d-----w- c:\program files\YTD Downloader
2014-03-03 03:30:31 -------- d-----w- c:\program files\Bin
.
==================== Find3M  ====================
.
2014-03-10 15:51:53 499712 ----a-w- c:\windows\system32\msvcp71.dll
2014-03-10 15:51:53 348160 ----a-w- c:\windows\system32\msvcr71.dll
2014-03-05 19:30:16 44 ----a-w- c:\windows\system32\msssc.dll
2014-02-24 11:46:36 920064 ----a-w- c:\windows\system32\wininet.dll
2014-02-24 11:45:58 43520 ------w- c:\windows\system32\licmgr10.dll
2014-02-24 11:45:57 1469440 ------w- c:\windows\system32\inetcpl.cpl
2014-02-24 11:45:42 18944 ----a-w- c:\windows\system32\corpol.dll
2014-02-24 10:54:21 385024 ------w- c:\windows\system32\html.iec
2014-02-21 02:23:30 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-02-21 02:23:30 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-02-07 02:01:37 1879040 ----a-w- c:\windows\system32\win32k.sys
2014-02-05 08:55:04 562688 ----a-w- c:\windows\system32\qedit.dll
2014-01-04 03:13:05 420864 ----a-w- c:\windows\system32\vbscript.dll
.
============= FINISH: 21:07:59.39 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 11/16/2010 11:51:18 AM
System Uptime: 3/18/2014 6:30:46 PM (27 hours ago)
.
Motherboard: Hewlett-Packard |  | 085Ch
Processor:               Intel® Pentium® 4 CPU 3.00GHz | XU1 PROCESSOR | 2992/800mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 75 GiB total, 54.375 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&369939D9&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&369939D9&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP316: 12/18/2013 9:59:52 PM - System Checkpoint
RP317: 12/25/2013 1:16:13 PM - System Checkpoint
RP318: 12/31/2013 11:11:51 AM - System Checkpoint
RP319: 1/1/2014 12:01:39 PM - Printer Driver Amyuni Document Converter 2.50 Installed
RP320: 1/1/2014 12:02:44 PM - Printer Driver Amyuni Document Converter 2.50 Installed
RP321: 1/1/2014 2:10:10 PM - Printer Driver Amyuni Document Converter 2.50 Installed
RP322: 1/1/2014 7:49:35 PM - Printer Driver Amyuni Document Converter 2.50 Installed
RP323: 1/1/2014 7:52:07 PM - Printer Driver Amyuni Document Converter 2.50 Installed
RP324: 1/3/2014 2:13:46 PM - System Checkpoint
RP325: 1/4/2014 3:32:53 PM - System Checkpoint
RP326: 1/5/2014 4:39:10 PM - System Checkpoint
RP327: 1/7/2014 7:53:06 AM - System Checkpoint
RP328: 1/7/2014 11:27:02 AM - Software Distribution Service 3.0
RP329: 1/9/2014 6:41:54 AM - System Checkpoint
RP330: 1/11/2014 12:30:51 PM - System Checkpoint
RP331: 1/12/2014 3:00:15 AM - Software Distribution Service 3.0
RP332: 1/13/2014 4:54:26 AM - System Checkpoint
RP333: 1/14/2014 3:00:16 AM - Software Distribution Service 3.0
RP334: 1/15/2014 3:00:15 AM - Software Distribution Service 3.0
RP335: 1/16/2014 3:43:27 AM - System Checkpoint
RP336: 1/17/2014 6:26:31 AM - System Checkpoint
RP337: 1/19/2014 10:51:12 PM - System Checkpoint
RP338: 1/20/2014 10:52:31 PM - System Checkpoint
RP339: 1/22/2014 12:45:27 AM - System Checkpoint
RP340: 1/23/2014 12:50:17 AM - System Checkpoint
RP341: 1/24/2014 12:52:31 AM - System Checkpoint
RP342: 1/25/2014 1:52:34 AM - System Checkpoint
RP343: 1/26/2014 2:24:42 AM - System Checkpoint
RP344: 1/27/2014 3:24:43 AM - System Checkpoint
RP345: 1/28/2014 4:24:43 AM - System Checkpoint
RP346: 1/29/2014 5:24:41 AM - System Checkpoint
RP347: 1/30/2014 6:24:43 AM - System Checkpoint
RP348: 1/31/2014 8:04:59 AM - System Checkpoint
RP349: 2/1/2014 8:13:40 AM - System Checkpoint
RP350: 2/2/2014 8:14:03 AM - System Checkpoint
RP351: 2/3/2014 9:14:03 AM - System Checkpoint
RP352: 2/5/2014 5:47:07 AM - System Checkpoint
RP353: 2/6/2014 1:50:19 PM - System Checkpoint
RP354: 2/7/2014 2:26:45 PM - System Checkpoint
RP355: 2/9/2014 10:23:50 AM - System Checkpoint
RP356: 2/10/2014 11:05:08 AM - System Checkpoint
RP357: 2/11/2014 12:02:17 PM - System Checkpoint
RP358: 2/13/2014 3:08:55 AM - Software Distribution Service 3.0
RP359: 2/14/2014 4:04:25 AM - System Checkpoint
RP360: 2/15/2014 4:17:55 AM - System Checkpoint
RP361: 2/16/2014 5:17:55 AM - System Checkpoint
RP362: 2/17/2014 2:45:30 PM - System Checkpoint
RP363: 2/18/2014 3:29:43 PM - System Checkpoint
RP364: 2/19/2014 10:13:31 PM - System Checkpoint
RP365: 2/20/2014 10:35:56 PM - System Checkpoint
RP366: 2/21/2014 11:34:51 PM - System Checkpoint
RP367: 2/23/2014 12:35:56 AM - System Checkpoint
RP368: 2/24/2014 1:35:13 AM - System Checkpoint
RP369: 2/25/2014 12:29:03 PM - System Checkpoint
RP370: 2/26/2014 1:15:23 PM - System Checkpoint
RP371: 2/27/2014 1:21:46 PM - System Checkpoint
RP372: 2/28/2014 3:44:03 PM - System Checkpoint
RP373: 3/1/2014 3:55:21 PM - System Checkpoint
RP374: 3/2/2014 5:02:48 PM - System Checkpoint
RP375: 3/3/2014 5:46:43 PM - System Checkpoint
RP376: 3/4/2014 7:58:27 PM - System Checkpoint
RP377: 3/5/2014 8:36:06 PM - System Checkpoint
RP378: 3/6/2014 1:35:30 PM - Reimage Repair Restore Point
RP379: 3/6/2014 2:44:01 PM - Software Distribution Service 3.0
RP380: 3/7/2014 5:28:56 PM - System Checkpoint
RP381: 3/7/2014 9:06:30 PM - Reimage Repair Restore Point
RP382: 3/7/2014 9:26:56 PM - Software Distribution Service 3.0
RP383: 3/9/2014 8:58:37 PM - System Checkpoint
RP384: 3/10/2014 9:28:51 PM - System Checkpoint
RP385: 3/12/2014 3:08:50 PM - System Checkpoint
RP386: 3/13/2014 11:44:03 AM - Software Distribution Service 3.0
RP387: 3/14/2014 3:00:17 AM - Software Distribution Service 3.0
RP388: 3/16/2014 12:20:50 PM - System Checkpoint
RP389: 3/17/2014 8:16:43 AM - Removed Java 6 Update 31
RP390: 3/17/2014 8:17:35 AM - Installed Java 7 Update 51
RP391: 3/18/2014 3:00:20 AM - Software Distribution Service 3.0
RP392: 3/18/2014 2:15:24 PM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
ABBYY FineReader 6.0 Sprint
Adobe Flash Player 12 ActiveX
Adobe Reader X (10.1.9)
AOL Mail Toolbar
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Broadcom Management Programs
Convert Files for Free
Download Updater (AOL Inc.)
Easy Access Button Support
Google Chrome
Google Toolbar for Internet Explorer
Google Update Helper
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HowToSimplified Internet Explorer Toolbar
HP Wireless Mouse
Information
Intel® Extreme Graphics Driver
InterVideo WinDVD
Java 7 Update 51
Java Auto Updater
Lexmark 3300 Series
Lexmark Fax Solutions
Malwarebytes Anti-Malware version 1.75.0.1300
MapsGalaxy Internet Explorer Toolbar
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Office 2000 Professional
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x86)
Optimizer Pro v3.2
Panda Cloud Antivirus
Quicken 2006
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
RealUpgrade 1.1
Reimage Repair
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2898855v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2898785)
Security Update for Windows Internet Explorer 8 (KB2909210)
Security Update for Windows Internet Explorer 8 (KB2909921)
Security Update for Windows Internet Explorer 8 (KB2925418)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2803821-v2)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2497640)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2893984)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982665)
Software Setup
SoundMAX
Supporter 1.80
Surftastic
TightVNC 2.0.4
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Windows (KB971513)
Update for Windows Internet Explorer 8 (KB2447568)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Update for Windows XP (KB898461)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Viewpoint Media Player
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Internet Explorer 8
Windows Management Framework Core
Windows XP Service Pack 3
WiseConvert
YTD Downloader version 1.5
.
==== Event Viewer Messages From Past Week ========
.
3/16/2014 12:57:24 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD Fips i8042prt intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss Tcpip
3/16/2014 12:57:24 PM, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
3/16/2014 12:57:24 PM, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
3/16/2014 12:57:24 PM, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
3/16/2014 12:57:24 PM, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
3/16/2014 12:56:31 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
3/16/2014 12:56:27 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
3/16/2014 12:52:46 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  i8042prt
3/16/2014 11:12:47 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Supporter service to connect.
3/16/2014 11:12:05 PM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume.
3/13/2014 9:26:59 AM, error: SideBySide [59]  - Generate Activation Context failed for C:\WINDOWS\system32\logonui.exe.Manifest. Reference error message: Error Message is unavailable .
3/13/2014 5:24:55 PM, error: Service Control Manager [7034]  - The Select-N-Go service terminated unexpectedly.  It has done this 1 time(s).
3/13/2014 5:23:02 PM, error: SideBySide [59]  - Generate Activation Context failed for C:\WINDOWS\system32\TAPI32.dll. Reference error message: The operation completed successfully. .
3/13/2014 5:11:21 PM, error: Print [6161]  - The document http://hgh.us.com/the-top-20-superfoods-that-will-help-you-lose owned by Administrator failed to print on printer Lexmark 3300 Series. Data type: LEMF. Size of the spool file in bytes: 508244. Number of bytes printed: 0. Total number of pages in the document: 4. Number of pages printed: 1. Client machine: \\HP10911140567. Win32 error code returned by the print processor: 0 (0x0). 
3/13/2014 12:01:12 AM, error: DCOM [10000]  - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "%1455" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
3/13/2014 12:00:32 AM, error: DCOM [10000]  - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "%1450" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
3/13/2014 12:00:01 AM, error: DCOM [10000]  - Unable to start a DCOM Server: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}. The error: "%487" Happened while starting this command: C:\WINDOWS\system32\wbem\wmiprvse.exe -secured -Embedding
3/12/2014 11:40:09 PM, error: SideBySide [59]  - Generate Activation Context failed for C:\Program Files\Bench\BService\bhelper.dll. Reference error message: Error Message is unavailable .
.
==== End Of File ===========================
 

 

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
Add-/remove programms

Click on start-->control panel.

Vista/7: Open Programs and Features
XP: Open add/remove programs

Search for and remove the following programs

AOL Mail Toolbar
AOL Toolbar
AOL Uninstaller (Choose which Products to Remove)
Google Toolbar for Internet Explorer
HowToSimplified Internet Explorer Toolbar
MapsGalaxy Internet Explorer Toolbar
Optimizer Pro v3.2
Surftastic
Supporter 1.80
WiseConvert


Close the window. 
 
 
 
Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

Hello Marius. Thank you again for your assistance. This computer belongs to my parents, and they still like to use the AOL desktop as that is an environment they are used to. Is it necessary to remove or is it simply suggested because it is an outdated program? I am unfamiliar with current AOL software so I don't know if there are better alternatives. I will remove everything else and await your reply to this before proceeding with AOL removal and the TDSSKiller log.

Regards,
Dave

Link to post
Share on other sites

16:50:41.0831 0x60a4  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02

16:51:07.0316 0x60a4  ============================================================

16:51:07.0316 0x60a4  Current date / time: 2014/03/20 16:51:07.0316

16:51:07.0316 0x60a4  SystemInfo:

16:51:07.0316 0x60a4  

16:51:07.0316 0x60a4  OS Version: 5.1.2600 ServicePack: 3.0

16:51:07.0316 0x60a4  Product type: Workstation

16:51:07.0316 0x60a4  ComputerName: HP10911140567

16:51:07.0316 0x60a4  UserName: Administrator

16:51:07.0316 0x60a4  Windows directory: C:\WINDOWS

16:51:07.0316 0x60a4  System windows directory: C:\WINDOWS

16:51:07.0316 0x60a4  Processor architecture: Intel x86

16:51:07.0316 0x60a4  Number of processors: 2

16:51:07.0316 0x60a4  Page size: 0x1000

16:51:07.0316 0x60a4  Boot type: Normal boot

16:51:07.0316 0x60a4  ============================================================

16:51:10.0362 0x60a4  KLMD registered as C:\WINDOWS\system32\drivers\48329213.sys

16:51:10.0503 0x60a4  System UUID: {36904282-AA57-9C62-BC53-688C8933C4A4}

16:51:11.0316 0x60a4  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054

16:51:11.0316 0x60a4  ============================================================

16:51:11.0316 0x60a4  \Device\Harddisk0\DR0:

16:51:11.0316 0x60a4  MBR partitions:

16:51:11.0316 0x60a4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1

16:51:11.0316 0x60a4  ============================================================

16:51:11.0347 0x60a4  C: <-> \Device\Harddisk0\DR0\Partition1

16:51:11.0347 0x60a4  ============================================================

16:51:11.0347 0x60a4  Initialize success

16:51:11.0347 0x60a4  ============================================================

16:52:26.0644 0x732c  ============================================================

16:52:26.0644 0x732c  Scan started

16:52:26.0644 0x732c  Mode: Manual; 

16:52:26.0644 0x732c  ============================================================

16:52:26.0644 0x732c  KSN ping started

16:52:40.0972 0x732c  KSN ping finished: true

16:52:41.0737 0x732c  ================ Scan system memory ========================

16:52:41.0753 0x732c  System memory - ok

16:52:41.0753 0x732c  ================ Scan services =============================

16:52:41.0894 0x732c  [ 037B1E7798960E0420003D05BB577EE6, DEE53D6D332DADD40C0CE34A425A6C0781F611765DCD4299D869F2B1EE80AE66 ] 40030ae4        C:\WINDOWS\system32\rundll32.exe

16:52:41.0894 0x732c  40030ae4 - ok

16:52:42.0066 0x732c  Abiosdsk - ok

16:52:42.0081 0x732c  abp480n5 - ok

16:52:42.0128 0x732c  [ 0F2D66D5F08EBE2F77BB904288DCF6F0, 5969A64B6995DCAF16F9A76BD1235472F76D71DFE629B956221D2C3D73EDF98A ] ac97intc        C:\WINDOWS\system32\drivers\ac97intc.sys

16:52:42.0128 0x732c  ac97intc - ok

16:52:42.0191 0x732c  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

16:52:42.0191 0x732c  ACPI - ok

16:52:42.0222 0x732c  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

16:52:42.0237 0x732c  ACPIEC - ok

16:52:42.0316 0x732c  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

16:52:42.0331 0x732c  AdobeFlashPlayerUpdateSvc - ok

16:52:42.0362 0x732c  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\System32\DRIVERS\adpu160m.sys

16:52:42.0378 0x732c  adpu160m - ok

16:52:42.0612 0x732c  [ 0EA9B1F0C6C90A509C8603775366ADB7, 9B8AE3D9757319B1AD88A3FFF64AF7B6253D484977C8478EC8024778FE2EF74D ] adpu320         C:\WINDOWS\System32\DRIVERS\adpu320.sys

16:52:42.0612 0x732c  adpu320 - ok

16:52:42.0659 0x732c  [ E696E749BEDCDA8B23757B8B5EA93780, 9A5F2B7E70C414D0A21AE1ACD0C22587D0BC67BE52472496C4B4B20603057606 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys

16:52:42.0659 0x732c  aeaudio - ok

16:52:42.0691 0x732c  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

16:52:42.0706 0x732c  aec - ok

16:52:42.0753 0x732c  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

16:52:42.0753 0x732c  AFD - ok

16:52:42.0769 0x732c  Aha154x - ok

16:52:42.0816 0x732c  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\System32\DRIVERS\aic78u2.sys

16:52:42.0816 0x732c  aic78u2 - ok

16:52:42.0847 0x732c  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\System32\DRIVERS\aic78xx.sys

