Jump to content

I think I may be infected with loa.teebik.tracking redirect virus


Recommended Posts

I've been having problems with viruses on my computer lately, mostly redirect viruses, slowing my computer and trying to redirect me to their websites (I see the websites pop up and if i'm quick on the draw I close the page before it redirects) Even making my computer not start up (at which point I had it reimaged, but still got problems). First it was seth.avauz.tracking (excuse typos) which I think was got rid of by a reimaging of my computer. Now a week ago I had my browser (firefox) redirect to a page emblazoned with "protect her now" "league of angels" rpg with a line-up of scantily-clad female gifs - I've updated and run Nortons and Malware, and run adwcleaner, and (after reading up on this teebik thing, scary stuff) switched from firefox to chrome - it has got rid of some stuff but I am still concerned as I still get the "angels" ad in the corner of legitimate websites. I want this thing gone! One guy out there on the internet reckons you can't get rid of this thing if you reimage! Argh!!

attach.txt

dds.txt

Link to post
Share on other sites

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
Scan with Gmer rootkit scanner

Please download Gmer from here by clicking on the "Download EXE" Button.
  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )

    [*]Leave everything else as it is. [*]Close all other running programs as well as your Browser. [*]Click the Scan button & wait for it to finish. [*]Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post. [*]Save it where you can easily find it, such as your desktop. [*]Please post the content of the ark.txt here.


**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries

 

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt



Please post the contents of that log in your next reply.

Link to post
Share on other sites

OK I will get on to this - sorry i was expecting a reply via email, just checked today - please don't close this thread! I did a full scan the other night and it found something to do with PUP (which is now gone, yay) and I thought that was it, but my screen just BSOD on me this afternoon re: Kernel_Data_Inpage_error and a whole bunch of numbers I could put in if it helps.

 

Just to clarify - you want me to run both Gmer.exe and TDSS-killer? will get on to that OK, thanks

Link to post
Share on other sites

GMER 2.1.19357 - http://www.gmer.net

Rootkit scan 2014-04-10 17:56:39

Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST350032 rev.SD1A 465.76GB

Running: kfxw2kuz.exe; Driver: C:\Users\Kathy\AppData\Local\Temp\kgloqpow.sys

 

 

---- System - GMER 2.1 ----

 

SSDT            86D653E0                   ZwAlertResumeThread

SSDT            86D65478                   ZwAlertThread

SSDT            86D635A0                   ZwAllocateVirtualMemory

SSDT            8656C130                   ZwAlpcConnectPort

SSDT            86D61E20                   ZwAssignProcessToJobObject

SSDT            86D65208                   ZwCreateMutant

SSDT            86D61C18                   ZwCreateSymbolicLinkObject

SSDT            86DB5CB8                   ZwCreateThread

SSDT            86D61EB8                   ZwDebugActiveProcess

SSDT            86D64538                   ZwDuplicateObject

SSDT            86D63450                   ZwFreeVirtualMemory

SSDT            86D652B0                   ZwImpersonateAnonymousToken

SSDT            86D65348                   ZwImpersonateThread

SSDT            86CC5C18                   ZwLoadDriver

SSDT            86D62730                   ZwMapViewOfSection

SSDT            86D65170                   ZwOpenEvent

SSDT            86D679C8                   ZwOpenProcess

SSDT            86D644C0                   ZwOpenProcessToken

SSDT            86D61008                   ZwOpenSection

SSDT            86D67940                   ZwOpenThread

SSDT            86D61D78                   ZwProtectVirtualMemory

SSDT            86D65510                   ZwResumeThread

SSDT            86D62558                   ZwSetContextThread

SSDT            86D625F0                   ZwSetInformationProcess

SSDT            86D61F50                   ZwSetSystemInformation

SSDT            86D650D8                   ZwSuspendProcess

SSDT            86D62428                   ZwSuspendThread

SSDT            86DB5300                   ZwTerminateProcess

SSDT            86D624C0                   ZwTerminateThread

SSDT            86D62698                   ZwUnmapViewOfSection

SSDT            86D634F8                   ZwWriteVirtualMemory

SSDT            86D61CC0                   ZwCreateThreadEx

 

---- Devices - GMER 2.1 ----

 

AttachedDevice  \Driver\tdx \Device\Tcp    SYMTDIV.SYS

AttachedDevice  \Driver\tdx \Device\Udp    SYMTDIV.SYS

AttachedDevice  \Driver\tdx \Device\RawIp  SYMTDIV.SYS

AttachedDevice  \FileSystem\fastfat \Fat   fltmgr.sys

 

---- EOF - GMER 2.1 ----
Link to post
Share on other sites

18:03:55.0646 0x0548  TDSS rootkit removing tool 3.0.0.30 Apr  7 2014 15:39:12

18:08:02.0455 0x0548  ============================================================

18:08:02.0455 0x0548  Current date / time: 2014/04/10 18:08:02.0455

18:08:02.0455 0x0548  SystemInfo:

18:08:02.0455 0x0548 

18:08:02.0455 0x0548  OS Version: 6.0.6002 ServicePack: 2.0

18:08:02.0455 0x0548  Product type: Workstation

18:08:02.0455 0x0548  ComputerName: KATHY-PC

18:08:02.0455 0x0548  UserName: Kathy

18:08:02.0455 0x0548  Windows directory: C:\Windows

18:08:02.0455 0x0548  System windows directory: C:\Windows

18:08:02.0455 0x0548  Processor architecture: Intel x86

18:08:02.0455 0x0548  Number of processors: 2

18:08:02.0455 0x0548  Page size: 0x1000

18:08:02.0455 0x0548  Boot type: Normal boot

18:08:02.0455 0x0548  ============================================================

18:08:04.0393 0x0548  KLMD registered as C:\Windows\system32\drivers\70799538.sys

18:08:05.0018 0x0548  System UUID: {A649C35F-1378-E38F-2809-2D88494A6072}

18:08:06.0268 0x0548  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050

18:08:06.0299 0x0548  Drive \Device\Harddisk1\DR1 - Size: 0x78680000 (1.88 Gb), SectorSize: 0x200, Cylinders: 0xF5, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

18:08:06.0393 0x0548  ============================================================

18:08:06.0393 0x0548  \Device\Harddisk0\DR0:

18:08:06.0393 0x0548  MBR partitions:

18:08:06.0393 0x0548  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3EC1, BlocksNum 0xC34F2CC

18:08:06.0393 0x0548  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xC353800, BlocksNum 0x21CA0000

18:08:06.0393 0x0548  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2DFF3800, BlocksNum 0xC391800

18:08:06.0393 0x0548  \Device\Harddisk1\DR1:

18:08:06.0393 0x0548  MBR partitions:

18:08:06.0393 0x0548  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xF8, BlocksNum 0x3C3308

18:08:06.0393 0x0548  ============================================================

18:08:06.0533 0x0548  C: <-> \Device\Harddisk0\DR0\Partition1

18:08:06.0768 0x0548  M: <-> \Device\Harddisk0\DR0\Partition2

18:08:06.0815 0x0548  Z: <-> \Device\Harddisk0\DR0\Partition3

18:08:06.0815 0x0548  ============================================================

18:08:06.0815 0x0548  Initialize success

18:08:06.0815 0x0548  ============================================================

18:08:19.0800 0x0980  ============================================================

18:08:19.0800 0x0980  Scan started

18:08:19.0800 0x0980  Mode: Manual;

18:08:19.0800 0x0980  ============================================================

18:08:19.0800 0x0980  KSN ping started

18:08:23.0566 0x0980  KSN ping finished: true

18:08:23.0878 0x0980  ================ Scan system memory ========================

18:08:23.0878 0x0980  System memory - ok

18:08:23.0878 0x0980  ================ Scan services =============================

18:08:24.0019 0x0980  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys

18:08:24.0034 0x0980  ACPI - ok

18:08:24.0128 0x0980  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

18:08:24.0144 0x0980  AdobeARMservice - ok

18:08:24.0222 0x0980  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

18:08:24.0222 0x0980  AdobeFlashPlayerUpdateSvc - ok

18:08:24.0284 0x0980  [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

18:08:24.0300 0x0980  adp94xx - ok

18:08:24.0316 0x0980  [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

18:08:24.0331 0x0980  adpahci - ok

18:08:24.0347 0x0980  [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys

18:08:24.0363 0x0980  adpu160m - ok

18:08:24.0378 0x0980  [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

18:08:24.0378 0x0980  adpu320 - ok

18:08:24.0425 0x0980  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

18:08:24.0425 0x0980  AeLookupSvc - ok

18:08:24.0472 0x0980  [ 3911B972B55FEA0478476B2E777B29FA, 62545B90C7DD3F73777E62CD8264E611A4D71B6956CABFD2D820D25F41F471FD ] AFD             C:\Windows\system32\drivers\afd.sys

18:08:24.0472 0x0980  AFD - ok

18:08:24.0488 0x0980  [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440          C:\Windows\system32\drivers\agp440.sys

18:08:24.0488 0x0980  agp440 - ok

18:08:24.0503 0x0980  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys

18:08:24.0519 0x0980  aic78xx - ok

18:08:24.0519 0x0980  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe

18:08:24.0534 0x0980  ALG - ok

18:08:24.0534 0x0980  [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide          C:\Windows\system32\drivers\aliide.sys

18:08:24.0534 0x0980  aliide - ok

18:08:24.0550 0x0980  [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp          C:\Windows\system32\drivers\amdagp.sys

18:08:24.0566 0x0980  amdagp - ok

18:08:24.0566 0x0980  [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide          C:\Windows\system32\drivers\amdide.sys

18:08:24.0566 0x0980  amdide - ok

18:08:24.0581 0x0980  [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7           C:\Windows\system32\drivers\amdk7.sys

18:08:24.0581 0x0980  AmdK7 - ok

18:08:24.0597 0x0980  [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

18:08:24.0597 0x0980  AmdK8 - ok

18:08:24.0613 0x0980  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll

Link to post
Share on other sites

18:08:24.0613 0x0980  Appinfo - ok

18:08:24.0722 0x0980  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

18:08:24.0722 0x0980  Apple Mobile Device - ok

18:08:24.0738 0x0980  [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc             C:\Windows\system32\drivers\arc.sys

18:08:24.0738 0x0980  arc - ok

18:08:24.0753 0x0980  [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas          C:\Windows\system32\drivers\arcsas.sys

