Jump to content

Infected by TrojanAgent


Recommended Posts

Hello,

 

First all I would to thank you for spending time helping me to get rid of this virus. I have ran Malwarebytes 3 times, but every time the same virus comes back. 

I do not know if it is related, but I have exceeded my download limit today, which is rather impossible. I hardly download anything, the limit is 102GB, and it seems to be exceeded while my computer was idle... If this is unrelated, all help is welcome in how to track the cause of the excessive downloading!

 

A big thanks,

 

Dimi

 

Here are the logs from the DDS:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 7.0.6001.18639  BrowserJavaVersion: 1.6.0_14
Run by CZC8507XQB at 15:40:25 on 2014-03-23
Microsoft® Windows Vista™ Business   6.0.6001.1.1252.32.1043.18.4090.1795 [GMT 1:00]
.
AV: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}
SP: ESET NOD32 Antivirus 3.0 *Enabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\AEADISRV.EXE
C:\Windows\system32\agr64svc.exe
C:\Program Files\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Program Files (x86)\PostgreSQL\8.3\bin\postgres.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\alg.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANOTIF.EXE
C:\Windows\snuvcdsm.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
C:\Program Files (x86)\Microsoft Games\Age of Empires II\Config.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
C:\Windows\system32\msiexec.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
C:\Program Files (x86)\Steam\GameOverlayUI.exe
C:\Windows\System32\SnippingTool.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: MSS+ Identifier: {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned>
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Windows Live Aanmelden - Help: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
uRun: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [utopia Angel] "C:\Utopia\Angel\Angel.exe"
uRun: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
uRun: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
uRun: [steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
mRun: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe"
mRun: [hpWirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [WatchDog] "C:\Program Files (x86)\InterVideo\DVD Check\DVDCheck.exe"
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
mRun: [Config] "C:\Program Files (x86)\Microsoft Games\Age Of Empires ii\Config.exe"
mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
mRun: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mExplorerRun: [42033] C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.scr
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\DVDCHE~1.LNK - C:\Program Files (x86)\InterVideo\DVD Check\DVDCheck.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200
IE: E&xporteren naar Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {878AC5FC-BE78-4bae-896C-7F75B790A71E} - C:\Program Files (x86)\PokerStars.BE\PokerStarsUpdate.exe
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programs\PartyGaming\PartyPoker\RunApp.exe
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: NameServer = 195.130.131.2 195.130.130.130
TCP: Interfaces\{19529A3F-73CB-49DA-81E3-B7D08B2DF1BF} : DHCPNameServer = 195.130.131.2 195.130.130.130
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Notify: DeviceNP - DeviceNP.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live Family Safety Browser Helper Class: {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Run: [Windows Defender] C:\Program Files (x86)\Windows Defender\MSASCui.exe -hide
x64-Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [soundMAX] "C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe" /tray
x64-Run: [iAAnotif] "C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
x64-Run: [snuvcdsm] C:\Windows\snuvcdsm.exe
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
x64-ExplorerRun: [42033] C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.scr
x64-mPolicies-Explorer: NoActiveDesktop = dword:1
x64-mPolicies-Explorer: NoActiveDesktopChanges = dword:1
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
Hosts: 173.212.255.178 ad.garenanow.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\CZC8507XQB\AppData\Roaming\Mozilla\Firefox\Profiles\v05rurev.default\
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMSS.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.funmoods_i.hmpg - true
FF - user.js: extensions.funmoods_i.dfltSrch - true
FF - user.js: extensions.funmoods_i.srchPrvdr - Search
FF - user.js: extensions.funmoods_i.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods_i.id - 86dda43100000000000000216b2c7322
FF - user.js: extensions.funmoods_i.instlDay - 15374
FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1615:57:40
FF - user.js: extensions.funmoods_i.prtnrId - funmoods
FF - user.js: extensions.funmoods_i.prdct - funmoods
FF - user.js: extensions.funmoods_i.aflt - ddrnw
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods_i.tlbrId - base
FF - user.js: extensions.funmoods_i.instlRef - 
FF - user.js: extensions.funmoods_i.dfltLng - 
FF - user.js: extensions.funmoods_i.excTlbr - false
.
============= SERVICES / DRIVERS ===============
.
R1 epfwtdir;epfwtdir;C:\Windows\System32\drivers\epfwtdir.sys [2009-10-7 38776]
R2 BrAuthorizationSvcx;B&R Authorization;C:\Program Files\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe [2008-12-18 40960]
R2 ekrn;Eset Service;C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [2008-8-18 472280]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2009-1-6 576024]
R2 pgsql-8.3;PostgreSQL Database Server 8.3;C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe [2008-9-19 65536]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-10-9 3275136]
R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2009-1-6 193840]
R3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\drivers\e1y60x64.sys [2009-1-6 315008]
R3 NETw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETw5v64.sys [2008-11-17 4751360]
R3 rismcx64;RICOH Smart Card Reader;C:\Windows\System32\drivers\rismcx64.sys [2009-1-6 79872]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 DAMDrv;DAMDrv;C:\Windows\System32\drivers\DAMDrv64.sys [2008-4-9 38912]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing;C:\Windows\SysWOW64\flcdlock.exe [2008-4-21 349432]
S3 fssfltr;FssFltr;C:\Windows\System32\drivers\fssfltr.sys [2009-11-10 61280]
S3 fsssvc;De service Windows Live Family Safety;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-4-28 704872]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [2014-1-16 289256]
S3 PerfHost;Host van prestatiemeter-DLL;C:\Windows\SysWOW64\perfhost.exe [2008-1-21 19968]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-3-18 1020768]
S4 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe [2012-11-1 93184]
S4 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2008-4-7 28464]
.
=============== Created Last 30 ================
.
.
==================== Find3M  ====================
.
2014-03-19 18:47:31 90015360 ----a-w- C:\Windows\System32\mrt.exe
2014-03-12 19:47:45 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-12 19:47:45 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-01-06 19:23:36 4558848 ----a-w- C:\Windows\SysWow64\GPhotos.scr
2013-12-23 17:55:32 381440 ----a-w- C:\Windows\System32\drivers\sptd.sys
.
============= FINISH: 15:41:55,64 ===============
 
 
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft® Windows Vista™ Business 
Boot Device: \Device\HarddiskVolume1
Install Date: 6/01/2009 5:36:27
System Uptime: 23/03/2014 15:11:48 (0 hours ago)
.
Motherboard: Hewlett-Packard |  | 30E7
Processor: Intel® Core2 Duo CPU     T9400  @ 2.53GHz | Intel® Genuine processor | 2534/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 233 GiB total, 16,199 GiB free.
Z: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0026
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter
PNP Device ID: ROOT\*6TO4MP\0026
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0027
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #2
PNP Device ID: ROOT\*6TO4MP\0027
Service: tunnel
.
Class GUID: 
Description: Fingerprint Sensor
Device ID: USB\VID_08FF&PID_2810\5&2529B433&0&1
Manufacturer: 
Name: Fingerprint Sensor
PNP Device ID: USB\VID_08FF&PID_2810\5&2529B433&0&1
Service: 
.
==== System Restore Points ===================
.
RP982: 21/03/2014 18:10:36 - Windows Update
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Acrobat.com
Adobe AIR
Adobe Flash Player 12 ActiveX
Adobe Flash Player 12 Plugin
Adobe Reader 9.5.5 - Nederlands
Adobe Shockwave Player 12.0
Age Of Empires II(All in One)
Age of Empires II: HD Edition
Agere Systems HDA Modem
ATI Catalyst Install Manager
µTorrent
AutoHotkey 1.1.07.03
BIOS Configuration for HP ProtectTools
Brorsoft Video Converter Ver 1.3.1.5065
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-static
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
Counter-Strike 1.6
Device Access Manager for HP ProtectTools
Dota 2
ESET NOD32 Antivirus
ESU for Microsoft Vista SP1
Football Manager 2014
Free Avi To Mp4 Converter
Full Tilt Poker
GanttProject
Google Chrome
Google Update Helper
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP 3D DriveGuard
HP Active Support Library
HP Doc Viewer
HP Help and Support
HP Integrated Module with Bluetooth wireless technology 6.0.1.6204
HP MULTIPLE MODEM INSTALLER for VISTA
HP Performance Tuning Framework
HP Quick Launch Buttons 6.40 F1
HP Update
HP User Guides 0099
HP Wallpaper
HP Webcam
HP Webcam Application
HP Wireless Assistant
Intel® Network Connections Drivers
Intel® Matrix Storage Manager
InterVideo DVD Check
InterVideo WinDVD
Java 6 Update 14
Java 6 Update 6
JDownloader 0.9
Junk Mail filter update
Kruidvat fotoservice
LightScribe System Software  1.12.37.1
Malwarebytes Anti-Malware versie 1.75.0.1300
MathType 5
McAfee Security Scan Plus
Microsoft-invoegtoepassing Opslaan als PDF of XPS voor 2007 Microsoft Office-programma's
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2416447)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - nld
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Client Profile NLD Language Pack
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Dutch) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Dutch) 2007
Microsoft Office Groove MUI (Dutch) 2007
Microsoft Office InfoPath MUI (Dutch) 2007
Microsoft Office Live Add-in 1.3
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (Dutch) 2007
Microsoft Office Outlook MUI (Dutch) 2007
Microsoft Office PowerPoint MUI (Dutch) 2007
Microsoft Office Proof (Dutch) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (Dutch) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Dutch) 2007
Microsoft Office Shared 64-bit MUI (Dutch) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (Dutch) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 3 (SP3)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (Dutch) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
Microsoft WSE 3.0 Runtime
mIRC
Mozilla Firefox 26.0 (x86 nl)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
neroxml
Pando Media Booster
PartyPoker
PDF Complete
Personalize Your PC
Picasa 3
Poker Partouche.be
PokerStars
PokerStars.be
PokerTracker 3 (remove only)
PostgreSQL 8.3
RapidShare Manager
RICOH R5C853 Media Driver Ver.1.02.00.09
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2817641) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2837615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office Outlook 2007 (KB2825644) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Visio 2007 suites (KB2596595) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2837617) 32-Bit Edition 
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663)
Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)
Skins
Skype Click to Call
Skype™ 6.14
SoundMAX
Spotify
Steam
Super Monday Night Combat
swMSM
Synaptics Pointing Device Driver
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL
Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD
TeamSpeak 3 Client
Tell Poker
The Sims 3
UltimateBet
Unibet
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Visio 2007 Help (KB963666)
Update voor Microsoft Office Excel 2007 Help (KB963678)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669)
Update voor Microsoft Office Word 2007 Help (KB963665)
Vista Default Settings
VLC media player 2.0.6
Windows Live - Hulpprogramma voor uploaden
Windows Live aanmeldhulp
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Messenger
WinRAR
.
==== End Of File ===========================
 
 
Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
Going over your logs I noticed that you have uTorrent installed.
  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.


It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall uTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via Start > Control Panel > Add/Remove Programs.
If you wish to keep it, please do not use it until your computer is cleaned.

 

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

Hello Marius,

 

I would like to thank you for your time! I have removed the µTorrent software as you suggested. Here you can find the logfile from the scan. I had to split it up as i got "Post_too_long" error. 

 