16:52:42.0847 0x732c  aic78xx - ok

16:52:42.0878 0x732c  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

16:52:42.0878 0x732c  Alerter - ok

16:52:42.0909 0x732c  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe

16:52:42.0909 0x732c  ALG - ok

16:52:42.0925 0x732c  AliIde - ok

16:52:42.0941 0x732c  amsint - ok

16:52:43.0019 0x732c  [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS         C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

16:52:43.0034 0x732c  AOL ACS - ok

16:52:43.0066 0x732c  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

16:52:43.0081 0x732c  AppMgmt - ok

16:52:43.0097 0x732c  asc - ok

16:52:43.0112 0x732c  asc3350p - ok

16:52:43.0112 0x732c  asc3550 - ok

16:52:43.0206 0x732c  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

16:52:43.0222 0x732c  aspnet_state - ok

16:52:43.0269 0x732c  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

16:52:43.0269 0x732c  AsyncMac - ok

16:52:43.0316 0x732c  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

16:52:43.0331 0x732c  atapi - ok

16:52:43.0331 0x732c  Atdisk - ok

16:52:43.0362 0x732c  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

16:52:43.0362 0x732c  Atmarpc - ok

16:52:43.0394 0x732c  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

16:52:43.0394 0x732c  AudioSrv - ok

16:52:43.0425 0x732c  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

16:52:43.0425 0x732c  audstub - ok

16:52:43.0472 0x732c  [ 0E72B88B05A5931C46EFA7D511D9AEB9, 6E35F22F7F6F6CB3FCDE063A28E194E091795BFE89165AE29DE0AEB71156A6F6 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys

16:52:43.0487 0x732c  b57w2k - ok

16:52:43.0503 0x732c  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

16:52:43.0503 0x732c  Beep - ok

16:52:43.0566 0x732c  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll

16:52:43.0581 0x732c  BITS - ok

16:52:43.0644 0x732c  [ 196CC9B84778FB8046A9AF703CA956A2, A9EDAF6431DBB0899E90E64A1EDA1A9BA67726196D8E3B5087C2DBD63A977602 ] Blfp            C:\WINDOWS\system32\DRIVERS\baspxp32.sys

16:52:43.0644 0x732c  Blfp - ok

16:52:43.0878 0x732c  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll

16:52:43.0894 0x732c  Browser - ok

16:52:43.0956 0x732c  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

16:52:43.0956 0x732c  cbidf2k - ok

16:52:43.0972 0x732c  cd20xrnt - ok

16:52:44.0003 0x732c  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

16:52:44.0003 0x732c  Cdaudio - ok

16:52:44.0050 0x732c  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

16:52:44.0066 0x732c  Cdfs - ok

16:52:44.0081 0x732c  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

16:52:44.0097 0x732c  Cdrom - ok

16:52:44.0112 0x732c  Changer - ok

16:52:44.0159 0x732c  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

16:52:44.0159 0x732c  CiSvc - ok

16:52:44.0175 0x732c  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

16:52:44.0175 0x732c  ClipSrv - ok

16:52:44.0206 0x732c  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

16:52:44.0206 0x732c  clr_optimization_v2.0.50727_32 - ok

16:52:44.0284 0x732c  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

16:52:44.0284 0x732c  clr_optimization_v4.0.30319_32 - ok

16:52:44.0300 0x732c  CmdIde - ok

16:52:44.0316 0x732c  COMSysApp - ok

16:52:44.0394 0x732c  [ 6F4999A61A7C709E748A7868D99BF450, BC5FAB1749AA704F26246871FF4DCF9E4A668B91765C32E9C0EFF4255A97A2C7 ] ConvertFilesforFreeUpdt C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe

16:52:44.0409 0x732c  ConvertFilesforFreeUpdt - ok

16:52:44.0425 0x732c  Cpqarray - ok

16:52:44.0519 0x732c  cpuz134 - ok

16:52:44.0566 0x732c  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

16:52:44.0566 0x732c  CryptSvc - ok

16:52:44.0581 0x732c  dac2w2k - ok

16:52:44.0581 0x732c  dac960nt - ok

16:52:44.0644 0x732c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

16:52:44.0675 0x732c  DcomLaunch - ok

16:52:44.0706 0x732c  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

16:52:44.0722 0x732c  Dhcp - ok

16:52:44.0737 0x732c  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

16:52:44.0737 0x732c  Disk - ok

16:52:44.0753 0x732c  dmadmin - ok

16:52:44.0816 0x732c  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

16:52:44.0862 0x732c  dmboot - ok

16:52:44.0894 0x732c  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

16:52:44.0894 0x732c  dmio - ok

16:52:45.0144 0x732c  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

16:52:45.0144 0x732c  dmload - ok

16:52:45.0175 0x732c  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll

16:52:45.0191 0x732c  dmserver - ok

16:52:45.0222 0x732c  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

16:52:45.0222 0x732c  DMusic - ok

16:52:45.0284 0x732c  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

16:52:45.0284 0x732c  Dnscache - ok

16:52:45.0331 0x732c  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

16:52:45.0331 0x732c  Dot3svc - ok

16:52:45.0362 0x732c  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\System32\DRIVERS\dpti2o.sys

16:52:45.0362 0x732c  dpti2o - ok

16:52:45.0394 0x732c  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

16:52:45.0394 0x732c  drmkaud - ok

16:52:45.0441 0x732c  [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys

16:52:45.0441 0x732c  E100B - ok

16:52:45.0487 0x732c  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll

16:52:45.0487 0x732c  EapHost - ok

16:52:45.0519 0x732c  [ 53CE0799C9384CAC99942FF032285F21, E92128BC2D62E32E511680FA0E29245FBED4B7B053AAB03C0DD0E6E2E316757B ] eaps2kbd        C:\WINDOWS\system32\DRIVERS\eaps2kbd.sys

16:52:45.0534 0x732c  eaps2kbd - ok

16:52:45.0550 0x732c  [ E54E3A335B3A03AD0252E50BB92A633C, FC9F1234D86AC54B4D50FF18B093B1489A237BB7D0AF58AF8B6E0141F1EAFE19 ] EAWDMFD         C:\WINDOWS\system32\drivers\EAWDMFD.sys

16:52:45.0550 0x732c  EAWDMFD - ok

16:52:45.0597 0x732c  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

16:52:45.0597 0x732c  ERSvc - ok

16:52:45.0612 0x732c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe

16:52:45.0628 0x732c  Eventlog - ok

16:52:45.0691 0x732c  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\System32\es.dll

16:52:45.0706 0x732c  EventSystem - ok

16:52:45.0753 0x732c  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

16:52:45.0753 0x732c  Fastfat - ok

16:52:45.0800 0x732c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

16:52:45.0816 0x732c  FastUserSwitchingCompatibility - ok

16:52:45.0878 0x732c  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

16:52:45.0878 0x732c  Fdc - ok

16:52:45.0894 0x732c  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

16:52:45.0894 0x732c  Fips - ok

16:52:45.0925 0x732c  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

16:52:45.0925 0x732c  Flpydisk - ok

16:52:45.0972 0x732c  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

16:52:45.0972 0x732c  FltMgr - ok

16:52:46.0066 0x732c  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

16:52:46.0066 0x732c  FontCache3.0.0.0 - ok

16:52:46.0112 0x732c  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

16:52:46.0112 0x732c  Fs_Rec - ok

16:52:46.0159 0x732c  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

16:52:46.0175 0x732c  Ftdisk - ok

16:52:46.0409 0x732c  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

16:52:46.0409 0x732c  Gpc - ok

16:52:46.0487 0x732c  [ CEC45180029F1012054A41CEEEA9CEAB, FCE330FB9E4A9BA0BD1C31D94A5A73034175DB5FF4115009B3B3FFE327E31995 ] grmnusb         C:\WINDOWS\system32\drivers\grmnusb.sys

16:52:46.0503 0x732c  grmnusb - ok

16:52:46.0597 0x732c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

16:52:46.0597 0x732c  gupdate - ok

16:52:46.0612 0x732c  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

16:52:46.0628 0x732c  gupdatem - ok

16:52:46.0691 0x732c  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

16:52:46.0691 0x732c  helpsvc - ok

16:52:46.0737 0x732c  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll

16:52:46.0737 0x732c  HidServ - ok

16:52:46.0769 0x732c  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

16:52:46.0769 0x732c  HidUsb - ok

16:52:46.0816 0x732c  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

16:52:46.0816 0x732c  hkmsvc - ok

16:52:46.0847 0x732c  hpn - ok

16:52:46.0925 0x732c  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

16:52:46.0941 0x732c  HTTP - ok

16:52:46.0972 0x732c  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

16:52:46.0972 0x732c  HTTPFilter - ok

16:52:47.0019 0x732c  i2omgmt - ok

16:52:47.0034 0x732c  i2omp - ok

16:52:47.0066 0x732c  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

16:52:47.0066 0x732c  i8042prt - ok

16:52:47.0128 0x732c  [ 06B7EF73BA5F302EECC294CDF7E19702, 5EF396D70D69F8E86A0FC7311E634A8360A99DDEC39054DC3018624A1497836E ] i81x            C:\WINDOWS\system32\DRIVERS\i81xnt5.sys

16:52:47.0128 0x732c  i81x - ok

16:52:47.0175 0x732c  [ 7B5B44EFE5EB9DADFB8EE29700885D23, AC01EF344206A1303E03D11420CC31228C6480CF8F2A1733BE18F2E6D44D1807 ] iAimFP0         C:\WINDOWS\system32\DRIVERS\wADV01nt.sys

16:52:47.0191 0x732c  iAimFP0 - ok

16:52:47.0222 0x732c  [ EB1F6BAB6C22EDE0BA551B527475F7E9, 5680C2B124B2222371F8F1FF934723CE06EE37072C42066547173CB3050969C4 ] iAimFP1         C:\WINDOWS\system32\DRIVERS\wADV02NT.sys

16:52:47.0222 0x732c  iAimFP1 - ok

16:52:47.0237 0x732c  [ 03CE989D846C1AA81145CB22FCB86D06, 7A63EF1016B1F70BDD5EBCEB415D59CA8D40DE256DAD2511CFBD88C82C37F0D6 ] iAimFP2         C:\WINDOWS\system32\DRIVERS\wADV05NT.sys

16:52:47.0237 0x732c  iAimFP2 - ok

16:52:47.0284 0x732c  [ 525849B4469DE021D5D61B4DB9BE3A9D, 38F57D4F6A19F909764641384054216B136BEEC4A8F703A95A32583B1BA7D862 ] iAimFP3         C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys

16:52:47.0300 0x732c  iAimFP3 - ok

16:52:47.0316 0x732c  [ 589C2BCDB5BD602BF7B63D210407EF8C, 97AAC0F6AA4DACA904CAE02341105AC4BCB5B9D7274EF54F5C1E19BD7EC0C066 ] iAimFP4         C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys

16:52:47.0331 0x732c  iAimFP4 - ok

16:52:47.0347 0x732c  [ D83BDD5C059667A2F647A6BE5703A4D2, 6640B923BDF345294B4D4AAE24787CA2FA5A8F31603934747292805323E46BDD ] iAimTV0         C:\WINDOWS\system32\DRIVERS\wATV01nt.sys

16:52:47.0347 0x732c  iAimTV0 - ok

16:52:47.0394 0x732c  [ ED968D23354DAA0D7C621580C012A1F6, CE6A58D1D6DD1460625C88A491CB43136416633C4F51EC3CF5209E5FAAA03098 ] iAimTV1         C:\WINDOWS\system32\DRIVERS\wATV02NT.sys

16:52:47.0394 0x732c  iAimTV1 - ok

16:52:47.0409 0x732c  iAimTV2 - ok

16:52:47.0441 0x732c  [ D738273F218A224C1DDAC04203F27A84, 94F1D11949A848E7699A2FDFEB8F9D9ABCE02DC86629C3A914DEF350EDDE426B ] iAimTV3         C:\WINDOWS\system32\DRIVERS\wATV04nt.sys

16:52:47.0441 0x732c  iAimTV3 - ok

16:52:47.0519 0x732c  [ 0052D118995CBAB152DAABE6106D1442, DF656EDFE5A59550FE2C41567CCB79484EE59DCE6703156DFDC0466F52A9B398 ] iAimTV4         C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys

16:52:47.0519 0x732c  iAimTV4 - ok

16:52:47.0769 0x732c  [ A79029861CB69CD3CF4EAB9EBFEE32DD, 0F5BD2CEA9E2DE4A9550C750774DDD585B37EB358D90D32E61642A3A3B2C195B ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

16:52:47.0769 0x732c  ialm - ok

16:52:47.0909 0x732c  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

16:52:47.0956 0x732c  idsvc - ok

16:52:48.0003 0x732c  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

16:52:48.0003 0x732c  Imapi - ok

16:52:48.0066 0x732c  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\System32\imapi.exe

16:52:48.0066 0x732c  ImapiService - ok

16:52:48.0097 0x732c  ini910u - ok

16:52:48.0128 0x732c  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys

16:52:48.0128 0x732c  IntelIde - ok

16:52:48.0159 0x732c  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

16:52:48.0175 0x732c  intelppm - ok

16:52:48.0206 0x732c  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys

16:52:48.0206 0x732c  ip6fw - ok

16:52:48.0253 0x732c  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

16:52:48.0253 0x732c  IpFilterDriver - ok

16:52:48.0269 0x732c  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

16:52:48.0269 0x732c  IpInIp - ok

16:52:48.0347 0x732c  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

16:52:48.0347 0x732c  IpNat - ok

16:52:48.0441 0x732c  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

16:52:48.0441 0x732c  IPSec - ok

16:52:48.0487 0x732c  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

16:52:48.0487 0x732c  IRENUM - ok

16:52:48.0566 0x732c  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

16:52:48.0566 0x732c  isapnp - ok

16:52:48.0691 0x732c  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

16:52:48.0691 0x732c  JavaQuickStarterService - ok

16:52:48.0722 0x732c  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

16:52:48.0722 0x732c  Kbdclass - ok

16:52:48.0800 0x732c  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

16:52:48.0800 0x732c  kbdhid - ok

16:52:49.0050 0x732c  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

16:52:49.0050 0x732c  kmixer - ok

16:52:49.0112 0x732c  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

16:52:49.0112 0x732c  KSecDD - ok

16:52:49.0191 0x732c  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

16:52:49.0191 0x732c  lanmanserver - ok

16:52:49.0269 0x732c  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

16:52:49.0269 0x732c  lanmanworkstation - ok

16:52:49.0300 0x732c  lbrtfdc - ok

16:52:49.0347 0x732c  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

16:52:49.0347 0x732c  LmHosts - ok

16:52:49.0378 0x732c  lxcc_device - ok

16:52:49.0409 0x732c  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

16:52:49.0409 0x732c  Messenger - ok

16:52:49.0456 0x732c  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

16:52:49.0456 0x732c  mnmdd - ok

16:52:49.0534 0x732c  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe

16:52:49.0534 0x732c  mnmsrvc - ok

16:52:49.0612 0x732c  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

16:52:49.0612 0x732c  Modem - ok

16:52:49.0659 0x732c  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

16:52:49.0659 0x732c  Mouclass - ok

16:52:49.0706 0x732c  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

16:52:49.0706 0x732c  mouhid - ok

16:52:49.0737 0x732c  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

16:52:49.0737 0x732c  MountMgr - ok

16:52:49.0753 0x732c  mraid35x - ok

16:52:49.0816 0x732c  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

16:52:49.0831 0x732c  MRxDAV - ok

16:52:49.0925 0x732c  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

16:52:49.0956 0x732c  MRxSmb - ok

16:52:49.0987 0x732c  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

16:52:49.0987 0x732c  MSDTC - ok

16:52:50.0050 0x732c  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

16:52:50.0050 0x732c  Msfs - ok

16:52:50.0362 0x732c  MSIServer - ok

16:52:50.0394 0x732c  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

16:52:50.0394 0x732c  MSKSSRV - ok

16:52:50.0441 0x732c  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

16:52:50.0441 0x732c  MSPCLOCK - ok

16:52:50.0472 0x732c  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

16:52:50.0472 0x732c  MSPQM - ok

16:52:50.0519 0x732c  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

16:52:50.0534 0x732c  mssmbios - ok

16:52:50.0566 0x732c  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

16:52:50.0566 0x732c  Mup - ok

16:52:50.0675 0x732c  [ D2CB4581FFDFE8BE3EEE16649753F4EE, 8EBE734DCEDAB699C0A19E87EFEB3BBDABB534088B0FE3EC71044C7FAEEDF0B0 ] NanoServiceMain C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe

16:52:50.0675 0x732c  NanoServiceMain - ok

16:52:50.0722 0x732c  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll

16:52:50.0753 0x732c  napagent - ok

16:52:50.0800 0x732c  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

16:52:50.0816 0x732c  NDIS - ok

16:52:50.0862 0x732c  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

16:52:50.0862 0x732c  NdisTapi - ok

16:52:50.0894 0x732c  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

16:52:50.0894 0x732c  Ndisuio - ok

16:52:50.0925 0x732c  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

16:52:50.0925 0x732c  NdisWan - ok

16:52:50.0956 0x732c  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

16:52:50.0972 0x732c  NDProxy - ok

16:52:51.0034 0x732c  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

16:52:51.0034 0x732c  NetBIOS - ok

16:52:51.0081 0x732c  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

16:52:51.0112 0x732c  NetBT - ok

16:52:51.0159 0x732c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe

16:52:51.0159 0x732c  NetDDE - ok

16:52:51.0191 0x732c  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

16:52:51.0191 0x732c  NetDDEdsdm - ok

16:52:51.0237 0x732c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\System32\lsass.exe

16:52:51.0237 0x732c  Netlogon - ok

16:52:51.0269 0x732c  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll

16:52:51.0284 0x732c  Netman - ok

16:52:51.0597 0x732c  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

16:52:51.0597 0x732c  NetTcpPortSharing - ok

16:52:51.0644 0x732c  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll

16:52:51.0659 0x732c  Nla - ok

16:52:51.0706 0x732c  [ 47BE15BF4956BD347F6777C8C652B140, C8F815B2BCF024FF80B6457FCB60CA15EB4BDEFD20084968EFD4632B64CC292F ] NNSALPC         C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys

16:52:51.0706 0x732c  NNSALPC - ok

16:52:51.0737 0x732c  [ 1C1DD165A0C83CD873C80FA7F81144A1, CC0A8090B9886EDDAB159CB6EAF740F3D579FE23482B081EF7D9B582312A82F1 ] NNSHTTP         C:\WINDOWS\system32\DRIVERS\NNSHttp.sys

16:52:51.0737 0x732c  NNSHTTP - ok

16:52:51.0769 0x732c  [ F02E8B6AEB900958647D8D6797CD017D, CBC439744D99574760AFCB35ADC4567E534150297CF5EF7AB969D46925311602 ] NNSHTTPS        C:\WINDOWS\system32\DRIVERS\NNSHttps.sys

16:52:51.0769 0x732c  NNSHTTPS - ok

16:52:51.0816 0x732c  [ 37B51977634EF312EE7E4988D5D6FA43, 8CD7C7BD6A33E9C1525F7D94E866E746B4845A24EE87C0147CE7A5936653CC4C ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIds.sys

16:52:51.0831 0x732c  NNSIDS - ok

16:52:51.0847 0x732c  [ BE16750EFF0DB102FBF4E366F5151B7B, 17ECD6CFC408681AB10C7664F4DF8D70666373199695C9B4DAC161F7BBEADDD9 ] NNSPICC         C:\WINDOWS\system32\DRIVERS\NNSPicc.sys

16:52:51.0862 0x732c  NNSPICC - ok

16:52:51.0894 0x732c  [ DD72B458BEA2AAFB17F23313DD551CA1, 6E008A5109A990AB32EFC7425961D56F86E146B45FD5BF14DC9DF65FBA2F46A5 ] NNSPIHS         C:\WINDOWS\system32\DRIVERS\NNSPihs.sys

16:52:51.0894 0x732c  NNSPIHS - ok

16:52:51.0925 0x732c  [ C08CF30BA0F90C50CDC7A9EE8D4C4850, F236B3FE28984FC2A3FE2395A8FC894E2E27F80908ECA0B311A5AAD47E0FF833 ] NNSPOP3         C:\WINDOWS\system32\DRIVERS\NNSPop3.sys

16:52:51.0925 0x732c  NNSPOP3 - ok

16:52:52.0019 0x732c  [ 0F556C86CF535494652D36A35E1A872B, AC86AB7BEBDAEAD0813849F7FF921198C3FA3C12AED6D3DDFE50B2F1F376C3DA ] NNSPROT         C:\WINDOWS\system32\DRIVERS\NNSProt.sys

16:52:52.0034 0x732c  NNSPROT - ok

16:52:52.0081 0x732c  [ DA4454BB1BDBFCB3E721DFC31C5C03EC, E97B41881D15A0747314DD0EFF5741222040778397472BCBB6CBB0D71D4754FD ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPrv.sys

16:52:52.0097 0x732c  NNSPRV - ok

16:52:52.0144 0x732c  [ 23B44C4DEBF8D097F412C1360CC7EA13, 2CAB9DF1F8DCA72C0BF1FA75F51931714AA8F9A182730CADCD78975766140AC4 ] NNSSMTP         C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys

16:52:52.0144 0x732c  NNSSMTP - ok

16:52:52.0175 0x732c  [ A99BED55F9B9FBA18B965D558D3BAEF7, 9B1041E20AB691166187B60649F1DEFE119A3FF020883464BCE05B99E83CEEEA ] NNSSTRM         C:\WINDOWS\system32\DRIVERS\NNSStrm.sys

16:52:52.0191 0x732c  NNSSTRM - ok

16:52:52.0237 0x732c  [ 6569B9A289E3594FF3AF5A5DD4131AC3, 11DF5957B486EA1BADF962B18A49040245F30DEB4FF81A8F26E0567671E12910 ] NNSTLSC         C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys

16:52:52.0253 0x732c  NNSTLSC - ok

16:52:52.0300 0x732c  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

16:52:52.0300 0x732c  Npfs - ok

16:52:52.0362 0x732c  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

16:52:52.0394 0x732c  Ntfs - ok

16:52:52.0425 0x732c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe

16:52:52.0425 0x732c  NtLmSsp - ok

16:52:52.0519 0x732c  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

16:52:52.0550 0x732c  NtmsSvc - ok

16:52:52.0581 0x732c  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

16:52:52.0597 0x732c  Null - ok

16:52:52.0816 0x732c  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

16:52:52.0816 0x732c  NwlnkFlt - ok

16:52:52.0878 0x732c  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

16:52:52.0878 0x732c  NwlnkFwd - ok

16:52:52.0925 0x732c  [ C90018BAFDC7098619A4A95B046B30F3, 1826E46F237AD65BA189B83803A46A6C2B29089C1BA146106ADD9F2B04D4A89D ] P3              C:\WINDOWS\system32\DRIVERS\p3.sys

16:52:52.0925 0x732c  P3 - ok

16:52:52.0972 0x732c  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

16:52:52.0972 0x732c  Parport - ok

16:52:53.0019 0x732c  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

16:52:53.0019 0x732c  PartMgr - ok

16:52:53.0081 0x732c  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

16:52:53.0097 0x732c  ParVdm - ok

16:52:53.0112 0x732c  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

16:52:53.0128 0x732c  PCI - ok

16:52:53.0159 0x732c  PCIDump - ok

16:52:53.0175 0x732c  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\System32\DRIVERS\pciide.sys

16:52:53.0175 0x732c  PCIIde - ok

16:52:53.0237 0x732c  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

16:52:53.0253 0x732c  Pcmcia - ok

16:52:53.0284 0x732c  PDCOMP - ok

16:52:53.0300 0x732c  PDFRAME - ok

16:52:53.0316 0x732c  PDRELI - ok

16:52:53.0362 0x732c  PDRFRAME - ok

16:52:53.0378 0x732c  perc2 - ok

16:52:53.0394 0x732c  perc2hib - ok

16:52:53.0534 0x732c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe

16:52:53.0550 0x732c  PlugPlay - ok

16:52:53.0566 0x732c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\System32\lsass.exe

16:52:53.0566 0x732c  PolicyAgent - ok

16:52:53.0612 0x732c  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

16:52:53.0612 0x732c  PptpMiniport - ok

16:52:53.0659 0x732c  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

16:52:53.0659 0x732c  Processor - ok

16:52:53.0706 0x732c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

16:52:53.0706 0x732c  ProtectedStorage - ok

16:52:53.0722 0x732c  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

16:52:53.0737 0x732c  PSched - ok

16:52:53.0769 0x732c  [ 9A186F0634A885659A17A554E75CA576, 3274DFA3899BFDB9FE052E7A777232E2F2E72AFF859BAD9B7B27B2647CFC53BE ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys

16:52:53.0784 0x732c  PSINAflt - ok

16:52:53.0816 0x732c  [ F4660122139A5EC6A5F02F6F3533F6B4, E480233CB7E49481F47D949D8DF82245AD7A29644036ECCDDFD8FFAFA0C987AF ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys

16:52:53.0816 0x732c  PSINFile - ok

16:52:53.0878 0x732c  [ 1E8B16674CFFF2262D63B04E7D5F6462, 474F1353DC9937BE905004F24C115C960B21EC840E1390225EFDD042A50576FC ] PSINKNC         C:\WINDOWS\system32\DRIVERS\psinknc.sys

16:52:53.0894 0x732c  PSINKNC - ok

16:52:54.0112 0x732c  [ 2145E2AEF1E6FD2B10D43C7E5AACBE71, 64450B72A48A4C7F5378231BCB2364821D727342EA836130384221151A559CA9 ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys

16:52:54.0112 0x732c  PSINProc - ok

16:52:54.0206 0x732c  [ 8FB66725846CA37627D6F835EDF41233, ECB120086129C50D57A8B9C8D2958527D14A835F376A1DD17E99F397226274CE ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys

16:52:54.0206 0x732c  PSINProt - ok

16:52:54.0284 0x732c  [ E772FA3E7031F5094BD294FF6F3566B8, A2211DB7C755D58CC67BA4496EDAD0A7C9FEB2C9C968BD4ECBFCD0BA03EA6B28 ] PSINReg         C:\WINDOWS\system32\DRIVERS\PSINReg.sys

16:52:54.0284 0x732c  PSINReg - ok

16:52:54.0331 0x732c  [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys

16:52:54.0331 0x732c  PSKMAD - ok

16:52:54.0362 0x732c  [ 06F5EFBE02C40E3BE7E916EBAB387F6D, 21741628F307387C42FAB8B37C8F9D58E02533AA4D96004B166455CBCDF117A1 ] PSUAService     C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe

16:52:54.0362 0x732c  PSUAService - ok

16:52:54.0441 0x732c  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

16:52:54.0441 0x732c  Ptilink - ok

16:52:54.0487 0x732c  ql1080 - ok

16:52:54.0487 0x732c  Ql10wnt - ok

16:52:54.0550 0x732c  ql12160 - ok

16:52:54.0550 0x732c  ql1240 - ok

16:52:54.0612 0x732c  ql1280 - ok

16:52:54.0612 0x732c  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

16:52:54.0628 0x732c  RasAcd - ok

16:52:54.0706 0x732c  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll

16:52:54.0706 0x732c  RasAuto - ok

16:52:54.0753 0x732c  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

16:52:54.0753 0x732c  Rasl2tp - ok

16:52:54.0831 0x732c  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll

16:52:54.0847 0x732c  RasMan - ok

16:52:54.0894 0x732c  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

16:52:54.0894 0x732c  RasPppoe - ok

16:52:54.0941 0x732c  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

16:52:54.0941 0x732c  Raspti - ok

16:52:54.0987 0x732c  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

16:52:55.0003 0x732c  Rdbss - ok

16:52:55.0066 0x732c  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

16:52:55.0066 0x732c  RDPCDD - ok

16:52:55.0097 0x732c  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

16:52:55.0112 0x732c  rdpdr - ok

16:52:55.0175 0x732c  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

16:52:55.0175 0x732c  RDPWD - ok

16:52:55.0472 0x732c  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

16:52:55.0472 0x732c  RDSessMgr - ok

16:52:55.0550 0x732c  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

16:52:55.0566 0x732c  RealNetworks Downloader Resolver Service - ok

16:52:55.0597 0x732c  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

16:52:55.0612 0x732c  redbook - ok

16:52:55.0894 0x732c  [ 93190D810D947F4E49BEC75C1295006B, D08447F5D892933B994AC7BF0BE29CB86F18BD8337255B13B66C6C9D0E01CB96 ] ReimageRealTimeProtection C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

16:52:56.0097 0x732c  ReimageRealTimeProtection - ok

16:52:56.0159 0x732c  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

16:52:56.0159 0x732c  RemoteAccess - ok

16:52:56.0191 0x732c  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

16:52:56.0206 0x732c  RemoteRegistry - ok

16:52:56.0253 0x732c  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\System32\locator.exe

16:52:56.0253 0x732c  RpcLocator - ok

16:52:56.0300 0x732c  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll

16:52:56.0316 0x732c  RpcSs - ok

16:52:56.0378 0x732c  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\System32\rsvp.exe

16:52:56.0378 0x732c  RSVP - ok

16:52:56.0409 0x732c  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe

16:52:56.0409 0x732c  SamSs - ok

16:52:56.0503 0x732c  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

16:52:56.0503 0x732c  SCardSvr - ok

16:52:56.0737 0x732c  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

16:52:56.0753 0x732c  Schedule - ok

16:52:56.0800 0x732c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

16:52:56.0800 0x732c  Secdrv - ok

16:52:56.0847 0x732c  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll

16:52:56.0847 0x732c  seclogon - ok

16:52:56.0925 0x732c  [ 35AD6331FB7F208621949A11EB3674BF, BE994542696F9E5F1A3BEAA8C4A24823F1DACCD5D69558CFCE69E456B8861637 ] Select-N-Go     C:\Program Files\Select-N-Go-soft\Select-N-Go155.exe

16:52:56.0925 0x732c  Select-N-Go - ok

16:52:56.0987 0x732c  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll

16:52:56.0987 0x732c  SENS - ok

16:52:57.0019 0x732c  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

16:52:57.0019 0x732c  serenum - ok

16:52:57.0034 0x732c  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

16:52:57.0034 0x732c  Serial - ok

16:52:57.0128 0x732c  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

16:52:57.0128 0x732c  Sfloppy - ok

16:52:57.0191 0x732c  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

16:52:57.0206 0x732c  SharedAccess - ok

16:52:57.0237 0x732c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

16:52:57.0237 0x732c  ShellHWDetection - ok

16:52:57.0253 0x732c  Simbad - ok

16:52:57.0331 0x732c  [ EB3ACCC928B9D97DA89E1D37928167E3, 8F3578BF487C0FE24A696528CED8E29885D4B00135710F9F4A7205C53A1441F7 ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys

16:52:57.0362 0x732c  smwdm - ok

16:52:57.0425 0x732c  [ 3978F082274F723AD5A0A8058C2417DD, B3C07E4686414BA64491C70BD6185ABE41AC2EFBC1EC9FF54A8C3760054FA0BF ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

16:52:57.0425 0x732c  SoundMAX Agent Service (default) - ok

16:52:57.0472 0x732c  Sparrow - ok

16:52:57.0519 0x732c  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

16:52:57.0519 0x732c  splitter - ok

16:52:57.0581 0x732c  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

16:52:57.0581 0x732c  Spooler - ok

16:52:57.0612 0x732c  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

16:52:57.0612 0x732c  sr - ok

16:52:57.0659 0x732c  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\System32\srsvc.dll

16:52:57.0675 0x732c  srservice - ok

16:52:57.0737 0x732c  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

16:52:57.0769 0x732c  Srv - ok

16:52:57.0956 0x732c  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

16:52:57.0972 0x732c  SSDPSRV - ok

16:52:58.0050 0x732c  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

16:52:58.0066 0x732c  stisvc - ok

16:52:58.0144 0x732c  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

16:52:58.0144 0x732c  swenum - ok

16:52:58.0175 0x732c  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

16:52:58.0175 0x732c  swmidi - ok

16:52:58.0191 0x732c  SwPrv - ok

16:52:58.0237 0x732c  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\System32\DRIVERS\symc810.sys

16:52:58.0237 0x732c  symc810 - ok

16:52:58.0269 0x732c  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\System32\DRIVERS\symc8xx.sys

16:52:58.0269 0x732c  symc8xx - ok

16:52:58.0300 0x732c  [ F2B7E8416F508368AC6730E2AE1C614F, 0A3FC9A2F30C56C0861EE96D0D270F221CCAE5A267DB768F68D2C56E1F3761BA ] Symmpi          C:\WINDOWS\System32\DRIVERS\symmpi.sys

16:52:58.0300 0x732c  Symmpi - ok

16:52:58.0362 0x732c  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\System32\DRIVERS\sym_hi.sys

16:52:58.0362 0x732c  sym_hi - ok

16:52:58.0378 0x732c  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\System32\DRIVERS\sym_u3.sys

