GeekPolice Tech TutorialsLog in

 

Browser hijacked "Do Searches"

Share

descriptionRe: Browser hijacked "Do Searches"

more_horiz
Now when I open a new window on my broswer, except from "Do searches" it opens up and the last page that I was in. For example I was in GeekPolice and then I close the window. When I press mozilla it opens up GeekPolice with do searches (2 windows)..

descriptionRe: Browser hijacked "Do Searches"

more_horiz
Here is super Antispyware log:
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/18/2013 at 09:32 PM

Application Version : 5.6.1032

Core Rules Database Version : 10840
Trace Rules Database Version: 8652

Scan type : Complete Scan
Total Scan Time : 00:21:37

Operating System Information
Windows XP Home Edition 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned : 370
Memory threats detected : 0
Registry items scanned : 35693
Registry threats detected : 0
File items scanned : 21111
File threats detected : 23

Adware.Tracking Cookie
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
.findmysoft.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
.findmysoft.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
.findmysoft.com [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
.questionnaire3.pampers.gr [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
.questionnaire3.pampers.gr [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
.questionnaire3.pampers.gr [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\DOCUMENTS AND SETTINGS\VLAD&LUCIFERIA\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\FPEGQKWO.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Nullo[Short]
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014705.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014706.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014707.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014708.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014710.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014711.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014713.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014714.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP81\A0014715.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP87\A0016403.EXE

descriptionRe: Browser hijacked "Do Searches"

more_horiz

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.



  • If an infected file is detected, the default action will be Cure, click on Continue.



  • If a suspicious file is detected, the default action will be Skip, click on Continue.



  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.



  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..

descriptionRe: Browser hijacked "Do Searches"