21:17:02.0984 0x12c8  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
21:17:24.0829 0x12c8  ============================================================
21:17:24.0829 0x12c8  Current date / time: 2014/03/23 21:17:24.0829
21:17:24.0829 0x12c8  SystemInfo:
21:17:24.0829 0x12c8  
21:17:24.0829 0x12c8  OS Version: 6.0.6001 ServicePack: 1.0
21:17:24.0829 0x12c8  Product type: Workstation
21:17:24.0829 0x12c8  ComputerName: P-CZC8507XQB
21:17:24.0829 0x12c8  UserName: CZC8507XQB
21:17:24.0829 0x12c8  Windows directory: C:\Windows
21:17:24.0829 0x12c8  System windows directory: C:\Windows
21:17:24.0830 0x12c8  Running under WOW64
21:17:24.0830 0x12c8  Processor architecture: Intel x64
21:17:24.0830 0x12c8  Number of processors: 2
21:17:24.0830 0x12c8  Page size: 0x1000
21:17:24.0830 0x12c8  Boot type: Normal boot
21:17:24.0830 0x12c8  ============================================================
21:17:26.0191 0x12c8  KLMD registered as C:\Windows\system32\drivers\50392871.sys
21:17:26.0587 0x12c8  System UUID: {70CD72D5-F565-3435-8CD5-9B287183D471}
21:17:27.0375 0x12c8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:17:27.0434 0x12c8  ============================================================
21:17:27.0434 0x12c8  \Device\Harddisk0\DR0:
21:17:27.0434 0x12c8  MBR partitions:
21:17:27.0434 0x12c8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C4800
21:17:27.0434 0x12c8  ============================================================
21:17:27.0504 0x12c8  C: <-> \Device\Harddisk0\DR0\Partition1
21:17:27.0837 0x12c8  ============================================================
21:17:27.0837 0x12c8  Initialize success
21:17:27.0837 0x12c8  ============================================================
21:17:32.0258 0x1080  ============================================================
21:17:32.0258 0x1080  Scan started
21:17:32.0258 0x1080  Mode: Manual; 
21:17:32.0258 0x1080  ============================================================
21:17:32.0258 0x1080  KSN ping started
21:17:35.0748 0x1080  KSN ping finished: true
21:17:36.0823 0x1080  ================ Scan system memory ========================
21:17:36.0823 0x1080  System memory - ok
21:17:36.0823 0x1080  ================ Scan services =============================
21:17:37.0001 0x1080  [ 70BBE6A93A6BB26B42B03C7D08646D4E, 1293211DE1C78A558E2B9F9CEEDFF60C4A415521955D3F363C05C4DFC6A0CB7F ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
21:17:37.0004 0x1080  Accelerometer - ok
21:17:37.0071 0x1080  [ 8C99ED256A889D647935A97C543B7B85, A11099D52528A398CC01C84EB2AD83120171B7B2E24C1AEDDA18596C921183E4 ] ACPI            C:\Windows\system32\drivers\acpi.sys
21:17:37.0079 0x1080  ACPI - ok
21:17:37.0145 0x1080  [ D0F1ADB7532890A7602A25D878561921, FCB5F6D4DF700407E95D090DD9816DFED6FB3771A159F7CB3CE0BF799BD84185 ] ADIHdAudAddService C:\Windows\system32\drivers\ADIHdAud.sys
21:17:37.0160 0x1080  ADIHdAudAddService - ok
21:17:37.0263 0x1080  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:17:37.0270 0x1080  AdobeFlashPlayerUpdateSvc - ok
21:17:37.0307 0x1080  [ F14215E37CF124104575073F782111D2, 7F624F7F0FE9909C07AB2E4C74727686FDA9DF33778A9CBBE35027D6579E4F71 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:17:37.0323 0x1080  adp94xx - ok
21:17:37.0350 0x1080  [ 7D05A75E3066861A6610F7EE04FF085C, 406F2CE539C306BA60C233FBCDB029153588F0499BBE91E66FC915E5C5D7D2A5 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:17:37.0360 0x1080  adpahci - ok
21:17:37.0419 0x1080  [ 820A201FE08A0C345B3BEDBC30E1A77C, 3170B308724CAA0AD50B74D045C837C48BD6A3A11ABA222670BEA82192A861BF ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
21:17:37.0424 0x1080  adpu160m - ok
21:17:37.0493 0x1080  [ 9B4AB6854559DC168FBB4C24FC52E794, 83CD75DE0A16AE66586837565ECA8B98BA9309519139C4C2032474B8DDF5A1AD ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:17:37.0501 0x1080  adpu320 - ok
21:17:37.0543 0x1080  [ 8CF9089F83440422020C66D090C3BB63, D5A12254F14A87B421946D5E23B3842A02D7DADA5C7814B6380A641FCD5B6FCF ] AEADIFilters    C:\Windows\system32\AEADISRV.EXE
21:17:37.0545 0x1080  AEADIFilters - ok
21:17:37.0565 0x1080  [ 0F421175574BFE0BF2F4D8E910A253BB, CEABE3A4F546EB6ACA079931AB532DC88FF757DEEF6F434991802220328A9CD6 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:17:37.0566 0x1080  AeLookupSvc - ok
21:17:37.0652 0x1080  [ 9BB97042FA331A0FB4BDD98B9280A50A, DBB11BFE5F0BC94A21E7B319D16F2896509730DA8061135083892709290E4FA1 ] AFD             C:\Windows\system32\drivers\afd.sys
21:17:37.0664 0x1080  AFD - ok
21:17:37.0711 0x1080  [ 8FE65709982F2CB7D291F6C9B2C60805, 23EE0C166082D420E09595FBC7162296E820B5712A69BA2BCBCB0AC8EED2164B ] AgereModemAudio C:\Windows\system32\agr64svc.exe
21:17:37.0711 0x1080  AgereModemAudio - ok
21:17:37.0774 0x1080  [ 55FCDB10E31C22EB67454AAEF42B6725, 4A02A3203573766F254643C0EC2AB1AF2BFCA49BF6E5D7627D27E93F92203379 ] AgereSoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
21:17:37.0812 0x1080  AgereSoftModem - ok
21:17:37.0871 0x1080  [ F6F6793B7F17B550ECFDBD3B229173F7, 7EB12A9372B7966440E39F1B567A43C21231D67DDFAA9C1DECC7E68627F82346 ] agp440          C:\Windows\system32\drivers\agp440.sys
21:17:37.0874 0x1080  agp440 - ok
21:17:37.0908 0x1080  [ 222CB641B4B8A1D1126F8033F9FD6A00, 8C7FD4BF87DC00893B99E64344C0E6A3F321DAD9BE60A99763629260E7C6312C ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:17:37.0911 0x1080  aic78xx - ok
21:17:37.0936 0x1080  [ 5922F4F59B7868F3D74BBBBEB7B825A3, 71504BC8B596F540BF059059670BC0C138D8759C1DD9F99F1EC368FD5C53F573 ] ALG             C:\Windows\System32\alg.exe
21:17:37.0939 0x1080  ALG - ok
21:17:37.0973 0x1080  [ 157D0898D4B73F075CE9FA26B482DF98, 84C3E163D7393FD306842F155C88A50B7D8AE88B59586F9014DB76B749CC33D5 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:17:37.0975 0x1080  aliide - ok
21:17:37.0986 0x1080  [ 970FA5059E61E30D25307B99903E991E, CFB241803A63EA3469B2596462A42DDCA813B3ACF96E56BB34F5979BB34DDC32 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:17:37.0988 0x1080  amdide - ok
21:17:38.0009 0x1080  [ CDC3632A3A5EA4DBB83E46076A3165A1, 40BE3451A3F29CD3352360FF72165C54237E44D01006390805D493B0D06F51DB ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:17:38.0012 0x1080  AmdK8 - ok
21:17:38.0060 0x1080  [ 9C37B3FD5615477CB9A0CD116CF43F5C, BD3F85A29931072F2B0C7283761E224E4621FE0D9D34D6D668A4516B28388484 ] Appinfo         C:\Windows\System32\appinfo.dll
21:17:38.0062 0x1080  Appinfo - ok
21:17:38.0104 0x1080  [ 3DA98C07B18A676180FE7EED924D1673, 830E48C2AF04CB57E886643DF1288EDEBEEAF03CE04A4850E13E05FF206C507A ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:17:38.0111 0x1080  AppMgmt - ok
21:17:38.0143 0x1080  [ BA8417D4765F3988FF921F30F630E303, 876A8F34E578020DD9EDD64F7F77A0A3B4592EC568830B500D7EA844D3159C72 ] arc             C:\Windows\system32\drivers\arc.sys
21:17:38.0146 0x1080  arc - ok
21:17:38.0190 0x1080  [ 9D41C435619733B34CC16A511E644B11, DEFFBBB5ECE33B7DF949DF979188AF3B6674E7580FC069397AB756EA84E24822 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:17:38.0194 0x1080  arcsas - ok
21:17:38.0340 0x1080  aspnet_state - ok
21:17:38.0361 0x1080  [ 22D13FF3DAFEC2A80634752B1EAA2DE6, 503F7E5F1B14D3F7AEAB0982E812B19DABE38FD4104D93922F50F0B2D19BECFB ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:17:38.0363 0x1080  AsyncMac - ok
21:17:38.0391 0x1080  [ F988BB0690CD660318037908E9B8DBF7, E536F371AB31B69FB0AA619C0C04B031A17C89064E90D3C57ED45E280A117C65 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:17:38.0393 0x1080  atapi - ok
21:17:38.0472 0x1080  [ 05D1BC3CF92B023E286F76BF0C0A30EE, 4EB01F437FC9192E45D9052DBDB55FFE9C30487D414BB61284FD188B1494BB5A ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
21:17:38.0496 0x1080  Ati External Event Utility - ok
21:17:38.0826 0x1080  [ F8A5F8E5A07EDAF200E4504A5B80D2AC, DC86DC9B8A49C7693D875CC936414620E54B2E1EE56F97E41B7349DD891B94EC ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:17:38.0966 0x1080  atikmdag - ok
21:17:39.0138 0x1080  [ 2A54B6A48AB6D2166271B05E9469326E, 657DBD481CD9F9B8A3AD5CE4F93F832187FB9A5F7069523F0492925421C78733 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:17:39.0173 0x1080  AudioEndpointBuilder - ok
21:17:39.0189 0x1080  [ 2A54B6A48AB6D2166271B05E9469326E, 657DBD481CD9F9B8A3AD5CE4F93F832187FB9A5F7069523F0492925421C78733 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:17:39.0198 0x1080  AudioSrv - ok
21:17:39.0242 0x1080  [ BC4737AAFFA5964E4F8827C9B8C0EB8E, 5507F41DCD8DD155A1C09BDEAF9CFDF53B40A89369BD59D60834B2753F73F8C0 ] BFE             C:\Windows\System32\bfe.dll
21:17:39.0255 0x1080  BFE - ok
21:17:39.0310 0x1080  [ D896A0D43F8AB81ECB1FC6C24DECFD58, 0E643D95A459910FD4DD0D2B924A55A2D01923C70D4F78BA6F3AC073E51B04DF ] BITS            C:\Windows\System32\qmgr.dll
21:17:39.0342 0x1080  BITS - ok
21:17:39.0382 0x1080  [ 79FEEB40056683F8F61398D81DDA65D2, 5EA3016194F71A2A2177C2B5129E82738EC621ACAD269809F4C131B72CFEB6C6 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
21:17:39.0386 0x1080  blbdrive - ok
21:17:39.0432 0x1080  [ F0F035FCEC3554CC1B70C5611BD87951, F47F5A307AAF629612F030CB18EE55D160F68BCFDCC5C8C621A7B42281C487E7 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:17:39.0435 0x1080  bowser - ok
21:17:39.0542 0x1080  [ 38FE145DE227F862CFDD750AA00CA284, 6692765E1AF698336DAF95023B26E566B5CD0EDA48E0C3D247E7004216B2068C ] BrAuthorizationSvcx C:\Program Files\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe
21:17:39.0543 0x1080  BrAuthorizationSvcx - ok
21:17:39.0590 0x1080  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
21:17:39.0591 0x1080  BrFiltLo - ok
21:17:39.0605 0x1080  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
21:17:39.0607 0x1080  BrFiltUp - ok
21:17:39.0630 0x1080  [ A1B39DE453433B115B4EA69EE0343816, 61441E7E9D5259A5987DBD3FC8D4E3221A57F42C7CC0F94DB48E80EEF96CA5D4 ] Browser         C:\Windows\System32\browser.dll
21:17:39.0632 0x1080  Browser - ok
21:17:39.0671 0x1080  [ F0F0BA4D815BE446AA6A4583CA3BCA9B, E0A5DB5A0C7D6AF93ED45F34D2597F77982DFF41E4FDAC827FE5D80323ADED60 ] Brserid         C:\Windows\system32\drivers\brserid.sys
21:17:39.0674 0x1080  Brserid - ok
21:17:39.0717 0x1080  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
21:17:39.0720 0x1080  BrSerWdm - ok
21:17:39.0763 0x1080  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
21:17:39.0764 0x1080  BrUsbMdm - ok
21:17:39.0781 0x1080  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
21:17:39.0783 0x1080  BrUsbSer - ok
21:17:39.0807 0x1080  [ D4A3AE275D21B294F9B26F84748054D5, 7C946BD60C645BE5DDED8D87677D91ED752C3FA67B7FEBD3459A841CF94DAC09 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
21:17:39.0809 0x1080  BthEnum - ok
21:17:39.0825 0x1080  [ E0777B34E05F8A82A21856EFC900C29F, A7ACE3C65D1773C50ACD98A13B3ADBDD2A6052D7F5D124CB6EE6E7C22151A424 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:17:39.0828 0x1080  BTHMODEM - ok
21:17:39.0859 0x1080  [ BEFC5311736B475AC5B60C14FF7C775A, 8B9BF5486B09E10361E8C412481E684CD1B03B5C06023AD9B7C29553D51F0455 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:17:39.0861 0x1080  BthPan - ok
21:17:39.0914 0x1080  [ 04E4907FCB00CDFACA052DEA6462B01B, 767C787A9CED119C664BEB79819876566AE856DD7C0259791A492D9C63E5DAC6 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:17:39.0935 0x1080  BTHPORT - ok
21:17:39.0973 0x1080  [ 90E967B4BB5556EDC9C2EA0EB653D1B2, E0AFD786F4DB1F6376E8FBDECB76F6F8D5821E615F1EB0FABAB7B37DFE2702C4 ] BthServ         C:\Windows\System32\bthserv.dll
21:17:39.0975 0x1080  BthServ - ok
21:17:39.0985 0x1080  [ FD8F6802D7564046D933093705F9B9B4, B87A5B89D26760796480A9A14E56B42F17A8EFA59FA90EAF205BE4E584A51109 ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:17:39.0988 0x1080  BTHUSB - ok
21:17:40.0027 0x1080  [ 0C5D9C8B412BE72C4535EC67A24C01DB, B88C00B81D067FD85D115C1C9AD8495539A7248920124DA40D3A02CA8E38A323 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
21:17:40.0030 0x1080  btwaudio - ok
21:17:40.0061 0x1080  [ DF18E4291C43BED05B1D0C2D5C0E96D6, 95B694E8AD45825029730E260CFD8E1E1AA0A5CECF1671226D7FFFBA6C6386EC ] btwavdt         C:\Windows\system32\drivers\btwavdt.sys
21:17:40.0065 0x1080  btwavdt - ok
21:17:40.0079 0x1080  [ 637A44C54520A9958E2E5E3EE9E26C4A, FB12D612629B54E39F2F8A0FE6255B0CAB84D3FABAE71C5F025192F4AEB082AF ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
21:17:40.0082 0x1080  btwrchid - ok
21:17:40.0121 0x1080  [ B4D787DB8D30793A4D4DF9FEED18F136, 2A956F7DCFE61E556F30BDA6D45592A05533541D6ED321C251C1C05F6CEA6DDC ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:17:40.0125 0x1080  cdfs - ok
21:17:40.0137 0x1080  [ 3B2FB35363423ED60C8FBF15FC8680BD, 6AA11129BF61288F4696DF8A9E87A1C200EC94A80DE0BD0865878B73735DA57D ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:17:40.0140 0x1080  cdrom - ok
21:17:40.0164 0x1080  [ EDFFFC8B6AFB609BF33DBE0A900426B6, 069E51698CADB01800CD4D1D98010B809652A93647670EC612373D154FA1E9CC ] CertPropSvc     C:\Windows\System32\certprop.dll
21:17:40.0166 0x1080  CertPropSvc - ok
21:17:40.0179 0x1080  [ 02EA568D498BBDD4BA55BF3FCE34D456, 5A418B156CBB48D14E0F6B6AE6E03B8CD97AABE838F260757014479566C63F17 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:17:40.0181 0x1080  circlass - ok
21:17:40.0206 0x1080  [ C12C4EE07843B595036DA0BAA6317936, 25D6249E8E497A84A95FAB0B29BFABFAACBE6A86D3E9F0254132FC52AA682209 ] CLFS            C:\Windows\system32\CLFS.sys
21:17:40.0217 0x1080  CLFS - ok
21:17:40.0251 0x1080  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:17:40.0253 0x1080  clr_optimization_v2.0.50727_32 - ok
21:17:40.0315 0x1080  [ FA58B51ED71C9133E141164EAA7C54EB, 36310620185E43149A5CACFC9E26D3F322D7E5A958024885232F1AC0A5AA5C0D ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:17:40.0318 0x1080  clr_optimization_v2.0.50727_64 - ok
21:17:40.0397 0x1080  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:17:40.0400 0x1080  clr_optimization_v4.0.30319_32 - ok
21:17:40.0420 0x1080  [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:17:40.0424 0x1080  clr_optimization_v4.0.30319_64 - ok
21:17:40.0444 0x1080  [ B52D9A14CE4101577900A364BA86F3DF, A8AA928DDF5FE3861973D4EA03A5B700E99138236F1E8FF594293B9705BF470C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:17:40.0445 0x1080  CmBatt - ok
21:17:40.0482 0x1080  [ E5D5499A1C50A54B5161296B6AFE6192, 20A8A0478918063A9EE81565F21F4ACCAA7B6A8B2E9E084099879D85574BAB3E ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:17:40.0485 0x1080  cmdide - ok
21:17:40.0597 0x1080  [ 7795F8CEBC284A426B53F541E538695F, 1A56B32CA26505D9B1899EF4C3E1E1A815D8A36CC476691DBCE8A41109208C87 ] Com4QLBEx       C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
21:17:40.0600 0x1080  Com4QLBEx - ok
21:17:40.0606 0x1080  [ 7FB8AD01DB0EABE60C8A861531A8F431, E19353C686B07A0DBBA92CFCC88AB9B6BEBAF389416B78F4470BA673E7CD73C3 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:17:40.0612 0x1080  Compbatt - ok