18:08:24.0753 0x0980  arcsas - ok

18:08:24.0863 0x0980  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe

18:08:24.0863 0x0980  aspnet_state - ok

18:08:24.0956 0x0980  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

18:08:24.0956 0x0980  AsyncMac - ok

18:08:24.0988 0x0980  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys

18:08:24.0988 0x0980  atapi - ok

18:08:25.0034 0x0980  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

18:08:25.0034 0x0980  AudioEndpointBuilder - ok

18:08:25.0050 0x0980  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll

18:08:25.0050 0x0980  Audiosrv - ok

18:08:25.0081 0x0980  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys

18:08:25.0081 0x0980  Beep - ok

18:08:25.0128 0x0980  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll

18:08:25.0128 0x0980  BFE - ok

18:08:25.0300 0x0980  [ 0305AF513F52CCCD0716002EC06AC2AA, 4D371F6077C8F8041E17D4ACA75CDD9FE4867E959205E822842B73333DE579F6 ] BHDrvx86        C:\Program Files\Norton Internet Security\NortonData\21.2.0.38\Definitions\BASHDefs\20140319.001\BHDrvx86.sys

18:08:25.0347 0x0980  BHDrvx86 - ok

18:08:25.0409 0x0980  [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS            C:\Windows\System32\qmgr.dll

18:08:25.0425 0x0980  BITS - ok

18:08:25.0456 0x0980  [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys

18:08:25.0456 0x0980  blbdrive - ok

18:08:25.0519 0x0980  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

18:08:25.0534 0x0980  Bonjour Service - ok

18:08:25.0581 0x0980  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

18:08:25.0581 0x0980  bowser - ok

18:08:25.0597 0x0980  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys

18:08:25.0597 0x0980  BrFiltLo - ok

18:08:25.0597 0x0980  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys

18:08:25.0597 0x0980  BrFiltUp - ok

18:08:25.0644 0x0980  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll

18:08:25.0644 0x0980  Browser - ok

18:08:25.0659 0x0980  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys

18:08:25.0659 0x0980  Brserid - ok

18:08:25.0675 0x0980  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys

18:08:25.0675 0x0980  BrSerWdm - ok

18:08:25.0675 0x0980  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys

18:08:25.0675 0x0980  BrUsbMdm - ok

18:08:25.0675 0x0980  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys

18:08:25.0691 0x0980  BrUsbSer - ok

18:08:25.0691 0x0980  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

18:08:25.0691 0x0980  BTHMODEM - ok

18:08:25.0784 0x0980  [ 56C2811FD0D7B727808A69407B5BFAE0, 5F84A29A9E6D8F566F95399F3B41A82DD128EA69678BBBCF75AD914DE70D9A74 ] ccSet_NIS       C:\Windows\system32\drivers\NIS\1502000.026\ccSetx86.sys

18:08:25.0800 0x0980  ccSet_NIS - ok

18:08:25.0816 0x0980  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

18:08:25.0816 0x0980  cdfs - ok

18:08:25.0847 0x0980  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

18:08:25.0863 0x0980  cdrom - ok

18:08:25.0878 0x0980  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll

18:08:25.0878 0x0980  CertPropSvc - ok

18:08:25.0909 0x0980  [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass        C:\Windows\system32\drivers\circlass.sys

18:08:25.0909 0x0980  circlass - ok

18:08:25.0956 0x0980  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys

18:08:25.0956 0x0980  CLFS - ok

18:08:26.0019 0x0980  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

18:08:26.0019 0x0980  clr_optimization_v2.0.50727_32 - ok

18:08:26.0034 0x0980  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

18:08:26.0034 0x0980  clr_optimization_v4.0.30319_32 - ok

18:08:26.0050 0x0980  [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide          C:\Windows\system32\drivers\cmdide.sys

18:08:26.0050 0x0980  cmdide - ok

18:08:26.0066 0x0980  [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

18:08:26.0066 0x0980  Compbatt - ok

18:08:26.0081 0x0980  COMSysApp - ok

18:08:26.0081 0x0980  [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

18:08:26.0081 0x0980  crcdisk - ok

18:08:26.0113 0x0980  [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe          C:\Windows\system32\drivers\crusoe.sys

18:08:26.0128 0x0980  Crusoe - ok

18:08:26.0159 0x0980  [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

18:08:26.0159 0x0980  CryptSvc - ok

18:08:26.0191 0x0980  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch      C:\Windows\system32\rpcss.dll

18:08:26.0206 0x0980  DcomLaunch - ok

18:08:26.0238 0x0980  [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

18:08:26.0253 0x0980  DfsC - ok

18:08:26.0331 0x0980  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe

18:08:26.0378 0x0980  DFSR - ok

18:08:26.0425 0x0980  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll

18:08:26.0425 0x0980  Dhcp - ok

18:08:26.0472 0x0980  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys

18:08:26.0472 0x0980  disk - ok

18:08:26.0503 0x0980  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll

18:08:26.0519 0x0980  Dnscache - ok

18:08:26.0550 0x0980  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll

18:08:26.0550 0x0980  dot3svc - ok

18:08:26.0566 0x0980  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll

18:08:26.0566 0x0980  DPS - ok

18:08:26.0613 0x0980  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

18:08:26.0613 0x0980  drmkaud - ok

18:08:26.0675 0x0980  [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

18:08:26.0691 0x0980  DXGKrnl - ok

18:08:26.0738 0x0980  [ ABFD0739BDA1A9295B872A4B27326B9C, B11BCEDD580EE81EC3D6FEA3826D79B73B14794A22213A8E327723970463A575 ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys

18:08:26.0753 0x0980  e1express - ok

18:08:26.0769 0x0980  [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys

18:08:26.0769 0x0980  E1G60 - ok

18:08:26.0784 0x0980  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll

18:08:26.0784 0x0980  EapHost - ok

18:08:26.0831 0x0980  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys

18:08:26.0831 0x0980  Ecache - ok

18:08:26.0909 0x0980  [ 08EE8892FD19A6A951F40254E97F6EF3, 76F19B49DDC7B1CD7839BF0DF6A417F2DD756C924931F39291BC1D25A3C6077D ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

18:08:26.0925 0x0980  eeCtrl - ok

18:08:26.0956 0x0980  [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

18:08:26.0972 0x0980  elxstor - ok

18:08:27.0034 0x0980  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll

18:08:27.0050 0x0980  EMDMgmt - ok

18:08:27.0066 0x0980  [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev          C:\Windows\system32\drivers\errdev.sys

18:08:27.0066 0x0980  ErrDev - ok

18:08:27.0113 0x0980  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll

18:08:27.0113 0x0980  EventSystem - ok

18:08:27.0144 0x0980  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys

18:08:27.0144 0x0980  exfat - ok

18:08:27.0191 0x0980  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys

18:08:27.0206 0x0980  fastfat - ok

18:08:27.0206 0x0980  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys

18:08:27.0206 0x0980  fdc - ok

18:08:27.0238 0x0980  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll

18:08:27.0238 0x0980  fdPHost - ok

18:08:27.0238 0x0980  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll

18:08:27.0238 0x0980  FDResPub - ok

18:08:27.0253 0x0980  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

18:08:27.0253 0x0980  FileInfo - ok

18:08:27.0269 0x0980  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

18:08:27.0269 0x0980  Filetrace - ok

18:08:27.0269 0x0980  [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys

18:08:27.0269 0x0980  flpydisk - ok

18:08:27.0300 0x0980  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

18:08:27.0300 0x0980  FltMgr - ok

18:08:27.0394 0x0980  [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache       C:\Windows\system32\FntCache.dll

18:08:27.0409 0x0980  FontCache - ok

18:08:27.0488 0x0980  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] 

Link to post
Share on other sites

FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

18:08:27.0488 0x0980  FontCache3.0.0.0 - ok

18:08:27.0519 0x0980  [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

18:08:27.0519 0x0980  Fs_Rec - ok

18:08:27.0534 0x0980  [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

18:08:27.0550 0x0980  gagp30kx - ok

18:08:27.0566 0x0980  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

18:08:27.0581 0x0980  GEARAspiWDM - ok

18:08:27.0613 0x0980  [ 7BEC703F31E1D441DB16886C9AA4CBA9, 147CE7A0F6314AB487E9AFA98ACB772906848A4C00CEEC76F1CB705E7760B3B1 ] getPlus® Helper C:\Program Files\NOS\bin\getPlus_HelperSvc.exe

18:08:27.0613 0x0980  getPlus® Helper - ok

18:08:27.0675 0x0980  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll

18:08:27.0691 0x0980  gpsvc - ok

18:08:27.0816 0x0980  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe

18:08:27.0816 0x0980  gupdate - ok

18:08:27.0831 0x0980  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe

18:08:27.0831 0x0980  gupdatem - ok

18:08:27.0863 0x0980  [ CB04C744BE0A61B1D648FAED182C3B59, 61DC0FF94325DAFCCB7B3980A48727EFBF1283FCF753EC16EF04C730525994C0 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

18:08:27.0878 0x0980  HdAudAddService - ok

18:08:27.0909 0x0980  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

18:08:27.0925 0x0980  HDAudBus - ok

18:08:27.0972 0x0980  [ C865D1F6D03595DF213DC3C67E4E4C58, A15028697383377D3E6DBC91F3729DEBEC135304DF27C057FFD9B1BF8861D509 ] HECI            C:\Windows\system32\DRIVERS\HECI.sys

18:08:27.0972 0x0980  HECI - ok

18:08:27.0988 0x0980  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys

18:08:27.0988 0x0980  HidBth - ok

18:08:27.0988 0x0980  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys

18:08:27.0988 0x0980  HidIr - ok

18:08:28.0019 0x0980  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll

18:08:28.0019 0x0980  hidserv - ok

18:08:28.0050 0x0980  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

18:08:28.0050 0x0980  HidUsb - ok

18:08:28.0097 0x0980  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll

18:08:28.0097 0x0980  hkmsvc - ok

18:08:28.0113 0x0980  [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys

18:08:28.0113 0x0980  HpCISSs - ok

18:08:28.0159 0x0980  [ 0EEECA26C8D4BDE2A4664DB058A81937, 6F88567A116B1420BE1C9C8888F34D05F51378092C805EF4E489635CF92D416B ] HTTP            C:\Windows\system32\drivers\HTTP.sys

18:08:28.0175 0x0980  HTTP - ok

18:08:28.0191 0x0980  [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys

18:08:28.0191 0x0980  i2omp - ok

18:08:28.0222 0x0980  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

18:08:28.0222 0x0980  i8042prt - ok

18:08:28.0284 0x0980  [ F79525634B192F5A18DE503568F94EF3, B02CAF3D03F813F78F2D0C2E24777AF64A59BD79D86AC1BE30825E5B95231E3E ] IAANTMON        C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