more_horiz
21:40:17.0578 0x0c38 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
21:40:20.0359 0x0c38 ============================================================
21:40:20.0359 0x0c38 Current date / time: 2013/10/18 21:40:20.0359
21:40:20.0359 0x0c38 SystemInfo:
21:40:20.0359 0x0c38
21:40:20.0359 0x0c38 OS Version: 5.1.2600 ServicePack: 3.0
21:40:20.0359 0x0c38 Product type: Workstation
21:40:20.0359 0x0c38 ComputerName: USER-HQAI7P9NL5
21:40:20.0359 0x0c38 UserName: Vlad&Luciferia
21:40:20.0359 0x0c38 Windows directory: C:\WINDOWS
21:40:20.0359 0x0c38 System windows directory: C:\WINDOWS
21:40:20.0359 0x0c38 Processor architecture: Intel x86
21:40:20.0359 0x0c38 Number of processors: 2
21:40:20.0359 0x0c38 Page size: 0x1000
21:40:20.0359 0x0c38 Boot type: Normal boot
21:40:20.0359 0x0c38 ============================================================
21:40:24.0718 0x0c38 System UUID: {69A5662A-633F-3187-1D20-38AD284BA1AD}
21:40:25.0421 0x0c38 Drive \Device\Harddisk0\DR0 - Size: 0x9502F9000 (37.25 Gb), SectorSize: 0x200, Cylinders: 0x12FF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
21:40:25.0421 0x0c38 ============================================================
21:40:25.0421 0x0c38 \Device\Harddisk0\DR0:
21:40:25.0421 0x0c38 MBR partitions:
21:40:25.0421 0x0c38 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x4A69BB9
21:40:25.0421 0x0c38 ============================================================
21:40:25.0468 0x0c38 C: <-> \Device\Harddisk0\DR0\Partition1
21:40:25.0468 0x0c38 ============================================================
21:40:25.0468 0x0c38 Initialize success
21:40:25.0468 0x0c38 ============================================================
21:43:40.0625 0x0ce0 ============================================================
21:43:40.0625 0x0ce0 Scan started
21:43:40.0625 0x0ce0 Mode: Manual;
21:43:40.0625 0x0ce0 ============================================================
21:43:40.0625 0x0ce0 KSN ping started
21:43:54.0187 0x0ce0 KSN ping finished: true
21:43:54.0796 0x0ce0 ================ Scan system memory ========================
21:43:54.0796 0x0ce0 System memory - ok
21:43:54.0796 0x0ce0 ================ Scan services =============================
21:43:54.0953 0x0ce0 [ 9EBE730D4B5E3FF25EAAF5A59BA6CCFF, 558231A81D30F98D2285D3AC63E0B33D0BB8BA182115E263436CC431BA4CC0CD ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:43:54.0968 0x0ce0 !SASCORE - ok
21:43:55.0296 0x0ce0 Abiosdsk - ok
21:43:55.0296 0x0ce0 abp480n5 - ok
21:43:55.0359 0x0ce0 [ 1C3C72C504F312C19426CC7CB9AD8E98, 5EF626A490B84F973BE930715C31D6E303C1110D790B4FFCD64572D750DFE4A1 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:43:55.0375 0x0ce0 ACPI - ok
21:43:55.0421 0x0ce0 [ 99F9466C2611E379C88FBBFC8DF89B17, B64927A30C69CF0B103EEC1A46CF7D9FF54BA004F0CC2CBA639ACAAD8C9F47AB ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:43:55.0421 0x0ce0 ACPIEC - ok
21:43:55.0421 0x0ce0 adpu160m - ok
21:43:55.0484 0x0ce0 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:43:55.0484 0x0ce0 aec - ok
21:43:55.0500 0x0ce0 [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:43:55.0500 0x0ce0 AFD - ok
21:43:55.0515 0x0ce0 Aha154x - ok
21:43:55.0515 0x0ce0 aic78u2 - ok
21:43:55.0531 0x0ce0 aic78xx - ok
21:43:55.0562 0x0ce0 [ 2D60F4A987FB1D39281EFD8C4FD0A298, 14F79FAAA2F943068CCFCCFEFA409E5FFA0BA8572D0EAAF092137D49ACF0F796 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:43:55.0562 0x0ce0 Alerter - ok
21:43:55.0593 0x0ce0 [ 9E2814734BE84F8395FB45C16DB6F17B, 476DAE2CC5E745A7DA96A501761BEEAA1AC9C445CCFC7DC614E9B1D5D129CEEF ] ALG C:\WINDOWS\System32\alg.exe
21:43:55.0609 0x0ce0 ALG - ok
21:43:55.0609 0x0ce0 AliIde - ok
21:43:55.0609 0x0ce0 amsint - ok
21:43:55.0625 0x0ce0 AppMgmt - ok
21:43:55.0625 0x0ce0 asc - ok
21:43:55.0640 0x0ce0 asc3350p - ok
21:43:55.0640 0x0ce0 asc3550 - ok
21:43:55.0796 0x0ce0 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:43:55.0828 0x0ce0 aspnet_state - ok
21:43:55.0875 0x0ce0 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:43:55.0875 0x0ce0 AsyncMac - ok
21:43:55.0921 0x0ce0 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:43:55.0921 0x0ce0 atapi - ok
21:43:55.0937 0x0ce0 Atdisk - ok
21:43:55.0968 0x0ce0 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:43:55.0968 0x0ce0 Atmarpc - ok
21:43:56.0015 0x0ce0 [ BE097D45F15D94690E94C9A2AF1C5730, E43B641B9287E4EF2961E2E83FAE6903652661FAB636F585298C7164EB489084 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:43:56.0015 0x0ce0 AudioSrv - ok
21:43:56.0078 0x0ce0 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:43:56.0078 0x0ce0 audstub - ok
21:43:56.0140 0x0ce0 [ 241474D01380E9ED41D4C07F4F5FD401, 93CAD2FB0260C5CDDF014E16D8D99A63E8CA107BC2EE6D403CC7C877C3ADBD97 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
21:43:56.0140 0x0ce0 b57w2k - ok
21:43:56.0203 0x0ce0 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:43:56.0203 0x0ce0 Beep - ok
21:43:56.0265 0x0ce0 [ ABDC5CF759C736DFBFEB031FDC01E303, 8F6B70E4563AB8B6DDCEE4DE7A3D5DEA0EBF26A379BEA7C03F1EB22931137F75 ] BITS C:\WINDOWS\system32\qmgr.dll
21:43:56.0359 0x0ce0 BITS - ok
21:43:56.0406 0x0ce0 [ 9ADFF48255BFC005805E1886ED9ED8CE, B196737A4CCDEF20B0BB540208A92ADB6966BE319D07E0CC349FF39596A5C26A ] Browser C:\WINDOWS\System32\browser.dll
21:43:56.0406 0x0ce0 Browser - ok
21:43:56.0406 0x0ce0 catchme - ok
21:43:56.0453 0x0ce0 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:43:56.0453 0x0ce0 cbidf2k - ok
21:43:56.0468 0x0ce0 cd20xrnt - ok
21:43:56.0500 0x0ce0 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:43:56.0500 0x0ce0 Cdaudio - ok
21:43:56.0562 0x0ce0 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:43:56.0562 0x0ce0 Cdfs - ok
21:43:56.0578 0x0ce0 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:43:56.0578 0x0ce0 Cdrom - ok
21:43:56.0578 0x0ce0 Changer - ok
21:43:56.0593 0x0ce0 [ BE6F88236BA32F780CD93BBCAF54AE32, 7E0DC0B6478D686B424371175A8712FF2BF1898EEE0C66CFA8361213DBC8FAFA ] cisvc C:\WINDOWS\system32\cisvc.exe
21:43:56.0593 0x0ce0 cisvc - ok
21:43:56.0625 0x0ce0 [ BC6C0DBFB19D610D9B1E996F4452B161, BC4DCE99F30350DB2D4D89A369C885C148D487433C711A44FE736CA3B5B85536 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:43:56.0625 0x0ce0 ClipSrv - ok
21:43:56.0718 0x0ce0 [ 234B1BC2796483E1F5C3F26649FB3388, F412B31340B11418698F263A60C78CB086F3D973EDA0C15DF12331971EB3C9DC ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:43:56.0718 0x0ce0 clr_optimization_v2.0.50727_32 - ok
21:43:56.0765 0x0ce0 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:43:56.0812 0x0ce0 clr_optimization_v4.0.30319_32 - ok
21:43:56.0828 0x0ce0 CmdIde - ok
21:43:56.0828 0x0ce0 COMSysApp - ok
21:43:56.0843 0x0ce0 Cpqarray - ok
21:43:56.0875 0x0ce0 [ F50F73977012F0F5CF807451B79B6736, 859C67511686AF78B7C460A7EC22FF7100D99EAABD32809EEE518EC16FD8014C ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:43:56.0875 0x0ce0 CryptSvc - ok
21:43:56.0875 0x0ce0 dac2w2k - ok
21:43:56.0890 0x0ce0 dac960nt - ok
21:43:56.0968 0x0ce0 [ CAF10713E4A7C574FB8C86D34FF70616, 1C527733FC91F6A2649F5EA166E8FE8DAC231535600A84A1BB5EA2BF81DFAAC0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:43:56.0984 0x0ce0 DcomLaunch - ok
21:43:57.0046 0x0ce0 [ 94C7EE99425BC8342D2991A915D8A8A9, ED27DD1380324F537071E0C410DBC71204A76C0C09BAD1FECCF0ED346D1466F6 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:43:57.0046 0x0ce0 Dhcp - ok
21:43:57.0140 0x0ce0 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:43:57.0140 0x0ce0 Disk - ok
21:43:57.0140 0x0ce0 dmadmin - ok
21:43:57.0218 0x0ce0 [ FD983F66EEB5245EF9B28EA3444B2E20, A274DF31385071E8A58365DFE68F417FD0B7031637B8888CAC6445A199C80B5D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:43:57.0265 0x0ce0 dmboot - ok
21:43:57.0312 0x0ce0 [ A732FC0D3B930E2539018EB8EC9314C2, 6266AA5072FF1246AA9FE95487F401E972EC40F990439D40F1588A82275A1445 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:43:57.0312 0x0ce0 dmio - ok
21:43:57.0343 0x0ce0 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:43:57.0343 0x0ce0 dmload - ok
21:43:57.0375 0x0ce0 [ F78D2A217BE961A73BBCBA8C502746F6, C134196D5577E1C439D4DAD5F8B930F49C3CF1EFCED4449CD626D4252E95782E ] dmserver C:\WINDOWS\System32\dmserver.dll
21:43:57.0375 0x0ce0 dmserver - ok
21:43:57.0421 0x0ce0 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:43:57.0421 0x0ce0 DMusic - ok
21:43:57.0484 0x0ce0 [ B88F912AEC6E655051A935C2D41FA5B3, 5C2195E2CFFB1E0D2ADD2276BEA2439C9A7A304AC333AC655DFB429D5D074819 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:43:57.0484 0x0ce0 Dnscache - ok
21:43:57.0531 0x0ce0 [ AEF153DBE79177F71B03AA013FA237A2, E6691D2367179FEF9CE56B037597EF6DAEC83AAE07BBF6F5CF59BC80CB16FDDD ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:43:57.0546 0x0ce0 Dot3svc - ok
21:43:57.0546 0x0ce0 dpti2o - ok
21:43:57.0578 0x0ce0 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:43:57.0578 0x0ce0 drmkaud - ok
21:43:57.0640 0x0ce0 [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
21:43:57.0656 0x0ce0 dtsoftbus01 - ok
21:43:57.0703 0x0ce0 [ DFD142289BBE62FE420B018A33CE6104, C423F4B5E0F46A2A1C91C03F3BBE5A2CCD0DE7BA6093710D4BCDDAD80BFA458C ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:43:57.0703 0x0ce0 EapHost - ok
21:43:57.0750 0x0ce0 [ 94F58EC326A57BBE8E81636B9B583578, AC74286395B80AF22ADEE8DC673E54F148AEF7A436EA09C92E700104C85350BE ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:43:57.0750 0x0ce0 ERSvc - ok
21:43:57.0812 0x0ce0 [ 207AB7A1A36004BB6F33E58E71C1C90E, C4B4729276A5C1E523C5E48DCFA436E15311C85AC775A8CF3B549A71E7D3C2D2 ] Eventlog C:\WINDOWS\system32\services.exe
21:43:57.0828 0x0ce0 Eventlog - ok
21:43:57.0843 0x0ce0 [ 53B11DD7E1BF16BDE231B63A3D6C6BC0, D3D9785D264D47C18ADFB6D1106DAA0FBBD84A1450239149E9C229DA6764503B ] EventSystem C:\WINDOWS\System32\es.dll
21:43:57.0859 0x0ce0 EventSystem - ok
21:43:57.0890 0x0ce0 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:43:57.0890 0x0ce0 Fastfat - ok
21:43:57.0953 0x0ce0 [ 9ED683865B8F0D374B95F4159F33833C, 6570DBEABF2AD245867949FD5DB195D4B44C0BF4EAFF021515BCDE061058F756 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:43:57.0968 0x0ce0 FastUserSwitchingCompatibility - ok
21:43:57.0984 0x0ce0 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:43:57.0984 0x0ce0 Fdc - ok
21:43:58.0031 0x0ce0 [ 418D3078A9B107DE75C9BA9B56CBA035, 463B5C9C34BD48CCD25BEDC1C27A004383155797374A26FE313C2B6A2AF35388 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:43:58.0031 0x0ce0 Fips - ok
21:43:58.0046 0x0ce0 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:43:58.0046 0x0ce0 Flpydisk - ok
21:43:58.0093 0x0ce0 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:43:58.0109 0x0ce0 FltMgr - ok
21:43:58.0218 0x0ce0 [ 993883524AA9CF1C90E1545411A9AC9C, 95B854BFBB3761225F3AB4FA61E299991EE2BB5F78D22C2F7FB3C4BD0EEBD654 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:43:58.0218 0x0ce0 FontCache3.0.0.0 - ok
21:43:58.0234 0x0ce0 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:43:58.0234 0x0ce0 Fs_Rec - ok
21:43:58.0250 0x0ce0 [ 9C798FDC0D53DFBA6F4C4059A11FBFE8, D6FF0E3D4120A8226A8086B81C0B805813866CC2EE73C30773558282D52A8032 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:43:58.0265 0x0ce0 Ftdisk - ok
21:43:58.0312 0x0ce0 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:43:58.0312 0x0ce0 Gpc - ok
21:43:58.0343 0x0ce0 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