21:17:40.0616 0x1080  COMSysApp - ok
21:17:40.0620 0x1080  [ A8585B6412253803CE8EFCBD6D6DC15C, C3906B080D3BB06CB976FD98C62CBA97DAE74970A5559D51EF5111D773949322 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:17:40.0622 0x1080  crcdisk - ok
21:17:40.0647 0x1080  [ 4374F784121D8B3BB466B03F5E5EBD33, EA37D4B0EA11C81A5F9277EEC2FA16F9A863B655E685BFF40C9D57B26158D582 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:17:40.0651 0x1080  CryptSvc - ok
21:17:40.0683 0x1080  [ A25E4DD707714DA07FE1FEBF1DC91D86, 0C7A28F8475611642EBC42C4A75BAA82C0983120AA16D2448A87BB13C1978FDF ] CSC             C:\Windows\system32\drivers\csc.sys
21:17:40.0699 0x1080  CSC - ok
21:17:40.0760 0x1080  [ 06AF83C429743F3B85F1224C50254BEF, 96FFC934F8568D6987F9E167E687BE48805ECDEFE62B76BC233FA9D1EA7CC436 ] CscService      C:\Windows\System32\cscsvc.dll
21:17:40.0778 0x1080  CscService - ok
21:17:40.0860 0x1080  [ FE56398071DEEE6CB42A182D82D274F7, 84585A5904C7CA5F5A9EE8BB810855C8833C02E286379BE1FB65F69D43B0E252 ] DAMDrv          C:\Windows\system32\DRIVERS\DAMDrv64.sys
21:17:40.0863 0x1080  DAMDrv - ok
21:17:41.0035 0x1080  [ 52CDADE8289FF21F1F2215FF51A5F36C, 27DD3BA84FB864FD685979C3404EFEB536ECD62FEF3069ECADAA5D5CA4469DE8 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:17:41.0057 0x1080  DcomLaunch - ok
21:17:41.0317 0x1080  [ 3725C43C9E90731ECA651D506CC599A3, 8597294C2AD571E0D47500ACE7785F3C3157A9D0E4FC9F1739B2EC6CFE18AE8E ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:17:41.0428 0x1080  DfsC - ok
21:17:42.0332 0x1080  [ 1781F99840979EE7B126C9073C377FD0, D5E8445B0381429FD1BB4CFB12F48D79B6C8405472E856A80FC4CCC4DB1437D5 ] DFSR            C:\Windows\system32\DFSR.exe
21:17:42.0501 0x1080  DFSR - ok
21:17:42.0560 0x1080  [ FDAA0EDFCFB70CD529589AD654651B40, D3729FE3A019CEA859B0475904CDAE7EDA7E9C71FC3E4A71B94A6E3ACEA14098 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
21:17:42.0568 0x1080  Dhcp - ok
21:17:42.0593 0x1080  [ 2DC415FC05FB8A079F896CBBACB19324, B868592C68A7E84BCAB456225A8326B561416B75BC6F4FBB80F2F281FF304100 ] disk            C:\Windows\system32\drivers\disk.sys
21:17:42.0596 0x1080  disk - ok
21:17:42.0625 0x1080  [ DAF05293C1264E251D3A25E7E24B2DDF, 0042D265D0CFC6D771572D2F2BEE516FB25450E1FD58307788D064475554E5C0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:17:42.0629 0x1080  Dnscache - ok
21:17:42.0652 0x1080  [ CC661867677627F2911C2A4970DEE0F1, 7C3F2FEE7EFA10F92EB8FA951E15754AD6A467411127345527CEC7094AF7AC74 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:17:42.0660 0x1080  dot3svc - ok
21:17:42.0691 0x1080  [ 1583B39790DB3EAEC7EDB0CB0140C708, F94F9AE7054A38602CD25D4E10FE7C7B574BD9ED8440C3FDAA7275A1D1E663E7 ] DPS             C:\Windows\system32\dps.dll
21:17:42.0694 0x1080  DPS - ok
21:17:42.0719 0x1080  [ F1A78A98CFC2EE02144C6BEC945447E6, D2E2AA13BE6319F967002476A5D3CF09B1B44350576DD8E1C1C531854F53B488 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:17:42.0721 0x1080  drmkaud - ok
21:17:42.0793 0x1080  [ 412964040CE920FF83AFF6B5B551BF99, 7F3E7DE28F36A2E0A493CC224D15269EAC43CBEEE21C2872202E2AF37A5DB365 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:17:42.0816 0x1080  DXGKrnl - ok
21:17:42.0839 0x1080  [ 264CEE7B031A9D6C827F3D0CB031F2FE, 50CAD28A73D29E7E04A45330146CF713BA17101215955009121E36D43CD5C536 ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
21:17:42.0844 0x1080  E1G60 - ok
21:17:42.0880 0x1080  [ CA65FF7C990133DD89494080B7FC0F50, 126DC6DA8E9B1DE39A2BCEF11E4F60145F0ACC7640F1AC096C1094216C19EA05 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
21:17:42.0889 0x1080  e1yexpress - ok
21:17:42.0927 0x1080  [ A183851333985C6DE08DADE07B074D0D, D0257792EF8A113ECFCEBB73DB1A4A25D7E5ADDC07C759865ED825B6287BE2E3 ] eamon           C:\Windows\system32\DRIVERS\eamon.sys
21:17:42.0930 0x1080  eamon - ok
21:17:42.0965 0x1080  [ C2303883FD9BE49DC36A6400643002EA, F062D1D6D503CF5195BDE8C1DC75B541F559CB8175ADABCDB7690E9F1CA3EA4E ] EapHost         C:\Windows\System32\eapsvc.dll
21:17:42.0968 0x1080  EapHost - ok
21:17:42.0993 0x1080  [ 4DB13A6A158C160B01971E0EAB4B6FA8, 815F7039E155B9A8FA315898F48598EC1A2FF84C7030011782CE996CABF21F5A ] easdrv          C:\Windows\system32\DRIVERS\easdrv.sys
21:17:42.0996 0x1080  easdrv - ok
21:17:43.0023 0x1080  [ 7343D950A34A95DCB7441642E3E6BEEF, 6C38E7C0C1D5F619269BA03E41AA0340A93D556B38396B3AE65CCE1A4393C997 ] Ecache          C:\Windows\system32\drivers\ecache.sys
21:17:43.0029 0x1080  Ecache - ok
21:17:43.0107 0x1080  [ 40DDB5654B9FB14AA3FA00B116EFBBDD, 865DBBA527EC507CBB67B6A952282826215AC1267EE8AB800685AA32FE1BA605 ] EhttpSrv        C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
21:17:43.0107 0x1080  EhttpSrv - ok
21:17:43.0183 0x1080  [ 49485FA5C3A8A5CE866B281E75E99F24, 41A03E1BD1012AB6DFE175B5F3421D798921C9B730BA39EE003C639B6BFA8B04 ] ekrn            C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
21:17:43.0195 0x1080  ekrn - ok
21:17:43.0238 0x1080  [ C4636D6E10469404AB5308D9FD45ED07, 367D958D19F672395462206F27C1E138386C2F37B0FA77546F4217CF16D05C84 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:17:43.0250 0x1080  elxstor - ok
21:17:43.0283 0x1080  [ E4EB76D0A8FC43DB7F36302E1F33791F, 11F18E0B4656B0181E9582393ED1358C0C908AE3629266019DF6F47FF60012D4 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
21:17:43.0294 0x1080  EMDMgmt - ok
21:17:43.0351 0x1080  [ BB0E86BA3336CCC7C885E1B47D9C4675, EE1C62F020CCBFAFCFADEB04D3C7D8F74A062FA3CEAD685C10BFF7B75C67CF61 ] epfwtdir        C:\Windows\system32\DRIVERS\epfwtdir.sys
21:17:43.0353 0x1080  epfwtdir - ok
21:17:43.0388 0x1080  [ BC3A58E938BB277E46BF4B3003B01ABD, 2BB054E632A96951DAB25B3BE8541AEC1B97A7739FC8D0E34BE8B9295600C8FC ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:17:43.0389 0x1080  ErrDev - ok
21:17:43.0446 0x1080  [ 6B1A97BF9FEFBDC83F3C7C7D0F826C66, A24FC3DB56021537B18634EC6975BE573AD7328E6049276D1238FB1BCB79F578 ] EventSystem     C:\Windows\system32\es.dll
21:17:43.0456 0x1080  EventSystem - ok
21:17:43.0478 0x1080  [ 2A546B9A84658B0554B1EC35CD9ADAF5, 211C7D2CCEF5F3B7DB02BD81FA034BA1329E76E26E5D36B87618DE3D7129FE95 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:17:43.0484 0x1080  exfat - ok
21:17:43.0502 0x1080  [ FE731D345ED9EEABBC72A59B35941834, 92B20565814B3182A6236DA73557D116FC15B7739DF33714E93C6F962239B6C9 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:17:43.0506 0x1080  fastfat - ok
21:17:43.0548 0x1080  [ 989A776A2FF32A148FCF15C44058B129, FD1CB55A8FA76F3BC72C9962D61A16EC003400D4F551184953C87BDAE8A0A727 ] Fax             C:\Windows\system32\fxssvc.exe
21:17:43.0567 0x1080  Fax - ok
21:17:43.0584 0x1080  [ 81B79B6DF71FA1D2C6D688D830616E39, 62F8BC0DB918A49B10A5BE1724A2E2F17FA7D8208D5D86822FACB2DCD97B3591 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:17:43.0586 0x1080  fdc - ok
21:17:43.0605 0x1080  [ BB9267ACACD8B7533DD936C34A0CBA5E, 32DE6E10ABA540D62F0D8AE30DE8769D7BF29E547838BEBE67C04183CC0B32C7 ] fdPHost         C:\Windows\system32\fdPHost.dll
21:17:43.0607 0x1080  fdPHost - ok
21:17:43.0617 0x1080  [ 300C80931EABBE1DB7591C516EFE8D0F, F031DA96B06B6FA8E0AD56D5E10E5A5882765C3FF258A4DE06A47EC34829FF04 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:17:43.0619 0x1080  FDResPub - ok
21:17:43.0639 0x1080  [ 457B7D1D533E4BD62A99AED9C7BB4C59, 3933907DE163F8D3A81ED25169B693D723296C437C7C990BFE9DEFD60F7635FD ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:17:43.0643 0x1080  FileInfo - ok
21:17:43.0660 0x1080  [ D421327FD6EFCCAF884A54C58E1B0D7F, C2F3B72EA36BA8B74A30E128C088307CA768FDBE232BFA216CD78B0F9B7AF18A ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:17:43.0662 0x1080  Filetrace - ok
21:17:43.0702 0x1080  [ 81822519C4CBCD0BD4119C10E5A5DE52, 6D311237126687B4AB76E0F189370C6D0F2EB1277259E260B438261EFC0D4602 ] FLCDLOCK        C:\Windows\SysWOW64\flcdlock.exe
21:17:43.0710 0x1080  FLCDLOCK - ok
21:17:43.0728 0x1080  [ 230923EA2B80F79B0F88D90F87B87EBD, 1F3287970FEC73011F3B675C447BF0CA35416490D4740C6960595B091181059C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:17:43.0730 0x1080  flpydisk - ok
21:17:43.0742 0x1080  [ 7DACF1A3A4219575070C6DC7C957428A, B55B98ECC29CE895E57AA017876772ECF3F2FB5EBE95E1958F61F9D13E7782EE ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:17:43.0750 0x1080  FltMgr - ok
21:17:43.0789 0x1080  [ 73D0F1D32EDAE3DCC4E84468BF910ADD, 246FB79A06A095E578E4A40B57C648D00019C6B61736EAC5ED46374EDAFCD627 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:17:43.0791 0x1080  FontCache3.0.0.0 - ok
21:17:43.0840 0x1080  [ 53DAB1791917A72738539AD25C4EED7F, 3DE667E8B894EE1A1A814AF2153901AFE2A320BDB3B2A51330D987636B1BC6BE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
21:17:43.0844 0x1080  fssfltr - ok
21:17:43.0925 0x1080  [ 45B52394F9624237F33A8A3D73C0B221, AC3E26F9D0E8A91164C54E87C9C8BFCF824A14C80D4CEF3255C6127A482F25FE ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
21:17:43.0944 0x1080  fsssvc - ok
21:17:43.0974 0x1080  [ 29D99E860A1CA0A03C6A733FDD0DA703, A5CAEFBFDD74991ECEAA068572E8FAF51BEA2CD4EB39D28EEB60D936760E3589 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:17:43.0975 0x1080  Fs_Rec - ok
21:17:44.0013 0x1080  [ C8E416668D3DC2BE3D4FE4C79224997F, 7DBC8E7687179A649638F606C9584F2E8EC2065762997CDF151F9BB99FA8D535 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:17:44.0025 0x1080  gagp30kx - ok
21:17:44.0102 0x1080  GGSAFERDriver - ok
21:17:44.0176 0x1080  [ 9E5B254D58232EC8921EC3C5A94C81ED, 99465633B61B51079C809113D8B3D1D34E1044068AECF3E9A05DAE4D619C4F9D ] gpsvc           C:\Windows\System32\gpsvc.dll
21:17:44.0189 0x1080  gpsvc - ok
21:17:44.0351 0x1080  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:44.0353 0x1080  gupdate - ok
21:17:44.0362 0x1080  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:17:44.0365 0x1080  gupdatem - ok
21:17:44.0420 0x1080  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
21:17:44.0423 0x1080  gusvc - ok
21:17:44.0490 0x1080  [ F8F0851D336C3B88DBD7232B6348E09A, BD2D98B419325663FF09B07BA8D0BA47896C4B0CE60A9C73702CCBAA3C6EF1CF ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
21:17:44.0508 0x1080  hamachi - ok
21:17:44.0541 0x1080  [ 41202372F452CB4E6D15D9DE8784BDDD, 3F71BE7BD300DB149C793909F563418697AA204F78C9DA70E69DAA89911CC447 ] HBtnKey         C:\Windows\system32\DRIVERS\cpqbttn64.sys
21:17:44.0548 0x1080  HBtnKey - ok
21:17:44.0613 0x1080  [ DF45F8142DC6DF9D18C39B3EFFBD0409, E0F04525530FF403C5A34B7E9A03CDE70B7BACE12E2E50103554E92AF374BD09 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:17:44.0634 0x1080  HdAudAddService - ok
21:17:44.0659 0x1080  [ 0C0D0F8A3FF09ECC81963D09EC6A0A84, CB5F5E81F6E149D5E65717B5F9D4C3CF52F28FD424D6DECA7116EA3F7DA92265 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:17:44.0660 0x1080  HDAudBus - ok
21:17:44.0687 0x1080  [ B4881C84A180E75B8C25DC1D726C375F, C0BEDBF43EFB0DD442A1D7985EA4A7493671648954B7D1840E30FB2FC46589A4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:17:44.0689 0x1080  HidBth - ok
21:17:44.0701 0x1080  [ 4E77A77E2C986E8F88F996BB3E1AD829, 1748676EB038A145405080B829DF4156C2596691BE5C67FD8269BE8D9351B400 ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:17:44.0703 0x1080  HidIr - ok
21:17:44.0729 0x1080  [ 0AA154538544E988429DA2D5AA803A6C, 72FA9D73CCCEDA49743FD932D2E941CC629634FF472323BACBAA0A4107434551 ] hidserv         C:\Windows\system32\hidserv.dll
21:17:44.0731 0x1080  hidserv - ok
21:17:44.0760 0x1080  [ 59A7B5E13356C20D67983868242167C5, D8618B0B91B1D2A254FF6AD325296726CA62084544FD458B976B137C209F4DB3 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:17:44.0761 0x1080  HidUsb - ok
21:17:44.0776 0x1080  [ B12F367EA39C0795FD57E31242CE1A5A, 498439FE4D1217211EB6C1AC35CDA5D59F3AE8F06AF5E41EE9FDB0DC559FBE27 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:17:44.0779 0x1080  hkmsvc - ok
21:17:44.0829 0x1080  [ 89F9E1984C1CD9E5F4FE39642D886E11, 5663B9081D469B67A08EB0292DCF41C92150D78C30D2989DF0C9779A67C5544E ] HP Health Check Service c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
21:17:44.0832 0x1080  HP Health Check Service - ok
21:17:44.0860 0x1080  [ D7109A1E6BD2DFDBCBA72A6BC626A13B, 6141B6645F4152A326ECA8AD0DD04CB38C9EDA395BDF6FF260AB17CB86FC4C87 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
21:17:44.0863 0x1080  HpCISSs - ok
21:17:44.0884 0x1080  [ 2F396EF793ACF48AD9D2E1F885FC2752, 0271CD866F1EDBC51CEA695124787CFF679169C9DB1D876457D5A5B9F0CAC70B ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
21:17:44.0887 0x1080  hpdskflt - ok
21:17:44.0899 0x1080  [ 0ECC54FD34D6A089C300846B011E81D6, 7C3F04575370912D0DB048B386D018C9F81786E4458FEFE79C19182CFA6386C0 ] HpqKbFiltr      C:\Windows\system32\DRIVERS\HpqKbFiltr.sys
21:17:44.0901 0x1080  HpqKbFiltr - ok
21:17:44.0928 0x1080  [ 1665C7121A026DF10C903DB9BC5E9D43, D96189406774842923BC420C4AF33FA81C83B815E14CE7C444F9CCF545971B7E ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:17:44.0932 0x1080  hpqwmiex - ok
21:17:44.0962 0x1080  [ 9EDBF245161654724C8D0AAF2B477809, 36355497F9EB180E3A9EDE65B098236279E1BFA60F6929F92CEC4825B5F83CB0 ] hpsrv           C:\Windows\system32\Hpservice.exe
21:17:44.0964 0x1080  hpsrv - ok
21:17:45.0017 0x1080  [ E690736DA6C543F5D99C8FA27BEA31DB, 2CDD9D548907D28D2E4C25CD3AE48AD0C7B5276A3EF3707B591E374ED8C002F1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:17:45.0037 0x1080  HTTP - ok
21:17:45.0069 0x1080  [ DA94C854CEA5FAC549D4E1F6E88349E8, 10BEB47DB90F55BD1792C2041E49ED13E4E52BCC11BE6599F6DA8D91B79CC8D1 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
21:17:45.0072 0x1080  i2omp - ok
21:17:45.0101 0x1080  [ CBB597659A2713CE0C9CC20C88C7591F, A2BAC75F7247D871842A32EAA7594D338E728D1BFEAEA3C1FCDBF65F007BC06A ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:17:45.0104 0x1080  i8042prt - ok
21:17:45.0166 0x1080  [ 96D36B2CF37308E5BAE3E2993493C330, 860B159C05C93CCA993A4002456A8F96B385ACBD4FADCFBB752E97BF794148E3 ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:17:45.0174 0x1080  IAANTMON - ok
21:17:45.0213 0x1080  [ A5AFC75C01044C0DDA0231C4E26C15A0, 9426F1C24B20E4EEA8E795A3AE49BE27704062FA64314342D82BCE5C6BE65CAE ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:17:45.0220 0x1080  iaStor - ok
21:17:45.0243 0x1080  [ 3E3BF3627D886736D0B4E90054F929F6, 95A138B65DC9133E92F53A529C7AD897D8823EFAED343756549FDF6C8C749CD0 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
21:17:45.0252 0x1080  iaStorV - ok
21:17:45.0309 0x1080  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:17:45.0313 0x1080  IDriverT - ok
21:17:45.0385 0x1080  [ 76EA63CDB2D88DAE7209691D089BEF1D, B7C14DA4346FE3B3CBCC2C5FA8DE76E1E3E23907AEED850E367CD5D1F24DBF48 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:17:45.0407 0x1080  idsvc - ok
21:17:45.0421 0x1080  [ 8C3951AD2FE886EF76C7B5027C3125D3, 85CF7231756E02BD9E5F4378F3FC794394A072B8028F27827F83ACE9EE554499 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:17:45.0423 0x1080  iirsp - ok