18:08:28.0284 0x0980  IAANTMON - ok

18:08:28.0316 0x0980  [ BAABB0301949774A66B955C65319635A, EEFF6FA5A09CD4FF40E404C9B52EC7DC9EA444B9810D4318B66216B18E6F1F10 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys

18:08:28.0316 0x0980  iaStor - ok

18:08:28.0347 0x0980  [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys

18:08:28.0347 0x0980  iaStorV - ok

18:08:28.0394 0x0980  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

18:08:28.0425 0x0980  idsvc - ok

18:08:28.0613 0x0980  [ 373C0F67CC49772028D311FD147F4E85, D88613EB4DCB6F0A77D947D3DAB853689FFD71331484723C7CDCBADC7F01CB34 ] IDSVix86        C:\Program Files\Norton Internet Security\NortonData\21.2.0.38\Definitions\IPSDefs\20140409.001\IDSvix86.sys

18:08:28.0831 0x0980  IDSVix86 - ok

18:08:28.0878 0x0980  [ 88A55B864CB81C97B3B8D1209B042AAE, 94029CA8F2E4240666B2A2D0BEBB61A561CD5946D3D724816CDDF73F07B7E00E ] IduService      C:\Program Files\Intel\Intel Desktop Utilities\iduServ.exe

18:08:28.0894 0x0980  IduService - ok

18:08:28.0894 0x0980  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys

18:08:28.0894 0x0980  iirsp - ok

18:08:28.0956 0x0980  [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT          C:\Windows\System32\ikeext.dll

18:08:28.0972 0x0980  IKEEXT - ok

18:08:28.0972 0x0980  [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide        C:\Windows\system32\drivers\intelide.sys

18:08:28.0972 0x0980  intelide - ok

18:08:28.0972 0x0980  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

18:08:28.0988 0x0980  intelppm - ok

18:08:28.0988 0x0980  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

18:08:28.0988 0x0980  IPBusEnum - ok

18:08:29.0003 0x0980  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

18:08:29.0003 0x0980  IpFilterDriver - ok

18:08:29.0034 0x0980  [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

18:08:29.0034 0x0980  iphlpsvc - ok

18:08:29.0034 0x0980  IpInIp - ok

18:08:29.0050 0x0980  [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys

18:08:29.0050 0x0980  IPMIDRV - ok

18:08:29.0066 0x0980  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys

18:08:29.0081 0x0980  IPNAT - ok

18:08:29.0128 0x0980  [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

18:08:29.0144 0x0980  iPod Service - ok

18:08:29.0144 0x0980  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

18:08:29.0144 0x0980  IRENUM - ok

18:08:29.0159 0x0980  [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

18:08:29.0159 0x0980  isapnp - ok

18:08:29.0191 0x0980  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys

18:08:29.0191 0x0980  iScsiPrt - ok

18:08:29.0206 0x0980  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys

18:08:29.0206 0x0980  iteatapi - ok

18:08:29.0238 0x0980  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys

18:08:29.0238 0x0980  iteraid - ok

18:08:29.0253 0x0980  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

18:08:29.0253 0x0980  kbdclass - ok

18:08:29.0284 0x0980  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

18:08:29.0284 0x0980  kbdhid - ok

18:08:29.0331 0x0980  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso          C:\Windows\system32\lsass.exe

18:08:29.0331 0x0980  KeyIso - ok

18:08:29.0363 0x0980  [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

18:08:29.0378 0x0980  KSecDD - ok

18:08:29.0409 0x0980  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll

18:08:29.0425 0x0980  KtmRm - ok

18:08:29.0456 0x0980  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\system32\srvsvc.dll

18:08:29.0456 0x0980  LanmanServer - ok

18:08:29.0503 0x0980  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

18:08:29.0519 0x0980  LanmanWorkstation - ok

18:08:29.0581 0x0980  [ 45B7D6BD6F59CBA3FB6BF202223F4264, 64071FC2566BF2A93DB6ACF332663ACBE5F39CA91753003F15CE1086FCA19611 ] LBTServ         C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe

18:08:29.0581 0x0980  LBTServ - ok

18:08:29.0628 0x0980  [ DD83DC92463FCE6324FD30A13D17D0DA, 505AEFDD07DD17FD6D88478F0951CA1287F867669E7F078D8562657A13C32862 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys

18:08:29.0659 0x0980  LHidFilt - ok

Link to post
Share on other sites

18:08:29.0691 0x0980  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

18:08:29.0691 0x0980  lltdio - ok

18:08:29.0722 0x0980  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll

18:08:29.0722 0x0980  lltdsvc - ok

18:08:29.0738 0x0980  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll

18:08:29.0753 0x0980  lmhosts - ok

18:08:29.0769 0x0980  [ 8FE0008E183FF0293A925B78A5581C5F, CA99379DD3C44F1522197B0FAA7F8E0EF4403C008701284BC3A7775E6E2BEDA7 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys

18:08:29.0769 0x0980  LMouFilt - ok

18:08:29.0800 0x0980  [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

18:08:29.0800 0x0980  LSI_FC - ok

18:08:29.0816 0x0980  [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

18:08:29.0816 0x0980  LSI_SAS - ok

18:08:29.0831 0x0980  [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

18:08:29.0847 0x0980  LSI_SCSI - ok

18:08:29.0847 0x0980  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys

18:08:29.0847 0x0980  luafv - ok

18:08:29.0894 0x0980  [ 0DEC219CB6EFCBC872F88F9AEC320EA6, 473DCA490EA3F730FDAF32113F659EA64DDAE37572050C7790B567B8376FA212 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys

18:08:29.0894 0x0980  LUsbFilt - ok

18:08:29.0956 0x0980  [ F2BD1DFC573A5857A8ED61822831627E, 902D11EF369F0163B7D98CBA545BA9C3A3225CDF69BC0912B506C661A10661D4 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys

18:08:29.0956 0x0980  mbamchameleon - ok

18:08:30.0003 0x0980  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys

18:08:30.0003 0x0980  MBAMProtector - ok

18:08:30.0113 0x0980  [ 0E08BDD7326E657D59DB40BAD23D8169, 428C6CCCC0BB540DFD35847776140D60C186B9D2D14F0ACCD1A4D42A8877BD98 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

18:08:30.0159 0x0980  MBAMScheduler - ok

18:08:30.0269 0x0980  [ A8E7F3DB083EB0839DFC1C763CDD2594, BDF416E360A52130B23B029C89E6406A97FB0516C52C7E63B94CAECEEB431A2E ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

18:08:30.0284 0x0980  MBAMService - ok

18:08:30.0316 0x0980  [ 351E390DD5D257EAFF6E74A3C7239A5D, C3BDC91534A66BF08C6D2A71A51F2517A11949A0B4F5904014DECC03BDB9840A ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys

18:08:30.0316 0x0980  MBAMWebAccessControl - ok

18:08:30.0425 0x0980  [ 8566E3E7E14517C3142F9EBAF68C3CF4, 1E7A279B8EF1FA8C4D7DB0B72E031DDC39D82FC694A22808BD6C76EF98BB7BF1 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe

18:08:30.0441 0x0980  McComponentHostService - ok

18:08:30.0441 0x0980  [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas         C:\Windows\system32\drivers\megasas.sys

18:08:30.0441 0x0980  megasas - ok

18:08:30.0472 0x0980  [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR          C:\Windows\system32\drivers\megasr.sys

18:08:30.0472 0x0980  MegaSR - ok

18:08:30.0503 0x0980  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll

18:08:30.0503 0x0980  MMCSS - ok

18:08:30.0503 0x0980  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys

18:08:30.0503 0x0980  Modem - ok

18:08:30.0534 0x0980  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

18:08:30.0534 0x0980  monitor - ok

18:08:30.0566 0x0980  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

18:08:30.0566 0x0980  mouclass - ok

18:08:30.0566 0x0980  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

18:08:30.0566 0x0980  mouhid - ok

18:08:30.0581 0x0980  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys

18:08:30.0581 0x0980  MountMgr - ok

18:08:30.0644 0x0980  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

18:08:30.0644 0x0980  MozillaMaintenance - ok

18:08:30.0659 0x0980  [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio            C:\Windows\system32\drivers\mpio.sys

18:08:30.0659 0x0980  mpio - ok

18:08:30.0675 0x0980  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

18:08:30.0675 0x0980  mpsdrv - ok

18:08:30.0722 0x0980  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll

18:08:30.0722 0x0980  MpsSvc - ok

18:08:30.0738 0x0980  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys

18:08:30.0738 0x0980  Mraid35x - ok

18:08:30.0769 0x0980  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

18:08:30.0784 0x0980  MRxDAV - ok

18:08:30.0816 0x0980  [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

18:08:30.0816 0x0980  mrxsmb - ok

18:08:30.0831 0x0980  [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

18:08:30.0847 0x0980  mrxsmb10 - ok

18:08:30.0847 0x0980  [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

18:08:30.0863 0x0980  mrxsmb20 - ok

18:08:30.0878 0x0980  [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci          C:\Windows\system32\drivers\msahci.sys

18:08:30.0878 0x0980  msahci - ok

18:08:30.0894 0x0980  [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

18:08:30.0909 0x0980  msdsm - ok

18:08:30.0909 0x0980  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe

18:08:30.0925 0x0980  MSDTC - ok

18:08:30.0941 0x0980  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

18:08:30.0941 0x0980  Msfs - ok

18:08:30.0956 0x0980  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

18:08:30.0956 0x0980  msisadrv - ok

18:08:30.0988 0x0980  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

18:08:31.0003 0x0980  MSiSCSI - ok

18:08:31.0003 0x0980  msiserver - ok

18:08:31.0034 0x0980  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

18:08:31.0034 0x0980  MSKSSRV - ok

18:08:31.0034 0x0980  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

18:08:31.0050 0x0980  MSPCLOCK - ok

18:08:31.0066 0x0980  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

18:08:31.0066 0x0980  MSPQM - ok

18:08:31.0113 0x0980  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

18:08:31.0113 0x0980  MsRPC - ok

18:08:31.0113 0x0980  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

18:08:31.0113 0x0980  mssmbios - ok

18:08:31.0144 0x0980  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

18:08:31.0144 0x0980  MSTEE - ok

18:08:31.0159 0x0980  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys

18:08:31.0159 0x0980  Mup - ok

18:08:31.0191 0x0980  [ D02734423B59B3AC14CDFE91E9665FF0, F85B6B61AF196065169A8E4AB960A19CEFF7739779EF7927F91A50FAD46EF0F2 ] NAL             C:\Windows\system32\Drivers\iqvw32.sys