21:43:58.0343 0x0ce0 hamachi - ok
21:43:58.0500 0x0ce0 [ C9EF0B0B132EA48CDD5E206F6F99EDC9, 6D47DE6CE13CDC8AC0CD337989FCD2FD3A7004DD253C2B7EF1009C7ECFD9EECD ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
21:43:58.0578 0x0ce0 Hamachi2Svc - ok
21:43:58.0687 0x0ce0 [ A8555880AA97C410DCEA531B4799FA11, 02C7D5EA432A2CC53215DB2F39E1536BDE69CD93DA57E32AAE787DC5BBE8E98E ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:43:58.0687 0x0ce0 helpsvc - ok
21:43:58.0687 0x0ce0 HidServ - ok
21:43:58.0750 0x0ce0 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:43:58.0750 0x0ce0 hidusb - ok
21:43:58.0781 0x0ce0 [ 0C71805B04E14FD1AE2ED3938F4F2D05, 2E24DB2F8282AC28E6F46096A45C584F15A41C14C00EF770592BCD23BB208E94 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:43:58.0796 0x0ce0 hkmsvc - ok
21:43:58.0796 0x0ce0 hpn - ok
21:43:58.0953 0x0ce0 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:43:58.0968 0x0ce0 hpqcxs08 - ok
21:43:59.0000 0x0ce0 [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:43:59.0000 0x0ce0 hpqddsvc - ok
21:43:59.0015 0x0ce0 hpt3xx - ok
21:43:59.0046 0x0ce0 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:43:59.0046 0x0ce0 HPZid412 - ok
21:43:59.0078 0x0ce0 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:43:59.0078 0x0ce0 HPZipr12 - ok
21:43:59.0125 0x0ce0 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:43:59.0125 0x0ce0 HPZius12 - ok
21:43:59.0187 0x0ce0 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:43:59.0218 0x0ce0 HTTP - ok
21:43:59.0265 0x0ce0 [ 4E71FDAC76E5E9ED1C88DC3FB16E301D, 335D7AF232FE8EDFBED6DD2C288256E170AFE71179BE614110597B8AF137326A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:43:59.0281 0x0ce0 HTTPFilter - ok
21:43:59.0359 0x0ce0 [ AC1E9496BA0AC3B27B45F2228ED51B2C, C1EB7B5ECC4CF6AADD8CB7D7CE7D5A31581979619E8E3E7D4ADB220730919E17 ] HWiNFO32 C:\Program Files\HWiNFO32\HWiNFO32.SYS
21:43:59.0359 0x0ce0 HWiNFO32 - ok
21:43:59.0375 0x0ce0 i2omgmt - ok
21:43:59.0375 0x0ce0 i2omp - ok
21:43:59.0390 0x0ce0 [ F8D6633482E0BD81766C74441B134FDF, 826589D4B7B4952B207F31E5F159B03DAF04518AB4461F5E51B51618FA8FE59B ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
21:43:59.0390 0x0ce0 i8042prt - ok
21:43:59.0734 0x0ce0 [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:44:00.0000 0x0ce0 ialm - ok
21:44:00.0109 0x0ce0 [ E7CC3AEAED9893A88876744CD439F76C, C5421E8866A8468FE8E1DCE11245E8EEE6F9750C4F7365497D4C2DE007864FB5 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:44:00.0171 0x0ce0 idsvc - ok
21:44:00.0203 0x0ce0 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:44:00.0203 0x0ce0 Imapi - ok
21:44:00.0281 0x0ce0 [ 2471854671044613A324486986236FFF, 44EFC50E3AB5936AC18B33C9A62DE991B315AF451EAF7C0FD68641357AE2DC38 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:44:00.0281 0x0ce0 ImapiService - ok
21:44:00.0296 0x0ce0 ini910u - ok
21:44:00.0296 0x0ce0 IntelIde - ok
21:44:00.0312 0x0ce0 [ BB055E429E9F54AA3FBA2DD33BEB0935, B1276A6CAD3B7DCE24C668D5DBB38A6AC69D38D1CFF85360D7C57BF6270FB708 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:44:00.0312 0x0ce0 intelppm - ok
21:44:00.0343 0x0ce0 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:44:00.0359 0x0ce0 ip6fw - ok
21:44:00.0390 0x0ce0 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:44:00.0390 0x0ce0 IpFilterDriver - ok
21:44:00.0406 0x0ce0 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:44:00.0406 0x0ce0 IpInIp - ok
21:44:00.0468 0x0ce0 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:44:00.0500 0x0ce0 IpNat - ok
21:44:00.0515 0x0ce0 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:44:00.0531 0x0ce0 IPSec - ok
21:44:00.0562 0x0ce0 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:44:00.0562 0x0ce0 IRENUM - ok
21:44:00.0609 0x0ce0 [ D3715A2DBA29215BE59DCFC11294D493, 130C73426F31383118E12195FFE097E1F3AADEF291F4D8ED5CAB0301E4C92702 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:44:00.0625 0x0ce0 isapnp - ok
21:44:00.0687 0x0ce0 [ AF1FD8035B4A34EAF25F8BB1CD3C95FF, C322780CAF17CC2229CDBAE63B5BDFE223238B628B1AA917822AA0B0A70914BE ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:44:00.0687 0x0ce0 Kbdclass - ok
21:44:00.0750 0x0ce0 [ 2FA8856D81EEE4C59272B3CC61DEA319, 45DA3FBD638707E011679CF3E0A496698C11ED45D6DDCB9E5B20D63D8224A6F8 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:44:00.0750 0x0ce0 kbdhid - ok
21:44:00.0765 0x0ce0 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:44:00.0781 0x0ce0 kmixer - ok
21:44:00.0796 0x0ce0 [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:44:00.0796 0x0ce0 KSecDD - ok
21:44:00.0875 0x0ce0 [ 7B05FA3CF479FE189EE8670F9E03A5B9, 8294D0E3FC15266D7496A7DB258B4E2F302CDB2FAA2E23765429081670CC602B ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:44:00.0875 0x0ce0 lanmanserver - ok
21:44:00.0937 0x0ce0 [ 7EF583535D811F65E871E14C218CEF38, 08BB517DDE93D6DA18C05D93DD3BD9F3BF72716ED283FD530FD588ED74CD006C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:44:00.0953 0x0ce0 lanmanworkstation - ok
21:44:00.0953 0x0ce0 lbrtfdc - ok
21:44:01.0015 0x0ce0 [ 429F8A7802C1E7D8254C1EE7B70499E3, 87444AC13A739C618B65E88E194741A9730104D34262EE12F82F97DCB0294259 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:44:01.0015 0x0ce0 LmHosts - ok
21:44:01.0093 0x0ce0 [ EA3E1648442BF717B35A68108CA4B0B3, AF5AFC4628BD4F5DCA40DB70CC1DA8D1C9F43B05028D663F48150DBBDCCADF2E ] LMIGuardianSvc C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
21:44:01.0156 0x0ce0 LMIGuardianSvc - ok
21:44:01.0203 0x0ce0 [ 805C6F337968C7271F0421D0A386C8EE, 1FAB99BA07A4B1012857EC2F1E38696BBBE1E494AF6E165A76FE41E46BDC463A ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
21:44:01.0203 0x0ce0 mbamchameleon - ok
21:44:01.0234 0x0ce0 [ E5D6246619CDF5ABC631D3600AAF1DAD, 3FB432FF5FA1A1CAD8C9F1402EF037B8DF7AD22AE0F203C15DE3B83D21B89F6D ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:44:01.0234 0x0ce0 Messenger - ok
21:44:01.0312 0x0ce0 Microsoft SharePoint Workspace Audit Service - ok
21:44:01.0359 0x0ce0 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:44:01.0359 0x0ce0 mnmdd - ok
21:44:01.0406 0x0ce0 [ DC6F63935B77436AC4EDEEF59025CDC9, 9FA080604CD015228C0C9C597140632F9377ADB693E05FA5B9797445A8A1E111 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
21:44:01.0406 0x0ce0 mnmsrvc - ok
21:44:01.0468 0x0ce0 [ 4C84460A6BC9A5BF60555C04BE55792E, D030016A57F7964FD91A5BEA8FDF4087542EA17A9E7C23E1C4986C1337386C3E ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:44:01.0468 0x0ce0 Modem - ok
21:44:01.0468 0x0ce0 [ 6BE02786A7C13CCEAE728298EFFA0730, F0D7F81A96AC361200133A2C0FEC6251809A65CD8D4767026ED4CA8BF8EB55DF ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:44:01.0468 0x0ce0 Mouclass - ok
21:44:01.0531 0x0ce0 [ 89DDB41A54DDF8B3E5B7B9E92ED23A50, 5DEB875DDA4FD0DB768DDBF5E3D4B0CC1A39C8BB1E46054B482C94F41A145E16 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:44:01.0531 0x0ce0 mouhid - ok
21:44:01.0546 0x0ce0 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:44:01.0546 0x0ce0 MountMgr - ok
21:44:01.0609 0x0ce0 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:44:01.0609 0x0ce0 MozillaMaintenance - ok
21:44:01.0625 0x0ce0 mraid35x - ok
21:44:01.0640 0x0ce0 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:44:01.0656 0x0ce0 MRxDAV - ok
21:44:01.0687 0x0ce0 [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:44:01.0718 0x0ce0 MRxSmb - ok
21:44:01.0796 0x0ce0 [ 3D3535F73A38BEB3E4491E2C0459F77D, 412CB41F9BF305B6E5F4B8A00A22211D940C2D6665D2BD3AACA8FF71022E9DE6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:44:01.0796 0x0ce0 MSDTC - ok
21:44:01.0843 0x0ce0 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:44:01.0859 0x0ce0 Msfs - ok
21:44:01.0875 0x0ce0 MSIServer - ok
21:44:01.0921 0x0ce0 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:44:01.0921 0x0ce0 MSKSSRV - ok
21:44:01.0937 0x0ce0 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:44:01.0937 0x0ce0 MSPCLOCK - ok
21:44:01.0968 0x0ce0 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:44:01.0968 0x0ce0 MSPQM - ok
21:44:02.0000 0x0ce0 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:44:02.0000 0x0ce0 mssmbios - ok
21:44:02.0062 0x0ce0 [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:44:02.0062 0x0ce0 Mup - ok
21:44:02.0125 0x0ce0 [ 730BD15AF8C65C3BBD040D121576123D, 58BC15DAA8B16B0A92476F3038C6DF6A3E273966823D6852E5AADDC43B3F76CE ] napagent C:\WINDOWS\System32\qagentrt.dll
21:44:02.0140 0x0ce0 napagent - ok
21:44:02.0171 0x0ce0 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:44:02.0187 0x0ce0 NDIS - ok
21:44:02.0203 0x0ce0 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:44:02.0203 0x0ce0 NdisTapi - ok
21:44:02.0218 0x0ce0 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:44:02.0218 0x0ce0 Ndisuio - ok
21:44:02.0296 0x0ce0 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:44:02.0296 0x0ce0 NdisWan - ok
21:44:02.0312 0x0ce0 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:44:02.0312 0x0ce0 NDProxy - ok
21:44:02.0390 0x0ce0 [ 510C138564486FF926A3F773205C63D1, 50FBB8555C284ED22F71D99750899321B63E3B4C255174FE9B4F31084F9A34B1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
21:44:02.0390 0x0ce0 Net Driver HPZ12 - ok
21:44:02.0421 0x0ce0 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:44:02.0437 0x0ce0 NetBIOS - ok
21:44:02.0468 0x0ce0 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:44:02.0484 0x0ce0 NetBT - ok
21:44:02.0546 0x0ce0 [ EAE9FB52F7552C0EA407BE6EFF69C094, 63FFD46DFE0ED972BD91E71589D8B45F024302D2AF79D3F7ECD68819BB2DCC79 ] NetDDE C:\WINDOWS\system32\netdde.exe
21:44:02.0562 0x0ce0 NetDDE - ok
21:44:02.0593 0x0ce0 [ EAE9FB52F7552C0EA407BE6EFF69C094, 63FFD46DFE0ED972BD91E71589D8B45F024302D2AF79D3F7ECD68819BB2DCC79 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:44:02.0593 0x0ce0 NetDDEdsdm - ok
21:44:02.0656 0x0ce0 [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:44:02.0656 0x0ce0 Netlogon - ok
21:44:02.0718 0x0ce0 [ A443996504A45CDF60CBA800DCB14420, D1C60B688D42A66A0D84763C5E48B80F7CABEEA4136DD65647F3B43C459094F3 ] Netman C:\WINDOWS\System32\netman.dll
21:44:02.0734 0x0ce0 Netman - ok
21:44:02.0781 0x0ce0 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:44:02.0796 0x0ce0 NetTcpPortSharing - ok
21:44:02.0843 0x0ce0 [ 205B0507C0D7AFE3ACAF669AB3E245F1, 5EB4265AC553FD1B84E99E369D269BB17B6A5656356649E3AC50AE4F8BE371AA ] Nla C:\WINDOWS\System32\mswsock.dll
21:44:02.0859 0x0ce0 Nla - ok
21:44:02.0921 0x0ce0 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:44:02.0921 0x0ce0 Npfs - ok
21:44:02.0953 0x0ce0 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:44:02.0984 0x0ce0 Ntfs - ok
21:44:03.0000 0x0ce0 [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
21:44:03.0000 0x0ce0 NtLmSsp - ok
21:44:03.0062 0x0ce0 [ 5AA7FCAAFB3A3F81641BFA9DAB55CE42, 08B19AEB608B6850B879D2E3D1D06D852499135694C6F62822C0D4CC2A481F09 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:44:03.0109 0x0ce0 NtmsSvc - ok
21:44:03.0140 0x0ce0 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
21:44:03.0140 0x0ce0 Null - ok
21:44:03.0187 0x0ce0 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:44:03.0187 0x0ce0 NwlnkFlt - ok
21:44:03.0203 0x0ce0 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:44:03.0203 0x0ce0 NwlnkFwd - ok
21:44:03.0296 0x0ce0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:44:03.0328 0x0ce0 ose - ok