21:17:45.0456 0x1080  [ 3A3B232140C33376E134E7B61A0EAA44, 8F4605216DC2F792C0EC01A1FD60A863021E400DB80854EB022CA2CF50A1F706 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:17:45.0469 0x1080  IKEEXT - ok
21:17:45.0493 0x1080  [ DF797A12176F11B2D301C5B234BB200E, 384343636B21CA7EDF28EFD1B6728EAB1508CA49CE48FF3DC0D91DB843C0C73E ] intelide        C:\Windows\system32\drivers\intelide.sys
21:17:45.0495 0x1080  intelide - ok
21:17:45.0513 0x1080  [ BFD84AF32FA1BAD6231C4585CB469630, 33E0842F2D0879B02C115301174FCB19ED3AAF7B1B8E6284839CE16DE56476EA ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:17:45.0515 0x1080  intelppm - ok
21:17:45.0525 0x1080  [ 5624BC1BC5EEB49C0AB76A8114F05EA3, BD5AA534D8A923AF4D205EEC6DA55A3DC5F915E5F3223BF23F24C09824FA90B6 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:17:45.0528 0x1080  IPBusEnum - ok
21:17:45.0551 0x1080  [ 99B821F5BEBD6A3CC3FE564F802AE0FD, ACBD24DF39544B3562E6C80448540DBF9B695F90990CEBBF0C00065B511501D6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:17:45.0555 0x1080  IpFilterDriver - ok
21:17:45.0596 0x1080  [ 3A0427F35E7F8C16BBC5B1BE32B8DE76, 847D45256628086BE984DD508749ABC6945CC4E750FDC2DE1544E72D8D6056EE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:17:45.0601 0x1080  iphlpsvc - ok
21:17:45.0617 0x1080  IpInIp - ok
21:17:45.0635 0x1080  [ 9C2EE2E6E5A7203BFAE15C299475EC67, E51628ECAB9CCCBCE02801C5E71406487A280765FEE318D14B0C227141B87658 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
21:17:45.0639 0x1080  IPMIDRV - ok
21:17:45.0661 0x1080  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE, C29D7F392116BB09F7047A90702331F200DACFB3C94E7F912932971E0B7F0413 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
21:17:45.0665 0x1080  IPNAT - ok
21:17:45.0681 0x1080  [ 8C42CA155343A2F11D29FECA67FAA88D, 699F06D25C5F270CE1194F4D350CB0BE22C6AB609EECF35D066C034AC380BEE3 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:17:45.0683 0x1080  IRENUM - ok
21:17:45.0695 0x1080  [ 0672BFCEDC6FC468A2B0500D81437F4F, A0322B569C309F258684AFECCD52924A33F363186261730469245B7FA357C645 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:17:45.0697 0x1080  isapnp - ok
21:17:45.0736 0x1080  [ 49E4CCBF74783FCE5D2CC1FF6480E1F4, 1685841CD3F64415D7E3DDE6AC4E1D9F21E420089485F23E970CE5C8C2D929F0 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
21:17:45.0741 0x1080  iScsiPrt - ok
21:17:45.0760 0x1080  [ 63C766CDC609FF8206CB447A65ABBA4A, D9CA006FA852C95E90E8A0837E296FCBFD76246DA8AFDE563863D5F95BDFEC52 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
21:17:45.0763 0x1080  iteatapi - ok
21:17:45.0775 0x1080  [ 1281FE73B17664631D12F643CBEA3F59, B27571A0348CDF81DC102A61712CBA9A4AF7AC0015A7702B0DE73AD4E4646853 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
21:17:45.0777 0x1080  iteraid - ok
21:17:45.0791 0x1080  [ 423696F3BA6472DD17699209B933BC26, 00C2EAA1A8E9D422D178B7678598743234930C1858D76C632F079EF789BB56C3 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:17:45.0793 0x1080  kbdclass - ok
21:17:45.0802 0x1080  [ BF8783A5066CFECF45095459E8010FA7, 90845E1A154189258B2754C4FF8E6732AA462FF3777E8DFBAF8246C7C5B2740D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:17:45.0804 0x1080  kbdhid - ok
21:17:45.0827 0x1080  [ 80F4593E92FF960E4763380D3168E498, 56FF903E5569B7FDD4E6CF1722299BC3C90C84AD9358982109C7634C0DE01B25 ] KeyIso          C:\Windows\system32\lsass.exe
21:17:45.0828 0x1080  KeyIso - ok
21:17:45.0871 0x1080  [ CCDCCE6224E1E207E953AF826B98A9D9, E255A21DE2FCB4F89EC694B1A1855119F6D4BDA88CDA358F7A88EEFDE399E048 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:17:45.0887 0x1080  KSecDD - ok
21:17:45.0893 0x1080  [ 1D419CF43DB29396ECD7113D129D94EB, 21ECCE9D17F055C7B5066110864E10C99291CE50B389C545371333904CE2DBB5 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:17:45.0895 0x1080  ksthunk - ok
21:17:45.0938 0x1080  [ 1FAF6926F3416D3DA05C5B265491BDAE, 3989E18522691CC3820092033E00ED39D08861DFB369AA0DFFF4B379E48EA1F0 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:17:45.0947 0x1080  KtmRm - ok
21:17:46.0016 0x1080  [ 3F27C9CDAE606D74431E3AB39571A7F3, 13DE6CF1E04C3B07A6986DD143B0662110A917D72CA93669006927321663E9D2 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:17:46.0022 0x1080  LanmanServer - ok
21:17:46.0062 0x1080  [ 6E25FFC6FEAD6544C6E9F1D23329570C, CE9CBE5401AE805E678882ACEFAAF86044E68E04D5FA833DC3246F6E306217D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:17:46.0069 0x1080  LanmanWorkstation - ok
21:17:46.0111 0x1080  [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
21:17:46.0113 0x1080  LightScribeService - ok
21:17:46.0135 0x1080  [ 96ECE2659B6654C10A0C310AE3A6D02C, 3322E87B9F64C3ACBCB634F2390AAB212FA7695383BF01F0092A803871BF19B2 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:17:46.0143 0x1080  lltdio - ok
21:17:46.0265 0x1080  [ 961CCBD0B1CCB5675D64976FAE37D092, 258378BE76A13E4368C9587E6A22727721E4B267B0D26D3D3E333B3B2A5A0611 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:17:46.0293 0x1080  lltdsvc - ok
21:17:46.0302 0x1080  [ A47F8080CACC23C91FE823AD19AA5612, 161575406D158D6D5C9220F1E82C0CC19108C74ADC35C509BAF9B0C414EFD8EE ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:17:46.0304 0x1080  lmhosts - ok
21:17:46.0327 0x1080  [ ACBE1AF32D3123E330A07BFBC5EC4A9B, 0E17E4DD30B5AF8F269EF8EA003836C9E16273262A050B9BE3ED802DD3AC9319 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:17:46.0332 0x1080  LSI_FC - ok
21:17:46.0350 0x1080  [ 799FFB2FC4729FA46D2157C0065B3525, AB462A34D061C113DA12641C45159A58D0AEA1C440233D061A20DF99586CFA93 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:17:46.0354 0x1080  LSI_SAS - ok
21:17:46.0367 0x1080  [ F445FF1DAAD8A226366BFAF42551226B, 92B63E15363F1EAE8A54D4E74ED21669D0A9FE99C654671556C58456228278B1 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:17:46.0371 0x1080  LSI_SCSI - ok
21:17:46.0393 0x1080  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E, 2EB22DD418D4934BDD22C5DB49D5D06178EC0419AB5CC28DD544CA91823987B0 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:17:46.0396 0x1080  luafv - ok
21:17:46.0509 0x1080  [ 49F5B235EDC9C6AC0ABA44737B190317, 096D8D583ED024F1B3AD30DD5EBA38B1FEE518166E157C0E3890D80687181F60 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
21:17:46.0516 0x1080  McComponentHostService - ok
21:17:46.0572 0x1080  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
21:17:46.0580 0x1080  MDM - ok
21:17:46.0612 0x1080  [ 5C5CD6AACED32FB26C3FB34B3DCF972F, 34A66C21FA79800D3CDE933CFA71343218F94D67AAE763EA0B53AC49060CB6D0 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:17:46.0615 0x1080  megasas - ok
21:17:46.0669 0x1080  [ 859BC2436B076C77C159ED694ACFE8F8, 4AEA57A8B9EACEC1B8DED3ECC95621C56E6D65CFE2DA9F07DAF7C7BAD132B624 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
21:17:46.0682 0x1080  MegaSR - ok
21:17:46.0760 0x1080  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
21:17:46.0763 0x1080  Microsoft Office Groove Audit Service - ok
21:17:46.0788 0x1080  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] MMCSS           C:\Windows\system32\mmcss.dll
21:17:46.0791 0x1080  MMCSS - ok
21:17:46.0810 0x1080  [ 59848D5CC74606F0EE7557983BB73C2E, EA6ACF0619DE1E4272AEDC69F2E66E29DA499E8E8094243C9EF735FD8369229D ] Modem           C:\Windows\system32\drivers\modem.sys
21:17:46.0811 0x1080  Modem - ok
21:17:46.0824 0x1080  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5, 357811D1B8F70828F6432879F59DAB916FBB55673B3473D879382DE33CFB3FAF ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:17:46.0825 0x1080  monitor - ok
21:17:46.0834 0x1080  [ 9367304E5E412B120CF5F4EA14E4E4F1, F87EBACEE27A50E6610FDCB4BD3001C35A99FEE6D63D643FF2CBF0D484CD082C ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:17:46.0839 0x1080  mouclass - ok
21:17:46.0853 0x1080  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69, B77E4A7511923E7BD35A177A40B4E461AC9CB050D6F0575D4799DEF85DA6DA38 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:17:46.0855 0x1080  mouhid - ok
21:17:46.0870 0x1080  [ 11BC9B1E8801B01F7F6ADB9EAD30019B, 1BAF820C0AB1B70A114E767B2155A58BF86CD0D9CF582813C1635A86BE3A7A05 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
21:17:46.0873 0x1080  MountMgr - ok
21:17:46.0940 0x1080  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:17:46.0945 0x1080  MozillaMaintenance - ok
21:17:46.0967 0x1080  [ F8276EB8698142884498A528DFEA8478, C0FF504F721F1D00F42CFE783D4F32C6728518F64646F5C5C11BA3A4824815BB ] mpio            C:\Windows\system32\drivers\mpio.sys
21:17:46.0971 0x1080  mpio - ok
21:17:46.0990 0x1080  [ C92B9ABDB65A5991E00C28F13491DBA2, D1233381A9E4262F0AB396BBDB7DE402D4370805E11EB8A118C846F6E9474098 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:17:46.0993 0x1080  mpsdrv - ok
21:17:47.0031 0x1080  [ 8A670648C755867A3AA38DA50BA569AA, 8CB16EA50DCA5F9C294AC85DE7D2CB7F4B6B5016C1F878BC864D83F2ADF4F423 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:17:47.0049 0x1080  MpsSvc - ok
21:17:47.0064 0x1080  [ 3C200630A89EF2C0864D515B7A75802E, AA4A312E7A28FCE7A944747BADB809CAAD3D67899EBBE663D473621DB25B140A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
21:17:47.0066 0x1080  Mraid35x - ok
21:17:47.0093 0x1080  [ FE2706C15F8345C342820E4E4583FEA0, EA954064272D65E5BDAA66772D35D1BE8985A0ABDA0E09857F8F522BEC37EE70 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:17:47.0098 0x1080  MRxDAV - ok
21:17:47.0150 0x1080  [ B698EB9ACC7ECD4927D99D268918F912, CAC3BDD8EB81725D46AA3A0C3DE70C803ABA7EBA1B2CBA202203730DC191C4B2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:17:47.0155 0x1080  mrxsmb - ok
21:17:47.0197 0x1080  [ 9A797E27FD28500EE13D43000C931435, 4D1956F106529CB003009247FF82A679D8DECD117B413554F71EE267E8D2F670 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:17:47.0205 0x1080  mrxsmb10 - ok
21:17:47.0230 0x1080  [ F9425D610712533107A264E2D5B2154B, DF00BA3E8B0D6A8601A7A65E5FB4FA6AF1BFB20CB1075AA4930D5ED25B724375 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:17:47.0234 0x1080  mrxsmb20 - ok
21:17:47.0262 0x1080  [ 1AC860612B85D8E85EE257D372E39F4D, 74682CCE44BCEE31BCA286D4F4E53B64CAAE244155F2B4C8FEB6AE7C391CA89D ] msahci          C:\Windows\system32\drivers\msahci.sys
21:17:47.0264 0x1080  msahci - ok
21:17:47.0282 0x1080  [ 264BBB4AAF312A485F0E44B65A6B7202, 1DF36540C77D5D885B6C2EE91F0446864D8E6D6CFED87A9ED0765E76FE05E102 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:17:47.0287 0x1080  msdsm - ok
21:17:47.0318 0x1080  [ 7EC02CE772F068ED0BEAFA3DA341A9BC, 3B5B4EA0BF1D1E57F4DF74A569304A5EE41821F5E2F352760B8C9CA82C6D8292 ] MSDTC           C:\Windows\System32\msdtc.exe
21:17:47.0323 0x1080  MSDTC - ok
21:17:47.0338 0x1080  [ 704F59BFC4512D2BB0146AEC31B10A7C, F7712944DDC192C47953D577BE31B79B4D11217305B1C3D0DCA31B1518CB8DCB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:17:47.0340 0x1080  Msfs - ok
21:17:47.0345 0x1080  [ 00EBC952961664780D43DCA157E79B27, 4F8F5718D8574A128E0F6CD54C9BE59A93A7638A5689A8FF68D0C81D3E67808F ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:17:47.0346 0x1080  msisadrv - ok
21:17:47.0381 0x1080  [ 366B0C1F4478B519C181E37D43DCDA32, A98E2BC397FAD7D90653F55AC283CACAE7465D7F10A198D715046B1D896AF246 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:17:47.0387 0x1080  MSiSCSI - ok
21:17:47.0401 0x1080  msiserver - ok
21:17:47.0417 0x1080  [ 0EA73E498F53B96D83DBFCA074AD4CF8, E3DDE34FCFF272E06CD8DA836F8D79E2515885715D4A7CD7BF8D97D7A4E0E781 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:17:47.0418 0x1080  MSKSSRV - ok
21:17:47.0433 0x1080  [ 52E59B7E992A58E740AA63F57EDBAE8B, A89F607B330BA1F42CA9FF01EF289BBD088350CF376568E58CB9865F1DA6CD72 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:17:47.0435 0x1080  MSPCLOCK - ok
21:17:47.0454 0x1080  [ 49084A75BAE043AE02D5B44D02991BB2, 4CD2692D191035CE9D18F4D21F054FF8C3F9CF2734464EA33EAB480A28AD447F ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:17:47.0456 0x1080  MSPQM - ok
21:17:47.0492 0x1080  [ B8E32E6103FBBA9FBB1D0C11FF0D13B5, A12F218C6B0AFE3CB6E3B5925CFF7FB586946924FA22F4D0478588F1B5CED53A ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:17:47.0501 0x1080  MsRPC - ok
21:17:47.0518 0x1080  [ 855796E59DF77EA93AF46F20155BF55B, 75DFCEE16A9D94EDF74295B9686D92552817E8A00958917CB0E17089EDCF6A97 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:17:47.0519 0x1080  mssmbios - ok
21:17:47.0536 0x1080  [ 86D632D75D05D5B7C7C043FA3564AE86, 96911FBC106B91E76598EE110B5147D4C55E42C9194E857F866B6B395E78D2CB ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:17:47.0537 0x1080  MSTEE - ok
21:17:47.0544 0x1080  [ DDF133501F68D6988A0F55DFA88637B4, 172CDD021E1EBB519168986021EB8129F9D9DF5DE658534C1D4FBDAF22D8B2E8 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:17:47.0547 0x1080  Mup - ok
21:17:47.0574 0x1080  [ C25022CDD18980846973B598900915F8, 43372D206BD98FFBA817551E6D66C8568314636FC0826476F2A706C1F6AFA6CF ] napagent        C:\Windows\system32\qagentRT.dll
21:17:47.0584 0x1080  napagent - ok
21:17:47.0616 0x1080  [ 73B99C98FA3A2ED1566E02D6FE1913A5, 573EF5FF593C9DC91B1586C693E0D9BD956061401D7BF56ECDBE73EF42234738 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:17:47.0623 0x1080  NativeWifiP - ok
21:17:47.0674 0x1080  [ F9A3AE5C9F047D71A36A99F9ABCA7D02, 1F804D9BFB903E7BEE232826AAF5C17CED0E4D010F3754590A009776CC647968 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:17:47.0694 0x1080  NDIS - ok
21:17:47.0719 0x1080  [ 64DF698A425478E321981431AC171334, C43177CB60F5D58E1FF7A31E9BE5DA7D92C4B25235867DD65BADC069EDF023F3 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:17:47.0721 0x1080  NdisTapi - ok
21:17:47.0728 0x1080  [ 8BAA43196D7B5BB972C9A6B2BBF61A19, 8AFFB26F6E8CF67F562818BBFE12FB448E4FCDF9B68858B625681565DE30DDC1 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:17:47.0730 0x1080  Ndisuio - ok
21:17:47.0750 0x1080  [ 52E3E8E35101399BE9B2938C992AA087, FF71F48DFDEC95C7C57C2CBE2B2B94588683ADFC17B7702CFE49056B0A95A2AD ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:17:47.0756 0x1080  NdisWan - ok
21:17:47.0769 0x1080  [ 9CB77ED7CB72850253E973A2D6AFDF49, C3C15B317A7F7AE68B7BC62343962C47F075240F252727811DB4BEE443F9103F ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:17:47.0772 0x1080  NDProxy - ok
21:17:47.0782 0x1080  [ A499294F5029A7862ADC115BDA7371CE, 6BE0AAFE4EB59E056A929D6C1A009D8DFD547025481108CEFB12E5D6F86DBE14 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:17:47.0785 0x1080  NetBIOS - ok
21:17:47.0805 0x1080  [ 7A29CA243A629230799754162D80120F, 6856641397B5264EE0E35CBF77AD5B4A052D52B25DCC8757AAD9C0FAC7A4067E ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
21:17:47.0813 0x1080  netbt - ok
21:17:47.0835 0x1080  [ 80F4593E92FF960E4763380D3168E498, 56FF903E5569B7FDD4E6CF1722299BC3C90C84AD9358982109C7634C0DE01B25 ] Netlogon        C:\Windows\system32\lsass.exe