16:52:58.0378 0x732c  sym_u3 - ok

16:52:58.0441 0x732c  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

16:52:58.0441 0x732c  sysaudio - ok

16:52:58.0534 0x732c  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

16:52:58.0534 0x732c  SysmonLog - ok

16:52:58.0597 0x732c  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

16:52:58.0612 0x732c  TapiSrv - ok

16:52:58.0706 0x732c  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

16:52:58.0722 0x732c  Tcpip - ok

16:52:58.0753 0x732c  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

16:52:58.0753 0x732c  TDPIPE - ok

16:52:58.0800 0x732c  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

16:52:58.0800 0x732c  TDTCP - ok

16:52:58.0878 0x732c  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

16:52:58.0878 0x732c  TermDD - ok

16:52:58.0956 0x732c  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll

16:52:58.0972 0x732c  TermService - ok

16:52:59.0019 0x732c  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll

16:52:59.0019 0x732c  Themes - ok

16:52:59.0269 0x732c  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe

16:52:59.0269 0x732c  TlntSvr - ok

16:52:59.0300 0x732c  TosIde - ok

16:52:59.0347 0x732c  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

16:52:59.0347 0x732c  TrkWks - ok

16:52:59.0441 0x732c  [ AAF458CC200326BEF602B5339400BF86, DD47C58A855E4FE2D9AFD9912C0661871F0A4CA385D864267F5245480AB8F4D7 ] tvnserver       C:\Program Files\TightVNC\tvnserver.exe

16:52:59.0487 0x732c  tvnserver - ok

16:52:59.0519 0x732c  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

16:52:59.0519 0x732c  Udfs - ok

16:52:59.0566 0x732c  ultra - ok

16:52:59.0628 0x732c  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

16:52:59.0644 0x732c  Update - ok

16:52:59.0737 0x732c  [ 073D76B64EE698BE3EB938FE1243DE3F, A5BE28CA3B0E4A03193548B2F007593D30E187421B8CE8BA0D75CFC122864038 ] UpdateServiceTool C:\Program Files\Bin\UpdateTool\UpdaterToolService.exe

16:52:59.0737 0x732c  UpdateServiceTool - ok

16:52:59.0816 0x732c  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll

16:52:59.0831 0x732c  upnphost - ok

16:52:59.0862 0x732c  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe

16:52:59.0878 0x732c  UPS - ok

16:52:59.0925 0x732c  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

16:52:59.0925 0x732c  usbccgp - ok

16:52:59.0941 0x732c  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

16:52:59.0941 0x732c  usbehci - ok

16:53:00.0003 0x732c  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

16:53:00.0019 0x732c  usbhub - ok

16:53:00.0050 0x732c  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

16:53:00.0050 0x732c  usbprint - ok

16:53:00.0081 0x732c  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

16:53:00.0081 0x732c  usbscan - ok

16:53:00.0144 0x732c  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

16:53:00.0159 0x732c  USBSTOR - ok

16:53:00.0206 0x732c  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

16:53:00.0206 0x732c  usbuhci - ok

16:53:00.0237 0x732c  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

16:53:00.0253 0x732c  VgaSave - ok

16:53:00.0316 0x732c  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\System32\DRIVERS\viaide.sys

16:53:00.0316 0x732c  ViaIde - ok

16:53:00.0550 0x732c  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

16:53:00.0550 0x732c  VolSnap - ok

16:53:00.0628 0x732c  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe

16:53:00.0659 0x732c  VSS - ok

16:53:00.0706 0x732c  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\System32\w32time.dll

16:53:00.0722 0x732c  W32Time - ok

16:53:00.0800 0x732c  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

16:53:00.0800 0x732c  Wanarp - ok

16:53:00.0878 0x732c  [ 0A716C08CB13C3A8F4F51E882DBF7416, 66FFDC9151CB3676B5DF073431DE055E7F2CDA5722F7EAAC6EC45F2CF9910882 ] wanatw          C:\WINDOWS\system32\DRIVERS\wanatw4.sys

16:53:00.0878 0x732c  wanatw - ok

16:53:00.0909 0x732c  WDICA - ok

16:53:00.0925 0x732c  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

16:53:00.0941 0x732c  wdmaud - ok

16:53:00.0987 0x732c  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll

16:53:01.0003 0x732c  WebClient - ok

16:53:01.0066 0x732c  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

16:53:01.0081 0x732c  winmgmt - ok

16:53:01.0159 0x732c  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

16:53:01.0222 0x732c  WinRM - ok

16:53:01.0284 0x732c  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll

16:53:01.0284 0x732c  WmdmPmSN - ok

16:53:01.0362 0x732c  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll

16:53:01.0394 0x732c  Wmi - ok

16:53:01.0456 0x732c  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe

16:53:01.0456 0x732c  WmiApSrv - ok

16:53:01.0597 0x732c  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

16:53:01.0644 0x732c  WPFFontCache_v0400 - ok

16:53:01.0831 0x732c  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

16:53:01.0831 0x732c  wscsvc - ok

16:53:01.0909 0x732c  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

16:53:01.0909 0x732c  wuauserv - ok

16:53:01.0987 0x732c  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

16:53:02.0034 0x732c  WZCSVC - ok

16:53:02.0112 0x732c  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

16:53:02.0128 0x732c  xmlprov - ok

16:53:02.0175 0x732c  [ 3EE36328E860FBF102B54608A055C6BE, 80F1E67E8B310B691D4B564970CECAD5371EDD9F96E1D2C5DF4801CDE48A9451 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys

16:53:02.0191 0x732c  {6080A529-897E-4629-A488-ABA0C29B635E} - ok

16:53:02.0222 0x732c  [ 17F39A1916733ED228EB46AD67C35426, 19B8CFC33891479BC4156EB08F2F348B9391FD2711B3FB24A9677197AA60469C ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys

16:53:02.0237 0x732c  {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok

16:53:02.0237 0x732c  ================ Scan global ===============================

16:53:02.0300 0x732c  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

16:53:02.0378 0x732c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

16:53:02.0425 0x732c  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

16:53:02.0456 0x732c  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

16:53:02.0472 0x732c  [ Global ] - ok

16:53:02.0487 0x732c  ================ Scan MBR ==================================

16:53:02.0503 0x732c  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

16:53:02.0675 0x732c  \Device\Harddisk0\DR0 - ok

16:53:02.0675 0x732c  ================ Scan VBR ==================================

16:53:02.0675 0x732c  [ 9D531A26878278390F804836A6A23409 ] \Device\Harddisk0\DR0\Partition1

16:53:02.0691 0x732c  \Device\Harddisk0\DR0\Partition1 - ok

16:53:02.0691 0x732c  Waiting for KSN requests completion. In queue: 244

16:53:03.0691 0x732c  Have new async UDS detects: 1

16:53:03.0691 0x732c  Select-N-Go - detected UDS:DangerousObject.Multi.Generic ( 0 )

16:53:03.0862 0x732c  Select-N-Go ( UDS:DangerousObject.Multi.Generic ) - infected

16:53:03.0862 0x732c  Force sending object to P2P due to detect: C:\Program Files\Select-N-Go-soft\Select-N-Go155.exe

16:53:06.0472 0x732c  Object send P2P result: true

16:53:08.0972 0x732c  AV detected via SS1: Panda Cloud Antivirus, 02.03.00.0000, enabled, updated

16:53:08.0972 0x732c  FW detected via SS1: Cloud Antivirus Firewall, 02.03.00.0000, disabled

16:53:08.0972 0x732c  Win FW state via NFM: enabled

16:53:09.0159 0x732c  ============================================================

16:53:09.0159 0x732c  Scan finished

16:53:09.0159 0x732c  ============================================================

16:53:09.0316 0x70fc  Detected object count: 1

16:53:09.0316 0x70fc  Actual detected object count: 1

16:53:54.0800 0x70fc  Select-N-Go ( UDS:DangerousObject.Multi.Generic ) - skipped by user

16:53:54.0800 0x70fc  Select-N-Go ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip 

 

Link to post
Share on other sites

Fix with TDSS-Killer

Please read and follow these instructions carefully.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • When the scan is finished, select copy to quarantine for the following entry.

    Select-N-Go
  • Hit continue.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

19:15:22.0675 0x7cf8  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02

19:15:30.0191 0x7cf8  ============================================================

19:15:30.0191 0x7cf8  Current date / time: 2014/03/20 19:15:30.0191

19:15:30.0191 0x7cf8  SystemInfo:

19:15:30.0191 0x7cf8  

19:15:30.0191 0x7cf8  OS Version: 5.1.2600 ServicePack: 3.0

19:15:30.0191 0x7cf8  Product type: Workstation

19:15:30.0191 0x7cf8  ComputerName: HP10911140567

19:15:30.0191 0x7cf8  UserName: Administrator

19:15:30.0191 0x7cf8  Windows directory: C:\WINDOWS

19:15:30.0191 0x7cf8  System windows directory: C:\WINDOWS

19:15:30.0191 0x7cf8  Processor architecture: Intel x86

19:15:30.0191 0x7cf8  Number of processors: 2

19:15:30.0191 0x7cf8  Page size: 0x1000

19:15:30.0191 0x7cf8  Boot type: Normal boot

19:15:30.0191 0x7cf8  ============================================================

19:15:33.0706 0x7cf8  KLMD registered as C:\WINDOWS\system32\drivers\77180137.sys

19:15:33.0816 0x7cf8  System UUID: {36904282-AA57-9C62-BC53-688C8933C4A4}

19:15:34.0722 0x7cf8  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 (74.53 Gb), SectorSize: 0x200, Cylinders: 0x2861, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000054

19:15:34.0722 0x7cf8  ============================================================

19:15:34.0722 0x7cf8  \Device\Harddisk0\DR0:

19:15:34.0722 0x7cf8  MBR partitions:

19:15:34.0722 0x7cf8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1

19:15:34.0722 0x7cf8  ============================================================

19:15:34.0753 0x7cf8  C: <-> \Device\Harddisk0\DR0\Partition1

19:15:34.0753 0x7cf8  ============================================================

19:15:34.0753 0x7cf8  Initialize success

19:15:34.0753 0x7cf8  ============================================================

19:15:44.0612 0x5e98  ============================================================

19:15:44.0612 0x5e98  Scan started

19:15:44.0612 0x5e98  Mode: Manual; 

19:15:44.0612 0x5e98  ============================================================

19:15:44.0612 0x5e98  KSN ping started

19:16:00.0362 0x5e98  KSN ping finished: true

19:16:01.0019 0x5e98  ================ Scan system memory ========================

19:16:01.0019 0x5e98  System memory - ok

19:16:01.0019 0x5e98  ================ Scan services =============================

19:16:01.0191 0x5e98  [ 037B1E7798960E0420003D05BB577EE6, DEE53D6D332DADD40C0CE34A425A6C0781F611765DCD4299D869F2B1EE80AE66 ] 40030ae4        C:\WINDOWS\system32\rundll32.exe

19:16:01.0191 0x5e98  40030ae4 - ok

19:16:01.0316 0x5e98  Abiosdsk - ok

19:16:01.0534 0x5e98  abp480n5 - ok

19:16:01.0581 0x5e98  [ 0F2D66D5F08EBE2F77BB904288DCF6F0, 5969A64B6995DCAF16F9A76BD1235472F76D71DFE629B956221D2C3D73EDF98A ] ac97intc        C:\WINDOWS\system32\drivers\ac97intc.sys

19:16:01.0597 0x5e98  ac97intc - ok

19:16:01.0644 0x5e98  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys

19:16:01.0659 0x5e98  ACPI - ok

19:16:01.0675 0x5e98  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys

19:16:01.0675 0x5e98  ACPIEC - ok

19:16:01.0769 0x5e98  [ F7AB315A4D400CA876381D1E188A2E20, B6019C2E9B6801BB23C530C66D080F47330F48ADB0DD2813D50BE1408865BD91 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

19:16:01.0784 0x5e98  AdobeFlashPlayerUpdateSvc - ok

19:16:01.0816 0x5e98  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\System32\DRIVERS\adpu160m.sys

19:16:01.0831 0x5e98  adpu160m - ok

19:16:01.0862 0x5e98  [ 0EA9B1F0C6C90A509C8603775366ADB7, 9B8AE3D9757319B1AD88A3FFF64AF7B6253D484977C8478EC8024778FE2EF74D ] adpu320         C:\WINDOWS\System32\DRIVERS\adpu320.sys

19:16:01.0862 0x5e98  adpu320 - ok

19:16:01.0909 0x5e98  [ E696E749BEDCDA8B23757B8B5EA93780, 9A5F2B7E70C414D0A21AE1ACD0C22587D0BC67BE52472496C4B4B20603057606 ] aeaudio         C:\WINDOWS\system32\drivers\aeaudio.sys

19:16:01.0909 0x5e98  aeaudio - ok

19:16:01.0925 0x5e98  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys

19:16:01.0941 0x5e98  aec - ok

19:16:01.0972 0x5e98  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys

19:16:01.0972 0x5e98  AFD - ok

19:16:01.0987 0x5e98  Aha154x - ok

19:16:02.0034 0x5e98  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\System32\DRIVERS\aic78u2.sys

19:16:02.0034 0x5e98  aic78u2 - ok

19:16:02.0066 0x5e98  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\System32\DRIVERS\aic78xx.sys

19:16:02.0066 0x5e98  aic78xx - ok

19:16:02.0112 0x5e98  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll

19:16:02.0112 0x5e98  Alerter - ok

19:16:02.0128 0x5e98  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe

19:16:02.0128 0x5e98  ALG - ok

19:16:02.0144 0x5e98  AliIde - ok

19:16:02.0159 0x5e98  amsint - ok

19:16:02.0253 0x5e98  [ 85180CF88C5EBAD73B452A43A004CA51, 24D25495DC21293FC1F37EE7E7C2A4725E66D3D25BE05D7EDF4BB4F444C65526 ] AOL ACS         C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe

19:16:02.0253 0x5e98  AOL ACS - ok

19:16:02.0300 0x5e98  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll

19:16:02.0300 0x5e98  AppMgmt - ok

19:16:02.0316 0x5e98  asc - ok

19:16:02.0331 0x5e98  asc3350p - ok

19:16:02.0347 0x5e98  asc3550 - ok

19:16:02.0441 0x5e98  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

19:16:02.0456 0x5e98  aspnet_state - ok

19:16:02.0503 0x5e98  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys

19:16:02.0503 0x5e98  AsyncMac - ok

19:16:02.0534 0x5e98  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys

19:16:02.0534 0x5e98  atapi - ok

19:16:02.0784 0x5e98  Atdisk - ok

19:16:02.0800 0x5e98  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys

19:16:02.0800 0x5e98  Atmarpc - ok

19:16:02.0847 0x5e98  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll

19:16:02.0847 0x5e98  AudioSrv - ok

19:16:02.0894 0x5e98  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys

19:16:02.0894 0x5e98  audstub - ok

19:16:02.0941 0x5e98  [ 0E72B88B05A5931C46EFA7D511D9AEB9, 6E35F22F7F6F6CB3FCDE063A28E194E091795BFE89165AE29DE0AEB71156A6F6 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys

19:16:02.0941 0x5e98  b57w2k - ok

19:16:02.0972 0x5e98  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys

19:16:02.0972 0x5e98  Beep - ok

19:16:03.0034 0x5e98  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll

19:16:03.0050 0x5e98  BITS - ok

19:16:03.0097 0x5e98  [ 196CC9B84778FB8046A9AF703CA956A2, A9EDAF6431DBB0899E90E64A1EDA1A9BA67726196D8E3B5087C2DBD63A977602 ] Blfp            C:\WINDOWS\system32\DRIVERS\baspxp32.sys

19:16:03.0097 0x5e98  Blfp - ok

19:16:03.0159 0x5e98  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll

19:16:03.0159 0x5e98  Browser - ok

19:16:03.0191 0x5e98  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys

19:16:03.0206 0x5e98  cbidf2k - ok

19:16:03.0206 0x5e98  cd20xrnt - ok

19:16:03.0237 0x5e98  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys

19:16:03.0253 0x5e98  Cdaudio - ok

19:16:03.0284 0x5e98  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys

19:16:03.0284 0x5e98  Cdfs - ok

19:16:03.0316 0x5e98  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys

19:16:03.0316 0x5e98  Cdrom - ok

19:16:03.0331 0x5e98  Changer - ok

19:16:03.0362 0x5e98  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe

19:16:03.0378 0x5e98  CiSvc - ok

19:16:03.0394 0x5e98  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe

19:16:03.0409 0x5e98  ClipSrv - ok

19:16:03.0409 0x5e98  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:16:03.0425 0x5e98  clr_optimization_v2.0.50727_32 - ok

19:16:03.0487 0x5e98  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:16:03.0487 0x5e98  clr_optimization_v4.0.30319_32 - ok