descriptionRe: Browser hijacked "Do Searches"

more_horiz
21:44:03.0671 0x0ce0 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:44:03.0875 0x0ce0 osppsvc - ok
21:44:03.0953 0x0ce0 [ 3D383486B2D3B97CD44334A406AE3418, 470C374DB9A5BCD9C380A02B43E575CF6D4C3AF2D3A9F90D0544D57E4D764F12 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
21:44:03.0968 0x0ce0 Parport - ok
21:44:03.0984 0x0ce0 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
21:44:03.0984 0x0ce0 PartMgr - ok
21:44:04.0031 0x0ce0 [ CBC2A624A1DAC81BD1A2932985A8955F, D5470225BCBF9269B5295F3840C3F234A3024AEC3F6074BDB9C5FA3EB12733BB ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
21:44:04.0031 0x0ce0 ParVdm - ok
21:44:04.0062 0x0ce0 [ DCB32B61125E35AF33CB8CD54A1E7737, D8A2293D0F27EE9094243D2B8223A2149CB9762B24CDD74BAC613F12476F8623 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
21:44:04.0062 0x0ce0 PCI - ok
21:44:04.0078 0x0ce0 PCIDump - ok
21:44:04.0078 0x0ce0 [ D0F88F309E94460AE276C843192D9DE7, 493BC0A4F1CB4CF134CAA4DC9D11B1943FB024DDE6759014A017FDB30B466ADE ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
21:44:04.0078 0x0ce0 PCIIde - ok
21:44:04.0109 0x0ce0 [ 1E052D2D5A43C0D097FD96B1490D6083, E8457F3F6A3BD36BD0443385C2A00D2F53AFD0BBD8DBF85AAECC80171285F3CB ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
21:44:04.0109 0x0ce0 Pcmcia - ok
21:44:04.0125 0x0ce0 PDCOMP - ok
21:44:04.0125 0x0ce0 PDFRAME - ok
21:44:04.0140 0x0ce0 PDRELI - ok
21:44:04.0140 0x0ce0 PDRFRAME - ok
21:44:04.0140 0x0ce0 perc2 - ok
21:44:04.0156 0x0ce0 perc2hib - ok
21:44:04.0203 0x0ce0 [ 207AB7A1A36004BB6F33E58E71C1C90E, C4B4729276A5C1E523C5E48DCFA436E15311C85AC775A8CF3B549A71E7D3C2D2 ] PlugPlay C:\WINDOWS\system32\services.exe
21:44:04.0203 0x0ce0 PlugPlay - ok
21:44:04.0218 0x0ce0 [ 37E5E8FFBAD35605DAEEC3224EA0E465, E3A9BE275D3C8A3E143DF3A795964E9860A1F6C18BE36F8FE552E954435AC927 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
21:44:04.0218 0x0ce0 Pml Driver HPZ12 - ok
21:44:04.0281 0x0ce0 [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
21:44:04.0281 0x0ce0 PolicyAgent - ok
21:44:04.0296 0x0ce0 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:44:04.0296 0x0ce0 PptpMiniport - ok
21:44:04.0312 0x0ce0 [ B7F6B49187EA0254076BBBEEF59E200B, BB6BC8549A70C438509D0FF8A00A71F5131D248818C3CBDF9C4EE2DB5F6AA670 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
21:44:04.0312 0x0ce0 Processor - ok
21:44:04.0328 0x0ce0 [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:44:04.0328 0x0ce0 ProtectedStorage - ok
21:44:04.0328 0x0ce0 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
21:44:04.0328 0x0ce0 PSched - ok
21:44:04.0390 0x0ce0 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:44:04.0390 0x0ce0 Ptilink - ok
21:44:04.0390 0x0ce0 ql1080 - ok
21:44:04.0406 0x0ce0 Ql10wnt - ok
21:44:04.0421 0x0ce0 ql12160 - ok
21:44:04.0421 0x0ce0 ql1240 - ok
21:44:04.0437 0x0ce0 ql1280 - ok
21:44:04.0453 0x0ce0 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:44:04.0453 0x0ce0 RasAcd - ok
21:44:04.0500 0x0ce0 [ A45F25BED4DEF4E941B7CCFB5391E782, B097492CD218C09C49699D2211D3E8111DCEF347E549197D384D5B5E41381007 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:44:04.0515 0x0ce0 RasAuto - ok
21:44:04.0562 0x0ce0 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:44:04.0562 0x0ce0 Rasl2tp - ok
21:44:04.0640 0x0ce0 [ A31E640E2CB33C8E029B4235E6F6681B, E8E3E03DA8BB0FD0C9E4D8B4AEB5A449E33E5DD4A2E7AE332A571992DCF8BD85 ] RasMan C:\WINDOWS\System32\rasmans.dll
21:44:04.0656 0x0ce0 RasMan - ok
21:44:04.0703 0x0ce0 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:44:04.0703 0x0ce0 RasPppoe - ok
21:44:04.0718 0x0ce0 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
21:44:04.0718 0x0ce0 Raspti - ok
21:44:04.0781 0x0ce0 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:44:04.0796 0x0ce0 Rdbss - ok
21:44:04.0812 0x0ce0 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:44:04.0812 0x0ce0 RDPCDD - ok
21:44:04.0843 0x0ce0 [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
21:44:04.0859 0x0ce0 RDPWD - ok
21:44:04.0890 0x0ce0 [ 279C3728D2AF16167EC544F495F39341, 09C68414A17EE842B9B13CD23CAD8C22015BFEFC1B20C641758129194B6963F9 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
21:44:04.0906 0x0ce0 RDSessMgr - ok
21:44:05.0000 0x0ce0 [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
21:44:05.0015 0x0ce0 RealNetworks Downloader Resolver Service - ok
21:44:05.0031 0x0ce0 [ EB83EDB7F55F1910E4DB8C823A86CEED, 373C05C823C2F0214A00DE01D0200DD33860E80C030F841CDD92918536266C97 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
21:44:05.0031 0x0ce0 redbook - ok
21:44:05.0093 0x0ce0 [ A9BF621F4C5B89CEA6DD4FAE77281754, AC4BDCC9668BCC1B3CFDBFE025499E5520BAAB57CAA1F60E2603C6F30E4E31A3 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:44:05.0093 0x0ce0 RemoteAccess - ok
21:44:05.0140 0x0ce0 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
21:44:05.0140 0x0ce0 ROOTMODEM - ok
21:44:05.0203 0x0ce0 [ 9651CCA84B86457879A69DB07FA98617, 0A52EAF75982841EEBAD6359C0599FD66E616BD86B5F5FB6D6A0401871290B24 ] RpcLocator C:\WINDOWS\System32\locator.exe
21:44:05.0203 0x0ce0 RpcLocator - ok
21:44:05.0281 0x0ce0 [ CAF10713E4A7C574FB8C86D34FF70616, 1C527733FC91F6A2649F5EA166E8FE8DAC231535600A84A1BB5EA2BF81DFAAC0 ] RpcSs C:\WINDOWS\System32\rpcss.dll
21:44:05.0296 0x0ce0 RpcSs - ok
21:44:05.0343 0x0ce0 [ 0A4E041DBA5D0FB36863460DCBAE2623, 6C3E801815DDA93644C8A2F439E617697648627E9A91183AA7628D6E425D17EA ] RSVP C:\WINDOWS\System32\rsvp.exe
21:44:05.0359 0x0ce0 RSVP - ok
21:44:05.0375 0x0ce0 [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] SamSs C:\WINDOWS\system32\lsass.exe
21:44:05.0375 0x0ce0 SamSs - ok
21:44:05.0390 0x0ce0 [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:44:05.0390 0x0ce0 SASDIFSV - ok
21:44:05.0437 0x0ce0 [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:44:05.0437 0x0ce0 SASKUTIL - ok
21:44:05.0500 0x0ce0 [ 5DBE70E8932492DCFE78D21965652968, 3A5C05834DC1F752021F90A8E67C1175FEA6DDC774DFA227041CA4D59B720B66 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
21:44:05.0500 0x0ce0 SCardSvr - ok
21:44:05.0546 0x0ce0 [ 20B2751CD4C8F3FD989739CA661B9F30, 7D2449FB3657DD219D7A401AB8BC0B3AF0FBB6BD784C1AC723825CB1B688BEC5 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
21:44:05.0562 0x0ce0 SCDEmu - ok
21:44:05.0625 0x0ce0 [ 9D48CFB98C9FD9159D00243FE665CF43, 87E8C88BCA4938AA7258C0C6D1730D26A8CCD1530EE49312394D02EA250ABFB8 ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:44:05.0640 0x0ce0 Schedule - ok
21:44:05.0687 0x0ce0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:44:05.0687 0x0ce0 Secdrv - ok
21:44:05.0750 0x0ce0 [ 1B2629D2114A76ED82D33D028CB9E9A0, ACCAB9E0DEB7DA40435EBB63502AB1CBFF0688A67C26728F4F918D5A44C2D4E5 ] seclogon C:\WINDOWS\System32\seclogon.dll
21:44:05.0750 0x0ce0 seclogon - ok
21:44:05.0843 0x0ce0 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
21:44:05.0890 0x0ce0 senfilt - ok
21:44:05.0890 0x0ce0 [ 5FED33452FD871BDE528AF32F0D5063F, 05064166CAF8311937BCFD9702C6C253DFDAF769CD2238626DA90D8FA3C4B08A ] SENS C:\WINDOWS\system32\sens.dll
21:44:05.0906 0x0ce0 SENS - ok
21:44:05.0921 0x0ce0 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
21:44:05.0921 0x0ce0 serenum - ok
21:44:05.0937 0x0ce0 [ AD994A88BBFA3C686397951B11A701A5, D4C718282B6EEE4C50CC1E4F848B5C42BE69CA7522BABDAAB28341DAB4C3504D ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
21:44:05.0953 0x0ce0 Serial - ok
21:44:05.0984 0x0ce0 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
21:44:06.0000 0x0ce0 Sfloppy - ok
21:44:06.0062 0x0ce0 [ 522873DF0FFD34FB1A8AF7D7E276727E, B882BAE7C5B9B2778743DC0655BE17962B70A4735BEC22865BF979DC386908E0 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:44:06.0078 0x0ce0 SharedAccess - ok
21:44:06.0140 0x0ce0 [ 9ED683865B8F0D374B95F4159F33833C, 6570DBEABF2AD245867949FD5DB195D4B44C0BF4EAFF021515BCDE061058F756 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:44:06.0140 0x0ce0 ShellHWDetection - ok
21:44:06.0140 0x0ce0 Simbad - ok
21:44:06.0218 0x0ce0 [ C6D9959E493682F872A639B6EC1B4A08, 5B6D3FD23A44422F8B3972CF47BF16B5015DC0CCF7EF59FADAFEEF1AEE32958B ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
21:44:06.0234 0x0ce0 smwdm - ok
21:44:06.0250 0x0ce0 Sparrow - ok
21:44:06.0250 0x0ce0 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
21:44:06.0250 0x0ce0 splitter - ok
21:44:06.0312 0x0ce0 [ 2A5DA64E77498E92EC20DC36A747DC98, 4237829F8500A0D0489B3054A9DF3918B5C3ACDE70844DFABB32A67E87C2C93B ] Spooler C:\WINDOWS\system32\spoolsv.exe
21:44:06.0328 0x0ce0 Spooler - ok
21:44:06.0375 0x0ce0 [ A41AC0D87DC3054DB716F1456C84391C, 25F9E3C2BE3E2059BB6673BAFFCD7837B036CB704B7005FD2AD85660EC112637 ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
21:44:06.0390 0x0ce0 sr - ok
21:44:06.0453 0x0ce0 [ BB9B6E360FF1A701A7920AA798A335BF, 7AE7A6DD74434AFB192A6D47B8796DAAC8329E2E367DA051ACCE7F03BA5ECFD4 ] srservice C:\WINDOWS\system32\srsvc.dll
21:44:06.0468 0x0ce0 srservice - ok
21:44:06.0500 0x0ce0 [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:44:06.0515 0x0ce0 Srv - ok
21:44:06.0578 0x0ce0 [ 0870FA719DCFC9C49044A4852CC0859E, 90417F6B4734852C1241A88E7914E2E4933028791B33A04B81634602084C48DD ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:44:06.0578 0x0ce0 SSDPSRV - ok
21:44:06.0656 0x0ce0 [ C93AAC10D3B6375E9C859AD8779B63BF, 8B00A50C9EBE91D04F32D7EAFECEAD5C9735A9B0AC45AD6AAFF164BB45F68ECE ] stisvc C:\WINDOWS\system32\wiaservc.dll
21:44:06.0687 0x0ce0 stisvc - ok
21:44:06.0750 0x0ce0 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
21:44:06.0750 0x0ce0 swenum - ok
21:44:06.0781 0x0ce0 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
21:44:06.0796 0x0ce0 swmidi - ok
21:44:06.0812 0x0ce0 SwPrv - ok
21:44:06.0843 0x0ce0 symc810 - ok
21:44:06.0859 0x0ce0 symc8xx - ok
21:44:06.0890 0x0ce0 sym_hi - ok
21:44:06.0906 0x0ce0 sym_u3 - ok
21:44:06.0921 0x0ce0 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
21:44:06.0921 0x0ce0 sysaudio - ok