21:17:47.0836 0x1080  Netlogon - ok
21:17:47.0872 0x1080  [ 9B63B29DEFC0F3115A559D2597BF5D75, 297319D3F2E97CB34464EA59D8FD96AC2B8B1A4F2AEE666937F16A041128021F ] Netman          C:\Windows\System32\netman.dll
21:17:47.0881 0x1080  Netman - ok
21:17:47.0910 0x1080  [ 7846D0136CC2B264926A73047BA7688A, 6F56CC1B17095C378D98B58A92F9EDA2D009529DDB6F60E815D85C7606C8EDC0 ] netprofm        C:\Windows\System32\netprofm.dll
21:17:47.0918 0x1080  netprofm - ok
21:17:47.0950 0x1080  [ B84613B469B98E09F50A748C1D02E132, E448841E7C4994196AE7487D13A9217669BFCF7619A08A21476C676A547B8ADE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:17:47.0952 0x1080  NetTcpPortSharing - ok
21:17:48.0109 0x1080  [ 2BDCB7B7917380794C9D87AC2153CE33, F190B59DDEAE676589D197CF31942EF891CAACA3033353416BC08FEA665F01AA ] NETw5v64        C:\Windows\system32\DRIVERS\NETw5v64.sys
21:17:48.0227 0x1080  NETw5v64 - ok
21:17:48.0268 0x1080  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7, 8D7DE921E14BAF09D7E2704CFB2FB1C8A78A46DAF86CDF7A347C5D113A8C110B ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:17:48.0271 0x1080  nfrd960 - ok
21:17:48.0304 0x1080  [ F145BF4C4668E7E312069F81EF847CFC, C4926EFB41FE2813E90D83456C6CB8F3157D835391B443C7E26168F4E1D67DC7 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:17:48.0310 0x1080  NlaSvc - ok
21:17:48.0313 0x1080  npf - ok
21:17:48.0323 0x1080  [ B06154E2A2C91E9BE5599FCA53BC4CD0, 7D4DDF1B7C1A8B08231DB9A005CB83E5FBB9681FD35B12C29BA1C9DCA8A5678C ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:17:48.0326 0x1080  Npfs - ok
21:17:48.0333 0x1080  [ ACB62BAA1C319B17752553DF3026EEEB, 5A309DF390A097245250BB64AD5F8575BECA601E0A122DDCB494C67D3D9EA089 ] nsi             C:\Windows\system32\nsisvc.dll
21:17:48.0335 0x1080  nsi - ok
21:17:48.0343 0x1080  [ 1523AF19EE8B030BA682F7A53537EAEB, B000630CE4B562D39B5EE4148409B2E01D8924D33D27607B24ADC901357E7AA5 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:17:48.0345 0x1080  nsiproxy - ok
21:17:48.0419 0x1080  [ FE86BA5AC3B50E2CA911E9C60C07B638, 8C5E8FDA50C91A6B45DDA7D7BA70B28EDE48259E358E4F59AF9C3ABCD9396FB6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:17:48.0463 0x1080  Ntfs - ok
21:17:48.0469 0x1080  [ DD5D684975352B85B52E3FD5347C20CB, BB03C50D5178643550C024130E20FD9A023AE110B3C85A2D6E18FB8DBB3A12E4 ] Null            C:\Windows\system32\drivers\Null.sys
21:17:48.0471 0x1080  Null - ok
21:17:48.0497 0x1080  [ 2C040B7ADA5B06F6FACADAC8514AA034, EF32F7C411090230ED1D95B2D01E8464DCC89D72EFD94BBC8DF6856D00B1A783 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:17:48.0501 0x1080  nvraid - ok
21:17:48.0521 0x1080  [ F7EA0FE82842D05EDA3EFDD376DBFDBA, 0ED0543A5331C0D8BBFD1BE3174482ED1B3EE70CA41CE8CE5C81977C37B3D129 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:17:48.0523 0x1080  nvstor - ok
21:17:48.0542 0x1080  [ 19067CA93075EF4823E3938A686F532F, 81339372E90CE9E2594461146A82B62452CF9DB3FF53381D30F6922059EDCF99 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:17:48.0547 0x1080  nv_agp - ok
21:17:48.0550 0x1080  NwlnkFlt - ok
21:17:48.0553 0x1080  NwlnkFwd - ok
21:17:48.0649 0x1080  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:17:48.0660 0x1080  odserv - ok
21:17:48.0695 0x1080  [ 1B30103FDE512915A9214B108B6E7A9C, C572D3DCB2058A0619D165D4EFC389AFB6C93CDD70D80C29ED34C6397C88356B ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
21:17:48.0698 0x1080  ohci1394 - ok
21:17:48.0735 0x1080  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:17:48.0738 0x1080  ose - ok
21:17:48.0803 0x1080  [ 430F35C5592D253F43A26B4F5A523DBF, 0FE1E4BDBFF3DE8B363521C41D8EC56BD4504C129B155ED95731D43DA125B9BB ] p2pimsvc        C:\Windows\system32\p2psvc.dll
21:17:48.0827 0x1080  p2pimsvc - ok
21:17:48.0852 0x1080  [ 430F35C5592D253F43A26B4F5A523DBF, 0FE1E4BDBFF3DE8B363521C41D8EC56BD4504C129B155ED95731D43DA125B9BB ] p2psvc          C:\Windows\system32\p2psvc.dll
21:17:48.0868 0x1080  p2psvc - ok
21:17:48.0900 0x1080  [ 4C6A7FD04DDF4DB88791048382E3EDB1, 0F3827F8C41549C4B41A688ED78B8EE27EBBF5F907595481D37C635D2583DBA6 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:17:48.0904 0x1080  Parport - ok
21:17:48.0948 0x1080  [ 5AB40C36894F4C06BDAB0C9A2FBA282D, AD3F5BC00EC03250F103BB854DD94A98D2F1BE283C1C985B4E8DDB6D56B9BC15 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:17:48.0951 0x1080  partmgr - ok
21:17:48.0955 0x1080  PBUS - ok
21:17:48.0971 0x1080  [ 9AB157B374192FF276C1628FBDBA2B0E, E63E2EE1ABEEC5234F4F1318757EDB4A7567057B1DF1A2414C8698D47062B6AC ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:17:48.0975 0x1080  PcaSvc - ok
21:17:48.0999 0x1080  [ 2A5B2A51559066EA84742909B5B2CD69, 62ACE27DD439D28FA0FA9A701443A25EDF9BC390BBB25332FC04BF3377795053 ] pci             C:\Windows\system32\drivers\pci.sys
21:17:49.0005 0x1080  pci - ok
21:17:49.0029 0x1080  [ 8D618C829034479985A9ED56106CC732, 9F3773A5184064092920FA2C88CCF5BFE44C63573B443E67230C4F596B7884C2 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:17:49.0031 0x1080  pciide - ok
21:17:49.0053 0x1080  [ A2D6B9C3F532BAA27CB0C158D8EF4DA6, 87983C2428E1C41FC9B11779A5589C853F1FB5F0CEFFB53AFE7ECAB3461568D2 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:17:49.0061 0x1080  pcmcia - ok
21:17:49.0087 0x1080  pdfcDispatcher - ok
21:17:49.0115 0x1080  [ 58865916F53592A61549B04941BFD80D, 3511AF2EFD06636E144C36ECA8C7AA1A33C269EDB10A6D879AA25D9E11359AA9 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:17:49.0137 0x1080  PEAUTH - ok
21:17:49.0190 0x1080  [ 0ED8727EA0172860F47258456C06CAEA, 3CDAA1044E412EC4303CEABD36A8C7BADA2D6C6692E09B8FE440709E3F4F0166 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:17:49.0191 0x1080  PerfHost - ok
21:17:49.0265 0x1080  [ 4E87EF38A053F02E454935C8440EC91A, 1EC83AA741EDF4899B73E395C2C3AD92242F5580C5FFDCFD9FEBA0D3330A1D31 ] pgsql-8.3       C:\Program Files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe
21:17:49.0267 0x1080  pgsql-8.3 - ok
21:17:49.0333 0x1080  [ E9E68C1A0F25CF4A7AC966EEA74EE89E, 6C6903A856C29AD690FDA1B74ADB2222C3453FBE2B364245FA61D53C77C586C0 ] pla             C:\Windows\system32\pla.dll
21:17:49.0370 0x1080  pla - ok
21:17:49.0400 0x1080  [ 5AAA0C5534B05ED49919FCD9DBD11A5B, E12044443B0495274D422A851878CC96CAA3C37EA9D4F7C500BE45DFF1060FAA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:17:49.0408 0x1080  PlugPlay - ok
21:17:49.0461 0x1080  [ 430F35C5592D253F43A26B4F5A523DBF, 0FE1E4BDBFF3DE8B363521C41D8EC56BD4504C129B155ED95731D43DA125B9BB ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
21:17:49.0476 0x1080  PNRPAutoReg - ok
21:17:49.0501 0x1080  [ 430F35C5592D253F43A26B4F5A523DBF, 0FE1E4BDBFF3DE8B363521C41D8EC56BD4504C129B155ED95731D43DA125B9BB ] PNRPsvc         C:\Windows\system32\p2psvc.dll
21:17:49.0517 0x1080  PNRPsvc - ok
21:17:49.0561 0x1080  [ EEF3688D5E9592CBBBED00DE71DDA1EF, 548DACC5FD01ED948723252E32D658C3E5A318546E3AA2D69710D7969D8E0D0D ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:17:49.0575 0x1080  PolicyAgent - ok
21:17:49.0607 0x1080  [ F5739F2C6DB2534C384AD5150808E8F5, CCA899B2D3477219E1424A7162AEF367AD9B8FF88E4782DAC6C74EC70247C552 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:17:49.0611 0x1080  PptpMiniport - ok
21:17:49.0630 0x1080  [ 5080E59ECEE0BC923F14018803AA7A01, 2E201511821AECCF056962399AFA3533ED765A3E7FD30E7B38A6D13837367E69 ] Processor       C:\Windows\system32\drivers\processr.sys
21:17:49.0632 0x1080  Processor - ok
21:17:49.0660 0x1080  [ B21FE10DAD3AB59E78DF7AA3FBF41E70, 11CFACDEDE7FB6FA100E4611CAC32AFDCA556D4BDF674943695FACC44E11EA2C ] ProfSvc         C:\Windows\system32\profsvc.dll
21:17:49.0665 0x1080  ProfSvc - ok
21:17:49.0676 0x1080  [ 80F4593E92FF960E4763380D3168E498, 56FF903E5569B7FDD4E6CF1722299BC3C90C84AD9358982109C7634C0DE01B25 ] ProtectedStorage C:\Windows\system32\lsass.exe
21:17:49.0678 0x1080  ProtectedStorage - ok
21:17:49.0716 0x1080  [ 0E0E205A296095FE4C631E6A4775AD6C, E2F607880C34246595774FE7888F7211B6BDF2A20498154C547713B090A38769 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
21:17:49.0719 0x1080  PSched - ok
21:17:49.0796 0x1080  [ 0B83F4E681062F3839BE2EC1D98FD94A, 47E1B8014C59981693F5544872AF00383528AAEF0C6FE9AE8C45A6359EFB067D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:17:49.0830 0x1080  ql2300 - ok
21:17:49.0861 0x1080  [ E1C80F8D4D1E39EF9595809C1369BF2A, 5C18F8366049C690FC8AA4A992AA0765A6607F72E0EF889A5F3757E59FB1C143 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:17:49.0866 0x1080  ql40xx - ok
21:17:49.0888 0x1080  [ 90574842C3DA781E279061A3EFF91F07, F87DE7355DAA4FACF2126A0427C08BAAD9E647E0B02EE5447746BE969B28DA8D ] QWAVE           C:\Windows\system32\qwave.dll
21:17:49.0896 0x1080  QWAVE - ok
21:17:49.0913 0x1080  [ E8D76EDAB77EC9C634C27B8EAC33ADC5, 171A3C5D5C3C5845C3BF9A4BCD88E744B025C910AC2F528D0E7D66F173FF0BED ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:17:49.0915 0x1080  QWAVEdrv - ok
21:17:49.0926 0x1080  [ 1013B3B663A56D3DDD784F581C1BD005, 36B83F234C2D6A6112BC8B5EF0AB5075EE98AC0BED702C37E4C1C3D17EB49956 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:17:49.0928 0x1080  RasAcd - ok
21:17:49.0976 0x1080  [ B2AE18F847D07F0044404DDF7CB04497, 24B1D5E1D0621160640264656E3D447C611DEE1B0EE308971EF85F0AC3D9F7DD ] RasAuto         C:\Windows\System32\rasauto.dll
21:17:49.0979 0x1080  RasAuto - ok
21:17:49.0995 0x1080  [ 3B9085F91EF00ABD15A6F36570E90E12, 9FE715633828ECED7D9BA050F212AA2AE305023CB9ECF86E5C4029D2906F953B ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:17:49.0999 0x1080  Rasl2tp - ok
21:17:50.0019 0x1080  [ 2A63D46B01685FD4BE9778CA3C231C2D, 5FE84104BBACE5BBC22AC6A30B67E1E707383E0B17AD1D27C11FE9B9E6B0F192 ] RasMan          C:\Windows\System32\rasmans.dll
21:17:50.0026 0x1080  RasMan - ok
21:17:50.0049 0x1080  [ 2CE1703C27196094FB6E4C6E439F2C21, CA15FC617DA68697BE06E9262D5D1291211C9BAC125BAC4842A740D88627B283 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:17:50.0051 0x1080  RasPppoe - ok
21:17:50.0080 0x1080  [ FCD04FA67E8B40FA0AD361DD38593942, 380292419783FA5B8BEE0CEF66CED3B5CF740FF41F50902FA99611367C0533BE ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:17:50.0083 0x1080  RasSstp - ok
21:17:50.0099 0x1080  [ 33FA5B6136D92EE0F53F021C79091300, BEF7E6D07ACF2011D512B267FAED0D9F5165DA5F7DA646396523DEFDF0C21E18 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:17:50.0108 0x1080  rdbss - ok
21:17:50.0112 0x1080  [ 603900CC05F6BE65CCBF373800AF3716, 83B010D51D1087673CF15FD0A992FD91CC910A073FEA9A8F20F6124B6E5489F2 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:17:50.0113 0x1080  RDPCDD - ok
21:17:50.0132 0x1080  [ C045D1FB111C28DF0D1BE8D4BDA22C06, 572986C93B982387EE94797A1EDE1C6C444B0F1078AC8201099452BFA021458F ] rdpdr           C:\Windows\system32\DRIVERS\rdpdr.sys
21:17:50.0141 0x1080  rdpdr - ok
21:17:50.0154 0x1080  [ CAB9421DAF3D97B33D0D055858E2C3AB, 66C353CD310A91FAB0D0871ACCE71110595B63536560D0331DA70B1E33AC45BE ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:17:50.0155 0x1080  RDPENCDD - ok
21:17:50.0183 0x1080  [ 7747082F672AA2846235C9CEA42E2E72, F675464466311DEE6B4EC07B4F734120DEAF4CA32AD6BB02D3C1D4C7D3CBE710 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:17:50.0190 0x1080  RDPWD - ok
21:17:50.0210 0x1080  [ C612B9557DA73F70D41F8A6FBC8E5344, D7D11F202066F848FBD3F26D9FF915C7F3D68F30631393B2049F3AC5A40FD108 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:17:50.0214 0x1080  RemoteAccess - ok
21:17:50.0238 0x1080  [ 416C611369CBE49074B89CEE2F83ABEF, 238F1F5C532344E63EA23891657E30B00EB4D091C3B485432ED7E814C1026D4F ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:17:50.0245 0x1080  RemoteRegistry - ok
21:17:50.0272 0x1080  [ 72C35598BA591ABDDC37FCE7D26FE1C4, 6931E6D2FFD21C3F6CC7DBAE65B8B17CB15576C7DDCE165F1305E94D90AB7605 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:17:50.0279 0x1080  RFCOMM - ok
21:17:50.0302 0x1080  [ 528D70EABE8305A02F387FEC839B9A47, EDF7458C4B860B26B95824BD570B8132C273DCEE8C2975F4C39DB530BFA6E572 ] rimmptsk        C:\Windows\system32\DRIVERS\rimmpx64.sys
21:17:50.0305 0x1080  rimmptsk - ok
21:17:50.0327 0x1080  [ BB9EDC55B0B8CB4FCD713428820E0776, 5342230EFF26C7307AFA0E89B7AC7BD5BE5F344DFB5EBFFFE6A449F40280ED21 ] rimsptsk        C:\Windows\system32\DRIVERS\rimspx64.sys
21:17:50.0330 0x1080  rimsptsk - ok
21:17:50.0354 0x1080  [ 858BBB1B592CF7016E67B17B07E20E61, FB8932CF30901A6A1B5DFB5CA3D359F2B4FA6E72218D0B0DA680398265684E5B ] rismcx64        C:\Windows\system32\DRIVERS\rismcx64.sys
21:17:50.0358 0x1080  rismcx64 - ok
21:17:50.0381 0x1080  [ 481C3FDEACAAE04B74C58288DBC91DF9, D7F2AB5E97C0293A5CAC977695EC1D0DBB354D0EA3662D37803098D9477DE03F ] rismxdp         C:\Windows\system32\DRIVERS\rixdpx64.sys
21:17:50.0384 0x1080  rismxdp - ok
21:17:50.0395 0x1080  [ F46C457840D4B7A4DAAFEE739CE04102, 94E946036240B3BAFF17C4A49745E29E492ABBC7BE5110741B212DF4D7F45B84 ] RpcLocator      C:\Windows\system32\locator.exe
21:17:50.0396 0x1080  RpcLocator - ok
21:17:50.0466 0x1080  [ 52CDADE8289FF21F1F2215FF51A5F36C, 27DD3BA84FB864FD685979C3404EFEB536ECD62FEF3069ECADAA5D5CA4469DE8 ] RpcSs           C:\Windows\system32\rpcss.dll
21:17:50.0480 0x1080  RpcSs - ok
21:17:50.0506 0x1080  [ 22A9CB08B1A6707C1550C6BF099AAE73, 46A9D40A03DC0B6C93274C0C1CDB132B2339E76E77CAB0F12AEDAD4C31822B91 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:17:50.0510 0x1080  rspndr - ok
21:17:50.0518 0x1080  [ 80F4593E92FF960E4763380D3168E498, 56FF903E5569B7FDD4E6CF1722299BC3C90C84AD9358982109C7634C0DE01B25 ] SamSs           C:\Windows\system32\lsass.exe
21:17:50.0519 0x1080  SamSs - ok
21:17:50.0543 0x1080  [ CD9C693589C60AD59BBBCFB0E524E01B, F9EBD4FF4C712A563B1120D123012E41105D31402BE45D6F8C8DA71155D64ECB ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:17:50.0547 0x1080  sbp2port - ok
21:17:50.0578 0x1080  [ F024D560FEA06F8B56D673849EB89AE6, 0D7D9642363C05750D068A3A484D268D1BAA56A87D7D7C521EACCD45A5863EC2 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:17:50.0583 0x1080  SCardSvr - ok
21:17:50.0649 0x1080  [ CE75D26E0A1106129F4D156851E298ED, EFE9DF62AE04A749D5A101E4274DC46ABC701CFED2C4235BDB7367512598DA18 ] Schedule        C:\Windows\system32\schedsvc.dll
21:17:50.0672 0x1080  Schedule - ok
21:17:50.0697 0x1080  [ EDFFFC8B6AFB609BF33DBE0A900426B6, 069E51698CADB01800CD4D1D98010B809652A93647670EC612373D154FA1E9CC ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:17:50.0698 0x1080  SCPolicySvc - ok
21:17:50.0720 0x1080  [ B42EE50F7D24F837F925332EB349ECA5, 5DA793DADA7E244A48FFE3249A0271974BA31839A70173F2F14BE80673C86014 ] sdbus           C:\Windows\system32\DRIVERS\sdbus.sys
21:17:50.0724 0x1080  sdbus - ok
21:17:50.0741 0x1080  [ 4FF71B076A7760FE75EA5AE2D0EE0018, DDDBC9530120F8C1AB449076F6F06F74354149B4C458E6682F957628EE795DE8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:17:50.0745 0x1080  SDRSVC - ok
Link to post
Share on other sites