19:16:03.0503 0x5e98  CmdIde - ok

19:16:03.0519 0x5e98  COMSysApp - ok

19:16:03.0612 0x5e98  [ 6F4999A61A7C709E748A7868D99BF450, BC5FAB1749AA704F26246871FF4DCF9E4A668B91765C32E9C0EFF4255A97A2C7 ] ConvertFilesforFreeUpdt C:\Program Files\Convert Files for Free\ConvertFilesforFreeUpdt.exe

19:16:03.0628 0x5e98  ConvertFilesforFreeUpdt - ok

19:16:03.0628 0x5e98  Cpqarray - ok

19:16:03.0737 0x5e98  cpuz134 - ok

19:16:03.0769 0x5e98  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll

19:16:03.0769 0x5e98  CryptSvc - ok

19:16:03.0784 0x5e98  dac2w2k - ok

19:16:04.0019 0x5e98  dac960nt - ok

19:16:04.0081 0x5e98  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll

19:16:04.0097 0x5e98  DcomLaunch - ok

19:16:04.0128 0x5e98  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll

19:16:04.0128 0x5e98  Dhcp - ok

19:16:04.0175 0x5e98  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys

19:16:04.0175 0x5e98  Disk - ok

19:16:04.0191 0x5e98  dmadmin - ok

19:16:04.0284 0x5e98  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys

19:16:04.0300 0x5e98  dmboot - ok

19:16:04.0347 0x5e98  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys

19:16:04.0347 0x5e98  dmio - ok

19:16:04.0378 0x5e98  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys

19:16:04.0378 0x5e98  dmload - ok

19:16:04.0394 0x5e98  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll

19:16:04.0409 0x5e98  dmserver - ok

19:16:04.0441 0x5e98  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys

19:16:04.0441 0x5e98  DMusic - ok

19:16:04.0487 0x5e98  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll

19:16:04.0487 0x5e98  Dnscache - ok

19:16:04.0534 0x5e98  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll

19:16:04.0534 0x5e98  Dot3svc - ok

19:16:04.0566 0x5e98  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\System32\DRIVERS\dpti2o.sys

19:16:04.0566 0x5e98  dpti2o - ok

19:16:04.0597 0x5e98  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys

19:16:04.0597 0x5e98  drmkaud - ok

19:16:04.0644 0x5e98  [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys

19:16:04.0644 0x5e98  E100B - ok

19:16:04.0691 0x5e98  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll

19:16:04.0691 0x5e98  EapHost - ok

19:16:04.0722 0x5e98  [ 53CE0799C9384CAC99942FF032285F21, E92128BC2D62E32E511680FA0E29245FBED4B7B053AAB03C0DD0E6E2E316757B ] eaps2kbd        C:\WINDOWS\system32\DRIVERS\eaps2kbd.sys

19:16:04.0722 0x5e98  eaps2kbd - ok

19:16:04.0737 0x5e98  [ E54E3A335B3A03AD0252E50BB92A633C, FC9F1234D86AC54B4D50FF18B093B1489A237BB7D0AF58AF8B6E0141F1EAFE19 ] EAWDMFD         C:\WINDOWS\system32\drivers\EAWDMFD.sys

19:16:04.0737 0x5e98  EAWDMFD - ok

19:16:04.0784 0x5e98  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll

19:16:04.0784 0x5e98  ERSvc - ok

19:16:04.0816 0x5e98  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe

19:16:04.0816 0x5e98  Eventlog - ok

19:16:04.0862 0x5e98  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\System32\es.dll

19:16:04.0878 0x5e98  EventSystem - ok

19:16:04.0925 0x5e98  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys

19:16:04.0925 0x5e98  Fastfat - ok

19:16:04.0987 0x5e98  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

19:16:04.0987 0x5e98  FastUserSwitchingCompatibility - ok

19:16:05.0003 0x5e98  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys

19:16:05.0003 0x5e98  Fdc - ok

19:16:05.0019 0x5e98  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys

19:16:05.0019 0x5e98  Fips - ok

19:16:05.0050 0x5e98  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys

19:16:05.0050 0x5e98  Flpydisk - ok

19:16:05.0316 0x5e98  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys

19:16:05.0316 0x5e98  FltMgr - ok

19:16:05.0394 0x5e98  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

19:16:05.0409 0x5e98  FontCache3.0.0.0 - ok

19:16:05.0456 0x5e98  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys

19:16:05.0456 0x5e98  Fs_Rec - ok

19:16:05.0472 0x5e98  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys

19:16:05.0472 0x5e98  Ftdisk - ok

19:16:05.0519 0x5e98  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys

19:16:05.0519 0x5e98  Gpc - ok

19:16:05.0566 0x5e98  [ CEC45180029F1012054A41CEEEA9CEAB, FCE330FB9E4A9BA0BD1C31D94A5A73034175DB5FF4115009B3B3FFE327E31995 ] grmnusb         C:\WINDOWS\system32\drivers\grmnusb.sys

19:16:05.0566 0x5e98  grmnusb - ok

19:16:05.0644 0x5e98  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

19:16:05.0659 0x5e98  gupdate - ok

19:16:05.0659 0x5e98  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

19:16:05.0675 0x5e98  gupdatem - ok

19:16:05.0737 0x5e98  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

19:16:05.0737 0x5e98  helpsvc - ok

19:16:05.0769 0x5e98  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll

19:16:05.0769 0x5e98  HidServ - ok

19:16:05.0800 0x5e98  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys

19:16:05.0800 0x5e98  HidUsb - ok

19:16:05.0847 0x5e98  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll

19:16:05.0847 0x5e98  hkmsvc - ok

19:16:05.0862 0x5e98  hpn - ok

19:16:05.0909 0x5e98  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys

19:16:05.0909 0x5e98  HTTP - ok

19:16:05.0941 0x5e98  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll

19:16:05.0941 0x5e98  HTTPFilter - ok

19:16:05.0956 0x5e98  i2omgmt - ok

19:16:05.0972 0x5e98  i2omp - ok

19:16:06.0003 0x5e98  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys

19:16:06.0003 0x5e98  i8042prt - ok

19:16:06.0050 0x5e98  [ 06B7EF73BA5F302EECC294CDF7E19702, 5EF396D70D69F8E86A0FC7311E634A8360A99DDEC39054DC3018624A1497836E ] i81x            C:\WINDOWS\system32\DRIVERS\i81xnt5.sys

19:16:06.0066 0x5e98  i81x - ok

19:16:06.0081 0x5e98  [ 7B5B44EFE5EB9DADFB8EE29700885D23, AC01EF344206A1303E03D11420CC31228C6480CF8F2A1733BE18F2E6D44D1807 ] iAimFP0         C:\WINDOWS\system32\DRIVERS\wADV01nt.sys

19:16:06.0081 0x5e98  iAimFP0 - ok

19:16:06.0097 0x5e98  [ EB1F6BAB6C22EDE0BA551B527475F7E9, 5680C2B124B2222371F8F1FF934723CE06EE37072C42066547173CB3050969C4 ] iAimFP1         C:\WINDOWS\system32\DRIVERS\wADV02NT.sys

19:16:06.0097 0x5e98  iAimFP1 - ok

19:16:06.0097 0x5e98  [ 03CE989D846C1AA81145CB22FCB86D06, 7A63EF1016B1F70BDD5EBCEB415D59CA8D40DE256DAD2511CFBD88C82C37F0D6 ] iAimFP2         C:\WINDOWS\system32\DRIVERS\wADV05NT.sys

19:16:06.0112 0x5e98  iAimFP2 - ok

19:16:06.0144 0x5e98  [ 525849B4469DE021D5D61B4DB9BE3A9D, 38F57D4F6A19F909764641384054216B136BEEC4A8F703A95A32583B1BA7D862 ] iAimFP3         C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys

19:16:06.0159 0x5e98  iAimFP3 - ok

19:16:06.0175 0x5e98  [ 589C2BCDB5BD602BF7B63D210407EF8C, 97AAC0F6AA4DACA904CAE02341105AC4BCB5B9D7274EF54F5C1E19BD7EC0C066 ] iAimFP4         C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys

19:16:06.0175 0x5e98  iAimFP4 - ok

19:16:06.0191 0x5e98  [ D83BDD5C059667A2F647A6BE5703A4D2, 6640B923BDF345294B4D4AAE24787CA2FA5A8F31603934747292805323E46BDD ] iAimTV0         C:\WINDOWS\system32\DRIVERS\wATV01nt.sys

19:16:06.0191 0x5e98  iAimTV0 - ok

19:16:06.0206 0x5e98  [ ED968D23354DAA0D7C621580C012A1F6, CE6A58D1D6DD1460625C88A491CB43136416633C4F51EC3CF5209E5FAAA03098 ] iAimTV1         C:\WINDOWS\system32\DRIVERS\wATV02NT.sys

19:16:06.0206 0x5e98  iAimTV1 - ok

19:16:06.0222 0x5e98  iAimTV2 - ok

19:16:06.0237 0x5e98  [ D738273F218A224C1DDAC04203F27A84, 94F1D11949A848E7699A2FDFEB8F9D9ABCE02DC86629C3A914DEF350EDDE426B ] iAimTV3         C:\WINDOWS\system32\DRIVERS\wATV04nt.sys

19:16:06.0237 0x5e98  iAimTV3 - ok

19:16:06.0284 0x5e98  [ 0052D118995CBAB152DAABE6106D1442, DF656EDFE5A59550FE2C41567CCB79484EE59DCE6703156DFDC0466F52A9B398 ] iAimTV4         C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys

19:16:06.0284 0x5e98  iAimTV4 - ok

19:16:06.0534 0x5e98  [ A79029861CB69CD3CF4EAB9EBFEE32DD, 0F5BD2CEA9E2DE4A9550C750774DDD585B37EB358D90D32E61642A3A3B2C195B ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

19:16:06.0550 0x5e98  ialm - ok

19:16:06.0675 0x5e98  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

19:16:06.0691 0x5e98  idsvc - ok

19:16:06.0737 0x5e98  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys

19:16:06.0737 0x5e98  Imapi - ok

19:16:06.0784 0x5e98  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\System32\imapi.exe

19:16:06.0800 0x5e98  ImapiService - ok

19:16:06.0816 0x5e98  ini910u - ok

19:16:06.0831 0x5e98  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys

19:16:06.0831 0x5e98  IntelIde - ok

19:16:06.0878 0x5e98  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys

19:16:06.0878 0x5e98  intelppm - ok

19:16:06.0909 0x5e98  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys

19:16:06.0909 0x5e98  ip6fw - ok

19:16:06.0956 0x5e98  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

19:16:06.0956 0x5e98  IpFilterDriver - ok

19:16:06.0972 0x5e98  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys

19:16:06.0972 0x5e98  IpInIp - ok

19:16:07.0003 0x5e98  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys

19:16:07.0003 0x5e98  IpNat - ok

19:16:07.0066 0x5e98  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys

19:16:07.0066 0x5e98  IPSec - ok

19:16:07.0097 0x5e98  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys

19:16:07.0097 0x5e98  IRENUM - ok

19:16:07.0128 0x5e98  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys

19:16:07.0144 0x5e98  isapnp - ok

19:16:07.0237 0x5e98  [ B9436A665A8621073A12338B16D7BFD4, 1F1CB4758768BF7B7DDB27BF9DA944D869B561ABF7EC39CEC059044E10C1EA88 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe

19:16:07.0253 0x5e98  JavaQuickStarterService - ok

19:16:07.0269 0x5e98  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys

19:16:07.0269 0x5e98  Kbdclass - ok

19:16:07.0316 0x5e98  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys

19:16:07.0316 0x5e98  kbdhid - ok

19:16:07.0347 0x5e98  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys

19:16:07.0362 0x5e98  kmixer - ok

19:16:07.0394 0x5e98  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys

19:16:07.0394 0x5e98  KSecDD - ok

19:16:07.0441 0x5e98  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll

19:16:07.0441 0x5e98  lanmanserver - ok

19:16:07.0503 0x5e98  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

19:16:07.0503 0x5e98  lanmanworkstation - ok

19:16:07.0519 0x5e98  lbrtfdc - ok

19:16:07.0566 0x5e98  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll

19:16:07.0566 0x5e98  LmHosts - ok

19:16:07.0784 0x5e98  lxcc_device - ok

19:16:07.0816 0x5e98  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll

19:16:07.0816 0x5e98  Messenger - ok

19:16:07.0847 0x5e98  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys

19:16:07.0847 0x5e98  mnmdd - ok

19:16:07.0878 0x5e98  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe

19:16:07.0894 0x5e98  mnmsrvc - ok

19:16:07.0925 0x5e98  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys

19:16:07.0941 0x5e98  Modem - ok

19:16:07.0956 0x5e98  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys

19:16:07.0972 0x5e98  Mouclass - ok

19:16:08.0003 0x5e98  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys

19:16:08.0003 0x5e98  mouhid - ok

19:16:08.0019 0x5e98  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys

19:16:08.0019 0x5e98  MountMgr - ok

19:16:08.0034 0x5e98  mraid35x - ok

19:16:08.0066 0x5e98  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys

19:16:08.0081 0x5e98  MRxDAV - ok

19:16:08.0128 0x5e98  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

19:16:08.0144 0x5e98  MRxSmb - ok

19:16:08.0175 0x5e98  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\System32\msdtc.exe

19:16:08.0175 0x5e98  MSDTC - ok

19:16:08.0206 0x5e98  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys

19:16:08.0222 0x5e98  Msfs - ok

19:16:08.0222 0x5e98  MSIServer - ok

19:16:08.0253 0x5e98  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys

19:16:08.0269 0x5e98  MSKSSRV - ok

19:16:08.0300 0x5e98  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys

19:16:08.0316 0x5e98  MSPCLOCK - ok

19:16:08.0347 0x5e98  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys

19:16:08.0347 0x5e98  MSPQM - ok

19:16:08.0378 0x5e98  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys

19:16:08.0378 0x5e98  mssmbios - ok

19:16:08.0409 0x5e98  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys

19:16:08.0425 0x5e98  Mup - ok

19:16:08.0487 0x5e98  [ D2CB4581FFDFE8BE3EEE16649753F4EE, 8EBE734DCEDAB699C0A19E87EFEB3BBDABB534088B0FE3EC71044C7FAEEDF0B0 ] NanoServiceMain C:\Program Files\Panda Security\Panda Cloud Antivirus\PSANHost.exe

19:16:08.0487 0x5e98  NanoServiceMain - ok

19:16:08.0550 0x5e98  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll

19:16:08.0550 0x5e98  napagent - ok

19:16:08.0597 0x5e98  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys

19:16:08.0597 0x5e98  NDIS - ok

19:16:08.0644 0x5e98  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys

19:16:08.0644 0x5e98  NdisTapi - ok

19:16:08.0659 0x5e98  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys

19:16:08.0659 0x5e98  Ndisuio - ok

19:16:08.0691 0x5e98  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys

19:16:08.0691 0x5e98  NdisWan - ok

19:16:08.0722 0x5e98  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys

19:16:08.0722 0x5e98  NDProxy - ok

19:16:08.0753 0x5e98  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys

19:16:08.0753 0x5e98  NetBIOS - ok

19:16:08.0784 0x5e98  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys

19:16:08.0784 0x5e98  NetBT - ok

19:16:09.0050 0x5e98  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe

19:16:09.0050 0x5e98  NetDDE - ok

19:16:09.0066 0x5e98  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe

19:16:09.0081 0x5e98  NetDDEdsdm - ok

19:16:09.0128 0x5e98  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\System32\lsass.exe

19:16:09.0128 0x5e98  Netlogon - ok

19:16:09.0175 0x5e98  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll

19:16:09.0175 0x5e98  Netman - ok

19:16:09.0222 0x5e98  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

19:16:09.0237 0x5e98  NetTcpPortSharing - ok

19:16:09.0284 0x5e98  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll

19:16:09.0300 0x5e98  Nla - ok

19:16:09.0331 0x5e98  [ 47BE15BF4956BD347F6777C8C652B140, C8F815B2BCF024FF80B6457FCB60CA15EB4BDEFD20084968EFD4632B64CC292F ] NNSALPC         C:\WINDOWS\system32\DRIVERS\NNSAlpc.sys

19:16:09.0331 0x5e98  NNSALPC - ok

19:16:09.0362 0x5e98  [ 1C1DD165A0C83CD873C80FA7F81144A1, CC0A8090B9886EDDAB159CB6EAF740F3D579FE23482B081EF7D9B582312A82F1 ] NNSHTTP         C:\WINDOWS\system32\DRIVERS\NNSHttp.sys