18:08:31.0191 0x0980  NAL - ok

18:08:31.0238 0x0980  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll

18:08:31.0253 0x0980  napagent - ok

18:08:31.0300 0x0980  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

18:08:31.0300 0x0980  NativeWifiP - ok

18:08:31.0363 0x0980  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\Program Files\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140409.023\NAVENG.SYS

18:08:31.0363 0x0980  NAVENG - ok

18:08:31.0425 0x0980  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\Program Files\Norton Internet Security\NortonData\21.2.0.38\Definitions\VirusDefs\20140409.023\NAVEX15.SYS

18:08:31.0550 0x0980  NAVEX15 - ok

18:08:31.0597 0x0980  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys

18:08:31.0597 0x0980  NDIS - ok

18:08:31.0644 0x0980  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

18:08:31.0644 0x0980  NdisTapi - ok

18:08:31.0659 0x0980  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

18:08:31.0659 0x0980  Ndisuio - ok

18:08:31.0675 0x0980  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

18:08:31.0675 0x0980  NdisWan - ok

18:08:31.0691 0x0980  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

18:08:31.0706 0x0980  NDProxy - ok

18:08:31.0847 0x0980  [ 40D7D0A208EE863BCA8D89E299216F15, 4686E416A80D883B7C6CBE21E8D8D6C814D16DC48495F8ACFE7B4664560CA5E3 ] Nero BackItUp Scheduler 3 C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe

18:08:31.0863 0x0980  Nero BackItUp Scheduler 3 - ok

18:08:31.0878 0x0980  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

18:08:31.0894 0x0980  NetBIOS - ok

18:08:31.0909 0x0980  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys

18:08:31.0925 0x0980  netbt - ok

18:08:31.0941 0x0980  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon        C:\Windows\system32\lsass.exe

18:08:31.0941 0x0980  Netlogon - ok

18:08:31.0972 0x0980  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll

18:08:31.0988 0x0980  Netman - ok

18:08:32.0019 0x0980  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:08:32.0019 0x0980  NetMsmqActivator - ok

18:08:32.0034 0x0980  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:08:32.0034 0x0980  NetPipeActivator - ok

18:08:32.0066 0x0980  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll

18:08:32.0066 0x0980  netprofm - ok

18:08:32.0081 0x0980  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:08:32.0081 0x0980  NetTcpActivator - ok

18:08:32.0081 0x0980  [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe

18:08:32.0097 0x0980  NetTcpPortSharing - ok

18:08:32.0113 0x0980  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

18:08:32.0113 0x0980  nfrd960 - ok

18:08:32.0269 0x0980  [ C4160567128FCFC1DCA1693369B62DFE, B25933758123DB663D28CA6B29D4336AD58AA1016391B6B1B5DA9C26B4CCC83E ] NIS             C:\Program Files\Norton Internet Security\Engine\21.2.0.38\NIS.exe

18:08:32.0284 0x0980  NIS - ok

18:08:32.0316 0x0980  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll

18:08:32.0316 0x0980  NlaSvc - ok

18:08:32.0378 0x0980  [ EBA1B4BF2E2375ABDADEDB649F283541, 8B27AE794678C55791F95F34E67E12BAD5BE753F812C49D6511BB657CF453B52 ] NMIndexingService C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

18:08:32.0394 0x0980  NMIndexingService - ok

18:08:32.0425 0x0980  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

18:08:32.0425 0x0980  Npfs - ok

18:08:32.0456 0x0980  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll

18:08:32.0456 0x0980  nsi - ok

18:08:32.0472 0x0980  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

18:08:32.0472 0x0980  nsiproxy - ok

18:08:32.0519 0x0980  [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

18:08:32.0566 0x0980  Ntfs - ok

18:08:32.0597 0x0980  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys

18:08:32.0597 0x0980  ntrigdigi - ok

18:08:32.0613 0x0980  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys

18:08:32.0613 0x0980  Null - ok

18:08:32.0956 0x0980  [ 975026EE6AF72CD0954AECDDAD43F8EF, 66F9983B1F5305979E01A38A415E95C795C462C4B7FE87280A58D4F6A260EC6F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

18:08:33.0238 0x0980  nvlddmkm - ok

18:08:33.0269 0x0980  [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid          C:\Windows\system32\drivers\nvraid.sys

18:08:33.0269 0x0980  nvraid - ok

18:08:33.0284 0x0980  [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

18:08:33.0284 0x0980  nvstor - ok

18:08:33.0316 0x0980  [ B977DE8442427ED709A95888E034042A, 1F1D55AFA973F3A250FE52694260AA2F5449114079A2BB3BE5729984B4203BC2 ] nvsvc           C:\Windows\system32\nvvsvc.exe

18:08:33.0347 0x0980  nvsvc - ok

18:08:33.0472 0x0980  [ A9AFE5B0648C8D7A411A72D8222F7F6E, A58AF8C615D97C769DA778D56F7E6999AAEB577C82C65455D3B2A8ED5B742777 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

18:08:33.0519 0x0980  nvUpdatusService - ok

18:08:33.0534 0x0980  [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

18:08:33.0550 0x0980  nv_agp - ok

18:08:33.0550 0x0980  NwlnkFlt - ok

18:08:33.0550 0x0980  NwlnkFwd - ok

18:08:33.0613 0x0980  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

18:08:33.0613 0x0980  odserv - ok

18:08:33.0675 0x0980  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys

18:08:33.0675 0x0980  ohci1394 - ok

Link to post
Share on other sites

18:08:33.0691 0x0980  [ D7D120FD31BB8B4EC6A4F628517EDC33, 4F0A41973C3702A372B63442640B7B17F94D9D15C302BC6445F98A1C0CC0C3E1 ] osaio           C:\Windows\system32\drivers\osaio.sys

18:08:33.0691 0x0980  osaio - ok

18:08:33.0753 0x0980  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

18:08:33.0753 0x0980  ose - ok

18:08:33.0800 0x0980  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll

18:08:33.0816 0x0980  p2pimsvc - ok

18:08:33.0831 0x0980  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll

18:08:33.0847 0x0980  p2psvc - ok

18:08:33.0863 0x0980  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys

18:08:33.0863 0x0980  Parport - ok

18:08:33.0894 0x0980  [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr         C:\Windows\system32\drivers\partmgr.sys

18:08:33.0894 0x0980  partmgr - ok

18:08:33.0894 0x0980  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys

18:08:33.0894 0x0980  Parvdm - ok

18:08:33.0909 0x0980  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll

18:08:33.0909 0x0980  PcaSvc - ok

18:08:33.0941 0x0980  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys

18:08:33.0941 0x0980  pci - ok

18:08:33.0972 0x0980  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys

18:08:33.0972 0x0980  pciide - ok

18:08:33.0988 0x0980  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

18:08:34.0003 0x0980  pcmcia - ok

18:08:34.0066 0x0980  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

18:08:34.0081 0x0980  PEAUTH - ok

18:08:34.0159 0x0980  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll

18:08:34.0222 0x0980  pla - ok

18:08:34.0238 0x0980  [ 875E4E0661F3A5994DF9E5E3A0A4F96B, 7198C02935B3714C455EE94305D2A21D900D72AC67049C11A1E842572AD6C5E1 ] PLFlash DeviceIoControl Service C:\Windows\system32\IoctlSvc.exe

18:08:34.0253 0x0980  PLFlash DeviceIoControl Service - ok

18:08:34.0284 0x0980  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

18:08:34.0284 0x0980  PlugPlay - ok

18:08:34.0316 0x0980  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll

18:08:34.0331 0x0980  PNRPAutoReg - ok

18:08:34.0347 0x0980  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll

18:08:34.0363 0x0980  PNRPsvc - ok

18:08:34.0409 0x0980  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

18:08:34.0425 0x0980  PolicyAgent - ok

18:08:34.0456 0x0980  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

18:08:34.0456 0x0980  PptpMiniport - ok

18:08:34.0456 0x0980  [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor       C:\Windows\system32\drivers\processr.sys

18:08:34.0456 0x0980  Processor - ok

18:08:34.0503 0x0980  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll

18:08:34.0503 0x0980  ProfSvc - ok

18:08:34.0519 0x0980  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe

18:08:34.0519 0x0980  ProtectedStorage - ok

18:08:34.0550 0x0980  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys

18:08:34.0550 0x0980  PSched - ok

18:08:34.0628 0x0980  [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300          C:\Windows\system32\drivers\ql2300.sys

18:08:34.0675 0x0980  ql2300 - ok

18:08:34.0691 0x0980  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

18:08:34.0691 0x0980  ql40xx - ok

18:08:34.0706 0x0980  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll

18:08:34.0706 0x0980  QWAVE - ok

18:08:34.0722 0x0980  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

18:08:34.0722 0x0980  QWAVEdrv - ok

18:08:34.0738 0x0980  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

18:08:34.0738 0x0980  RasAcd - ok

18:08:34.0753 0x0980  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll

18:08:34.0753 0x0980  RasAuto - ok

18:08:34.0800 0x0980  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

18:08:34.0800 0x0980  Rasl2tp - ok

18:08:34.0831 0x0980  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll

18:08:34.0847 0x0980  RasMan - ok

18:08:34.0878 0x0980  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

18:08:34.0894 0x0980  RasPppoe - ok

18:08:34.0925 0x0980  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

18:08:34.0941 0x0980  RasSstp - ok

18:08:34.0988 0x0980  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

18:08:34.0988 0x0980  rdbss - ok

18:08:35.0019 0x0980  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

18:08:35.0019 0x0980  RDPCDD - ok

18:08:35.0034 0x0980  [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys

18:08:35.0034 0x0980  rdpdr - ok

18:08:35.0050 0x0980  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

18:08:35.0050 0x0980  RDPENCDD - ok

18:08:35.0081 0x0980  [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

18:08:35.0081 0x0980  RDPWD - ok

18:08:35.0128 0x0980  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll

18:08:35.0144 0x0980  RemoteAccess - ok

18:08:35.0175 0x0980  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

18:08:35.0175 0x0980  RemoteRegistry - ok

18:08:35.0191 0x0980  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe

18:08:35.0191 0x0980  RpcLocator - ok

18:08:35.0238 0x0980  [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs           C:\Windows\system32\rpcss.dll

18:08:35.0253 0x0980  RpcSs - ok

18:08:35.0269 0x0980  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

18:08:35.0284 0x0980  rspndr - ok

18:08:35.0284 0x0980  [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs           C:\Windows\system32\lsass.exe