21:17:50.0754 0x1080  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

21:17:50.0756 0x1080  secdrv - ok

21:17:50.0769 0x1080  [ 5ACDCBC67FCF894A1815B9F96D704490, FE0247A8BEDB860EBD46A9D49C641D0B9AA24EE34132CDDADC9F5A605238FDA7 ] seclogon        C:\Windows\system32\seclogon.dll

21:17:50.0772 0x1080  seclogon - ok

21:17:50.0788 0x1080  [ 90973A64B96CD647FF81C79443618EED, 1D3CB7F724B7EADA6443DF07B258EE7FB7FEC92C2A7A9D3C57F6A220EF0DDDC4 ] SENS            C:\Windows\System32\sens.dll

21:17:50.0790 0x1080  SENS - ok

21:17:50.0805 0x1080  [ F71BFE7AC6C52273B7C82CBF1BB2A222, 8C7F0E426B266DBBFE4BBE3333A33C338209BD8BE0E434A98D0D2CFD78D3F758 ] Serenum         C:\Windows\system32\drivers\serenum.sys

21:17:50.0807 0x1080  Serenum - ok

21:17:50.0837 0x1080  [ E62FAC91EE288DB29A9696A9D279929C, 9B6A420556532F7F8D55FB6580A592A43BEA579A068B970C741A23DB079ECAD1 ] Serial          C:\Windows\system32\drivers\serial.sys

21:17:50.0841 0x1080  Serial - ok

21:17:50.0867 0x1080  [ A842F04833684BCEEA7336211BE478DF, 9D964AEA237C44898098AC9C2D043F00C66EDA7D73C381D616737C01A9D0FF45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

21:17:50.0869 0x1080  sermouse - ok

21:17:50.0901 0x1080  [ A8E4A4407A09F35DCCC3771AF590B0C4, F56ECE42CE81098FCCBCDFBBF006C3FB9EDD29C62F03C4EAE012EE690669481B ] SessionEnv      C:\Windows\system32\sessenv.dll

21:17:50.0905 0x1080  SessionEnv - ok

21:17:50.0924 0x1080  [ 14D4B4465193A87C127933978E8C4106, A5C3F2F09E9A0715529B05AC1020EF0F432121E129447795257087E0D6A812FC ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

21:17:50.0926 0x1080  sffdisk - ok

21:17:50.0936 0x1080  [ 7073AEE3F82F3D598E3825962AA98AB2, 82A959A0970CBA8CC16D44736ED12158E59E138484F3F53EBDD3A4C02DA3700D ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

21:17:50.0938 0x1080  sffp_mmc - ok

21:17:50.0949 0x1080  [ 35E59EBE4A01A0532ED67975161C7B82, 4F4296B8903FCD06439CC8BF93C703852E523834F09CF9121FDA729A988AF11B ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

21:17:50.0951 0x1080  sffp_sd - ok

21:17:50.0961 0x1080  [ 6B7838C94135768BD455CBDC23E39E5F, 868E054ED546479DEAD7C2834C7AB080820522C16F5B4BEF0F3B279A33ABA9C8 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

21:17:50.0963 0x1080  sfloppy - ok

21:17:51.0007 0x1080  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34, 9659C7B5046DE2C0416A74FDE6F798C3E78D38327CB71BAE49D57A8347A9097D ] SharedAccess    C:\Windows\System32\ipnathlp.dll

21:17:51.0015 0x1080  SharedAccess - ok

21:17:51.0062 0x1080  [ 9235EC680D3DB17464B39C7C7DECB4DD, 12E9A31630A1063EE5956333FEBE055D31639FC2E6B33EF46C0E40889913CA9B ] ShellHWDetection C:\Windows\System32\shsvcs.dll

21:17:51.0069 0x1080  ShellHWDetection - ok

21:17:51.0088 0x1080  [ 7A5DE502AEB719D4594C6471060A78B3, E8E16DF8AFFC230FBB1A5938925D464A1BA776184B8C020B37669EE2105DB9F2 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

21:17:51.0091 0x1080  SiSRaid2 - ok

21:17:51.0107 0x1080  [ 3A2F769FAB9582BC720E11EA1DFB184D, 83EEBCE37E8709FCE15FB44F546C727C56064ED49B73A471EA33480573558419 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

21:17:51.0111 0x1080  SiSRaid4 - ok

21:17:51.0292 0x1080  [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe

21:17:51.0372 0x1080  Skype C2C Service - ok

21:17:51.0427 0x1080  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

21:17:51.0431 0x1080  SkypeUpdate - ok

21:17:51.0524 0x1080  [ A301D2CEFB4747DFE0C24425DCBE0B78, 1F6863002B67D130C60C713C804CE907619B8E0A32A5654958898303DC3D6297 ] slsvc           C:\Windows\system32\SLsvc.exe

21:17:51.0578 0x1080  slsvc - ok

21:17:51.0597 0x1080  [ F5DDF7C0AF85EB72CB295171F8C3CB35, AD52F3BEF6B20C9901024BA7AB30BDFC38408304EA3A3A9ADD72FDAF1166EC39 ] SLUINotify      C:\Windows\system32\SLUINotify.dll

21:17:51.0602 0x1080  SLUINotify - ok

21:17:51.0624 0x1080  [ 41EB2E8E005FEEDCAFCE301983EFF932, 53A40A9B6EE1E95641DFA81498504C97CA50E3F344AC0DF368E9DC1A8B208F3D ] Smb             C:\Windows\system32\DRIVERS\smb.sys

21:17:51.0627 0x1080  Smb - ok

21:17:51.0648 0x1080  [ F8F47F38909823B1AF28D60B96340CFF, EFD948EE09F22F9F373A98BA6D9BC519FD9244986E4BE7B2BACD92D3C145AD1D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

21:17:51.0650 0x1080  SNMPTRAP - ok

21:17:51.0734 0x1080  [ 84DE101B4FA40CD28B84637924C060CE, 0C98124D57F76CA3A3380524EF73B46ED8C594B8F59B808FEE7ED45D6EE2A850 ] SNP2UVC         C:\Windows\system32\DRIVERS\snp2uvc.sys

21:17:51.0785 0x1080  SNP2UVC - ok

21:17:51.0813 0x1080  [ F9CB0672162F7F04248E2B82C1FF4617, 0C7CF505FE72FE06CAEE085500DF1F41AADFEA31F6026B1AB8D9450351E858BB ] spldr           C:\Windows\system32\drivers\spldr.sys

21:17:51.0815 0x1080  spldr - ok

21:17:51.0863 0x1080  [ 92E6738D25C2123BE9515C0EAC0776CD, 203BC46A2813F68CD1BE35101707422632F44CCDC51105E55C441E4C731A7FB5 ] Spooler         C:\Windows\System32\spoolsv.exe

21:17:51.0870 0x1080  Spooler - ok

21:17:51.0948 0x1080  [ 656736958178461D25B51BB0D9EC7D09, A1C987CD3C1B36516691B6FB6B0589897826E9237C72AD8B5D79D20ACAFCC883 ] sptd            C:\Windows\System32\Drivers\sptd.sys

21:17:52.0024 0x1080  sptd - ok

21:17:52.0060 0x1080  [ A8ABD7D0D907B45CF3831F4DD8644349, F6529258D00355254DDC9E387F350627623619C0CA01127C7239F45E06C7EE9C ] srv             C:\Windows\system32\DRIVERS\srv.sys

21:17:52.0074 0x1080  srv - ok

21:17:52.0131 0x1080  [ 6C72EEA39E1C37B436A6D1532999F9EC, 8AFBF52600C12D5EA169FB1C9E04D67108117C88E19F629B15F6C3E4A81DA6CD ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

21:17:52.0138 0x1080  srv2 - ok

21:17:52.0155 0x1080  [ 7F69BCF9E6FA3D93C82EE6B87812666D, 6DC0A10A8EB7F21B9FFFBE14ACB8ABBD935204971D4A6902749EF870C9E8B4F2 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

21:17:52.0160 0x1080  srvnet - ok

21:17:52.0183 0x1080  [ 192C74646EC5725AEF3F80D19FF75F6A, 8F24FF139A46B1F837356B9D682526107D7BADCFA510842FEACB6F06C02D93D9 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

21:17:52.0189 0x1080  SSDPSRV - ok

21:17:52.0197 0x1080  [ 2EE3FA0308E6185BA64A9A7F2E74332B, EC6A15281685E6CDEADABDFD08C4AF980AD3B404C945EB121D7F90AFCA3D6849 ] SstpSvc         C:\Windows\system32\sstpsvc.dll

21:17:52.0201 0x1080  SstpSvc - ok

21:17:52.0295 0x1080  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe

21:17:52.0310 0x1080  Steam Client Service - ok

21:17:52.0338 0x1080  [ F14F7D7D68A66777FB999D5D0F21138D, 02D84EF557A9D407ADCCF74DBD0E9D13E33B6F2D7C564386CD7412C3814ADD5C ] stisvc          C:\Windows\System32\wiaservc.dll

21:17:52.0354 0x1080  stisvc - ok

21:17:52.0387 0x1080  [ 8A851CA908B8B974F89C50D2E18D4F0C, 27EA13E50B5B72ABF6C5B7B7D34A7154A12BB27B1C1B2EEFCAA36A96010DB4DC ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

21:17:52.0389 0x1080  swenum - ok

21:17:52.0416 0x1080  [ DA34D6EB4A3154C0BEBAEB0A2483EF3E, B101B4C551F112F486F26FD222116FA08ADDB9804ABDFF6288826049AEE39D7A ] swprv           C:\Windows\System32\swprv.dll

21:17:52.0430 0x1080  swprv - ok

21:17:52.0454 0x1080  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B, 0227EAF144BC35AA4FF2535E8C9974C0609B7634EE45F4166B9F88F79B17BBF1 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

21:17:52.0457 0x1080  Symc8xx - ok

21:17:52.0478 0x1080  [ A909667976D3BCCD1DF813FED517D837, 0874DD4C1CA7AE2E519EBB45433BC9F11A574408F5D2F9E23A340CA76512F5CE ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

21:17:52.0481 0x1080  Sym_hi - ok

21:17:52.0506 0x1080  [ 36887B56EC2D98B9C362F6AE4DE5B7B0, 7349FABACB633A9EEE3D4E241A5F443C28D23CC87F21EAAB3F1711644AA21D7C ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

21:17:52.0509 0x1080  Sym_u3 - ok

21:17:52.0551 0x1080  [ C52B05821884F9A0EBEE38C45DBD73CD, BB9DD84C191F16EC4596D595D41A2C7E6D7D231520284D36ED4D7B5084FE6E84 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys

21:17:52.0561 0x1080  SynTP - ok

21:17:52.0621 0x1080  [ BEA0D5521ED21DF8F6FFEED86DAEDE7B, E13E998787C3B6822A45C3544AB3FD1DEC60311D93C1CA0977049324F6B3820D ] SysMain         C:\Windows\system32\sysmain.dll

21:17:52.0646 0x1080  SysMain - ok

21:17:52.0685 0x1080  [ 005CE42567F9113A3BCCB3B20073B029, B1831D71410AD6E7DEB59D26BF6D2D07D2F6112936D6A6FDA57E9296ADA4076D ] TabletInputService C:\Windows\System32\TabSvc.dll

21:17:52.0689 0x1080  TabletInputService - ok

21:17:52.0736 0x1080  [ 52091001CAF20AE84CF47023EE21B4BB, DBF5ED374CFE2B597C2179E7DD70641BF69B5B1083EE7403DCE9CEE0315C2F65 ] TapiSrv         C:\Windows\System32\tapisrv.dll

21:17:52.0746 0x1080  TapiSrv - ok

21:17:52.0783 0x1080  [ CDBE8D7C1E201B911CDC346D06617FB5, 16D5965E32A109DA38D77F4B6281081569D78371B2F522DE51100967F8776C7A ] TBS             C:\Windows\System32\tbssvc.dll

21:17:52.0786 0x1080  TBS - ok

21:17:52.0884 0x1080  [ 7D86275FB640011B372FD566C0EAFA8D, C22AB38E8E7E2BB77DB4D14B439E6BDE93BA7B57530B475294E46F4CCF0E8313 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

21:17:52.0925 0x1080  Tcpip - ok

21:17:52.0980 0x1080  [ 7D86275FB640011B372FD566C0EAFA8D, C22AB38E8E7E2BB77DB4D14B439E6BDE93BA7B57530B475294E46F4CCF0E8313 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

21:17:53.0005 0x1080  Tcpip6 - ok

21:17:53.0030 0x1080  [ C29D4B3B08AD0B7E8564814E4FF6A57B, ABB547D4CA8BCAAED15AC2BA1B2760DE2E94CB3A108E543B402F0034601515A0 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

21:17:53.0032 0x1080  tcpipreg - ok

21:17:53.0051 0x1080  [ 1D8BF4AAA5FB7A2761475781DC1195BC, A28E972E9331BAD685D4C786FDE221565E0AD3E222B24B9182B7FA916BFCD9C8 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

21:17:53.0053 0x1080  TDPIPE - ok

21:17:53.0072 0x1080  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1, 42A408E82D4017D27D3B0BBBA02BF4B21DEC060C89849785ED65962D18029B65 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

21:17:53.0074 0x1080  TDTCP - ok

21:17:53.0099 0x1080  [ 8C39C72E0E853DE04748C0337D9B9216, 40A709FEC9A32DB9A2FDC217F4A21134BC184DABA1AB8BE71768559FD6D4136B ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

21:17:53.0103 0x1080  tdx - ok

21:17:53.0115 0x1080  [ 3F0EBF6EE609F2A276C0D5FAF244EC90, 4D5FEE6DCDCB8864F623D5E19BECCB6ECAFA0DBD8C37152FE81B0011EF4343A6 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

21:17:53.0119 0x1080  TermDD - ok

21:17:53.0168 0x1080  [ F870A5589D6A94B426EFB13689023946, C02AC39DEEB89DA115C13914A018FFF471093850EDBAF904D7BD45C107F3F18E ] TermService     C:\Windows\System32\termsrv.dll

21:17:53.0183 0x1080  TermService - ok

21:17:53.0203 0x1080  [ 9235EC680D3DB17464B39C7C7DECB4DD, 12E9A31630A1063EE5956333FEBE055D31639FC2E6B33EF46C0E40889913CA9B ] Themes          C:\Windows\system32\shsvcs.dll

21:17:53.0210 0x1080  Themes - ok

21:17:53.0221 0x1080  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A, 18B0E3E83E41C80809E8140F4C90AB051566C84DD891EA411746EA74E6EAF053 ] THREADORDER     C:\Windows\system32\mmcss.dll

21:17:53.0223 0x1080  THREADORDER - ok

21:17:53.0240 0x1080  [ 270308EFB59976157755C768B8544B5F, CAB8F9DEBF2A646929EC92E41734E9974AA6AF80F69C4E22974FA7688ABF4FAD ] TPM             C:\Windows\system32\drivers\tpm.sys

21:17:53.0243 0x1080  TPM - ok

21:17:53.0255 0x1080  [ F4689F05AF472A651A7B1B7B02D200E7, 3D34B8879DBC69013D1A87A3F47B8A622A60B57F2E962E9F5925C5A01F44640F ] TrkWks          C:\Windows\System32\trkwks.dll

21:17:53.0259 0x1080  TrkWks - ok

21:17:53.0291 0x1080  [ AC6FF1DF22ED90BAD6417EE5A4C6E2F0, B5114E2DF7C1E994EA53B08F761DD5C84E1EE57B574C6ADAD103BEC464887A4C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

21:17:53.0293 0x1080  TrustedInstaller - ok

21:17:53.0310 0x1080  [ 9E5409CD17C8BEF193AAD498F3BC2CB8, 7CCBDA9D2B34996F19714F108837F9BF10E9DCB93EBCE24451FD01C073D6BE12 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

21:17:53.0312 0x1080  tssecsrv - ok

21:17:53.0339 0x1080  [ 89EC74A9E602D16A75A4170511029B3C, AACD82A6F5FE31FF1315F5CA69E5EB6BD172DD86610F0641177CCC131B542034 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

21:17:53.0341 0x1080  tunmp - ok

21:17:53.0381 0x1080  [ 2DC2C423572946E9A3131425BDA73CB6, 141D06201FA95EAE25511C2A81F769AAF433BCA30BF234A078D5FEF347B3FF94 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

21:17:53.0383 0x1080  tunnel - ok

21:17:53.0403 0x1080  [ FEC266EF401966311744BD0F359F7F56, 6EE0223AEFA7A81BEB155FC0CD4421C2BEBCDCBC9663C23064B0445101114BF8 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

21:17:53.0407 0x1080  uagp35 - ok

21:17:53.0429 0x1080  [ ECA6629E33F122AFFF18A2AB7C3EB033, 1E2C126DECCCEA2AFFBFE57DEA5CEBB72002697BAA1885DE2515EAA072B39E94 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