19:16:09.0362 0x5e98  NNSHTTP - ok

19:16:09.0409 0x5e98  [ F02E8B6AEB900958647D8D6797CD017D, CBC439744D99574760AFCB35ADC4567E534150297CF5EF7AB969D46925311602 ] NNSHTTPS        C:\WINDOWS\system32\DRIVERS\NNSHttps.sys

19:16:09.0409 0x5e98  NNSHTTPS - ok

19:16:09.0456 0x5e98  [ 37B51977634EF312EE7E4988D5D6FA43, 8CD7C7BD6A33E9C1525F7D94E866E746B4845A24EE87C0147CE7A5936653CC4C ] NNSIDS          C:\WINDOWS\system32\DRIVERS\NNSIds.sys

19:16:09.0456 0x5e98  NNSIDS - ok

19:16:09.0487 0x5e98  [ BE16750EFF0DB102FBF4E366F5151B7B, 17ECD6CFC408681AB10C7664F4DF8D70666373199695C9B4DAC161F7BBEADDD9 ] NNSPICC         C:\WINDOWS\system32\DRIVERS\NNSPicc.sys

19:16:09.0487 0x5e98  NNSPICC - ok

19:16:09.0519 0x5e98  [ DD72B458BEA2AAFB17F23313DD551CA1, 6E008A5109A990AB32EFC7425961D56F86E146B45FD5BF14DC9DF65FBA2F46A5 ] NNSPIHS         C:\WINDOWS\system32\DRIVERS\NNSPihs.sys

19:16:09.0519 0x5e98  NNSPIHS - ok

19:16:09.0550 0x5e98  [ C08CF30BA0F90C50CDC7A9EE8D4C4850, F236B3FE28984FC2A3FE2395A8FC894E2E27F80908ECA0B311A5AAD47E0FF833 ] NNSPOP3         C:\WINDOWS\system32\DRIVERS\NNSPop3.sys

19:16:09.0566 0x5e98  NNSPOP3 - ok

19:16:09.0581 0x5e98  [ 0F556C86CF535494652D36A35E1A872B, AC86AB7BEBDAEAD0813849F7FF921198C3FA3C12AED6D3DDFE50B2F1F376C3DA ] NNSPROT         C:\WINDOWS\system32\DRIVERS\NNSProt.sys

19:16:09.0597 0x5e98  NNSPROT - ok

19:16:09.0628 0x5e98  [ DA4454BB1BDBFCB3E721DFC31C5C03EC, E97B41881D15A0747314DD0EFF5741222040778397472BCBB6CBB0D71D4754FD ] NNSPRV          C:\WINDOWS\system32\DRIVERS\NNSPrv.sys

19:16:09.0628 0x5e98  NNSPRV - ok

19:16:09.0659 0x5e98  [ 23B44C4DEBF8D097F412C1360CC7EA13, 2CAB9DF1F8DCA72C0BF1FA75F51931714AA8F9A182730CADCD78975766140AC4 ] NNSSMTP         C:\WINDOWS\system32\DRIVERS\NNSSmtp.sys

19:16:09.0659 0x5e98  NNSSMTP - ok

19:16:09.0691 0x5e98  [ A99BED55F9B9FBA18B965D558D3BAEF7, 9B1041E20AB691166187B60649F1DEFE119A3FF020883464BCE05B99E83CEEEA ] NNSSTRM         C:\WINDOWS\system32\DRIVERS\NNSStrm.sys

19:16:09.0691 0x5e98  NNSSTRM - ok

19:16:09.0737 0x5e98  [ 6569B9A289E3594FF3AF5A5DD4131AC3, 11DF5957B486EA1BADF962B18A49040245F30DEB4FF81A8F26E0567671E12910 ] NNSTLSC         C:\WINDOWS\system32\DRIVERS\NNSTlsc.sys

19:16:09.0737 0x5e98  NNSTLSC - ok

19:16:09.0784 0x5e98  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys

19:16:09.0784 0x5e98  Npfs - ok

19:16:09.0831 0x5e98  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys

19:16:09.0847 0x5e98  Ntfs - ok

19:16:09.0862 0x5e98  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe

19:16:09.0878 0x5e98  NtLmSsp - ok

19:16:09.0925 0x5e98  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll

19:16:09.0941 0x5e98  NtmsSvc - ok

19:16:09.0972 0x5e98  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys

19:16:09.0972 0x5e98  Null - ok

19:16:10.0003 0x5e98  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

19:16:10.0003 0x5e98  NwlnkFlt - ok

19:16:10.0019 0x5e98  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

19:16:10.0019 0x5e98  NwlnkFwd - ok

19:16:10.0300 0x5e98  [ C90018BAFDC7098619A4A95B046B30F3, 1826E46F237AD65BA189B83803A46A6C2B29089C1BA146106ADD9F2B04D4A89D ] P3              C:\WINDOWS\system32\DRIVERS\p3.sys

19:16:10.0300 0x5e98  P3 - ok

19:16:10.0316 0x5e98  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys

19:16:10.0331 0x5e98  Parport - ok

19:16:10.0347 0x5e98  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys

19:16:10.0347 0x5e98  PartMgr - ok

19:16:10.0378 0x5e98  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys

19:16:10.0394 0x5e98  ParVdm - ok

19:16:10.0612 0x5e98  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys

19:16:10.0612 0x5e98  PCI - ok

19:16:10.0644 0x5e98  PCIDump - ok

19:16:10.0659 0x5e98  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\System32\DRIVERS\pciide.sys

19:16:10.0659 0x5e98  PCIIde - ok

19:16:10.0691 0x5e98  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys

19:16:10.0691 0x5e98  Pcmcia - ok

19:16:10.0706 0x5e98  PDCOMP - ok

19:16:10.0722 0x5e98  PDFRAME - ok

19:16:10.0737 0x5e98  PDRELI - ok

19:16:10.0753 0x5e98  PDRFRAME - ok

19:16:10.0769 0x5e98  perc2 - ok

19:16:10.0784 0x5e98  perc2hib - ok

19:16:10.0831 0x5e98  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe

19:16:10.0847 0x5e98  PlugPlay - ok

19:16:10.0862 0x5e98  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\System32\lsass.exe

19:16:10.0862 0x5e98  PolicyAgent - ok

19:16:10.0909 0x5e98  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys

19:16:10.0909 0x5e98  PptpMiniport - ok

19:16:10.0941 0x5e98  [ A32BEBAF723557681BFC6BD93E98BD26, 35039BA72A29F87B2CA37DCDE4EFDAABBDEAD8CE3EB8652ACC665994118145A6 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys

19:16:10.0941 0x5e98  Processor - ok

19:16:10.0956 0x5e98  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

19:16:10.0956 0x5e98  ProtectedStorage - ok

19:16:10.0972 0x5e98  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys

19:16:10.0972 0x5e98  PSched - ok

19:16:11.0019 0x5e98  [ 9A186F0634A885659A17A554E75CA576, 3274DFA3899BFDB9FE052E7A777232E2F2E72AFF859BAD9B7B27B2647CFC53BE ] PSINAflt        C:\WINDOWS\system32\DRIVERS\PSINAflt.sys

19:16:11.0019 0x5e98  PSINAflt - ok

19:16:11.0050 0x5e98  [ F4660122139A5EC6A5F02F6F3533F6B4, E480233CB7E49481F47D949D8DF82245AD7A29644036ECCDDFD8FFAFA0C987AF ] PSINFile        C:\WINDOWS\system32\DRIVERS\PSINFile.sys

19:16:11.0050 0x5e98  PSINFile - ok

19:16:11.0081 0x5e98  [ 1E8B16674CFFF2262D63B04E7D5F6462, 474F1353DC9937BE905004F24C115C960B21EC840E1390225EFDD042A50576FC ] PSINKNC         C:\WINDOWS\system32\DRIVERS\psinknc.sys

19:16:11.0081 0x5e98  PSINKNC - ok

19:16:11.0097 0x5e98  [ 2145E2AEF1E6FD2B10D43C7E5AACBE71, 64450B72A48A4C7F5378231BCB2364821D727342EA836130384221151A559CA9 ] PSINProc        C:\WINDOWS\system32\DRIVERS\PSINProc.sys

19:16:11.0097 0x5e98  PSINProc - ok

19:16:11.0159 0x5e98  [ 8FB66725846CA37627D6F835EDF41233, ECB120086129C50D57A8B9C8D2958527D14A835F376A1DD17E99F397226274CE ] PSINProt        C:\WINDOWS\system32\DRIVERS\PSINProt.sys

19:16:11.0159 0x5e98  PSINProt - ok

19:16:11.0222 0x5e98  [ E772FA3E7031F5094BD294FF6F3566B8, A2211DB7C755D58CC67BA4496EDAD0A7C9FEB2C9C968BD4ECBFCD0BA03EA6B28 ] PSINReg         C:\WINDOWS\system32\DRIVERS\PSINReg.sys

19:16:11.0222 0x5e98  PSINReg - ok

19:16:11.0269 0x5e98  [ 05A0C2744CEAC6F1B723EC469B650EF0, D9F2E0E4431217C6A7CDE38D36362CD5A06E93B9F45F92638120EF151089B370 ] PSKMAD          C:\WINDOWS\system32\DRIVERS\PSKMAD.sys

19:16:11.0269 0x5e98  PSKMAD - ok

19:16:11.0300 0x5e98  [ 06F5EFBE02C40E3BE7E916EBAB387F6D, 21741628F307387C42FAB8B37C8F9D58E02533AA4D96004B166455CBCDF117A1 ] PSUAService     C:\Program Files\Panda Security\Panda Cloud Antivirus\PSUAService.exe

19:16:11.0300 0x5e98  PSUAService - ok

19:16:11.0534 0x5e98  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys

19:16:11.0534 0x5e98  Ptilink - ok

19:16:11.0550 0x5e98  ql1080 - ok

19:16:11.0566 0x5e98  Ql10wnt - ok

19:16:11.0566 0x5e98  ql12160 - ok

19:16:11.0581 0x5e98  ql1240 - ok

19:16:11.0597 0x5e98  ql1280 - ok

19:16:11.0612 0x5e98  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys

19:16:11.0612 0x5e98  RasAcd - ok

19:16:11.0659 0x5e98  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll

19:16:11.0659 0x5e98  RasAuto - ok

19:16:11.0691 0x5e98  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

19:16:11.0691 0x5e98  Rasl2tp - ok

19:16:11.0737 0x5e98  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll

19:16:11.0753 0x5e98  RasMan - ok

19:16:11.0769 0x5e98  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

19:16:11.0769 0x5e98  RasPppoe - ok

19:16:11.0800 0x5e98  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys

19:16:11.0800 0x5e98  Raspti - ok

19:16:11.0831 0x5e98  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

19:16:11.0831 0x5e98  Rdbss - ok

19:16:11.0847 0x5e98  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

19:16:11.0847 0x5e98  RDPCDD - ok

19:16:11.0878 0x5e98  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys

19:16:11.0894 0x5e98  rdpdr - ok

19:16:11.0941 0x5e98  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys

19:16:11.0941 0x5e98  RDPWD - ok

19:16:12.0003 0x5e98  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe

19:16:12.0003 0x5e98  RDSessMgr - ok

19:16:12.0066 0x5e98  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe

19:16:12.0066 0x5e98  RealNetworks Downloader Resolver Service - ok

19:16:12.0112 0x5e98  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys

19:16:12.0112 0x5e98  redbook - ok

19:16:12.0362 0x5e98  [ 93190D810D947F4E49BEC75C1295006B, D08447F5D892933B994AC7BF0BE29CB86F18BD8337255B13B66C6C9D0E01CB96 ] ReimageRealTimeProtection C:\Program Files\Reimage\Reimage Repair\ReiGuard.exe

19:16:12.0456 0x5e98  ReimageRealTimeProtection - ok

19:16:12.0519 0x5e98  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

19:16:12.0519 0x5e98  RemoteAccess - ok

19:16:12.0769 0x5e98  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

19:16:12.0784 0x5e98  RemoteRegistry - ok

19:16:12.0831 0x5e98  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\System32\locator.exe

19:16:12.0831 0x5e98  RpcLocator - ok

19:16:12.0878 0x5e98  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll

19:16:12.0894 0x5e98  RpcSs - ok

19:16:12.0941 0x5e98  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\System32\rsvp.exe

19:16:12.0941 0x5e98  RSVP - ok

19:16:12.0972 0x5e98  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe

19:16:12.0972 0x5e98  SamSs - ok

19:16:13.0019 0x5e98  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe

19:16:13.0019 0x5e98  SCardSvr - ok

19:16:13.0081 0x5e98  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

19:16:13.0081 0x5e98  Schedule - ok

19:16:13.0128 0x5e98  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys

19:16:13.0128 0x5e98  Secdrv - ok

19:16:13.0175 0x5e98  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll

19:16:13.0175 0x5e98  seclogon - ok

19:16:13.0222 0x5e98  [ 35AD6331FB7F208621949A11EB3674BF, BE994542696F9E5F1A3BEAA8C4A24823F1DACCD5D69558CFCE69E456B8861637 ] Select-N-Go     C:\Program Files\Select-N-Go-soft\Select-N-Go155.exe

19:16:13.0237 0x5e98  Select-N-Go - ok

19:16:13.0253 0x5e98  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll

19:16:13.0253 0x5e98  SENS - ok

19:16:13.0284 0x5e98  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys

19:16:13.0284 0x5e98  serenum - ok

19:16:13.0300 0x5e98  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys

19:16:13.0300 0x5e98  Serial - ok

19:16:13.0362 0x5e98  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys

19:16:13.0362 0x5e98  Sfloppy - ok

19:16:13.0409 0x5e98  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

19:16:13.0425 0x5e98  SharedAccess - ok

19:16:13.0456 0x5e98  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

19:16:13.0456 0x5e98  ShellHWDetection - ok

19:16:13.0472 0x5e98  Simbad - ok

19:16:13.0550 0x5e98  [ EB3ACCC928B9D97DA89E1D37928167E3, 8F3578BF487C0FE24A696528CED8E29885D4B00135710F9F4A7205C53A1441F7 ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys

19:16:13.0566 0x5e98  smwdm - ok

19:16:13.0628 0x5e98  [ 3978F082274F723AD5A0A8058C2417DD, B3C07E4686414BA64491C70BD6185ABE41AC2EFBC1EC9FF54A8C3760054FA0BF ] SoundMAX Agent Service (default) C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

19:16:13.0628 0x5e98  SoundMAX Agent Service (default) - ok

19:16:13.0644 0x5e98  Sparrow - ok

19:16:13.0675 0x5e98  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys

19:16:13.0675 0x5e98  splitter - ok

19:16:13.0706 0x5e98  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe

19:16:13.0722 0x5e98  Spooler - ok

19:16:13.0737 0x5e98  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys

19:16:13.0737 0x5e98  sr - ok

19:16:13.0784 0x5e98  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\System32\srsvc.dll

19:16:13.0800 0x5e98  srservice - ok

19:16:14.0034 0x5e98  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys

19:16:14.0050 0x5e98  Srv - ok

19:16:14.0081 0x5e98  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

19:16:14.0081 0x5e98  SSDPSRV - ok

19:16:14.0112 0x5e98  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll

19:16:14.0128 0x5e98  stisvc - ok

19:16:14.0175 0x5e98  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys

19:16:14.0175 0x5e98  swenum - ok

19:16:14.0206 0x5e98  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys

19:16:14.0206 0x5e98  swmidi - ok

19:16:14.0222 0x5e98  SwPrv - ok

19:16:14.0269 0x5e98  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\System32\DRIVERS\symc810.sys

19:16:14.0269 0x5e98  symc810 - ok

19:16:14.0284 0x5e98  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\System32\DRIVERS\symc8xx.sys

19:16:14.0284 0x5e98  symc8xx - ok

19:16:14.0300 0x5e98  [ F2B7E8416F508368AC6730E2AE1C614F, 0A3FC9A2F30C56C0861EE96D0D270F221CCAE5A267DB768F68D2C56E1F3761BA ] Symmpi          C:\WINDOWS\System32\DRIVERS\symmpi.sys

19:16:14.0300 0x5e98  Symmpi - ok

19:16:14.0331 0x5e98  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\System32\DRIVERS\sym_hi.sys

19:16:14.0347 0x5e98  sym_hi - ok

19:16:14.0347 0x5e98  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\System32\DRIVERS\sym_u3.sys