18:08:35.0284 0x0980  SamSs - ok

18:08:35.0363 0x0980  [ D952F04F46365802DCA6591DAF92ED54, 4F32364B31F6FBB0CBD48A6643EE0D8DBA9603AB46993A49A854A869F904BBBF ] SbieDrv         C:\Program Files\Sandboxie\SbieDrv.sys

18:08:35.0378 0x0980  SbieDrv - ok

18:08:35.0441 0x0980  [ BAA52B6DBBA27BC0E7D772A638511C3C, E1C86FA1CF53946CDEA8FE1C23CC3CDF2BBE39D760538B8CBCA54487D16F619F ] SbieSvc         C:\Program Files\Sandboxie\SbieSvc.exe

18:08:35.0441 0x0980  SbieSvc - ok

18:08:35.0441 0x0980  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

18:08:35.0441 0x0980  sbp2port - ok

18:08:35.0472 0x0980  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

18:08:35.0488 0x0980  SCardSvr - ok

18:08:35.0550 0x0980  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll

18:08:35.0550 0x0980  Schedule - ok

18:08:35.0597 0x0980  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll

18:08:35.0597 0x0980  SCPolicySvc - ok

18:08:35.0613 0x0980  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

18:08:35.0613 0x0980  SDRSVC - ok

18:08:35.0644 0x0980  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

18:08:35.0659 0x0980  secdrv - ok

18:08:35.0675 0x0980  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll

18:08:35.0675 0x0980  seclogon - ok

18:08:35.0691 0x0980  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\System32\sens.dll

18:08:35.0691 0x0980  SENS - ok

18:08:35.0706 0x0980  [ CE9EC966638EF0B10B864DDEDF62A099, 2DEC5A8C947D87C12B342F15B8A552A0D49B979A2AC32D2C97FC7A3A76C34524 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

18:08:35.0706 0x0980  Serenum - ok

18:08:35.0753 0x0980  [ 6D663022DB3E7058907784AE14B69898, 54263888C64A7F010D3B5E399369B0F3FF3AF0A0DE8ADB502B98277533E4D45F ] Serial          C:\Windows\system32\DRIVERS\serial.sys

18:08:35.0753 0x0980  Serial - ok

18:08:35.0753 0x0980  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

18:08:35.0753 0x0980  sermouse - ok

18:08:35.0769 0x0980  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll

18:08:35.0769 0x0980  SessionEnv - ok

18:08:35.0784 0x0980  [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

18:08:35.0784 0x0980  sffdisk - ok

18:08:35.0784 0x0980  [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

18:08:35.0784 0x0980  sffp_mmc - ok

18:08:35.0800 0x0980  [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

18:08:35.0800 0x0980  sffp_sd - ok

18:08:35.0800 0x0980  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

18:08:35.0800 0x0980  sfloppy - ok

18:08:35.0847 0x0980  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

18:08:35.0847 0x0980  SharedAccess - ok

18:08:35.0878 0x0980  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

18:08:35.0894 0x0980  ShellHWDetection - ok

18:08:35.0894 0x0980  [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp          C:\Windows\system32\drivers\sisagp.sys

18:08:35.0894 0x0980  sisagp - ok

18:08:35.0909 0x0980  [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys

18:08:35.0909 0x0980  SiSRaid2 - ok

18:08:35.0909 0x0980  [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

18:08:35.0909 0x0980  SiSRaid4 - ok

18:08:36.0050 0x0980  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe

18:08:36.0128 0x0980  slsvc - ok

18:08:36.0191 0x0980  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll

18:08:36.0191 0x0980  SLUINotify - ok

18:08:36.0238 0x0980  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys

18:08:36.0238 0x0980  Smb - ok

18:08:36.0253 0x0980  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

18:08:36.0269 0x0980  SNMPTRAP - ok

18:08:36.0269 0x0980  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys

18:08:36.0284 0x0980  spldr - ok

18:08:36.0300 0x0980  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe

18:08:36.0300 0x0980  Spooler - ok

18:08:36.0441 0x0980  [ 91C966DE2058116525748050A22C8170, EE64D29ED2C5EDE035E6BE56AE28403B42C10815A89AC08A5395DE72375AF550 ] SRTSP           C:\Windows\system32\drivers\NIS\1502000.026\SRTSP.SYS

18:08:36.0456 0x0980  SRTSP - ok

18:08:36.0472 0x0980  [ 1B6D68043F488F70E889276E1585B7AA, 574925053F0EB2DED6DA03D0720A8E1588590948DFF1E2C6DE84EA5B6856E3DB ] SRTSPX          C:\Windows\system32\drivers\NIS\1502000.026\SRTSPX.SYS

18:08:36.0472 0x0980  SRTSPX - ok

18:08:36.0519 0x0980  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys

18:08:36.0519 0x0980  srv - ok

18:08:36.0550 0x0980  [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

18:08:36.0566 0x0980  srv2 - ok

18:08:36.0613 0x0980  [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

18:08:36.0613 0x0980  srvnet - ok

18:08:36.0628 0x0980  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

18:08:36.0628 0x0980  SSDPSRV - ok

18:08:36.0659 0x0980  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll

18:08:36.0659 0x0980  SstpSvc - ok

18:08:36.0722 0x0980  [ B218068EBA6F46F102B4218BDB81BE0B, 1E9732AF444B3A3B511B100AC2DB0CDFE1600AA5DB0B13FE3E7A2B70BB704856 ] STacSV          C:\Windows\system32\STacSV.exe

18:08:36.0722 0x0980  STacSV - ok

18:08:36.0753 0x0980  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe

18:08:36.0769 0x0980  Steam Client Service - ok

18:08:36.0816 0x0980  [ 167909A1C36AA3E8F2582962F0CCC748, 8E6AAA22BAB77C08F4189A407E8E332C33C31EF5691630F7A8176D6848A77105 ] STHDA           C:\Windows\system32\DRIVERS\stwrt.sys

18:08:36.0816 0x0980  STHDA - ok

18:08:36.0863 0x0980  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll

18:08:36.0878 0x0980  stisvc - ok

18:08:36.0909 0x0980  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

18:08:36.0909 0x0980  swenum - ok

Link to post
Share on other sites

18:08:36.0941 0x0980  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll

18:08:36.0956 0x0980  swprv - ok

18:08:36.0972 0x0980  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys

18:08:36.0972 0x0980  Symc8xx - ok

18:08:37.0003 0x0980  [ 4C3DEF736D3857570166DE5C858600F5, 45613D3F1935AFDDB1DFE3A427222A0B38430ABF15F9110A35E7C55CDADF1D43 ] SymDS           C:\Windows\system32\drivers\NIS\1502000.026\SYMDS.SYS

18:08:37.0019 0x0980  SymDS - ok

18:08:37.0066 0x0980  [ B70A98F20B4180F2751CFD7656116342, F4BB1904DC4818CE012AA264A7714AA9977F06255CF857FDB3E55B0DBA3D8A9C ] SymEFA          C:\Windows\system32\drivers\NIS\1502000.026\SYMEFA.SYS

18:08:37.0097 0x0980  SymEFA - ok

18:08:37.0128 0x0980  [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT.SYS

18:08:37.0144 0x0980  SymEvent - ok

18:08:37.0175 0x0980  [ E3A3CA230C7547364BB3D9DA0C301A36, 8F173DE08BAF81A7BE7F2D306DC595D60E6537D95AFE32A39E521E43C35AB629 ] SymIRON         C:\Windows\system32\drivers\NIS\1502000.026\Ironx86.SYS

18:08:37.0175 0x0980  SymIRON - ok

18:08:37.0206 0x0980  [ D3F7FB40012382F7B206200AE794FBD7, B58C1969C766D5BF0BCFE9642D4F2B221E62240A9FCE18738B21DB457F57C22C ] SYMTDIv         C:\Windows\system32\drivers\NIS\1502000.026\SYMTDIV.SYS

18:08:37.0222 0x0980  SYMTDIv - ok

18:08:37.0238 0x0980  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys

18:08:37.0238 0x0980  Sym_hi - ok

18:08:37.0253 0x0980  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys

18:08:37.0253 0x0980  Sym_u3 - ok

18:08:37.0316 0x0980  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll

18:08:37.0331 0x0980  SysMain - ok

18:08:37.0363 0x0980  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll

18:08:37.0363 0x0980  TabletInputService - ok

18:08:37.0425 0x0980  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll

18:08:37.0441 0x0980  TapiSrv - ok

18:08:37.0441 0x0980  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll

18:08:37.0441 0x0980  TBS - ok

18:08:37.0519 0x0980  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

18:08:37.0534 0x0980  Tcpip - ok

18:08:37.0566 0x0980  [ D18D53974FD715D50FC76F9FFE1C830D, 50424BD5950D8FC7724A6E48AE5A39D6E727FAF326C31657C69F1DE13C1450E3 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys

18:08:37.0581 0x0980  Tcpip6 - ok

18:08:37.0644 0x0980  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

18:08:37.0644 0x0980  tcpipreg - ok

18:08:37.0659 0x0980  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

18:08:37.0659 0x0980  TDPIPE - ok

18:08:37.0675 0x0980  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

18:08:37.0675 0x0980  TDTCP - ok

18:08:37.0691 0x0980  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

18:08:37.0691 0x0980  tdx - ok

18:08:37.0706 0x0980  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

18:08:37.0706 0x0980  TermDD - ok

18:08:37.0738 0x0980  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll

18:08:37.0753 0x0980  TermService - ok

18:08:37.0769 0x0980  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll

18:08:37.0784 0x0980  Themes - ok

18:08:37.0800 0x0980  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll

18:08:37.0800 0x0980  THREADORDER - ok

18:08:37.0816 0x0980  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll

18:08:37.0831 0x0980  TrkWks - ok

18:08:37.0878 0x0980  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

18:08:37.0878 0x0980  TrustedInstaller - ok

18:08:37.0909 0x0980  [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

18:08:37.0909 0x0980  tssecsrv - ok

18:08:37.0925 0x0980  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys

18:08:37.0925 0x0980  tunmp - ok

18:08:37.0941 0x0980  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

18:08:37.0956 0x0980  tunnel - ok

18:08:37.0956 0x0980  [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

18:08:37.0956 0x0980  uagp35 - ok

18:08:37.0988 0x0980  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

18:08:38.0003 0x0980  udfs - ok

18:08:38.0019 0x0980  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

18:08:38.0034 0x0980  UI0Detect - ok

18:08:38.0050 0x0980  [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

18:08:38.0066 0x0980  uliagpkx - ok

18:08:38.0066 0x0980  [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci         C:\Windows\system32\drivers\uliahci.sys