21:44:07.0000 0x0ce0 [ C4AAC8BA839951337C8029CCC1841D8B, 7211FAEED828B479EDEBCC893E473B91DA8F35DAC5831AE1C2C8C4D41553FCC4 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
21:44:07.0000 0x0ce0 SysmonLog - ok
21:44:07.0078 0x0ce0 [ 3AFFC05E23E4A809B324952E8BCE29C0, 55889C0C10D6B8284553BB4BA68943F5A5CCF1B9C31DE78DB64AB47FF52D905A ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:44:07.0140 0x0ce0 TapiSrv - ok
21:44:07.0171 0x0ce0 [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:44:07.0187 0x0ce0 Tcpip - ok
21:44:07.0234 0x0ce0 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
21:44:07.0234 0x0ce0 TDPIPE - ok
21:44:07.0265 0x0ce0 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
21:44:07.0265 0x0ce0 TDTCP - ok
21:44:07.0296 0x0ce0 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
21:44:07.0296 0x0ce0 TermDD - ok
21:44:07.0359 0x0ce0 [ 949249FFEFBDF35AB5A3BB31800B7C20, C2836454A113E454E5AFF18F0FDD55C73B6E142BE8D28AC67984F5EFB08AF403 ] TermService C:\WINDOWS\System32\termsrv.dll
21:44:07.0375 0x0ce0 TermService - ok
21:44:07.0406 0x0ce0 [ 9ED683865B8F0D374B95F4159F33833C, 6570DBEABF2AD245867949FD5DB195D4B44C0BF4EAFF021515BCDE061058F756 ] Themes C:\WINDOWS\System32\shsvcs.dll
21:44:07.0406 0x0ce0 Themes - ok
21:44:07.0421 0x0ce0 TosIde - ok
21:44:07.0468 0x0ce0 [ 3986C1B3E63E831288F4CE4AC5902886, C53EE2A1E3EED718B4C0BD145658BC8D2240D306C3B8E9C65FC1AD25B7109D0C ] TrkWks C:\WINDOWS\system32\trkwks.dll
21:44:07.0484 0x0ce0 TrkWks - ok
21:44:07.0546 0x0ce0 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
21:44:07.0546 0x0ce0 Udfs - ok
21:44:07.0562 0x0ce0 ultra - ok
21:44:07.0640 0x0ce0 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
21:44:07.0671 0x0ce0 Update - ok
21:44:07.0750 0x0ce0 [ 0A0435BE61CE7BB2F43A529EAC811CB8, 2624BA570B5192898FFE71B372E1B77D463BB6CB8327289E612E2218470533D9 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:44:07.0781 0x0ce0 upnphost - ok
21:44:07.0812 0x0ce0 [ A7F37334A19A15F41935C8EC9037007F, 3FEC70885EB9B74C74CEC414DA295304925AB80AE9A0A8279C8B81AB4047DC3B ] UPS C:\WINDOWS\System32\ups.exe
21:44:07.0812 0x0ce0 UPS - ok
21:44:07.0890 0x0ce0 [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:44:07.0890 0x0ce0 usbccgp - ok
21:44:07.0937 0x0ce0 [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:44:07.0937 0x0ce0 usbehci - ok
21:44:08.0000 0x0ce0 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:44:08.0000 0x0ce0 usbhub - ok
21:44:08.0015 0x0ce0 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:44:08.0015 0x0ce0 usbprint - ok
21:44:08.0046 0x0ce0 [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:44:08.0046 0x0ce0 usbscan - ok
21:44:08.0078 0x0ce0 [ 1C888B000C2F9492F4B15B5B6B84873E, 40698DFA5CD7BCFAFC14A2227FBF58CAD44D95C4E48B4B81160A6BCC33A8C3E3 ] usbser C:\WINDOWS\system32\DRIVERS\usbser.sys
21:44:08.0078 0x0ce0 usbser - ok
21:44:08.0109 0x0ce0 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:44:08.0109 0x0ce0 USBSTOR - ok
21:44:08.0156 0x0ce0 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:44:08.0156 0x0ce0 usbuhci - ok
21:44:08.0171 0x0ce0 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
21:44:08.0171 0x0ce0 VgaSave - ok
21:44:08.0187 0x0ce0 ViaIde - ok
21:44:08.0250 0x0ce0 [ 3CF5DC3FDF17AE17D488D4548AC33741, 217036C8C7650B73A1733E9087A22A1ABBB6EEDCF037C33633C4F69012051225 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
21:44:08.0250 0x0ce0 VolSnap - ok
21:44:08.0312 0x0ce0 [ 2B2B357B63ACBEE389BEA503B5CA89CE, 18D04627ED301A2442047625EBF88CB182F43A8DEDD3FEA7B103630B1FC13A04 ] VSS C:\WINDOWS\System32\vssvc.exe
21:44:08.0328 0x0ce0 VSS - ok
21:44:08.0406 0x0ce0 [ B49EE293A184A0FFFF710CDD6713BD47, 433D45CC36E797B4E886049CF7CDC14EF89FCAADE6D14ACF7B3072CEF6362EEA ] W32Time C:\WINDOWS\system32\w32time.dll
21:44:08.0421 0x0ce0 W32Time - ok
21:44:08.0468 0x0ce0 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:44:08.0468 0x0ce0 Wanarp - ok
21:44:08.0484 0x0ce0 WDICA - ok
21:44:08.0500 0x0ce0 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
21:44:08.0500 0x0ce0 wdmaud - ok
21:44:08.0562 0x0ce0 [ 7D28CEE58219B1ADE976C8438442BF41, 379A124B25A7C1A906B049F0D84902DFEE900BDE44BFEC84642E608DD28D4C5E ] WebClient C:\WINDOWS\System32\webclnt.dll
21:44:08.0562 0x0ce0 WebClient - ok
21:44:08.0671 0x0ce0 [ 075EC50CA60F1B4EE576886BEF72AB21, 8391C74EAE6216F7836848DE243B9AAE81CB367D7E0FB1838E3672F7820DD28A ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:44:08.0687 0x0ce0 winmgmt - ok
21:44:08.0734 0x0ce0 [ E3122C37EFE571F99EA955CBD7EF08D3, 4D27E043AB5519FBC5C66393C4D46CAF9BC5A26FE8FF3C6BC6F5ABF0BD2A1D13 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
21:44:08.0734 0x0ce0 WmdmPmSN - ok
21:44:08.0781 0x0ce0 [ DDED6630AFD8227395A714E3162A97D7, 2672C5BEB018D4A63684ED493120361F9D2DC1350534ECF6FD2DF3002821D709 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:44:08.0781 0x0ce0 WmiApSrv - ok
21:44:08.0937 0x0ce0 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:44:08.0968 0x0ce0 WPFFontCache_v0400 - ok
21:44:09.0015 0x0ce0 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:44:09.0015 0x0ce0 WS2IFSL - ok
21:44:09.0078 0x0ce0 [ 1A5DDC44B0AB7C40C13796DB7DB82989, 4DB5742A69FDE879E7FAC3E10DE5DC920B090D3DB51D74BF84FC250C5E0BDEC0 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
21:44:09.0093 0x0ce0 wscsvc - ok
21:44:09.0156 0x0ce0 [ 6F55057EE883AC1675F31242B6DD6EF3, 2A0B02440C3FB3BB6ACF3C770AA896A6149464A5D57401BE51AB39A6A5690678 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
21:44:09.0187 0x0ce0 wuauserv - ok
21:44:09.0250 0x0ce0 [ 0AF6479664B3AAB3B46881143345AEAA, 5CCA12371A8EDDEE337001D5804D17C94123A96E26B662BBC6D89F06AC5BBCF7 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
21:44:09.0265 0x0ce0 WZCSVC - ok
21:44:09.0312 0x0ce0 [ 34994678129C0BD63E4C29E5780F4D34, A1F2D80F9D486BA2D30D25F45A17AA1C9AFDC0CF5BDB02486070D6E4DD7240D4 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
21:44:09.0375 0x0ce0 xmlprov - ok
21:44:09.0375 0x0ce0 ================ Scan global ===============================
21:44:09.0421 0x0ce0 [ E8944EEC78EC2FE5F3A613DDF201C815, BD2746229A76F58E7564CB740466AA3B332F783515FD5AB4872156222BCD1FA4 ] C:\WINDOWS\system32\basesrv.dll
21:44:09.0484 0x0ce0 [ D1556933FB2E69FDA72AABC05348C60C, 5C6BF487D610996101D713D7594A6ADD8419011DDD0546592194591ACE4354EF ] C:\WINDOWS\system32\winsrv.dll
21:44:09.0515 0x0ce0 [ D1556933FB2E69FDA72AABC05348C60C, 5C6BF487D610996101D713D7594A6ADD8419011DDD0546592194591ACE4354EF ] C:\WINDOWS\system32\winsrv.dll
21:44:09.0578 0x0ce0 [ 207AB7A1A36004BB6F33E58E71C1C90E, C4B4729276A5C1E523C5E48DCFA436E15311C85AC775A8CF3B549A71E7D3C2D2 ] C:\WINDOWS\system32\services.exe
21:44:09.0578 0x0ce0 [ Global ] - ok
21:44:09.0578 0x0ce0 ================ Scan MBR ==================================
21:44:09.0625 0x0ce0 [ 3C27C0429156ADC19E0F46AF77CD22D7 ] \Device\Harddisk0\DR0
21:44:10.0000 0x0ce0 \Device\Harddisk0\DR0 - ok
21:44:10.0000 0x0ce0 ================ Scan VBR ==================================
21:44:10.0000 0x0ce0 [ 9C152BBCD1664EFAB2720EA14D625830 ] \Device\Harddisk0\DR0\Partition1
21:44:10.0000 0x0ce0 \Device\Harddisk0\DR0\Partition1 - ok
21:44:10.0000 0x0ce0 Waiting for KSN requests completion. In queue: 164
21:44:11.0000 0x0ce0 Waiting for KSN requests completion. In queue: 164
21:44:12.0000 0x0ce0 Waiting for KSN requests completion. In queue: 164
21:44:13.0000 0x0ce0 Waiting for KSN requests completion. In queue: 164
21:44:14.0031 0x0ce0 Win FW state via NFM: enabled
21:44:16.0500 0x0ce0 ============================================================
21:44:16.0500 0x0ce0 Scan finished
21:44:16.0500 0x0ce0 ============================================================
21:44:16.0515 0x0cd8 Detected object count: 0
21:44:16.0515 0x0cd8 Actual detected object count: 0
21:44:40.0281 0x05d8 ============================================================
21:44:40.0281 0x05d8 Scan started
21:44:40.0281 0x05d8 Mode: Manual;
21:44:40.0281 0x05d8 ============================================================
21:44:40.0281 0x05d8 KSN ping started
21:44:42.0609 0x05d8 KSN ping finished: true
21:44:42.0765 0x05d8 ================ Scan system memory ========================
21:44:42.0765 0x05d8 System memory - ok
21:44:42.0765 0x05d8 ================ Scan services =============================
21:44:42.0906 0x05d8 [ 9EBE730D4B5E3FF25EAAF5A59BA6CCFF, 558231A81D30F98D2285D3AC63E0B33D0BB8BA182115E263436CC431BA4CC0CD ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
21:44:42.0906 0x05d8 !SASCORE - ok
21:44:43.0078 0x05d8 Abiosdsk - ok
21:44:43.0078 0x05d8 abp480n5 - ok
21:44:43.0140 0x05d8 [ 1C3C72C504F312C19426CC7CB9AD8E98, 5EF626A490B84F973BE930715C31D6E303C1110D790B4FFCD64572D750DFE4A1 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
21:44:43.0140 0x05d8 ACPI - ok
21:44:43.0187 0x05d8 [ 99F9466C2611E379C88FBBFC8DF89B17, B64927A30C69CF0B103EEC1A46CF7D9FF54BA004F0CC2CBA639ACAAD8C9F47AB ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
21:44:43.0187 0x05d8 ACPIEC - ok
21:44:43.0187 0x05d8 adpu160m - ok
21:44:43.0250 0x05d8 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
21:44:43.0250 0x05d8 aec - ok
21:44:43.0265 0x05d8 [ 322D0E36693D6E24A2398BEE62A268CD, FB0BFF5846E50DBCC2826639318A6A1DE79EE7DEA2719ED74A5F6F44454E13D0 ] AFD C:\WINDOWS\System32\drivers\afd.sys
21:44:43.0281 0x05d8 AFD - ok
21:44:43.0281 0x05d8 Aha154x - ok
21:44:43.0296 0x05d8 aic78u2 - ok
21:44:43.0296 0x05d8 aic78xx - ok
21:44:43.0343 0x05d8 [ 2D60F4A987FB1D39281EFD8C4FD0A298, 14F79FAAA2F943068CCFCCFEFA409E5FFA0BA8572D0EAAF092137D49ACF0F796 ] Alerter C:\WINDOWS\system32\alrsvc.dll
21:44:43.0343 0x05d8 Alerter - ok
21:44:43.0375 0x05d8 [ 9E2814734BE84F8395FB45C16DB6F17B, 476DAE2CC5E745A7DA96A501761BEEAA1AC9C445CCFC7DC614E9B1D5D129CEEF ] ALG C:\WINDOWS\System32\alg.exe
21:44:43.0375 0x05d8 ALG - ok
21:44:43.0375 0x05d8 AliIde - ok
21:44:43.0390 0x05d8 amsint - ok
21:44:43.0390 0x05d8 AppMgmt - ok
21:44:43.0406 0x05d8 asc - ok
21:44:43.0406 0x05d8 asc3350p - ok