19:16:14.0362 0x5e98  sym_u3 - ok

19:16:14.0394 0x5e98  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys

19:16:14.0394 0x5e98  sysaudio - ok

19:16:14.0441 0x5e98  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe

19:16:14.0441 0x5e98  SysmonLog - ok

19:16:14.0487 0x5e98  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

19:16:14.0503 0x5e98  TapiSrv - ok

19:16:14.0550 0x5e98  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys

19:16:14.0566 0x5e98  Tcpip - ok

19:16:14.0597 0x5e98  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys

19:16:14.0597 0x5e98  TDPIPE - ok

19:16:14.0628 0x5e98  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys

19:16:14.0628 0x5e98  TDTCP - ok

19:16:14.0659 0x5e98  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys

19:16:14.0659 0x5e98  TermDD - ok

19:16:14.0706 0x5e98  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll

19:16:14.0722 0x5e98  TermService - ok

19:16:14.0737 0x5e98  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll

19:16:14.0753 0x5e98  Themes - ok

19:16:14.0800 0x5e98  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe

19:16:14.0800 0x5e98  TlntSvr - ok

19:16:14.0816 0x5e98  TosIde - ok

19:16:14.0862 0x5e98  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll

19:16:14.0862 0x5e98  TrkWks - ok

19:16:14.0956 0x5e98  [ AAF458CC200326BEF602B5339400BF86, DD47C58A855E4FE2D9AFD9912C0661871F0A4CA385D864267F5245480AB8F4D7 ] tvnserver       C:\Program Files\TightVNC\tvnserver.exe

19:16:14.0972 0x5e98  tvnserver - ok

19:16:15.0003 0x5e98  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys

19:16:15.0003 0x5e98  Udfs - ok

19:16:15.0237 0x5e98  ultra - ok

19:16:15.0300 0x5e98  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys

19:16:15.0316 0x5e98  Update - ok

19:16:15.0378 0x5e98  [ 073D76B64EE698BE3EB938FE1243DE3F, A5BE28CA3B0E4A03193548B2F007593D30E187421B8CE8BA0D75CFC122864038 ] UpdateServiceTool C:\Program Files\Bin\UpdateTool\UpdaterToolService.exe

19:16:15.0378 0x5e98  UpdateServiceTool - ok

19:16:15.0409 0x5e98  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll

19:16:15.0425 0x5e98  upnphost - ok

19:16:15.0456 0x5e98  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe

19:16:15.0456 0x5e98  UPS - ok

19:16:15.0503 0x5e98  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys

19:16:15.0503 0x5e98  usbccgp - ok

19:16:15.0534 0x5e98  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys

19:16:15.0534 0x5e98  usbehci - ok

19:16:15.0566 0x5e98  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys

19:16:15.0581 0x5e98  usbhub - ok

19:16:15.0612 0x5e98  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys

19:16:15.0612 0x5e98  usbprint - ok

19:16:15.0644 0x5e98  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

19:16:15.0644 0x5e98  usbscan - ok

19:16:15.0675 0x5e98  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

19:16:15.0691 0x5e98  USBSTOR - ok

19:16:15.0737 0x5e98  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys

19:16:15.0737 0x5e98  usbuhci - ok

19:16:15.0753 0x5e98  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys

19:16:15.0753 0x5e98  VgaSave - ok

19:16:15.0784 0x5e98  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\System32\DRIVERS\viaide.sys

19:16:15.0784 0x5e98  ViaIde - ok

19:16:15.0816 0x5e98  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys

19:16:15.0816 0x5e98  VolSnap - ok

19:16:15.0862 0x5e98  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe

19:16:15.0878 0x5e98  VSS - ok

19:16:15.0909 0x5e98  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\System32\w32time.dll

19:16:15.0909 0x5e98  W32Time - ok

19:16:15.0972 0x5e98  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

19:16:15.0972 0x5e98  Wanarp - ok

19:16:16.0003 0x5e98  [ 0A716C08CB13C3A8F4F51E882DBF7416, 66FFDC9151CB3676B5DF073431DE055E7F2CDA5722F7EAAC6EC45F2CF9910882 ] wanatw          C:\WINDOWS\system32\DRIVERS\wanatw4.sys

19:16:16.0003 0x5e98  wanatw - ok

19:16:16.0019 0x5e98  WDICA - ok

19:16:16.0066 0x5e98  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys

19:16:16.0066 0x5e98  wdmaud - ok

19:16:16.0112 0x5e98  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll

19:16:16.0112 0x5e98  WebClient - ok

19:16:16.0191 0x5e98  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

19:16:16.0191 0x5e98  winmgmt - ok

19:16:16.0300 0x5e98  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

19:16:16.0347 0x5e98  WinRM - ok

19:16:16.0566 0x5e98  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll

19:16:16.0566 0x5e98  WmdmPmSN - ok

19:16:16.0628 0x5e98  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll

19:16:16.0644 0x5e98  Wmi - ok

19:16:16.0706 0x5e98  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe

19:16:16.0706 0x5e98  WmiApSrv - ok

19:16:16.0800 0x5e98  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

19:16:16.0816 0x5e98  WPFFontCache_v0400 - ok

19:16:16.0862 0x5e98  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll

19:16:16.0878 0x5e98  wscsvc - ok

19:16:16.0894 0x5e98  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll

19:16:16.0894 0x5e98  wuauserv - ok

19:16:16.0956 0x5e98  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll

19:16:16.0972 0x5e98  WZCSVC - ok

19:16:17.0003 0x5e98  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll

19:16:17.0019 0x5e98  xmlprov - ok

19:16:17.0066 0x5e98  [ 3EE36328E860FBF102B54608A055C6BE, 80F1E67E8B310B691D4B564970CECAD5371EDD9F96E1D2C5DF4801CDE48A9451 ] {6080A529-897E-4629-A488-ABA0C29B635E} C:\WINDOWS\system32\drivers\ialmsbw.sys

19:16:17.0066 0x5e98  {6080A529-897E-4629-A488-ABA0C29B635E} - ok

19:16:17.0097 0x5e98  [ 17F39A1916733ED228EB46AD67C35426, 19B8CFC33891479BC4156EB08F2F348B9391FD2711B3FB24A9677197AA60469C ] {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} C:\WINDOWS\system32\drivers\ialmkchw.sys

19:16:17.0097 0x5e98  {D31A0762-0CEB-444e-ACFF-B049A1F6FE91} - ok

19:16:17.0097 0x5e98  ================ Scan global ===============================

19:16:17.0128 0x5e98  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

19:16:17.0175 0x5e98  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

19:16:17.0206 0x5e98  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

19:16:17.0237 0x5e98  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

19:16:17.0253 0x5e98  [ Global ] - ok

19:16:17.0253 0x5e98  ================ Scan MBR ==================================

19:16:17.0269 0x5e98  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

19:16:17.0441 0x5e98  \Device\Harddisk0\DR0 - ok

19:16:17.0441 0x5e98  ================ Scan VBR ==================================

19:16:17.0456 0x5e98  [ 9D531A26878278390F804836A6A23409 ] \Device\Harddisk0\DR0\Partition1

19:16:17.0456 0x5e98  \Device\Harddisk0\DR0\Partition1 - ok

19:16:17.0456 0x5e98  Waiting for KSN requests completion. In queue: 216

19:16:18.0456 0x5e98  Waiting for KSN requests completion. In queue: 216

19:16:19.0456 0x5e98  Waiting for KSN requests completion. In queue: 216

19:16:20.0456 0x5e98  Waiting for KSN requests completion. In queue: 216

19:16:21.0456 0x5e98  Have new async UDS detects: 1

19:16:21.0456 0x5e98  Select-N-Go - detected UDS:DangerousObject.Multi.Generic ( 0 )

19:16:21.0550 0x5e98  Select-N-Go ( UDS:DangerousObject.Multi.Generic ) - infected

19:16:21.0550 0x5e98  Force sending object to P2P due to detect: C:\Program Files\Select-N-Go-soft\Select-N-Go155.exe

19:16:29.0144 0x5e98  Object send P2P result: true

19:16:35.0144 0x5e98  AV detected via SS1: Panda Cloud Antivirus, 02.03.00.0000, enabled, updated

19:16:35.0144 0x5e98  FW detected via SS1: Cloud Antivirus Firewall, 02.03.00.0000, disabled

19:16:35.0159 0x5e98  Win FW state via NFM: enabled

19:16:39.0081 0x5e98  ============================================================

19:16:39.0081 0x5e98  Scan finished

19:16:39.0081 0x5e98  ============================================================

19:16:39.0097 0x2960  Detected object count: 1

19:16:39.0097 0x2960  Actual detected object count: 1

19:18:49.0628 0x2960  C:\Program Files\Select-N-Go-soft\Select-N-Go155.exe - copied to quarantine

19:18:49.0628 0x2960  Select-N-Go ( UDS:DangerousObject.Multi.Generic ) - User select action: Quarantine 

 

Link to post
Share on other sites

Combofix

Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to our sticky topic How to disable your security applications


====================================================


Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.


**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


RC_update.png


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


cfRC_screen_2.png


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply for further review.

Link to post
Share on other sites

Attempted to run ComboFix as instructed. Recovery Console was added, then combofix began. It ran until at least Step 24 or more, but at some point caused a fatal error in windows resulting in an automatic windows reboot. Combofix apparently did not complete, as there is not ComboFix.txt at the root. There is, however, a directory added named ComboFix that has a computer monitor icon rather than the standard windows folder icon, and it appears to simply be a symlink back to C:\.

I also looked for it on the command line and it does not show up. I did not restart combofix, and will await instructions.

Link to post
Share on other sites

ComboFix 14-03-23.01 - Administrator 03/23/2014  19:58:16.2.2 - x86 NETWORK

Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1527.1141 [GMT -4:00]

Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\documents and settings\All Users\Application Data\TEMP

c:\program files\Select-N-Go-soft

c:\program files\Select-N-Go-soft\155.crx

c:\program files\Select-N-Go-soft\155.dat

c:\program files\Select-N-Go-soft\155.xpi

c:\program files\Select-N-Go-soft\a.db

c:\program files\Select-N-Go-soft\b.db

c:\program files\Select-N-Go-soft\Select-N-Go155.bin

c:\program files\Select-N-Go-soft\Select-N-Go155.exe

c:\program files\Select-N-Go-soft\Select-N-Go155.ini

c:\program files\Select-N-Go-soft\Sqlite3.dll

c:\windows\system32\msssc.dll

.

.

(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Legacy_Select-N-Go

-------\Legacy_Select-N-Go

-------\Service_Select-N-Go

-------\Service_Select-N-Go

.

.

(((((((((((((((((((((((((   Files Created from 2014-02-24 to 2014-03-24  )))))))))))))))))))))))))))))))

.

.

2014-03-23 23:48 . 2014-03-23 23:48 -------- d-----w- C:\SMCLpav

2014-03-20 23:18 . 2014-03-20 23:18 -------- d-----w- C:\TDSSKiller_Quarantine

2014-03-17 13:28 . 2014-03-21 20:08 -------- d-----w- c:\program files\Surftastic

2014-03-17 12:20 . 2014-03-17 12:20 -------- d-----w- c:\documents and settings\Administrator\Application Data\Oracle

2014-03-17 12:19 . 2014-03-17 12:19 -------- d-----w- c:\windows\Sun

2014-03-17 12:19 . 2014-03-17 12:19 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Sun

2014-03-17 12:18 . 2014-03-17 12:17 145408 ----a-w- c:\windows\system32\javacpl.cpl

2014-03-17 12:18 . 2014-03-17 12:17 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll

2014-03-17 11:36 . 2014-03-23 23:48 -------- d-----w- c:\documents and settings\Administrator\Application Data\Panda Security

2014-03-17 11:36 . 2014-03-23 23:54 -------- d-----w- c:\program files\Panda Security

2014-03-17 11:36 . 2014-03-23 23:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Panda Security

2014-03-17 10:35 . 2014-02-26 01:59 13312 ------w- c:\windows\system32\xp_eos.exe

2014-03-17 10:35 . 2014-02-26 01:59 13312 ------w- c:\windows\system32\dllcache\xp_eos.exe

2014-03-16 16:03 . 2014-03-16 16:03 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes

2014-03-16 16:03 . 2014-03-16 16:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2014-03-16 16:03 . 2014-03-16 16:03 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2014-03-16 16:03 . 2013-04-04 18:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-03-10 19:52 . 2014-03-10 19:52 -------- d-----w- c:\documents and settings\LocalService\Application Data\PCFixSpeed

2014-03-10 16:19 . 2014-03-10 16:20 -------- d-----w- c:\program files\Lightspark 0.5.3-git

2014-03-10 15:59 . 2014-03-10 16:00 -------- d-----w- c:\program files\Information

2014-03-10 15:56 . 2014-03-16 22:05 -------- d-----w- c:\program files\Bench

2014-03-10 15:55 . 2014-03-10 15:55 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\emaze

2014-03-10 15:55 . 2014-03-10 15:55 -------- d-----w- c:\program files\File Type Helper

2014-03-10 15:55 . 2014-03-10 15:55 -------- d-----w- c:\program files\Convert Files for Free

2014-03-10 15:53 . 2014-03-10 15:53 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Real

2014-03-10 15:52 . 2014-03-10 15:52 -------- d-----w- c:\program files\Common Files\xing shared

2014-03-10 15:51 . 2014-03-10 15:52 -------- d-----w- c:\program files\Real

2014-03-10 15:50 . 2014-03-21 20:08 -------- d-----w- c:\program files\Google

2014-03-08 19:35 . 2014-03-16 22:04 -------- d-----w- C:\Support

2014-03-08 19:35 . 2014-03-16 19:01 -------- d-----w- c:\program files\Supporter

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\All Users\Application Data\8ea0439b30eb392e

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Torch

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\Administrator\AppData

2014-03-08 19:34 . 2014-03-20 18:56 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Google

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\SUPPORT_b326ad0c

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\SUPPORT_388945a0

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\HelpAssistant

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\Guest

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\ASPNET

2014-03-08 19:34 . 2014-03-08 19:34 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Comodo

2014-03-06 19:10 . 2008-04-14 07:06 13952 ----a-w- c:\windows\system32\drivers\CmBatt.sys

2014-03-06 19:10 . 2008-04-14 07:06 10240 ----a-w- c:\windows\system32\drivers\compbatt.sys

2014-03-06 19:10 . 2008-04-14 07:06 14208 ----a-w- c:\windows\system32\drivers\battc.sys

2014-03-06 19:10 . 2001-08-17 19:11 35328 ----a-w- c:\windows\system32\drivers\pcntpci5.sys

2014-03-06 18:34 . 2014-03-08 02:06 9216 ----a-w- c:\windows\system32\Native.exe

2014-03-06 18:34 . 2014-03-08 02:07 -------- d-----w- C:\ReimageUndo

2014-03-06 17:51 . 2014-03-06 19:29 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\LogMeIn Rescue Applet

2014-03-03 04:41 . 2014-03-03 04:41 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\AOL Mail Toolbar

2014-03-03 04:41 . 2014-03-03 04:41 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\AOL Toolbar

2014-03-03 04:41 . 2014-03-03 04:41 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\IAC

2014-03-03 04:41 . 2014-03-03 04:41 -------- d-----w- c:\documents and settings\LocalService\Application Data\MapsGalaxy_39

2014-03-03 04:41 . 2014-03-03 04:41 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE

2014-03-03 04:40 . 2014-03-03 04:40 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\SearchProtect

2014-03-03 04:40 . 2014-03-16 22:05 -------- d-----w- c:\program files\Conduit

2014-03-03 04:40 . 2014-03-16 22:05 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Conduit

2014-03-03 03:45 . 2014-03-03 03:45 -------- d-----w- c:\documents and settings\All Users\Application Data\CDB

2014-03-03 03:43 . 2014-03-03 03:43 -------- d-----w- c:\program files\Reimage

2014-03-03 03:43 . 2014-03-13 00:44 -------- d-----w- C:\rei

2014-03-03 03:38 . 2014-03-03 03:38 -------- d-----w- c:\program files\TempInstaller

2014-03-03 03:37 . 2014-03-16 22:04 -------- d-----w- c:\program files\TidyNetwork

2014-03-03 03:36 . 2014-03-17 13:25 -------- d-----w- c:\program files\Re-markit-soft

2014-03-03 03:32 . 2014-03-03 03:32 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\SearchProtect

2014-03-03 03:30 . 2014-03-03 03:30 -------- d-----w- c:\program files\YTD Downloader

2014-03-03 03:30 . 2014-03-03 03:30 -------- d-----w- c:\program files\Bin

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-03-10 15:51 . 2012-01-31 18:25 348160 ----a-w- c:\windows\system32\msvcr71.dll

2014-03-10 15:51 . 2012-01-31 18:25 499712 ----a-w- c:\windows\system32\msvcp71.dll

2014-02-24 11:46 . 2002-08-29 10:41 920064 ----a-w- c:\windows\system32\wininet.dll

2014-02-24 11:45 . 2002-08-29 10:41 43520 ------w- c:\windows\system32\licmgr10.dll

2014-02-24 11:45 . 2002-08-29 10:41 1469440 ------w- c:\windows\system32\inetcpl.cpl