18:08:38.0081 0x0980  uliahci - ok

18:08:38.0081 0x0980  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys

18:08:38.0081 0x0980  UlSata - ok

18:08:38.0097 0x0980  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys

18:08:38.0097 0x0980  ulsata2 - ok

18:08:38.0113 0x0980  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

18:08:38.0113 0x0980  umbus - ok

18:08:38.0144 0x0980  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll

18:08:38.0159 0x0980  upnphost - ok

18:08:38.0191 0x0980  [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

18:08:38.0191 0x0980  usbccgp - ok

18:08:38.0191 0x0980  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

18:08:38.0206 0x0980  usbcir - ok

18:08:38.0206 0x0980  [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys

18:08:38.0222 0x0980  usbehci - ok

18:08:38.0238 0x0980  [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

18:08:38.0238 0x0980  usbhub - ok

18:08:38.0269 0x0980  [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci         C:\Windows\system32\drivers\usbohci.sys

18:08:38.0269 0x0980  usbohci - ok

18:08:38.0300 0x0980  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

18:08:38.0300 0x0980  usbprint - ok

18:08:38.0331 0x0980  [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

18:08:38.0331 0x0980  usbscan - ok

18:08:38.0378 0x0980  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

18:08:38.0378 0x0980  USBSTOR - ok

18:08:38.0409 0x0980  [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys

18:08:38.0409 0x0980  usbuhci - ok

18:08:38.0441 0x0980  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll

18:08:38.0441 0x0980  UxSms - ok

18:08:38.0472 0x0980  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe

18:08:38.0488 0x0980  vds - ok

18:08:38.0488 0x0980  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

18:08:38.0488 0x0980  vga - ok

18:08:38.0503 0x0980  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys

18:08:38.0503 0x0980  VgaSave - ok

18:08:38.0534 0x0980  [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp          C:\Windows\system32\drivers\viaagp.sys

18:08:38.0534 0x0980  viaagp - ok

18:08:38.0534 0x0980  [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7           C:\Windows\system32\drivers\viac7.sys

18:08:38.0550 0x0980  ViaC7 - ok

18:08:38.0550 0x0980  [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide          C:\Windows\system32\drivers\viaide.sys

18:08:38.0550 0x0980  viaide - ok

18:08:38.0566 0x0980  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

18:08:38.0566 0x0980  volmgr - ok

18:08:38.0597 0x0980  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

18:08:38.0613 0x0980  volmgrx - ok

18:08:38.0644 0x0980  [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

18:08:38.0659 0x0980  volsnap - ok

18:08:38.0675 0x0980  [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

18:08:38.0675 0x0980  vsmraid - ok

18:08:38.0738 0x0980  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe

18:08:38.0831 0x0980  VSS - ok

18:08:38.0863 0x0980  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll

18:08:38.0863 0x0980  W32Time - ok

18:08:38.0878 0x0980  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

18:08:38.0878 0x0980  WacomPen - ok

18:08:38.0894 0x0980  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys

18:08:38.0925 0x0980  Wanarp - ok

18:08:38.0941 0x0980  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

18:08:38.0941 0x0980  Wanarpv6 - ok

18:08:39.0004 0x0980  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

18:08:39.0020 0x0980  wcncsvc - ok

18:08:39.0051 0x0980  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

18:08:39.0051 0x0980  WcsPlugInService - ok

18:08:39.0051 0x0980  [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd              C:\Windows\system32\drivers\wd.sys

18:08:39.0051 0x0980  Wd - ok

18:08:39.0098 0x0980  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

18:08:39.0114 0x0980  Wdf01000 - ok

18:08:39.0129 0x0980  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll

18:08:39.0145 0x0980  WdiServiceHost - ok

18:08:39.0145 0x0980  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll

18:08:39.0145 0x0980  WdiSystemHost - ok

18:08:39.0176 0x0980  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll

18:08:39.0192 0x0980  WebClient - ok

18:08:39.0239 0x0980  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

18:08:39.0239 0x0980  Wecsvc - ok

18:08:39.0254 0x0980  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll

18:08:39.0270 0x0980  wercplsupport - ok

18:08:39.0285 0x0980  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll

18:08:39.0285 0x0980  WerSvc - ok

18:08:39.0348 0x0980  [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll

18:08:39.0348 0x0980  WinDefend - ok

18:08:39.0364 0x0980  WinHttpAutoProxySvc - ok

18:08:39.0410 0x0980  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

18:08:39.0410 0x0980  Winmgmt - ok

18:08:39.0489 0x0980  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll

18:08:39.0520 0x0980  WinRM - ok

18:08:39.0582 0x0980  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll

18:08:39.0598 0x0980  Wlansvc - ok

18:08:39.0629 0x0980  [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

18:08:39.0629 0x0980  WmiAcpi - ok

18:08:39.0660 0x0980  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

18:08:39.0676 0x0980  wmiApSrv - ok

18:08:39.0723 0x0980  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe

18:08:39.0739 0x0980  WMPNetworkSvc - ok

18:08:39.0770 0x0980  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

18:08:39.0770 0x0980  WPCSvc - ok

18:08:39.0801 0x0980  [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

18:08:39.0801 0x0980  WPDBusEnum - ok

18:08:39.0926 0x0980  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

18:08:39.0942 0x0980  WPFFontCache_v0400 - ok

18:08:39.0942 0x0980  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

18:08:39.0942 0x0980  ws2ifsl - ok

18:08:39.0989 0x0980  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll

18:08:39.0989 0x0980  wscsvc - ok

18:08:39.0989 0x0980  WSearch - ok

18:08:40.0098 0x0980  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll

18:08:40.0160 0x0980  wuauserv - ok

18:08:40.0207 0x0980  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

18:08:40.0207 0x0980  WUDFRd - ok

18:08:40.0223 0x0980  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

18:08:40.0223 0x0980  wudfsvc - ok

18:08:40.0223 0x0980  ================ Scan global ===============================

18:08:40.0317 0x0980  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll

18:08:40.0364 0x0980  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll

18:08:40.0379 0x0980  [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll

18:08:40.0410 0x0980  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe

18:08:40.0426 0x0980  [ Global ] - ok

18:08:40.0426 0x0980  ================ Scan MBR ==================================

18:08:40.0457 0x0980  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

18:08:40.0785 0x0980  \Device\Harddisk0\DR0 - ok

18:08:40.0785 0x0980  [ 66D0B28C8B44E531D0C19F436252ABAA ] \Device\Harddisk1\DR1

18:08:40.0801 0x0980  \Device\Harddisk1\DR1 - ok

18:08:40.0801 0x0980  ================ Scan VBR ==================================

18:08:40.0801 0x0980  [ EEAC2B0FEDFD48EAE044AC0158633A17 ] \Device\Harddisk0\DR0\Partition1

18:08:40.0832 0x0980  \Device\Harddisk0\DR0\Partition1 - ok

18:08:40.0832 0x0980  [ A38E8287A71ABB2D9FFCAB6350B314AC ] \Device\Harddisk0\DR0\Partition2

18:08:40.0864 0x0980  \Device\Harddisk0\DR0\Partition2 - ok

18:08:40.0864 0x0980  [ 3DFD9037EE4CCAD9AFF24C6EFA9E70E2 ] \Device\Harddisk0\DR0\Partition3

18:08:40.0895 0x0980  \Device\Harddisk0\DR0\Partition3 - ok

18:08:40.0895 0x0980  [ D702A6AC6E4431A40DE4C23B964C58D7 ] \Device\Harddisk1\DR1\Partition1

18:08:40.0895 0x0980  \Device\Harddisk1\DR1\Partition1 - ok

18:08:40.0895 0x0980  Waiting for KSN requests completion. In queue: 304

18:08:41.0895 0x0980  Waiting for KSN requests completion. In queue: 304

18:08:42.0895 0x0980  Waiting for KSN requests completion. In queue: 304

18:08:43.0895 0x0980  Waiting for KSN requests completion. In queue: 304

18:08:44.0895 0x0980  Waiting for KSN requests completion. In queue: 304

18:08:45.0895 0x0980  Waiting for KSN requests completion. In queue: 304

18:08:46.0895 0x0980  Waiting for KSN requests completion. In queue: 304

18:08:47.0895 0x0980  Waiting for KSN requests completion. In queue: 304

18:08:48.0910 0x0980  AV detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe ( 21.2.0.0 ), 0x51000 ( enabled : updated )

18:08:48.0910 0x0980  FW detected via SS2: Norton Internet Security, C:\Program Files\Norton Internet Security\Engine\21.2.0.38\WSCStub.exe ( 21.2.0.0 ), 0x51010 ( enabled )

18:08:51.0785 0x0980  ============================================================

18:08:51.0785 0x0980  Scan finished

18:08:51.0785 0x0980  ============================================================

18:08:51.0785 0x1644  Detected object count: 0

18:08:51.0785 0x1644  Actual detected object count: 0

Link to post
Share on other sites

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe



When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.

Link to post
Share on other sites

ComboFix 14-04-09.02 - Kathy 11/04/2014  12:25:33.1.2 - x86

Microsoft® Windows Vista™ Home Basic   6.0.6002.2.1252.61.1033.18.2029.982 [GMT 9.5:30]

Running from: m:\downloads\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}

FW: Norton Internet Security *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

SP: Norton Internet Security *Disabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\windows\system32\service

c:\windows\system32\service\07022009_TIS17_SfFniAU.log

c:\windows\system32\service\08022009_TIS17_SfFniAU.log

c:\windows\system32\service\09022009_TIS17_SfFniAU.log

c:\windows\system32\service\12022009_TIS17_SfFniAU.log

c:\windows\system32\service\13022009_TIS17_SfFniAU.log

c:\windows\system32\service\14022009_TIS17_SfFniAU.log

c:\windows\system32\service\15022009_TIS17_SfFniAU.log

M:\install.exe

.

.

(((((((((((((((((((((((((   Files Created from 2014-03-11 to 2014-04-11  )))))))))))))))))))))))))))))))

.

.