21:44:43.0421 0x05d8 asc3550 - ok
21:44:43.0578 0x05d8 [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
21:44:43.0578 0x05d8 aspnet_state - ok
21:44:43.0625 0x05d8 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
21:44:43.0640 0x05d8 AsyncMac - ok
21:44:43.0687 0x05d8 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
21:44:43.0687 0x05d8 atapi - ok
21:44:43.0703 0x05d8 Atdisk - ok
21:44:43.0734 0x05d8 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
21:44:43.0734 0x05d8 Atmarpc - ok
21:44:43.0781 0x05d8 [ BE097D45F15D94690E94C9A2AF1C5730, E43B641B9287E4EF2961E2E83FAE6903652661FAB636F585298C7164EB489084 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
21:44:43.0781 0x05d8 AudioSrv - ok
21:44:43.0828 0x05d8 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
21:44:43.0828 0x05d8 audstub - ok
21:44:43.0890 0x05d8 [ 241474D01380E9ED41D4C07F4F5FD401, 93CAD2FB0260C5CDDF014E16D8D99A63E8CA107BC2EE6D403CC7C877C3ADBD97 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
21:44:43.0890 0x05d8 b57w2k - ok
21:44:43.0953 0x05d8 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:44:43.0953 0x05d8 Beep - ok
21:44:44.0031 0x05d8 [ ABDC5CF759C736DFBFEB031FDC01E303, 8F6B70E4563AB8B6DDCEE4DE7A3D5DEA0EBF26A379BEA7C03F1EB22931137F75 ] BITS C:\WINDOWS\system32\qmgr.dll
21:44:44.0046 0x05d8 BITS - ok
21:44:44.0093 0x05d8 [ 9ADFF48255BFC005805E1886ED9ED8CE, B196737A4CCDEF20B0BB540208A92ADB6966BE319D07E0CC349FF39596A5C26A ] Browser C:\WINDOWS\System32\browser.dll
21:44:44.0093 0x05d8 Browser - ok
21:44:44.0093 0x05d8 catchme - ok
21:44:44.0140 0x05d8 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
21:44:44.0140 0x05d8 cbidf2k - ok
21:44:44.0156 0x05d8 cd20xrnt - ok
21:44:44.0187 0x05d8 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
21:44:44.0187 0x05d8 Cdaudio - ok
21:44:44.0250 0x05d8 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
21:44:44.0250 0x05d8 Cdfs - ok
21:44:44.0265 0x05d8 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
21:44:44.0265 0x05d8 Cdrom - ok
21:44:44.0265 0x05d8 Changer - ok
21:44:44.0328 0x05d8 [ BE6F88236BA32F780CD93BBCAF54AE32, 7E0DC0B6478D686B424371175A8712FF2BF1898EEE0C66CFA8361213DBC8FAFA ] cisvc C:\WINDOWS\system32\cisvc.exe
21:44:44.0328 0x05d8 cisvc - ok
21:44:44.0375 0x05d8 [ BC6C0DBFB19D610D9B1E996F4452B161, BC4DCE99F30350DB2D4D89A369C885C148D487433C711A44FE736CA3B5B85536 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
21:44:44.0375 0x05d8 ClipSrv - ok
21:44:44.0453 0x05d8 [ 234B1BC2796483E1F5C3F26649FB3388, F412B31340B11418698F263A60C78CB086F3D973EDA0C15DF12331971EB3C9DC ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:44:44.0468 0x05d8 clr_optimization_v2.0.50727_32 - ok
21:44:44.0515 0x05d8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:44:44.0515 0x05d8 clr_optimization_v4.0.30319_32 - ok
21:44:44.0515 0x05d8 CmdIde - ok
21:44:44.0531 0x05d8 COMSysApp - ok
21:44:44.0546 0x05d8 Cpqarray - ok
21:44:44.0609 0x05d8 [ F50F73977012F0F5CF807451B79B6736, 859C67511686AF78B7C460A7EC22FF7100D99EAABD32809EEE518EC16FD8014C ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
21:44:44.0609 0x05d8 CryptSvc - ok
21:44:44.0609 0x05d8 dac2w2k - ok
21:44:44.0625 0x05d8 dac960nt - ok
21:44:44.0687 0x05d8 [ CAF10713E4A7C574FB8C86D34FF70616, 1C527733FC91F6A2649F5EA166E8FE8DAC231535600A84A1BB5EA2BF81DFAAC0 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:44:44.0703 0x05d8 DcomLaunch - ok
21:44:44.0765 0x05d8 [ 94C7EE99425BC8342D2991A915D8A8A9, ED27DD1380324F537071E0C410DBC71204A76C0C09BAD1FECCF0ED346D1466F6 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
21:44:44.0765 0x05d8 Dhcp - ok
21:44:44.0828 0x05d8 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
21:44:44.0828 0x05d8 Disk - ok
21:44:44.0843 0x05d8 dmadmin - ok
21:44:44.0906 0x05d8 [ FD983F66EEB5245EF9B28EA3444B2E20, A274DF31385071E8A58365DFE68F417FD0B7031637B8888CAC6445A199C80B5D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
21:44:44.0921 0x05d8 dmboot - ok
21:44:44.0953 0x05d8 [ A732FC0D3B930E2539018EB8EC9314C2, 6266AA5072FF1246AA9FE95487F401E972EC40F990439D40F1588A82275A1445 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
21:44:44.0968 0x05d8 dmio - ok
21:44:45.0000 0x05d8 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
21:44:45.0000 0x05d8 dmload - ok
21:44:45.0031 0x05d8 [ F78D2A217BE961A73BBCBA8C502746F6, C134196D5577E1C439D4DAD5F8B930F49C3CF1EFCED4449CD626D4252E95782E ] dmserver C:\WINDOWS\System32\dmserver.dll
21:44:45.0031 0x05d8 dmserver - ok
21:44:45.0078 0x05d8 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
21:44:45.0078 0x05d8 DMusic - ok
21:44:45.0125 0x05d8 [ B88F912AEC6E655051A935C2D41FA5B3, 5C2195E2CFFB1E0D2ADD2276BEA2439C9A7A304AC333AC655DFB429D5D074819 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:44:45.0140 0x05d8 Dnscache - ok
21:44:45.0187 0x05d8 [ AEF153DBE79177F71B03AA013FA237A2, E6691D2367179FEF9CE56B037597EF6DAEC83AAE07BBF6F5CF59BC80CB16FDDD ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
21:44:45.0187 0x05d8 Dot3svc - ok
21:44:45.0203 0x05d8 dpti2o - ok
21:44:45.0218 0x05d8 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
21:44:45.0218 0x05d8 drmkaud - ok
21:44:45.0296 0x05d8 [ E6B7D1B24E16FB24CE1FEA964E144EBC, 30F81E0A017163A1AB463FE3A13B5CC2905B973E782AEBC1EB63759BF2470658 ] dtsoftbus01 C:\WINDOWS\system32\DRIVERS\dtsoftbus01.sys
21:44:45.0296 0x05d8 dtsoftbus01 - ok
21:44:45.0343 0x05d8 [ DFD142289BBE62FE420B018A33CE6104, C423F4B5E0F46A2A1C91C03F3BBE5A2CCD0DE7BA6093710D4BCDDAD80BFA458C ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:44:45.0343 0x05d8 EapHost - ok
21:44:45.0390 0x05d8 [ 94F58EC326A57BBE8E81636B9B583578, AC74286395B80AF22ADEE8DC673E54F148AEF7A436EA09C92E700104C85350BE ] ERSvc C:\WINDOWS\System32\ersvc.dll
21:44:45.0390 0x05d8 ERSvc - ok
21:44:45.0453 0x05d8 [ 207AB7A1A36004BB6F33E58E71C1C90E, C4B4729276A5C1E523C5E48DCFA436E15311C85AC775A8CF3B549A71E7D3C2D2 ] Eventlog C:\WINDOWS\system32\services.exe
21:44:45.0468 0x05d8 Eventlog - ok
21:44:45.0531 0x05d8 [ 53B11DD7E1BF16BDE231B63A3D6C6BC0, D3D9785D264D47C18ADFB6D1106DAA0FBBD84A1450239149E9C229DA6764503B ] EventSystem C:\WINDOWS\System32\es.dll
21:44:45.0546 0x05d8 EventSystem - ok
21:44:45.0562 0x05d8 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
21:44:45.0578 0x05d8 Fastfat - ok
21:44:45.0640 0x05d8 [ 9ED683865B8F0D374B95F4159F33833C, 6570DBEABF2AD245867949FD5DB195D4B44C0BF4EAFF021515BCDE061058F756 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
21:44:45.0640 0x05d8 FastUserSwitchingCompatibility - ok
21:44:45.0656 0x05d8 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
21:44:45.0656 0x05d8 Fdc - ok
21:44:45.0703 0x05d8 [ 418D3078A9B107DE75C9BA9B56CBA035, 463B5C9C34BD48CCD25BEDC1C27A004383155797374A26FE313C2B6A2AF35388 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
21:44:45.0703 0x05d8 Fips - ok
21:44:45.0718 0x05d8 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
21:44:45.0718 0x05d8 Flpydisk - ok
21:44:45.0750 0x05d8 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:44:45.0765 0x05d8 FltMgr - ok
21:44:45.0843 0x05d8 [ 993883524AA9CF1C90E1545411A9AC9C, 95B854BFBB3761225F3AB4FA61E299991EE2BB5F78D22C2F7FB3C4BD0EEBD654 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:44:45.0843 0x05d8 FontCache3.0.0.0 - ok
21:44:45.0859 0x05d8 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:44:45.0859 0x05d8 Fs_Rec - ok
21:44:45.0875 0x05d8 [ 9C798FDC0D53DFBA6F4C4059A11FBFE8, D6FF0E3D4120A8226A8086B81C0B805813866CC2EE73C30773558282D52A8032 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
21:44:45.0875 0x05d8 Ftdisk - ok
21:44:45.0937 0x05d8 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
21:44:45.0937 0x05d8 Gpc - ok
21:44:45.0968 0x05d8 [ 833051C6C6C42117191935F734CFBD97, 5EB5672ABC7994A4AFF855A572158B8BE4FC6E541CFD4B9BE4FF2739A9A6AFB8 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
21:44:45.0968 0x05d8 hamachi - ok
21:44:46.0125 0x05d8 [ C9EF0B0B132EA48CDD5E206F6F99EDC9, 6D47DE6CE13CDC8AC0CD337989FCD2FD3A7004DD253C2B7EF1009C7ECFD9EECD ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
21:44:46.0171 0x05d8 Hamachi2Svc - ok
21:44:46.0265 0x05d8 [ A8555880AA97C410DCEA531B4799FA11, 02C7D5EA432A2CC53215DB2F39E1536BDE69CD93DA57E32AAE787DC5BBE8E98E ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
21:44:46.0265 0x05d8 helpsvc - ok
21:44:46.0265 0x05d8 HidServ - ok
21:44:46.0328 0x05d8 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
21:44:46.0328 0x05d8 hidusb - ok
21:44:46.0390 0x05d8 [ 0C71805B04E14FD1AE2ED3938F4F2D05, 2E24DB2F8282AC28E6F46096A45C584F15A41C14C00EF770592BCD23BB208E94 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
21:44:46.0390 0x05d8 hkmsvc - ok
21:44:46.0390 0x05d8 hpn - ok
21:44:46.0546 0x05d8 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:44:46.0562 0x05d8 hpqcxs08 - ok
21:44:46.0593 0x05d8 [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:44:46.0593 0x05d8 hpqddsvc - ok
21:44:46.0593 0x05d8 hpt3xx - ok
21:44:46.0640 0x05d8 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
21:44:46.0640 0x05d8 HPZid412 - ok
21:44:46.0671 0x05d8 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
21:44:46.0671 0x05d8 HPZipr12 - ok
21:44:46.0703 0x05d8 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
21:44:46.0703 0x05d8 HPZius12 - ok
21:44:46.0765 0x05d8 [ F6AACF5BCE2893E0C1754AFEB672E5C9, 62A7A70515B5570A649DC30A3A122B1302F6839A63927C8B29EBE04ABA654892 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
21:44:46.0781 0x05d8 HTTP - ok
21:44:46.0828 0x05d8 [ 4E71FDAC76E5E9ED1C88DC3FB16E301D, 335D7AF232FE8EDFBED6DD2C288256E170AFE71179BE614110597B8AF137326A ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
21:44:46.0828 0x05d8 HTTPFilter - ok
21:44:46.0921 0x05d8 [ AC1E9496BA0AC3B27B45F2228ED51B2C, C1EB7B5ECC4CF6AADD8CB7D7CE7D5A31581979619E8E3E7D4ADB220730919E17 ] HWiNFO32 C:\Program Files\HWiNFO32\HWiNFO32.SYS
21:44:46.0921 0x05d8 HWiNFO32 - ok
21:44:46.0937 0x05d8 i2omgmt - ok
21:44:46.0937 0x05d8 i2omp - ok