2014-02-24 11:45 . 2001-08-18 05:36 18944 ----a-w- c:\windows\system32\corpol.dll

2014-02-24 10:54 . 2004-08-04 05:59 385024 ------w- c:\windows\system32\html.iec

2014-02-21 02:23 . 2012-05-30 17:30 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-02-21 02:23 . 2012-02-29 00:02 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-02-07 02:01 . 2002-08-29 09:14 1879040 ----a-w- c:\windows\system32\win32k.sys

2014-02-05 08:55 . 2002-12-12 08:14 562688 ----a-w- c:\windows\system32\qedit.dll

2014-01-04 03:13 . 2002-08-29 10:41 420864 ----a-w- c:\windows\system32\vbscript.dll

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AOL Fast Start"="c:\progra~1\AOLDES~1.7\AOL.EXE" [2012-01-31 42320]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="c:\windows\System32\igfxtray.exe" [2003-03-11 155648]

"HotKeysCmds"="c:\windows\System32\hkcmd.exe" [2003-03-11 114688]

"Smapp"="c:\program files\Analog Devices\SoundMAX\SMTray.exe" [2003-01-31 98304]

"DrvLsnr"="c:\program files\Analog Devices\SoundMAX\DrvLsnr.exe" [2002-05-28 69632]

"srmclean"="c:\cpqs\Scom\srmclean.exe" [2001-07-24 36864]

"SetRefresh"="c:\program files\Compaq\SetRefresh\SetRefresh.exe" [2002-08-07 485376]

"CPQEASYACC"="c:\program files\COMPAQ\Easy Access Button Support\StartEAK.exe" [2001-12-14 32768]

"lxccmon.exe"="c:\program files\Lexmark 3300 Series\lxccmon.exe" [2005-07-21 192512]

"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2005-07-12 299008]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]

"tvncontrol"="c:\program files\TightVNC\tvnserver.exe" [2011-08-03 828944]

"HostManager"="c:\program files\Common Files\AOL\1334598415\ee\AOLSoftware.exe" [2010-03-08 41800]

"LXCCCATS"="c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-07-20 73728]

"TkBellExe"="c:\program files\Real\RealPlayer\update\realsched.exe" [2014-03-10 295512]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE -b -l [1999-2-17 65588]

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\TightVNC\\tvnserver.exe"=

"c:\\Program Files\\TightVNC\\vncviewer.exe"=

"c:\\Program Files\\Common Files\\AOL\\acs\\AOLDial.exe"=

"c:\\Program Files\\Common Files\\AOL\\acs\\AOLacsd.exe"=

"c:\\Program Files\\Common Files\\AOL\\1334598415\\ee\\aolsoftware.exe"=

"c:\\Program Files\\AOL Desktop 9.7\\waol.exe"=

"c:\\Program Files\\Common Files\\AOL\\TopSpeed\\3.0\\aoltpsd3.exe"=

"c:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=

"c:\\Program Files\\Common Files\\AOL\\System Information\\sinf.exe"=

"c:\\Program Files\\AOL Desktop 9.7\\AOLBrowser\\aolbrowser.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management 

"5900:TCP"= 5900:TCP:VNC

.

S2 40030ae4;Supporter;c:\windows\system32\rundll32.exe [8/18/2001 1:36 AM 33280]

S2 ConvertFilesforFreeUpdt;ConvertFilesforFreeUpdt;c:\program files\Convert Files for Free\ConvertFilesforFreeUpdt.exe [1/28/2014 6:18 AM 252928]

S2 PSGenUn;Panda Security Generic Uninstaller;c:\smclpav\SMCLpav.exe [3/23/2014 7:48 PM 227624]

S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files\RealNetworks\RealDownloader\rndlresolversvc.exe [8/14/2013 3:19 PM 39056]

S2 ReimageRealTimeProtection;Reimage Real Time Protection;c:\program files\Reimage\Reimage Repair\ReiGuard.exe [1/15/2014 5:52 AM 4030824]

S2 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [8/3/2011 9:23 AM 828944]

S2 UpdateServiceTool;UpdateSoftware;c:\program files\Bin\UpdateTool\UpdaterToolService.exe [3/2/2014 11:30 PM 6656]

S3 cpuz134;cpuz134;\??\c:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys --> c:\docume~1\ADMINI~1\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-03-16 16:08 1150280 ----a-w- c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-30 02:23]

.

.

------- Supplementary Scan -------

.



uInternet Connection Wizard,ShellNext = "c:\program files\Outlook Express\msimn.exe"

TCP: DhcpNameServer = 72.240.13.7 72.240.13.5 156.154.70.43

.

- - - - ORPHANS REMOVED - - - -

.

AddRemove-{5F189DF5-2D05-472B-9091-84D9848AE48B}{40030ae4} - c:\progra~1\SUPPOR~1\SUPPOR~1.DLL

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2014-03-23 20:09

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...  

.

scanning hidden autostart entries ... 

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

  LXCCCATS = rundll32 c:\windows\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????? 

.

scanning hidden files ...  

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (LocalSystem)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,39,b5,56,2f,c7,d9,2d,42,b3,cc,d7,\

.

[HKEY_USERS\S-1-5-21-837738428-271982952-1591331517-500\Software\Microsoft\Internet Explorer\Approved Extensions]

@Denied: (2) (Administrator)

"{990F277D-FEB7-3C4A-D621-E7CB3D71E19D}"=hex:51,66,7a,6c,4c,1d,3b,1b,6d,31,1e,

   87,87,ae,2d,75,c8,22,b8,94,3a,33,ad,89

"{D0C21091-FF8E-432C-9006-0540E81BA9D7}"=hex:51,66,7a,6c,4c,1d,3b,42,81,06,d3,

   ce,be,af,4b,0a,8e,05,5a,1f,ef,59,e5,c3

"{11111111-1111-1111-1111-110511031168}"=hex:51,66,7a,6c,4c,1d,3b,1b,01,07,00,

   0f,21,41,76,58,0f,12,4e,5a,16,41,5d,7c

.

[HKEY_USERS\S-1-5-21-837738428-271982952-1591331517-500\Software\Microsoft\Internet Explorer\User Preferences]

@Denied: (2) (Administrator)

"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ea,88,72,e8,6f,12,65,4a,b0,bd,8a,\

"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,ea,88,72,e8,6f,12,65,4a,b0,bd,8a,\

"6256FFB019F8FDFBD36745B06F4540E9AEAF222A25"=hex:01,00,00,00,d0,8c,9d,df,01,15,

   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,2f,1e,d8,44,0a,d0,d5,46,92,0d,9c,\

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_12_0_0_70_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

Completion time: 2014-03-23  20:13:43 - machine was rebooted

ComboFix-quarantined-files.txt  2014-03-24 00:13

.

Pre-Run: 60,012,306,432 bytes free

Post-Run: 61,271,621,632 bytes free

.

- - End Of File - - 1604932C82F47D1F87061A79DE93EE96

8F558EB6672622401DA993E1E865C861

 

Link to post
Share on other sites

Combofix scripting

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt and save it to the location where Combofix is.


CFScriptB-4.gif


Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

CFScript.txt

Link to post
Share on other sites

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.03.24.08

 

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Administrator :: HP10911140567 [administrator]

 

3/24/2014 5:00:52 PM

mbam-log-2014-03-24 (17-00-52).txt

 

Scan type: Full scan (A:\|C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 292522

Time elapsed: 1 hour(s), 1 minute(s), 22 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 2

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Bundlore) -> Quarantined and deleted successfully.

HKCU\Software\TidyNetwork (PUP.Optional.TidyNetwork.A) -> Quarantined and deleted successfully.

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 35

C:\Documents and Settings\Administrator\Local Settings\Application Data\Microsoft\CD Burning\setup.exe (PUP.Optional.Bundlore) -> Quarantined and deleted successfully.

C:\Documents and Settings\Administrator\My Documents\Downloads\uplayermediaplayer-setup.exe (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042366.exe (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042367.exe (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042368.exe (PUP.Optional.Melondrea.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042370.exe (PUP.Optional.AudioToAudioToolBar.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042371.exe (PUP.Optional.AudioToAudioToolBar.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042372.exe (PUP.Optional.Melondrea.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042373.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042375.dll (PUP.Optional.TidyNetwork.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042381.exe (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042383.dll (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042384.dll (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042385.dll (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042386.dll (PUP.Optional.MindSpark.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042387.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042388.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042389.exe (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042390.exe (PUP.Optional.PricePeep.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042391.dll (PUP.Optional.MultiPlug.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042401.exe (PUP.Optional.Amonetize.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042402.exe (PUP.Optional.OptimizerPro) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042509.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042521.exe (PUP.Optional.Sambreel.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042528.dll (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042530.exe (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042531.exe (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP392\A0044545.dll (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP392\A0044549.exe (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP392\A0044550.exe (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP392\A0044556.exe (PUP.Optional.Sambreel.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044778.dll (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044782.exe (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044783.exe (PUP.Optional.Surftastic.A) -> Quarantined and deleted successfully.

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP394\A0045560.exe (PUP.Optional.Sambreel.A) -> Quarantined and deleted successfully.

 

(end)

 

Link to post
Share on other sites

Looks good!

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

C:\Program Files\Information\50368.crx JS/Toolbar.Crossrider.B potentially unwanted application

C:\Program Files\Information\50368.xpi JS/Toolbar.Crossrider.B potentially unwanted application

C:\Program Files\Information\Information-bg.exe a variant of Win32/Toolbar.CrossRider.AA potentially unwanted application

C:\Program Files\Information\Information-buttonutil.dll a variant of Win32/Toolbar.CrossRider.AA potentially unwanted application

C:\Program Files\Information\Information-buttonutil.exe a variant of Win32/Toolbar.CrossRider.AA potentially unwanted application

C:\Program Files\Information\Information-chromeinstaller.exe a variant of Win32/Toolbar.CrossRider.Y potentially unwanted application

C:\Program Files\Information\Information-codedownloader.exe a variant of Win32/Toolbar.CrossRider.X potentially unwanted application

C:\Program Files\Information\Information-enabler.exe a variant of Win32/Toolbar.CrossRider.X potentially unwanted application

C:\Program Files\Information\Information-firefoxinstaller.exe a variant of Win32/Toolbar.CrossRider.Y potentially unwanted application

C:\Program Files\Information\Information-updater.exe a variant of Win32/Toolbar.CrossRider.X potentially unwanted application

C:\Program Files\Information\utils.exe a variant of Win32/Packed.VMDetector.E potentially unwanted application

C:\Qoobox\Quarantine\C\Program Files\Select-N-Go-soft\Select-N-Go155.exe.vir a variant of Win32/AdWare.AD150.A application

C:\Qoobox\Quarantine\C\rei\Temp\20140306_1238\Installer\C_drive\Program Files\optimizer pro\optprolauncher.exe.vir a variant of Win32/AdWare.SpeedingUpMyPC.D application

C:\Qoobox\Quarantine\C\rei\Temp\20140306_1238\Installer\C_drive\Program Files\optimi~1\optprocrashsvc.dll.vir a variant of Win32/SProtector.F potentially unwanted application

C:\Qoobox\Quarantine\C\rei\Temp\20140306_1238\Installer\C_drive\Program Files\Re-markit-soft\ReMar.exe.vir a variant of Win32/AdWare.AddLyrics.AF application

C:\Qoobox\Quarantine\C\rei\Temp\20140306_1238\Installer\C_drive\Program Files\Select-N-Go-soft\Selec.exe.vir a variant of Win32/AdWare.AddLyrics.AF application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP329\A0026895.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP329\A0026897.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP342\A0033033.exe a variant of Win32/Toolbar.MyWebSearch.O potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP377\A0036842.exe Win32/Toolbar.Babylon.T potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP378\A0037115.exe a variant of Win32/AdWare.SpeedingUpMyPC.D application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP378\A0037120.exe a variant of Win32/AdWare.AddLyrics.AF application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP378\A0037121.exe a variant of Win32/AdWare.AddLyrics.AF application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP378\A0037136.dll a variant of Win32/SProtector.F potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP383\A0039014.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP384\A0039065.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP384\A0039071.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP384\A0039121.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP385\A0039174.exe Win32/Toolbar.Babylon.T potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP385\A0040122.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP386\A0040160.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP387\A0040452.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP387\A0041245.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP387\A0042258.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042356.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042378.dll Win32/Toolbar.Inbox.H potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042406.exe Win32/BrowseFox.C potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042408.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042417.exe Win32/Toolbar.Inbox.H potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042438.exe a variant of Win32/AdWare.AD150.A application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042519.dll a variant of Win32/Toolbar.CrossRider.AA potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP388\A0042529.exe Win32/BrowseFox.C potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP392\A0044548.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP392\A0044552.exe Win32/BrowseFox.C potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044685.dll probably a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044689.exe a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044690.dll a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044697.dll a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044729.dll probably a variant of Win32/Toolbar.MyWebSearch.P potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044733.exe a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044734.dll a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044741.dll a variant of Win64/Toolbar.MyWebSearch.A potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044763.dll a variant of Win32/SProtector.E potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044776.exe a variant of Win32/SpeedingUpMyPC application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044781.exe a variant of MSIL/BrowseFox.B potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP393\A0044785.exe Win32/BrowseFox.C potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP395\A0045957.exe a variant of Win32/Toolbar.Visicom.A potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP395\A0046103.exe a variant of Win32/AdWare.AD150.A application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP396\A0046335.dll a variant of Win32/SProtector.F potentially unwanted application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP396\A0046336.exe a variant of Win32/AdWare.SpeedingUpMyPC.D application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP396\A0046337.exe a variant of Win32/AdWare.AddLyrics.AF application

C:\System Volume Information\_restore{4E4ECD0F-3EF2-446D-9329-2A24EB5506A6}\RP396\A0046338.exe a variant of Win32/AdWare.AddLyrics.AF application

C:\TDSSKiller_Quarantine\20.03.2014_19.15.30\uds0000\svc0000\tsk0000.dta a variant of Win32/AdWare.AD150.A application
Link to post
Share on other sites

 

C:\Program Files\Information

Delete this folder.

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner

Please download AdwCleaner to your desktop.

  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also

Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

# AdwCleaner v3.022 - Report created 25/03/2014 at 17:20:12

# Updated 13/03/2014 by Xplode

# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

# Username : Administrator - HP10911140567

# Running from : C:\Documents and Settings\Administrator\Desktop\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary

Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController

Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1

Key Deleted : HKLM\SOFTWARE\Classes\inbox.appserver

Key Deleted : HKLM\SOFTWARE\Classes\inbox.ibx404

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\inbox

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{37540F19-DD4C-478B-B2DF-C19281BCAF27}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{612AD33D-9824-4E87-8396-92374E91C4BB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522032268}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566036668}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\installedbrowserextensions

Key Deleted : HKCU\Software\MapsGalaxy_39

Key Deleted : HKCU\Software\visualbee

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}

Key Deleted : HKLM\Software\Bench

Key Deleted : HKLM\Software\firstsearch

Key Deleted : HKLM\Software\MapsGalaxy_39

Key Deleted : HKLM\Software\MetaStream

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\Viewpoint

Key Deleted : HKLM\Software\visualbee

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{612AD33D-9824-4E87-8396-92374E91C4BB}_is1

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SearchProtect

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v8.0.6001.18702

 

 

-\\ Google Chrome v33.0.1750.154

 

[ File : C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [6875 octets] - [25/03/2014 16:45:10]

AdwCleaner[R1].txt - [5760 octets] - [25/03/2014 17:19:10]

AdwCleaner[s0].txt - [1190 octets] - [25/03/2014 16:50:46]

AdwCleaner[s1].txt - [5805 octets] - [25/03/2014 17:20:12]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [5865 octets] ##########

 

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.3 (03.23.2014:1)

OS: Microsoft Windows XP x86

Ran by Administrator on Tue 03/25/2014 at 21:04:21.09

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Tue 03/25/2014 at 21:11:43.09

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Link to post
Share on other sites

 Results of screen317's Security Check version 0.99.81  

 Windows XP Service Pack 3 x86   

 Internet Explorer 8  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Enabled!  

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Java 7 Update 51  

 Adobe Reader 10.1.9 Adobe Reader out of Date!  

 Google Chrome 33.0.1750.146  

 Google Chrome 33.0.1750.154  

````````Process Check: objlist.exe by Laurent````````  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)

````````````````````End of Log`````````````````````` 

 

Link to post
Share on other sites

Your system is clean! :)

 

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.


  • Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Run setup and follow the instructions.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

Defrag your hard drive
 
Your hard drive is heavily fragmented. This may result in performance losses. If it is NOT an SSD drive, use a tool like Auslogic DiskDefrag to defrag the drive.

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.


    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.