2014-04-11 03:01 . 2014-04-11 03:01 -------- d-----w- c:\users\Kathy\AppData\Local\temp

2014-04-11 02:24 . 2014-04-11 02:25 107736 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-04-07 11:53 . 2014-04-07 11:53 -------- d-----w- c:\program files\McAfee Security Scan

2014-04-07 11:31 . 2014-04-07 11:31 107736 ----a-w- c:\windows\system32\drivers\70340A88.sys

2014-04-07 10:37 . 2014-04-07 10:37 107736 ----a-w- c:\windows\system32\drivers\492E0115.sys

2014-04-07 10:37 . 2014-04-07 10:37 107736 ----a-w- c:\windows\system32\drivers\48230029.sys

2014-04-07 10:13 . 2014-04-07 10:13 -------- d-----w- c:\users\Kathy\AppData\Roaming\Malwarebytes

2014-04-07 10:13 . 2014-04-07 10:13 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2014-04-04 07:25 . 2014-04-04 07:26 -------- d-----w- c:\program files\Google

2014-04-04 07:25 . 2014-04-04 07:27 -------- d-----w- c:\users\Kathy\AppData\Local\Google

2014-04-04 01:47 . 2014-04-04 01:47 -------- d-----r- C:\Sandbox

2014-04-04 01:45 . 2014-04-04 01:45 -------- d-----w- c:\program files\Sandboxie

2014-04-04 00:26 . 2014-04-07 09:39 -------- d-----w- C:\AdwCleaner

2014-04-03 11:02 . 2014-04-03 11:02 -------- d-----w- c:\users\Kathy\AppData\Local\Macromedia

2014-04-03 10:58 . 2014-04-03 10:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2014-04-03 10:58 . 2014-04-03 10:58 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2014-04-03 09:33 . 2014-04-03 09:33 -------- d-----w- c:\programdata\McAfee Security Scan

2014-04-03 09:33 . 2014-04-03 09:33 -------- d-----w- c:\programdata\McAfee

2014-04-03 09:32 . 2014-04-03 09:32 -------- d-----w- c:\program files\Common Files\Adobe

2014-04-03 09:18 . 2014-04-07 10:13 -------- d-----w- c:\programdata\Malwarebytes

2014-04-03 09:18 . 2014-04-07 10:12 31560 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2014-04-03 09:18 . 2014-04-05 11:00 -------- d-----w- c:\program files\Malwarebytes Anti-Malware

2014-04-03 09:18 . 2014-04-02 23:21 51416 ----a-w- c:\windows\system32\drivers\mwac.sys

2014-04-03 09:18 . 2013-04-04 05:20 22856 ----a-w- c:\windows\system32\drivers\mbam.sys

2014-04-03 09:02 . 2014-04-03 09:02 -------- d-----w- c:\users\Kathy\AppData\Local\Apple Computer

2014-04-03 09:02 . 2014-04-03 09:03 -------- d-----w- c:\users\Kathy\AppData\Roaming\Apple Computer

2014-04-03 09:02 . 2012-08-21 02:31 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys

2014-04-03 09:02 . 2014-04-03 09:02 -------- dc----w- c:\windows\system32\DRVSTORE

2014-04-03 09:02 . 2014-04-03 09:02 -------- d-----w- c:\program files\iPod

2014-04-03 09:02 . 2014-04-03 09:02 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1

2014-04-03 09:02 . 2014-04-03 09:02 -------- d-----w- c:\program files\iTunes

2014-04-03 09:02 . 2014-04-03 09:02 -------- d-----w- c:\programdata\Apple Computer

2014-04-03 09:01 . 2014-04-03 09:01 -------- d-----w- c:\users\Kathy\AppData\Local\Apple

2014-04-03 09:00 . 2014-04-03 09:00 -------- d-----w- c:\program files\Apple Software Update

2014-04-03 08:59 . 2014-04-03 08:59 -------- d-----w- c:\program files\Bonjour

2014-04-03 08:58 . 2014-04-03 09:02 -------- d-----w- c:\program files\Common Files\Apple

2014-04-03 08:58 . 2014-04-03 09:00 -------- d-----w- c:\programdata\Apple

2014-04-02 05:52 . 2010-02-03 23:31 74072 ----a-w- c:\windows\system32\XAPOFX1_4.dll

2014-04-02 05:52 . 2010-02-03 23:31 528216 ----a-w- c:\windows\system32\XAudio2_6.dll

2014-04-02 05:52 . 2010-02-03 23:31 238936 ----a-w- c:\windows\system32\xactengine3_6.dll

2014-04-02 05:52 . 2010-02-03 23:31 22360 ----a-w- c:\windows\system32\X3DAudio1_7.dll

2014-04-02 05:52 . 2009-03-09 04:57 4178264 ----a-w- c:\windows\system32\D3DX9_41.dll

2014-04-02 05:52 . 2007-04-04 08:23 81768 ----a-w- c:\windows\system32\xinput1_3.dll

2014-04-02 05:52 . 2007-03-12 06:12 3495784 ----a-w- c:\windows\system32\d3dx9_33.dll

2014-04-02 05:52 . 2014-04-02 05:52 -------- d-----w- c:\program files\Microsoft XNA

2014-04-02 05:41 . 2014-04-02 05:49 -------- d-----w- c:\program files\Common Files\Steam

2014-04-02 05:41 . 2014-04-11 02:30 -------- d-----w- c:\program files\Steam

2014-04-02 05:26 . 2008-03-18 12:05 1522176 ----a-w- c:\windows\system32\BrWia08a.dll

2014-04-02 05:26 . 2007-12-13 11:46 73728 ------w- c:\windows\system32\BrDctF2.dll

2014-04-02 05:26 . 2007-12-13 11:46 5120 ------w- c:\windows\system32\BrDctF2L.dll

2014-04-02 05:26 . 2007-12-13 11:46 3072 ------w- c:\windows\system32\BrDctF2S.dll

2014-04-02 05:26 . 2006-12-28 03:09 176128 ------w- c:\windows\system32\BroSNMP.dll

2014-04-02 05:26 . 2008-01-25 04:51 167936 ------w- c:\windows\system32\NSSearch.dll

2014-04-02 05:26 . 2007-12-24 11:54 45056 ----a-w- c:\windows\system32\BrUsi08a.dll

2014-04-02 05:26 . 2014-04-02 05:27 -------- d-----w- c:\program files\Brother

2014-04-02 05:26 . 2014-04-02 05:26 -------- d-----w- c:\programdata\Brother

2014-04-02 05:26 . 2014-04-02 05:26 -------- d-----w- c:\users\Kathy\AppData\Roaming\InstallShield

2014-04-02 05:21 . 2014-04-02 05:25 -------- d-----w- C:\tempbroprint

2014-04-01 11:45 . 2014-04-01 11:47 -------- d-----w- c:\windows\system32\MRT

2014-04-01 11:39 . 2013-07-20 10:44 102608 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll

2014-04-01 11:37 . 2013-06-04 04:16 34304 ----a-w- c:\windows\system32\atmlib.dll

2014-04-01 11:37 . 2013-06-04 01:49 293376 ----a-w- c:\windows\system32\atmfd.dll

2014-04-01 11:37 . 2013-11-13 00:30 2048 ----a-w- c:\windows\system32\tzres.dll

2014-04-01 11:37 . 2013-07-09 12:10 1205168 ----a-w- c:\windows\system32\ntdll.dll

2014-04-01 11:37 . 2013-07-08 04:55 3603904 ----a-w- c:\windows\system32\ntkrnlpa.exe

2014-04-01 11:37 . 2013-07-08 04:55 3551680 ----a-w- c:\windows\system32\ntoskrnl.exe

2014-04-01 11:37 . 2013-04-09 03:51 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll

2014-04-01 11:37 . 2013-07-03 02:33 35328 ----a-w- c:\windows\system32\drivers\usbscan.sys

2014-04-01 11:37 . 2013-07-03 02:10 25472 ----a-w- c:\windows\system32\drivers\hidparse.sys

2014-04-01 11:37 . 2014-01-30 07:46 876032 ----a-w- c:\windows\system32\wer.dll

2014-04-01 11:37 . 2013-07-04 04:21 532480 ----a-w- c:\windows\system32\comctl32.dll

2014-04-01 11:32 . 2014-04-03 08:49 -------- d-----w- c:\program files\Common Files\Symantec Shared

2014-04-01 11:32 . 2014-04-01 11:32 142936 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2014-04-01 11:32 . 2014-04-01 11:32 -------- d-----w- c:\windows\system32\drivers\NIS

2014-04-01 11:32 . 2014-04-01 11:32 -------- d-----w- c:\program files\Norton Internet Security

2014-04-01 11:32 . 2014-04-01 11:32 -------- d-----w- c:\program files\NortonInstaller

.

.

.

((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown 

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]

"WindowsWelcomeCenter"="oobefldr.dll" [2009-04-11 2153472]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-02-28 1828136]

"Steam"="c:\program files\Steam\Steam.exe" [2014-02-25 1821888]

"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2014-01-17 543432]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-12-04 186904]

"ipTray.exe"="c:\program files\Intel\Intel Desktop Utilities\ipTray.exe" [2008-12-04 1700352]

"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-10-10 69632]

"NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352]

"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-05-16 1012000]

"SigmatelSysTrayApp"="sttray.exe" [2008-02-01 405504]

"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2008-02-18 1089536]

"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-12-21 86016]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2014-02-20 152392]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-2-4 809488]

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 277920]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"EnableUIADesktopToggle"= 0 (0x0)

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - MBAMSWISSARMY

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceNoNetwork REG_MULTI_SZ   PLA DPS BFE mpssvc

LocalServiceAndNoImpersonation REG_MULTI_SZ   FontCache

.

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2014-04-11 02:31 1077576 ----a-w- c:\program files\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2014-04-10 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-03 10:58]

.

2014-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-04 07:25]

.

2014-04-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2014-04-04 07:25]

.

.

------- Supplementary Scan -------

.

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 10.0.0.138

FF - ProfilePath - c:\users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\yc7yctow.default\

FF - prefs.js: browser.startup.homepage - about:home

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2014-04-11 12:31

Windows 6.0.6002 Service Pack 2 NTFS

.

scanning hidden processes ...  

.

scanning hidden autostart entries ... 

.

scanning hidden files ...  

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NIS]

"ImagePath"="\"c:\program files\Norton Internet Security\Engine\21.2.0.38\NIS.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\21.2.0.38\diMaster.dll\" /prefetch:1"

"ImagePath"="\SystemRoot\system32\drivers\NIS\1502000.026\SYMTDIV.SYS"

"TrustedImagePaths"="c:\program files\Norton Internet Security\Engine\21.2.0.38"

.

Completion time: 2014-04-11  12:32:34

ComboFix-quarantined-files.txt  2014-04-11 03:02

.

Pre-Run: 66,332,454,912 bytes free

Post-Run: 66,523,795,456 bytes free

.