21:44:46.0953 0x05d8 [ F8D6633482E0BD81766C74441B134FDF, 826589D4B7B4952B207F31E5F159B03DAF04518AB4461F5E51B51618FA8FE59B ] i8042prt C:\WINDOWS\system32\drivers\i8042prt.sys
21:44:46.0953 0x05d8 i8042prt - ok
21:44:47.0296 0x05d8 [ 48846B31BE5A4FA662CCFDE7A1BA86B9, BC653F3ADAD70E766484986F196D4045D2CC6D92E5D827907E734254EE489A33 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
21:44:47.0437 0x05d8 ialm - ok
21:44:47.0531 0x05d8 [ E7CC3AEAED9893A88876744CD439F76C, C5421E8866A8468FE8E1DCE11245E8EEE6F9750C4F7365497D4C2DE007864FB5 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:44:47.0562 0x05d8 idsvc - ok
21:44:47.0593 0x05d8 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
21:44:47.0593 0x05d8 Imapi - ok
21:44:47.0656 0x05d8 [ 2471854671044613A324486986236FFF, 44EFC50E3AB5936AC18B33C9A62DE991B315AF451EAF7C0FD68641357AE2DC38 ] ImapiService C:\WINDOWS\system32\imapi.exe
21:44:47.0671 0x05d8 ImapiService - ok
21:44:47.0687 0x05d8 ini910u - ok
21:44:47.0703 0x05d8 IntelIde - ok
21:44:47.0718 0x05d8 [ BB055E429E9F54AA3FBA2DD33BEB0935, B1276A6CAD3B7DCE24C668D5DBB38A6AC69D38D1CFF85360D7C57BF6270FB708 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
21:44:47.0718 0x05d8 intelppm - ok
21:44:47.0750 0x05d8 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
21:44:47.0750 0x05d8 ip6fw - ok
21:44:47.0796 0x05d8 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:44:47.0796 0x05d8 IpFilterDriver - ok
21:44:47.0812 0x05d8 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
21:44:47.0812 0x05d8 IpInIp - ok
21:44:47.0875 0x05d8 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
21:44:47.0875 0x05d8 IpNat - ok
21:44:47.0890 0x05d8 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
21:44:47.0890 0x05d8 IPSec - ok
21:44:47.0921 0x05d8 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
21:44:47.0921 0x05d8 IRENUM - ok
21:44:47.0968 0x05d8 [ D3715A2DBA29215BE59DCFC11294D493, 130C73426F31383118E12195FFE097E1F3AADEF291F4D8ED5CAB0301E4C92702 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
21:44:47.0968 0x05d8 isapnp - ok
21:44:48.0031 0x05d8 [ AF1FD8035B4A34EAF25F8BB1CD3C95FF, C322780CAF17CC2229CDBAE63B5BDFE223238B628B1AA917822AA0B0A70914BE ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
21:44:48.0031 0x05d8 Kbdclass - ok
21:44:48.0078 0x05d8 [ 2FA8856D81EEE4C59272B3CC61DEA319, 45DA3FBD638707E011679CF3E0A496698C11ED45D6DDCB9E5B20D63D8224A6F8 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
21:44:48.0078 0x05d8 kbdhid - ok
21:44:48.0093 0x05d8 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
21:44:48.0109 0x05d8 kmixer - ok
21:44:48.0109 0x05d8 [ 1705745D900DABF2D89F90EBADDC7517, FE90589415BDB3BA482D3EBE1A87A7BF1429791E8F18BCB66BF8874631CC8B2C ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
21:44:48.0109 0x05d8 KSecDD - ok
21:44:48.0171 0x05d8 [ 7B05FA3CF479FE189EE8670F9E03A5B9, 8294D0E3FC15266D7496A7DB258B4E2F302CDB2FAA2E23765429081670CC602B ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
21:44:48.0171 0x05d8 lanmanserver - ok
21:44:48.0234 0x05d8 [ 7EF583535D811F65E871E14C218CEF38, 08BB517DDE93D6DA18C05D93DD3BD9F3BF72716ED283FD530FD588ED74CD006C ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
21:44:48.0250 0x05d8 lanmanworkstation - ok
21:44:48.0250 0x05d8 lbrtfdc - ok
21:44:48.0312 0x05d8 [ 429F8A7802C1E7D8254C1EE7B70499E3, 87444AC13A739C618B65E88E194741A9730104D34262EE12F82F97DCB0294259 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
21:44:48.0312 0x05d8 LmHosts - ok
21:44:48.0390 0x05d8 [ EA3E1648442BF717B35A68108CA4B0B3, AF5AFC4628BD4F5DCA40DB70CC1DA8D1C9F43B05028D663F48150DBBDCCADF2E ] LMIGuardianSvc C:\Program Files\LogMeIn Hamachi\LMIGuardianSvc.exe
21:44:48.0406 0x05d8 LMIGuardianSvc - ok
21:44:48.0453 0x05d8 [ 805C6F337968C7271F0421D0A386C8EE, 1FAB99BA07A4B1012857EC2F1E38696BBBE1E494AF6E165A76FE41E46BDC463A ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
21:44:48.0453 0x05d8 mbamchameleon - ok
21:44:48.0484 0x05d8 [ E5D6246619CDF5ABC631D3600AAF1DAD, 3FB432FF5FA1A1CAD8C9F1402EF037B8DF7AD22AE0F203C15DE3B83D21B89F6D ] Messenger C:\WINDOWS\System32\msgsvc.dll
21:44:48.0484 0x05d8 Messenger - ok
21:44:48.0546 0x05d8 Microsoft SharePoint Workspace Audit Service - ok
21:44:48.0593 0x05d8 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
21:44:48.0593 0x05d8 mnmdd - ok
21:44:48.0640 0x05d8 [ DC6F63935B77436AC4EDEEF59025CDC9, 9FA080604CD015228C0C9C597140632F9377ADB693E05FA5B9797445A8A1E111 ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
21:44:48.0640 0x05d8 mnmsrvc - ok
21:44:48.0703 0x05d8 [ 4C84460A6BC9A5BF60555C04BE55792E, D030016A57F7964FD91A5BEA8FDF4087542EA17A9E7C23E1C4986C1337386C3E ] Modem C:\WINDOWS\system32\drivers\Modem.sys
21:44:48.0703 0x05d8 Modem - ok
21:44:48.0718 0x05d8 [ 6BE02786A7C13CCEAE728298EFFA0730, F0D7F81A96AC361200133A2C0FEC6251809A65CD8D4767026ED4CA8BF8EB55DF ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
21:44:48.0718 0x05d8 Mouclass - ok
21:44:48.0781 0x05d8 [ 89DDB41A54DDF8B3E5B7B9E92ED23A50, 5DEB875DDA4FD0DB768DDBF5E3D4B0CC1A39C8BB1E46054B482C94F41A145E16 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
21:44:48.0781 0x05d8 mouhid - ok
21:44:48.0781 0x05d8 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
21:44:48.0796 0x05d8 MountMgr - ok
21:44:48.0859 0x05d8 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:44:48.0859 0x05d8 MozillaMaintenance - ok
21:44:48.0859 0x05d8 mraid35x - ok
21:44:48.0890 0x05d8 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
21:44:48.0890 0x05d8 MRxDAV - ok
21:44:48.0921 0x05d8 [ 68755F0FF16070178B54674FE5B847B0, 2FFBCE3A67FA7E30E373624521C602E5510C5565F04381C6C9F961253DA928A6 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:44:48.0937 0x05d8 MRxSmb - ok
21:44:49.0000 0x05d8 [ 3D3535F73A38BEB3E4491E2C0459F77D, 412CB41F9BF305B6E5F4B8A00A22211D940C2D6665D2BD3AACA8FF71022E9DE6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:44:49.0000 0x05d8 MSDTC - ok
21:44:49.0015 0x05d8 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:44:49.0015 0x05d8 Msfs - ok
21:44:49.0031 0x05d8 MSIServer - ok
21:44:49.0062 0x05d8 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
21:44:49.0062 0x05d8 MSKSSRV - ok
21:44:49.0093 0x05d8 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
21:44:49.0093 0x05d8 MSPCLOCK - ok
21:44:49.0093 0x05d8 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
21:44:49.0093 0x05d8 MSPQM - ok
21:44:49.0140 0x05d8 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
21:44:49.0140 0x05d8 mssmbios - ok
21:44:49.0187 0x05d8 [ 2F625D11385B1A94360BFC70AAEFDEE1, 23E4974120233CF1A7BEE48977706A0A55418699379D1450502ABEB24191AC80 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
21:44:49.0187 0x05d8 Mup - ok
21:44:49.0250 0x05d8 [ 730BD15AF8C65C3BBD040D121576123D, 58BC15DAA8B16B0A92476F3038C6DF6A3E273966823D6852E5AADDC43B3F76CE ] napagent C:\WINDOWS\System32\qagentrt.dll
21:44:49.0265 0x05d8 napagent - ok
21:44:49.0296 0x05d8 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
21:44:49.0312 0x05d8 NDIS - ok
21:44:49.0312 0x05d8 [ 1AB3D00C991AB086E69DB84B6C0ED78F, 1F881FCCF5557C44C078D99CA2DD38D635413D6212DBEDC06A428EDAC7F8B04E ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:44:49.0312 0x05d8 NdisTapi - ok
21:44:49.0328 0x05d8 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
21:44:49.0343 0x05d8 Ndisuio - ok
21:44:49.0406 0x05d8 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:44:49.0406 0x05d8 NdisWan - ok
21:44:49.0421 0x05d8 [ 6215023940CFD3702B46ABC304E1D45A, C767F3A349B365F6E7566C0738E2F62D8FFF8CB4457347E3614BD403BC6CADCB ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
21:44:49.0421 0x05d8 NDProxy - ok
21:44:49.0484 0x05d8 [ 510C138564486FF926A3F773205C63D1, 50FBB8555C284ED22F71D99750899321B63E3B4C255174FE9B4F31084F9A34B1 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
21:44:49.0484 0x05d8 Net Driver HPZ12 - ok
21:44:49.0500 0x05d8 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
21:44:49.0500 0x05d8 NetBIOS - ok
21:44:49.0531 0x05d8 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:44:49.0531 0x05d8 NetBT - ok
21:44:49.0578 0x05d8 [ EAE9FB52F7552C0EA407BE6EFF69C094, 63FFD46DFE0ED972BD91E71589D8B45F024302D2AF79D3F7ECD68819BB2DCC79 ] NetDDE C:\WINDOWS\system32\netdde.exe
21:44:49.0578 0x05d8 NetDDE - ok
21:44:49.0593 0x05d8 [ EAE9FB52F7552C0EA407BE6EFF69C094, 63FFD46DFE0ED972BD91E71589D8B45F024302D2AF79D3F7ECD68819BB2DCC79 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
21:44:49.0593 0x05d8 NetDDEdsdm - ok
21:44:49.0625 0x05d8 [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:44:49.0625 0x05d8 Netlogon - ok
21:44:49.0703 0x05d8 [ A443996504A45CDF60CBA800DCB14420, D1C60B688D42A66A0D84763C5E48B80F7CABEEA4136DD65647F3B43C459094F3 ] Netman C:\WINDOWS\System32\netman.dll
21:44:49.0703 0x05d8 Netman - ok
21:44:49.0734 0x05d8 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
21:44:49.0750 0x05d8 NetTcpPortSharing - ok
21:44:49.0781 0x05d8 [ 205B0507C0D7AFE3ACAF669AB3E245F1, 5EB4265AC553FD1B84E99E369D269BB17B6A5656356649E3AC50AE4F8BE371AA ] Nla C:\WINDOWS\System32\mswsock.dll
21:44:49.0796 0x05d8 Nla - ok
21:44:49.0859 0x05d8 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:44:49.0859 0x05d8 Npfs - ok
21:44:49.0890 0x05d8 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
21:44:49.0906 0x05d8 Ntfs - ok
21:44:49.0921 0x05d8 [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
21:44:49.0921 0x05d8 NtLmSsp - ok
21:44:49.0984 0x05d8 [ 5AA7FCAAFB3A3F81641BFA9DAB55CE42, 08B19AEB608B6850B879D2E3D1D06D852499135694C6F62822C0D4CC2A481F09 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
21:44:50.0000 0x05d8 NtmsSvc - ok
21:44:50.0031 0x05d8 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
21:44:50.0031 0x05d8 Null - ok
21:44:50.0078 0x05d8 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
21:44:50.0078 0x05d8 NwlnkFlt - ok
21:44:50.0078 0x05d8 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
21:44:50.0093 0x05d8 NwlnkFwd - ok