21:17:53.0437 0x1080  udfs - ok

21:17:53.0458 0x1080  [ 060507C4113391394478F6953A79EEDC, 5D0AE5F1184165289DC8E8CD493607FCB68512CF90F748E3BFD2250655D784D4 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

21:17:53.0461 0x1080  UI0Detect - ok

21:17:53.0475 0x1080  [ 4EC9447AC3AB462647F60E547208CA00, F304125321B1ECA915EDDBDB6A71EAEF3123DCB5604C9497D72F12E0C1BD5315 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

21:17:53.0478 0x1080  uliagpkx - ok

21:17:53.0501 0x1080  [ 697F0446134CDC8F99E69306184FBBB4, A741882B8FE403E3A5DECED5D4A2254B14AF40ACECD4DAA3D00D71C2205C2C5F ] uliahci         C:\Windows\system32\drivers\uliahci.sys

21:17:53.0510 0x1080  uliahci - ok

21:17:53.0539 0x1080  [ 31707F09846056651EA2C37858F5DDB0, A619AC4B32EA77AC29458894614870086C4DDB81525ADBCFF1AB8970FC5C257A ] UlSata          C:\Windows\system32\drivers\ulsata.sys

21:17:53.0544 0x1080  UlSata - ok

21:17:53.0573 0x1080  [ 85E5E43ED5B48C8376281BAB519271B7, DBDA4216553F7C5EA0C579346D0A638E62766D5B8FCB1BFF3149BB37BBF978D3 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

21:17:53.0580 0x1080  ulsata2 - ok

21:17:53.0601 0x1080  [ 46E9A994C4FED537DD951F60B86AD3F4, 256F93ED3BD43B50F0D4489164D959F95AB070CC25A80A46355D2B387D336224 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

21:17:53.0603 0x1080  umbus - ok

21:17:53.0617 0x1080  [ 658C50524E470516067708BABFB08738, 64971D172939B4D110D1C1B28F2876192607E723834E950397CF53383BFF6D1A ] UmRdpService    C:\Windows\System32\umrdp.dll

21:17:53.0624 0x1080  UmRdpService - ok

21:17:53.0654 0x1080  [ 7093799FF80E9DECA0680D2E3535BE60, 1CBFCCA84CB9212176BF5A1D32334BD54E58A2668A4746252738800468AD4AD4 ] upnphost        C:\Windows\System32\upnphost.dll

21:17:53.0663 0x1080  upnphost - ok

21:17:53.0683 0x1080  [ 07E3498FC60834219D2356293DA0FECC, EBFC4AD49F110CD9135F3C0385204A2A31A8DAF654D016BA03FE1DC4F7C184DA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

21:17:53.0687 0x1080  usbccgp - ok

21:17:53.0700 0x1080  [ 9247F7E0B65852C1F6631480984D6ED2, E3360A0EE891B8BADEF5FF53F796C79D6AD218961087F866E451F3B6F278672A ] usbcir          C:\Windows\system32\drivers\usbcir.sys

21:17:53.0704 0x1080  usbcir - ok

21:17:53.0717 0x1080  [ DA6D8D8ED0A53C63AC6F4BD40FE83FBE, B233209143118B7A5C65FDB0FF45864173CDAC1B6B686849E05C5DE492452372 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

21:17:53.0720 0x1080  usbehci - ok

21:17:53.0739 0x1080  [ 99045369AE3216216573D0775FD7ED56, 9CDBCF35C9127824E8EB87006E6AB0BE33AAA1BE429879384A5DD44A8950C5E0 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

21:17:53.0749 0x1080  usbhub - ok

21:17:53.0765 0x1080  [ EBA14EF0C07CEC233F1529C698D0D154, FBA35D53A90FD6C3F91DA5ECE10EF29858CB4CB512AA20548225F83E9FE0A23D ] usbohci         C:\Windows\system32\drivers\usbohci.sys

21:17:53.0767 0x1080  usbohci - ok

21:17:53.0798 0x1080  [ 28B693B6D31E7B9332C1BDCEFEF228C1, 6B756E6D7459F755C76BC3F497643F6818F107304B789952B233C6585434F3A8 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

21:17:53.0800 0x1080  usbprint - ok

21:17:53.0830 0x1080  [ 586D9876A4945779C8EEA926C0D16889, 7534E7D9665942CA7663E6E5F5F1607752F9E09DD67D036DA5C520E9C11E53E2 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

21:17:53.0835 0x1080  USBSTOR - ok

21:17:53.0875 0x1080  [ B2872CBF9F47316ABD0E0C74A1ABA507, E9FB3EEA1D834A035675E22A3224E4E278C4D304F6511822D83250409D62BD3A ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

21:17:53.0877 0x1080  usbuhci - ok

21:17:53.0899 0x1080  [ FC33099877790D51B0927B7039059855, 9EF33DABDBF0EEC60C63137F5FB21B27536B5923F10DF4F66621CC9864EB894E ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

21:17:53.0905 0x1080  usbvideo - ok

21:17:53.0937 0x1080  [ 9190F03C82547AFA87367F1CECA88F3B, E1DD21F87A9D149E0C10146C96D0B655FE4D7418984C45FCC17FDD6233F5CEA1 ] UxSms           C:\Windows\System32\uxsms.dll

21:17:53.0940 0x1080  UxSms - ok

21:17:53.0998 0x1080  [ C15A4A550CBA7B9F1F68B72528E04CE1, B1C480ADD2E068E1662783D9C2653D45301F404E6C65942BEDAD45935B0FADAE ] vds             C:\Windows\System32\vds.exe

21:17:54.0012 0x1080  vds - ok

21:17:54.0030 0x1080  [ 916B94BCF1E09873FFF2D5FB11767BBC, 072007FED4EF30C4D7AF8628CBEB2AC99EEAD99D7AB533E90E3748E3D4F11C28 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

21:17:54.0032 0x1080  vga - ok

21:17:54.0051 0x1080  [ B83AB16B51FEDA65DD81B8C59D114D63, 97D39AA763037752D87216B83896AFD2AD6DFEBB3BCDCED7A9ABFE5706B804C5 ] VgaSave         C:\Windows\System32\drivers\vga.sys

21:17:54.0054 0x1080  VgaSave - ok

21:17:54.0088 0x1080  [ 8294B6C3FDB6C33F24E150DE647ECDAA, FEBD9536EF61F700DFD5D9CB815808C8415D5B23590B3CE17B12D84F4670EA4D ] viaide          C:\Windows\system32\drivers\viaide.sys

21:17:54.0090 0x1080  viaide - ok

21:17:54.0109 0x1080  [ 793D9B32A1C462C91F6F70358283AC97, 0B037004FCDCCACD453969B76434FAAC1516E990359D5983F0A2BB910406322B ] volmgr          C:\Windows\system32\drivers\volmgr.sys

21:17:54.0112 0x1080  volmgr - ok

21:17:54.0157 0x1080  [ 5AA217DA5DC4FF5B9AC9AB86563B3223, 306A43A4E87CBC2B16FD398022DFB5DF05B8C062B3D1F1533E6684DF9069C3F2 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

21:17:54.0169 0x1080  volmgrx - ok

21:17:54.0202 0x1080  [ DE4307412D98050239026E56A7DFF3C0, F7D30DE55ED26483DBC84261E1EAA8C4A4485EBAF16A57DF1E14595A4992BF4D ] volsnap         C:\Windows\system32\drivers\volsnap.sys

21:17:54.0211 0x1080  volsnap - ok

21:17:54.0240 0x1080  [ A68F455ED2673835209318DD61BFBB0E, 8B2B255E8E2F8B415F7AC0F7F4C423F639DD47737F7CEE0F7C816D9A6893C5F7 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

21:17:54.0246 0x1080  vsmraid - ok

21:17:54.0321 0x1080  [ 186BD53F8A408AD20F5A056C05678629, 455D72554244B5EDFC0892EC509DB568FDE5C78562355049C06531B82CBB0DB4 ] VSS             C:\Windows\system32\vssvc.exe

21:17:54.0408 0x1080  VSS - ok

21:17:54.0454 0x1080  [ BA29F34A61CB55C0DEE29E787542EDF4, D24B72676663588EBFB20C6C5196963E1514643A8BA655FA412BE365952A7F39 ] W32Time         C:\Windows\system32\w32time.dll

21:17:54.0464 0x1080  W32Time - ok

21:17:54.0483 0x1080  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7, D682FBF78CF987609AF35A019E7C90CBE02800D7DFC272FFDD71D82AA362FA7A ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

21:17:54.0487 0x1080  WacomPen - ok

21:17:54.0513 0x1080  [ AEA75207E443C8623C36B8D03596F84F, 0447EE2EFDD681C51E44DCBB041E81A0D54CF99A3B85B91408565852754408AF ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

21:17:54.0518 0x1080  Wanarp - ok

21:17:54.0523 0x1080  [ AEA75207E443C8623C36B8D03596F84F, 0447EE2EFDD681C51E44DCBB041E81A0D54CF99A3B85B91408565852754408AF ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

21:17:54.0526 0x1080  Wanarpv6 - ok

21:17:54.0560 0x1080  [ 54D1827975AFD9BC391343C357B9EA06, 0C390071806A56B8B738D13228009C60D7030E83E1CADD1B21D7BFDCF73EB067 ] wbengine        C:\Windows\system32\wbengine.exe

21:17:54.0589 0x1080  wbengine - ok

21:17:54.0608 0x1080  [ 055449247C490E24B968B44FE8A969EB, 7E48C1307FA403D9C618DF4087DC5C2B077C2215AA592F3E78461D1FB49D184C ] wcncsvc         C:\Windows\System32\wcncsvc.dll

21:17:54.0622 0x1080  wcncsvc - ok

21:17:54.0629 0x1080  [ EA4B369560E986F19D93F45A881484AC, B61411D64901C9CB8C80402CD1E8808F5A0FACA38206C8D584C7C1019F5ADF5A ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

21:17:54.0632 0x1080  WcsPlugInService - ok

21:17:54.0651 0x1080  [ 0C17A0816F65B89E362E682AD5E7266E, 6233213D07B234056A1EC6FE1166A65371645269132B428FF3A29DDC0000301A ] Wd              C:\Windows\system32\drivers\wd.sys

21:17:54.0653 0x1080  Wd - ok

21:17:54.0691 0x1080  [ D02E7E4567DA1E7582FBF6A91144B0DF, 04053B988801235AB6C5616AA616B6EC43E3F36882327589524B88DE19B14EF9 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

21:17:54.0716 0x1080  Wdf01000 - ok

21:17:54.0733 0x1080  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiServiceHost  C:\Windows\system32\wdi.dll

21:17:54.0736 0x1080  WdiServiceHost - ok

21:17:54.0750 0x1080  [ C5EFDA73EBFCA8B02A094898DE0A9276, DE54E06CBE20EB27D88B29C3AE19CDFA0AE4933D6DCD640912C74A1065C9391C ] WdiSystemHost   C:\Windows\system32\wdi.dll

21:17:54.0753 0x1080  WdiSystemHost - ok

21:17:54.0783 0x1080  [ 3D4AB55F8178FD0CD3CA45CD0EC9CF5B, C139A7C93E72EA25AEFBB75A0D31994F2E77412D40B39938033DF91187E43D76 ] WebClient       C:\Windows\System32\webclnt.dll

21:17:54.0790 0x1080  WebClient - ok

21:17:54.0824 0x1080  [ 8D40BC587993F876658BF9FB0F7D3462, 23748E11F5CCE3D4978D748780283FA5A1154F53FF70D924CB2128FF8A4705F7 ] Wecsvc          C:\Windows\system32\wecsvc.dll

21:17:54.0830 0x1080  Wecsvc - ok

21:17:54.0857 0x1080  [ 9C980351D7E96288EA0C23AE232BD065, BA627B04C4259716B451F421F5310A69D8DE9407DE496AA0489139125E9DC16A ] wercplsupport   C:\Windows\System32\wercplsupport.dll

21:17:54.0861 0x1080  wercplsupport - ok

21:17:54.0898 0x1080  [ FC25242B3BCAF7E84D9184082274AE08, DC786006135496C78752F379313D4793BBADDBA6229EDC1AB75A0E8C9A098390 ] WerSvc          C:\Windows\System32\WerSvc.dll

21:17:54.0902 0x1080  WerSvc - ok

21:17:54.0925 0x1080  WinDefend - ok

21:17:54.0929 0x1080  WinHttpAutoProxySvc - ok

21:17:55.0010 0x1080  [ AC98F38FEAB066A8F983D54FF3F4FD4C, EBB0CCAFBAC4C710654BFA1911BF1108249EE3A7166E35A22D76F8D8158374A9 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

21:17:55.0016 0x1080  Winmgmt - ok

21:17:55.0105 0x1080  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869, 22D53818F4A4ACE441E121151CFD7CB1EDF5E8303DF9E113C9BB304B418A96EF ] WinRM           C:\Windows\system32\WsmSvc.dll

21:17:55.0159 0x1080  WinRM - ok

21:17:55.0227 0x1080  [ 0A69955261C1B54206ADC9BEB89517DE, 3B71E64D24251FDC061364D712F7751CEB88485EDF1CD65161C1D0084E303C12 ] Wlansvc         C:\Windows\System32\wlansvc.dll

21:17:55.0245 0x1080  Wlansvc - ok

21:17:55.0273 0x1080  [ E18AEBAAA5A773FE11AA2C70F65320F5, 9E2F6FC0F46D0EEEBF4BC1E3D8800B3D268079ABF8EDDD70CD21B789883D7390 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

21:17:55.0274 0x1080  WmiAcpi - ok

21:17:55.0293 0x1080  [ D303322DD577C3DEDA1251ED2E7A496C, EA8EBC677A1D3774BC2CF711D0F98AED056BD70980DC4469B050BFBDB8DD1E0D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

21:17:55.0300 0x1080  wmiApSrv - ok

21:17:55.0326 0x1080  WMPNetworkSvc - ok

21:17:55.0353 0x1080  [ A27C8F92D84E2DDC151978E4692C978E, B0CFB3DA19827E170E6A29AD023C29D70F73EF648CE1344A5E0AFD2002287024 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

21:17:55.0357 0x1080  WPDBusEnum - ok

21:17:55.0412 0x1080  [ 6329D1990DB931073B86AB5946D8E317, F33581D21659A274BF5C0762E24A7DBEEB6380AB6ED0FACD76F1BD2858C4DA49 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys

21:17:55.0414 0x1080  WpdUsb - ok

21:17:55.0580 0x1080  [ 991E2C2CF3BC204C2BB2EE1476149E4E, 3ACEE4D02B989A397BC7A8CDDE90850173F351888C119CC60187CB8934DCC16D ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe

21:17:55.0653 0x1080  WPFFontCache_v0400 - ok

21:17:55.0683 0x1080  [ 8A900348370E359B6BFF6A550E4649E1, 3EAD0B951EAF8E940ED6A79FAAAB7D22ACCF3985795F80206A3A07161D319B39 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

21:17:55.0685 0x1080  ws2ifsl - ok

21:17:55.0705 0x1080  [ CB8EA6D95949384925CCFCA21CC6DFD8, 45E6D221FB92B88F287D855DFFFEBD7027C5A6C0BA14D60D2E2A12CAD8A58EF5 ] wscsvc          C:\Windows\System32\wscsvc.dll

21:17:55.0708 0x1080  wscsvc - ok

21:17:55.0711 0x1080  WSearch - ok

21:17:55.0993 0x1080  [ FB3796754FE00F0BDC87A36F164A5F4D, 0CA7A6B5EF94AA55C780487C753984A68F780CE82F175DC32B70C0AB00B7A71D ] wuauserv        C:\Windows\system32\wuaueng.dll

21:17:56.0055 0x1080  wuauserv - ok

21:17:56.0072 0x1080  [ 501A65252617B495C0F1832F908D54D8, CB18A80EAB2F23579D1D38B12CD04CF579C6D0B73127A1E88305CC0488D40B2C ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

21:17:56.0075 0x1080  WUDFRd - ok

21:17:56.0107 0x1080  [ 6CBD51FF913C851D56ED9DC7F2A27DDE, 736C66A944F3D37464052211B2728AD53D31CB631CD33B9E094C00D76BF17399 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

21:17:56.0110 0x1080  wudfsvc - ok

21:17:56.0116 0x1080  ================ Scan global ===============================

21:17:56.0159 0x1080  [ 060DC3A7A9A2626031EB23D90151428D, 4AADA06E83603E9D4894D6CFC8DADB018307B384F438C809D4BC8E22BD937C3B ] C:\Windows\system32\basesrv.dll

21:17:56.0200 0x1080  [ 2D94E4CE322F12061D3FA7DBE65E9AC5, 93328B8A8415CCA8A7AB3EF1340F3F8C30309E9702C96071FACCAB380DBD357F ] C:\Windows\system32\winsrv.dll

21:17:56.0224 0x1080  [ 2D94E4CE322F12061D3FA7DBE65E9AC5, 93328B8A8415CCA8A7AB3EF1340F3F8C30309E9702C96071FACCAB380DBD357F ] C:\Windows\system32\winsrv.dll

21:17:56.0267 0x1080  [ DFAC660F0F139276CC9299812DE42719, 359D060560EB3A6920812E31B82F7BB4333830269E62F2B62180640893E8330D ] C:\Windows\system32\services.exe

21:17:56.0279 0x1080  [ Global ] - ok

21:17:56.0279 0x1080  ================ Scan MBR ==================================

21:17:56.0290 0x1080  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

21:17:56.0704 0x1080  \Device\Harddisk0\DR0 - ok

21:17:56.0704 0x1080  ================ Scan VBR ==================================

21:17:56.0706 0x1080  [ 2663A6681416C93570F047AF75D07218 ] \Device\Harddisk0\DR0\Partition1

21:17:56.0739 0x1080  \Device\Harddisk0\DR0\Partition1 - ok

21:17:56.0740 0x1080  Waiting for KSN requests completion. In queue: 336

21:17:57.0740 0x1080  Waiting for KSN requests completion. In queue: 336

21:17:58.0740 0x1080  Waiting for KSN requests completion. In queue: 27

21:17:59.0819 0x1080  AV detected via SS2: ESET NOD32 Antivirus 3.0, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe (  ), 0x41000 ( enabled : updated )

21:17:59.0843 0x1080  Win FW state via NFP2: disabled

21:18:02.0258 0x1080  ============================================================

21:18:02.0258 0x1080  Scan finished

21:18:02.0258 0x1080  ============================================================

21:18:02.0265 0x0234  Detected object count: 0

21:18:02.0265 0x0234  Actual detected object count: 0
Link to post
Share on other sites

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe



When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Link to post
Share on other sites

I do not know if it is relevant, but i started the scan before i went to bed, and by the time i woke up, my pc was shut down as i did not notice my adapter was not completely connected... I read the scan takes about 10 ~ 20 minutes, so i doubt it influenced anything, but what do i know about it :)

 

gr.