- - End Of File - - 95BC9F9BD1A7C404E33FA77D9EDD3FF5

5C616939100B85E558DA92B899A0FC36
Link to post
Share on other sites

===================================================

Malwarebytes Anti-Malware Free and Malwarebytes Chameleon

----------

  • Download Malwarebytes Anti-Malware Free and save it to your desktop
  • Double click the desktop icon, click Run, then OK
  • Click Next
  • Select I accept the agreement then continue to click Next then finally click Install
  • Uncheck Enable free trial of Malwarebytes Anti-Malware Premium if you do not want the free trial of the paid version, then click Finish
  • If you are notified the Database is out of date click Update Now
  • Click Scan Now >>


----------

  • Note: If Malwarebytes will not launch please do the following to launch Malwarebytes Chameleon:
  • Click Start (Start, Search, All files and folders for Windows XP) then type mbam
  • Double click one of the four following files (if one does not work try the next one, and so on) - A black command window will open. Follow those instructions until the Malwarebytes program starts the scan

mbam-chameleon.scr

mbam-chameleon

mbam-chameleon.exe

mbam-chameleon.com

----------
  • When completed click the down arrow on Export Log and select Text file (*.txt)
  • Save the file to your desktop as MBAM
  • Click Apply Actions then restart your computer if requested
  • Copy and past the contents of MBAM.txt in your reply

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology

[*]Click Scan[*]Wait for the scan to finish[*]If any threats were found, click the 'List of found threats' , then click Export to text file.... [*]Save it to your desktop, then please copy and paste that log as a reply to this topic.

Link to post
Share on other sites

For some reason I can scan with Malwarebytes (I have this already on my computer) in two ways. This is the scan report that I was able to get by following your instructions.

 


Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 12/04/2014

Scan Time: 3:38:50 PM

Logfile: mbam-log-12_4_14.txt

Administrator: Yes

 

Version: 2.00.1.1004

Malware Database: v2014.04.12.01

Rootkit Database: v2014.03.27.01

License: Trial

Malware Protection: Disabled

Malicious Website Protection: Disabled

Chameleon: Disabled

 

OS: Windows Vista Service Pack 2

CPU: x86

File System: NTFS

User: Kathy

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 290137

Time Elapsed: 4 min, 13 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Shuriken: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)


 

 

 

This is the scan I got when scanning the other way (scanning specific drives - all drives except for the USB drives - mostly those are used to put in USB sticks). I have included this for your information

 

 

 


Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org

 

Database version: v2014.04.10.07

 

Windows Vista Service Pack 2 x86 NTFS

Internet Explorer 9.0.8112.16421

Kathy :: KATHY-PC [administrator]

 

12/04/2014 2:18:48 PM

mbam-log-2014-04-12 (14-18-48).txt

 

Scan type: Full scan (C:\|D:\|M:\|Z:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 411410

Time elapsed: 58 minute(s), 1 second(s)

 

Memory Processes Detected: 0

(No malicious items detected)

 

Memory Modules Detected: 0

(No malicious items detected)

 

Registry Keys Detected: 0

(No malicious items detected)

 

Registry Values Detected: 0

(No malicious items detected)

 

Registry Data Items Detected: 0

(No malicious items detected)

 

Folders Detected: 0

(No malicious items detected)

 

Files Detected: 0

(No malicious items detected)

 

(end)

 

Link to post
Share on other sites

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[s1].txt also


SecurityCheck

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Link to post
Share on other sites

I already have adwcleaner and have run it a couple of times already - will this latest attempt clear the bugs/viruses out?

 

# AdwCleaner v3.023 - Report created 14/04/2014 at 19:48:26
# Updated 01/04/2014 by Xplode
# Operating System : Windows Vista Home Basic Service Pack 2 (32 bits)
# Username : Kathy - KATHY-PC
# Running from : M:\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16545
 
 
-\\ Mozilla Firefox v28.0 (en-GB)
 
[ File : C:\Users\Kathy\AppData\Roaming\Mozilla\Firefox\Profiles\yc7yctow.default\prefs.js ]
 
 
-\\ Google Chrome v34.0.1847.116
 
[ File : C:\Users\Kathy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1061 octets] - [04/04/2014 09:57:06]
AdwCleaner[R1].txt - [887 octets] - [04/04/2014 16:38:30]
AdwCleaner[R2].txt - [1238 octets] - [06/04/2014 13:32:11]
AdwCleaner[R3].txt - [1249 octets] - [06/04/2014 14:17:41]
AdwCleaner[R4].txt - [1369 octets] - [06/04/2014 15:04:52]
AdwCleaner[R5].txt - [1490 octets] - [07/04/2014 19:08:28]
AdwCleaner[R6].txt - [1610 octets] - [14/04/2014 19:47:08]
AdwCleaner[s0].txt - [1133 octets] - [04/04/2014 10:00:00]
AdwCleaner[s1].txt - [947 octets] - [04/04/2014 16:46:47]
AdwCleaner[s2].txt - [1302 octets] - [06/04/2014 13:45:16]
AdwCleaner[s3].txt - [1311 octets] - [06/04/2014 14:51:52]
AdwCleaner[s4].txt - [1431 octets] - [06/04/2014 15:05:30]
AdwCleaner[s5].txt - [1551 octets] - [07/04/2014 19:09:29]
AdwCleaner[s6].txt - [1531 octets] - [14/04/2014 19:48:26]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s6].txt - [1591 octets] ##########
Link to post
Share on other sites

Security Check:

 

 Results of screen317's Security Check version 0.99.81  

 Windows Vista Service Pack 2 x86 (UAC is enabled)  

 Internet Explorer 9  

 Internet Explorer 8  

``````````````Antivirus/Firewall Check:`````````````` 

 Windows Firewall Disabled!  

Norton Internet Security   

 WMI entry may not exist for antivirus; attempting automatic update. 

`````````Anti-malware/Other Utilities Check:````````` 

 Malwarebytes Anti-Malware version 1.75.0.1300  

 Adobe Flash Player 10 Flash Player out of Date! 

 Adobe Flash Player 12.0.0.77  

 Adobe Reader 10.1.4 Adobe Reader out of Date!  

 Mozilla Firefox (28.0) 

 Google Chrome 33.0.1750.154  

 Google Chrome 34.0.1847.116  

````````Process Check: objlist.exe by Laurent````````  

`````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 

````````````````````End of Log`````````````````````` 
Link to post
Share on other sites

Your system is clean now! :)

 

 

Adobe Flash Player out of date

Your Adobe flash player is outdated. We will fix this.

  • Get the actual player from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

 

Adobe Reader out of date

Your Adobe Reader is outdated. We will fix this.


  • Get the actual software from here. Important: Uncheck any optional software (for example Google Chrome, etc.) offered.
  • Run setup and follow the instructions.
  • Click upon Start-->control panel-->add/remove programs.
  • Search for and remove any older reader versions.

 

 

 

 

Uninstall our tools using delfix

Please follow these steps in order:

  1. In the case we used Defogger to turn off your CD emulation software. You can start it again and use the Enable button.
  2. In the case we used Combofix. Deactivate your antivirus software once more, then rename the combofix.exe to uninstall.exe and run it one last time. You shall be noted that Combofix has been removed.
  3. In any case please download delfix to your desktop.
    • Close all other programms and start delfix.
    • Please check all the boxes and run the tool.
    • delfix will now delete all found traces of our removal process

[*] If there is still something left please delete it manualy.





Delete System Restore Points

To ensure your System Restore Points are free of malware, we will delete all of them but the most recent or create a new one.

On Windows Vista: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows 7/8: Please follow these instructions to delete all but the most common System Protection Restore Points.
On Windows XP: Please follow these instructions to delete all but the most common System Protection Restore Points.

 

 

 

 

Recommendations: How to protect yourself

  • System Updates
    Please ensure to have automatic updates activated in your control panel.
    For further information and a tutorial, see this Microsoft Support article.
  • Protection
    What you need is one (not more) virus scanner with background protection. Additionally I recommend a special malware scanner to run on demand weekly.
    Personally I am using avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer good protection for free.
    • To keep your browser free of advertising, you may install the Adblock Plus browser extension.
      It will filter unwanted advertising out of the website´s content.
    • To protect yourself from accidentally visiting malicious web sites, install the Web of Trust (WOT) browser extension.
      It will display a green (safe), yellow (unknown) or red (potentially dangerous) icon for a visited website within your browser.
      In addition, before accessing a dangerous classified web site, a warning screen is displayed.


    [*]Up to date Software
    Keep your Windows and your third party software up to date. The easiest way to get infected is an outdated windows, followed by: browser(s) (including add-ons and plug-ins), Adobe Flash Player and Adobe Reader, Java Runtime Environment, your antivirus program and so on. These links may help you to check:

    [*]Backup
    Hardware issues, malware, fire, lightning strike: There is a long list of different ways to loose all your data. Back up your files regularly. Use the windows internal backup function or a third party tool and save your data onto an external hard drive, cloud storage, optical media like CDs or DVDs or (if available) a professional network backup system. [*]Behaviour
    The commonest error when using a computer is "error 80" - what means that the error is located about 80cm in front of the monitor. This is a common joke between IT support technicians but it shows that all the safety mechanisms won´t help if you aren´t careful enough.

    • While surfing the internet, don´t click on anything you don´t know. In the worst case, it infects your system with malware.
    • Watch your step in social networks! Many cyber criminals use them to spread malware, mine personal pata (to be sold to advertising companies, for example) or simply do damage to other users. Even if a received hyperlink within a message seems to be coming from one of your friends, have a closer look. In addition, don´t click everything.
    • When installing software, have a look to each of the setup windows and uncheck any additional toolbars or free programs that may be offered additionally. Most of today´s setup procedures contain potentially unwanted programs so keep them off your system.
    • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
      They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.



Link to post
Share on other sites

My system is not clean.

 

Before contacting the malwarebytes forum I already tried programs such as adwcleaner (which did get something but not everything) and the free version of malwarebytes (which - when I ran a full system scan - did get a PUP once and would at other times cause the computer to crash).

 

I was still concerned so I ran the eset program again (as this was the program which found trouble). This was the result:

 

 

M:\Downloads\ccsetup326.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
M:\Downloads\winzip160.exe Win32/OpenCandy potentially unsafe application
 
I have followed your instructions, however I still have these potentially unsafe applications on my system. This brings me to a question - as the eset scanner is the program which found the applications, will this program get rid of the applications?
 
If not, what do I do?
Link to post
Share on other sites

 

M:\Downloads\ccsetup326.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
M:\Downloads\winzip160.exe Win32/OpenCandy potentially unsafe application

Your system is free of malware - ESET detected these files as potentially unsafe because they are containing additional Software like for example toolbars.

They are no malware, simply enter your "downloads" directory and delete the files.

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.