Dimi

 

ComboFix 14-03-23.01 - CZC8507XQB 23/03/2014  22:24:44.1.2 - x64

Microsoft® Windows Vista™ Business   6.0.6001.1.1252.32.1043.18.4090.2039 [GMT 1:00]

Gestart vanuit: c:\users\CZC8507XQB\Desktop\ComboFix.exe

AV: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {CB0F8167-5331-BA19-698E-64816B6801A5}

SP: ESET NOD32 Antivirus 3.0 *Disabled/Updated* {706E6083-750B-B597-533E-5FF310EF4B18}

SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((   Andere Verwijderingen   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

C:\install.exe

c:\programdata\Local Settings\Temp

c:\users\CZC8507XQB\AppData\Roaming\4555.ini

c:\windows\SysWow64\drivers\npf.sys

.

.

(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

-------\Service_npf

.

.

((((((((((((((((((((   Bestanden Gemaakt van 2014-02-24 to 2014-03-24  ))))))))))))))))))))))))))))))

.

.

2014-03-23 21:36 . 2014-03-23 21:38 -------- d-----w- c:\users\postgres\AppData\Local\temp

2014-03-23 21:36 . 2014-03-23 21:36 -------- d-----w- c:\users\Default\AppData\Local\temp

2014-03-23 21:36 . 2014-03-23 21:36 -------- d-----w- c:\users\Administrator\AppData\Local\temp

2014-03-21 17:12 . 2014-03-07 04:43 10521840 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{AC838CBA-5F16-483C-8352-0A9BA8C3FA1B}\mpengine.dll

2014-03-16 09:15 . 2014-03-16 09:15 -------- d-----w- c:\users\CZC8507XQB\AppData\Local\Skype

2014-03-16 09:15 . 2014-03-16 09:15 -------- d-----w- c:\program files (x86)\Common Files\Skype

.

.

.

(((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-03-19 18:47 . 2006-11-02 12:35 90015360 ----a-w- c:\windows\system32\mrt.exe

2014-03-12 19:47 . 2013-03-19 18:23 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2014-03-12 19:47 . 2011-08-12 20:08 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2014-01-06 19:23 . 2014-01-06 19:23 4558848 ----a-w- c:\windows\SysWow64\GPhotos.scr

.

.

(((((((((((((((((((((((((((((((((((((   Reg Opstartpunten   )))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2008-03-17 2289664]

"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-02-25 1821888]

"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-02-10 20922016]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]

"QlbCtrl.exe"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2008-06-03 177456]

"HP Health Check Scheduler"="c:\program files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2008-06-16 75008]

"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]

"PDF Complete"="c:\program files (x86)\PDF Complete\pdfsty.exe" [2008-05-12 318488]

"hpWirelessAssistant"="c:\program files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2008-04-15 488752]

"WatchDog"="c:\program files (x86)\InterVideo\DVD Check\DVDCheck.exe" [2008-05-23 197904]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]

"SoundMAXPnP"="c:\program files (x86)\Analog Devices\Core\smax4pnp.exe" [2008-10-16 1310720]

"Config"="c:\program files (x86)\Microsoft Games\Age Of Empires ii\Config.exe" [2006-07-06 151552]

"SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2009-05-21 148888]

"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-6-19 994856]

DVD Check.lnk - c:\program files (x86)\InterVideo\DVD Check\DVDCheck.exe [2009-1-6 197904]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]

2008-04-21 10:48 69632 ----a-w- c:\windows\System32\DeviceNP.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

@="Driver"

.

--- Andere Services/Drivers In Geheugen ---

.

*NewlyCreated* - WS2IFSL

.

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs

Themes

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]

2008-03-17 16:56 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-03-15 17:37 1150280 ----a-w- c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe

.

Inhoud van de 'Gedeelde Taken' map

.

2014-03-23 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-19 19:47]

.

2014-03-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-23 20:13]

.

2014-03-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-23 20:13]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-03-27 1234216]

"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-20 178712]

"snuvcdsm"="c:\windows\snuvcdsm.exe" [2008-10-09 27176]

"egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2009-10-07 1923640]

.

------- Bijkomende Scan -------

.

uLocal Page = c:\windows\system32\blank.htm


mLocal Page = %SystemRoot%\system32\blank.htm


IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200

IE: E&xporteren naar Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {{878AC5FC-BE78-4bae-896C-7F75B790A71E} - c:\program files (x86)\PokerStars.BE\PokerStarsUpdate.exe

TCP: DhcpNameServer = 195.130.131.2 195.130.130.130

FF - ProfilePath - c:\users\CZC8507XQB\AppData\Roaming\Mozilla\Firefox\Profiles\v05rurev.default\


FF - user.js: extensions.funmoods_i.hmpg - true


FF - user.js: extensions.funmoods_i.dfltSrch - true

FF - user.js: extensions.funmoods_i.srchPrvdr - Search

FF - user.js: extensions.funmoods_i.dnsErr - true

FF - user.js: extensions.funmoods_i.newTab - true



FF - user.js: extensions.funmoods_i.id - 86dda43100000000000000216b2c7322

FF - user.js: extensions.funmoods_i.instlDay - 15374

FF - user.js: extensions.funmoods_i.vrsn - 1.5.11.16

FF - user.js: extensions.funmoods_i.vrsni - 1.5.11.16

FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.11.1615:57

FF - user.js: extensions.funmoods_i.prtnrId - funmoods

FF - user.js: extensions.funmoods_i.prdct - funmoods

FF - user.js: extensions.funmoods_i.aflt - ddrnw

FF - user.js: extensions.funmoods_i.smplGrp - none

FF - user.js: extensions.funmoods_i.tlbrId - base

FF - user.js: extensions.funmoods_i.instlRef - 

FF - user.js: extensions.funmoods_i.dfltLng - 

FF - user.js: extensions.funmoods_i.excTlbr - false

.

- - - - ORPHANS VERWIJDERD - - - -

.

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

Wow6432Node-HKCU-Run-Utopia Angel - c:\utopia\Angel\Angel.exe

Wow6432Node-HKCU-Run-IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

Wow6432Node-HKCU-Run-WMPNSCFG - c:\program files (x86)\Windows Media Player\WMPNSCFG.exe

Wow6432Node-HKLM-Run-NBKeyScan - c:\program files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe

Wow6432Node-HKLM-Explorer_Run-42033 - c:\progra~3\LOCALS~1\Temp\mseqwbi.scr

ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)

ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)

AddRemove-unibetpoker (Poker) - c:\microgaming\Poker\unibetpokerMPP\install.exe

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pdfcDispatcher]

"ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService"

.

--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.12"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]

@Denied: (A 2) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]

@="Shockwave Flash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]

@Denied: (A 2) (Everyone)

@=""

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]

@="FlashBroker"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]

"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,

   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

"MSCurrentCountry"=dword:000000b5

.

------------------------ Andere Aktieve Processen ------------------------

.

c:\program files\BrAutomation\AsTools\BrAuthorization\BrAuthorizationSvc.exe

c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe

c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe

c:\program files (x86)\PDF Complete\pdfsvc.exe

c:\program files (x86)\PostgreSQL\8.3\bin\pg_ctl.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\PostgreSQL\8.3\bin\postgres.exe

c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe

c:\program files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe

c:\windows\SysWOW64\WerFault.exe

c:\program files (x86)\Common Files\Steam\SteamService.exe

.

**************************************************************************

.

Voltooingstijd: 2014-03-24  17:57:21 - machine werd herstart

ComboFix-quarantined-files.txt  2014-03-24 16:57

.

Pre-Run: 16.279.990.272 bytes free

Post-Run: 17.609.412.608 bytes free

.

- - End Of File - - 11FAA8CA054DE22E50B9424F66200B80

5C616939100B85E558DA92B899A0FC36
Link to post
Share on other sites

Full System Scan with Malwarebytes Antimalware


  • If not existing, please download
Malwarebytes' Anti-Malware to your desktop. Double-click mbam-setup.exe and follow the prompts to install the program. At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.



If the program is already installed:

  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

I just finnished the scan with Malwarebytes. I will start the ESET scan now. Here is the Malwarebytes Log. 

Small note: I had the same result before, but a second scan shows the same (2) found items. 

 

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Databaseversie: v2014.03.23.06
 
Windows Vista Service Pack 1 x64 NTFS
Internet Explorer 7.0.6001.18000
CZC8507XQB :: P-CZC8507XQB [administrator]
 
25/03/2014 17:23:48
mbam-log-2014-03-25 (17-23-48).txt
 
Scan type: Volledige scan (C:\|Z:\|)
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 614635
Verstreken tijd: 1 uur/uren, 43 minuut/minuten, 17 seconde(n)
 
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Registerwaarden gedetecteerd: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|42033 (Trojan.Agent) -> Data: C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.scr -> Zal worden verwijderd tijdens het herstarten.
 
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
 
Bestanden gedetecteerd: 1
C:\Users\CZC8507XQB\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 (PUP.Optional.OneClickDownloader.A) -> Succesvol in quarantaine geplaatst en verwijderd.
 
(einde)
Link to post
Share on other sites

C:\Program Files (x86)\The Walking Dead Episode 5\steam_api.dll a variant of Win32/HackTool.Crack.BQ potentially unsafe application

C:\Users\CZC8507XQB\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
Link to post
Share on other sites

Fix with FRST (normal mode)

WARNING: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
 

  • Download the attached fixlist.txt and save it to the location where FRST is saved to.
  • Run FRST.exe (on 64bit, run FRST64.exe) and press the Fix button just once and wait.
  • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.

 

fixlist.txt

Link to post
Share on other sites

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014

Ran by CZC8507XQB at 2014-03-27 17:59:16 Run:1

Running from C:\Users\CZC8507XQB\Downloads\FRST

Boot Mode: Normal

==============================================

 

Content of fixlist:

*****************

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run|42033

C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.sc

C:\Users\CZC8507XQB\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000

C:\Program Files (x86)\The Walking Dead Episode 5\steam_api.dll

C:\Users\CZC8507XQB\Downloads\Shockwave_Installer_Slim.exe

C:\Windows\System32\Adobe\Shockwave 12\gt.exe

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe

*****************

 

"C:\PROGRA~3\LOCALS~1\Temp\mseqwbi.sc" => File/Directory not found.

"C:\Users\CZC8507XQB\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000" => File/Directory not found.

C:\Program Files (x86)\The Walking Dead Episode 5\steam_api.dll => Moved successfully.

C:\Users\CZC8507XQB\Downloads\Shockwave_Installer_Slim.exe => Moved successfully.

"C:\Windows\System32\Adobe\Shockwave 12\gt.exe" => File/Directory not found.

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe => Moved successfully.

 

==== End of Fixlog ====

Link to post
Share on other sites

Clearly my mistake - I greatly apologize. :wacko:

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.





SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

Part 1: 

 

# AdwCleaner v3.022 - Report created 28/03/2014 at 18:13:03
# Updated 13/03/2014 by Xplode
# Operating System : Windows Vista Business Service Pack 1 (64 bits)
# Username : CZC8507XQB - P-CZC8507XQB
# Running from : C:\Users\CZC8507XQB\Downloads\adwcleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
[!] Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
[!] Folder Deleted : C:\Windows\SysWOW64\AI_RecycleBin
File Deleted : C:\Users\CZC8507XQB\AppData\Roaming\Mozilla\Firefox\Profiles\v05rurev.default\user.js
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\dt soft\daemon tools toolbar
Key Deleted : HKLM\Software\Funmoods
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v7.0.6001.18639
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [searchAssistant]
 
-\\ Mozilla Firefox v27.0.1 (nl)
 
[ File : C:\Users\CZC8507XQB\AppData\Roaming\Mozilla\Firefox\Profiles\v05rurev.default\prefs.js ]
 
Line Deleted : user_pref("extensions.funmoods_i.aflt", "ddrnw");
Line Deleted : user_pref("extensions.funmoods_i.dfltLng", "");
Line Deleted : user_pref("extensions.funmoods_i.dfltSrch", true);
Line Deleted : user_pref("extensions.funmoods_i.dnsErr", true);
Line Deleted : user_pref("extensions.funmoods_i.excTlbr", false);
Line Deleted : user_pref("extensions.funmoods_i.hmpg", true);
Line Deleted : user_pref("extensions.funmoods_i.id", "86dda43100000000000000216b2c7322");
Line Deleted : user_pref("extensions.funmoods_i.instlDay", "15374");
Line Deleted : user_pref("extensions.funmoods_i.instlRef", "");
Line Deleted : user_pref("extensions.funmoods_i.newTab", true);
Line Deleted : user_pref("extensions.funmoods_i.prdct", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.prtnrId", "funmoods");
Line Deleted : user_pref("extensions.funmoods_i.smplGrp", "none");
Line Deleted : user_pref("extensions.funmoods_i.srchPrvdr", "Search");
Line Deleted : user_pref("extensions.funmoods_i.tlbrId", "base");
Line Deleted : user_pref("extensions.funmoods_i.vrsn", "1.5.11.16");
Line Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.11.1615:57:40");
Line Deleted : user_pref("extensions.funmoods_i.vrsni", "1.5.11.16");
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\CZC8507XQB\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [7320 octets] - [28/03/2014 18:11:08]
AdwCleaner[s0].txt - [5913 octets] - [28/03/2014 18:13:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5973 octets] ##########
Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.3 (03.23.2014:1)

OS: Windows Vista Business x64

Ran by CZC8507XQB on vr 28/03/2014 at 19:01:11,65

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

 

 

~~~ FireFox

 

Successfully deleted: [File] C:\user.js

Emptied folder: C:\Users\CZC8507XQB\AppData\Roaming\mozilla\firefox\profiles\v05rurev.default\minidumps [34 files]

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on vr 28/03/2014 at 19:07:18,70

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Hey Marius,

 

Thank you very much for spending your time on me. I will leave it to you to determine if my pc is clean again, but i am very happy to notice that the symptons (crazy downloading) are no longer present. I checked it with Netlimiter, and it was very strange to see that my antivirus (ESET) was downloading 24/24, 7/7 at high speeds, but this is completely over!

 

Regards,

 

Dimi

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Hello,

 

My bad, i missed the Security step. Here you go:

 

 Results of screen317's Security Check version 0.99.81  
 Windows Vista Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 7 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
ESET NOD32 Antivirus 3.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 6 Update 14  
 Java 6 Update 6  
 Java version out of Date! 
 Adobe Flash Player 12.0.0.77  
 Adobe Reader 9 Adobe Reader out of Date! 
 Mozilla Firefox 27.0.1 Firefox out of Date!  
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Your system is clean! :)

 

 

Windows Vista out of date

Your Microsoft Windows installation is out of date. Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure. Out-of-date Windows installations represent a risk to your system and are also a conduit for the spread of malware.

You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP2) can be obtained directly from Microsoft here.

 

 

 

Internet Explorer out of date

Your version of Internet Explorer is outdated.

  1. Please download IE 10 from http://windows.microsoft.com/en-US/internet-explorer/downloads/ie-10/worldwide-languages
  2. Save it to your desktop.
  3. Double click on the file on your desktop to start the installation process.
  4. Reboot

 

 

 

Java runtime Environment out of date

Your Java runtime environment is outdated. We will fix this.

  • Get the actual JRE from here
  • Save jxpiinstall.exe to your desktop
  • Close all running programs, especially your browser(s)
  • Run jxpiinstall.exe. This will download the newest JRE installer and install the software
  • when finished, go to
    Start-->control panel-->add/remove programs and remove all older Java versions. (if existing)
  • When finished, reboot your computer.


After the reboot

  • Open control panel again and click the java symbol.
  • Click Settings under Temporary Internet Files.
    The Temporary Files Settings dialog box appears.
  • Click Delete Files.
    The Delete Temporary Files dialog box appears
  • Click OK on Delete Temporary Files window.
  • Click OK again.

 

 

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.


  • Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Run setup and follow the instructions.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

Mozilla Firefox out of date

Your Firefox browser is outdated. Please follow these instructions to update it:

  • Get the actual firefox from here.
  • Run setup and follow the instructions on your monitor.
  • Report any problems you have with the update.

 

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.


    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

Hello,

 

I removed the necessary programs, and i would like to thank you for helping me out! Your explanation was amazingly clear for a IT-noob like me, and i am very happy my computer is clean again. 

I hope not to contact you in the futur, but that is nothing personal ;-). 

 

Regards,

Dimi

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.