descriptionRe: Browser hijacked "Do Searches"

more_horiz
21:44:50.0171 0x05d8  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:44:50.0187 0x05d8  ose - ok
21:44:50.0453 0x05d8  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:44:50.0562 0x05d8  osppsvc - ok
21:44:50.0656 0x05d8  [ 3D383486B2D3B97CD44334A406AE3418, 470C374DB9A5BCD9C380A02B43E575CF6D4C3AF2D3A9F90D0544D57E4D764F12 ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
21:44:50.0656 0x05d8  Parport - ok
21:44:50.0671 0x05d8  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
21:44:50.0671 0x05d8  PartMgr - ok
21:44:50.0734 0x05d8  [ CBC2A624A1DAC81BD1A2932985A8955F, D5470225BCBF9269B5295F3840C3F234A3024AEC3F6074BDB9C5FA3EB12733BB ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
21:44:50.0734 0x05d8  ParVdm - ok
21:44:50.0765 0x05d8  [ DCB32B61125E35AF33CB8CD54A1E7737, D8A2293D0F27EE9094243D2B8223A2149CB9762B24CDD74BAC613F12476F8623 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
21:44:50.0781 0x05d8  PCI - ok
21:44:50.0781 0x05d8  PCIDump - ok
21:44:50.0781 0x05d8  [ D0F88F309E94460AE276C843192D9DE7, 493BC0A4F1CB4CF134CAA4DC9D11B1943FB024DDE6759014A017FDB30B466ADE ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
21:44:50.0796 0x05d8  PCIIde - ok
21:44:50.0812 0x05d8  [ 1E052D2D5A43C0D097FD96B1490D6083, E8457F3F6A3BD36BD0443385C2A00D2F53AFD0BBD8DBF85AAECC80171285F3CB ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
21:44:50.0812 0x05d8  Pcmcia - ok
21:44:50.0828 0x05d8  PDCOMP - ok
21:44:50.0828 0x05d8  PDFRAME - ok
21:44:50.0843 0x05d8  PDRELI - ok
21:44:50.0843 0x05d8  PDRFRAME - ok
21:44:50.0859 0x05d8  perc2 - ok
21:44:50.0859 0x05d8  perc2hib - ok
21:44:50.0921 0x05d8  [ 207AB7A1A36004BB6F33E58E71C1C90E, C4B4729276A5C1E523C5E48DCFA436E15311C85AC775A8CF3B549A71E7D3C2D2 ] PlugPlay        C:\WINDOWS\system32\services.exe
21:44:50.0921 0x05d8  PlugPlay - ok
21:44:50.0937 0x05d8  [ 37E5E8FFBAD35605DAEEC3224EA0E465, E3A9BE275D3C8A3E143DF3A795964E9860A1F6C18BE36F8FE552E954435AC927 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
21:44:50.0937 0x05d8  Pml Driver HPZ12 - ok
21:44:50.0968 0x05d8  [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
21:44:50.0968 0x05d8  PolicyAgent - ok
21:44:50.0984 0x05d8  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
21:44:50.0984 0x05d8  PptpMiniport - ok
21:44:51.0000 0x05d8  [ B7F6B49187EA0254076BBBEEF59E200B, BB6BC8549A70C438509D0FF8A00A71F5131D248818C3CBDF9C4EE2DB5F6AA670 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
21:44:51.0000 0x05d8  Processor - ok
21:44:51.0015 0x05d8  [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
21:44:51.0015 0x05d8  ProtectedStorage - ok
21:44:51.0015 0x05d8  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
21:44:51.0031 0x05d8  PSched - ok
21:44:51.0078 0x05d8  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
21:44:51.0078 0x05d8  Ptilink - ok
21:44:51.0078 0x05d8  ql1080 - ok
21:44:51.0093 0x05d8  Ql10wnt - ok
21:44:51.0093 0x05d8  ql12160 - ok
21:44:51.0109 0x05d8  ql1240 - ok
21:44:51.0109 0x05d8  ql1280 - ok
21:44:51.0156 0x05d8  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:44:51.0156 0x05d8  RasAcd - ok
21:44:51.0203 0x05d8  [ A45F25BED4DEF4E941B7CCFB5391E782, B097492CD218C09C49699D2211D3E8111DCEF347E549197D384D5B5E41381007 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
21:44:51.0203 0x05d8  RasAuto - ok
21:44:51.0234 0x05d8  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
21:44:51.0234 0x05d8  Rasl2tp - ok
21:44:51.0296 0x05d8  [ A31E640E2CB33C8E029B4235E6F6681B, E8E3E03DA8BB0FD0C9E4D8B4AEB5A449E33E5DD4A2E7AE332A571992DCF8BD85 ] RasMan          C:\WINDOWS\System32\rasmans.dll
21:44:51.0296 0x05d8  RasMan - ok
21:44:51.0328 0x05d8  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:44:51.0328 0x05d8  RasPppoe - ok
21:44:51.0328 0x05d8  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
21:44:51.0343 0x05d8  Raspti - ok
21:44:51.0406 0x05d8  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:44:51.0406 0x05d8  Rdbss - ok
21:44:51.0421 0x05d8  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
21:44:51.0421 0x05d8  RDPCDD - ok
21:44:51.0453 0x05d8  [ 6728E45B66F93C08F11DE2E316FC70DD, EA63ECD4F84CAE08BD2BF843C48AF505B1B9D7B61349A63536C9C6FEBEF23452 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
21:44:51.0468 0x05d8  RDPWD - ok
21:44:51.0500 0x05d8  [ 279C3728D2AF16167EC544F495F39341, 09C68414A17EE842B9B13CD23CAD8C22015BFEFC1B20C641758129194B6963F9 ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
21:44:51.0500 0x05d8  RDSessMgr - ok
21:44:51.0609 0x05d8  [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
21:44:51.0609 0x05d8  RealNetworks Downloader Resolver Service - ok
21:44:51.0625 0x05d8  [ EB83EDB7F55F1910E4DB8C823A86CEED, 373C05C823C2F0214A00DE01D0200DD33860E80C030F841CDD92918536266C97 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
21:44:51.0625 0x05d8  redbook - ok
21:44:51.0671 0x05d8  [ A9BF621F4C5B89CEA6DD4FAE77281754, AC4BDCC9668BCC1B3CFDBFE025499E5520BAAB57CAA1F60E2603C6F30E4E31A3 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
21:44:51.0671 0x05d8  RemoteAccess - ok
21:44:51.0718 0x05d8  [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7, CDF10D3D8ADA7ADB1CC1567BFA986557C6D69F4099B70FDFABD4C3D09E3CA778 ] ROOTMODEM       C:\WINDOWS\system32\Drivers\RootMdm.sys
21:44:51.0718 0x05d8  ROOTMODEM - ok
21:44:51.0765 0x05d8  [ 9651CCA84B86457879A69DB07FA98617, 0A52EAF75982841EEBAD6359C0599FD66E616BD86B5F5FB6D6A0401871290B24 ] RpcLocator      C:\WINDOWS\System32\locator.exe
21:44:51.0765 0x05d8  RpcLocator - ok
21:44:51.0812 0x05d8  [ CAF10713E4A7C574FB8C86D34FF70616, 1C527733FC91F6A2649F5EA166E8FE8DAC231535600A84A1BB5EA2BF81DFAAC0 ] RpcSs           C:\WINDOWS\System32\rpcss.dll
21:44:51.0828 0x05d8  RpcSs - ok
21:44:51.0843 0x05d8  [ 0A4E041DBA5D0FB36863460DCBAE2623, 6C3E801815DDA93644C8A2F439E617697648627E9A91183AA7628D6E425D17EA ] RSVP            C:\WINDOWS\System32\rsvp.exe
21:44:51.0859 0x05d8  RSVP - ok
21:44:51.0875 0x05d8  [ 1806020B8905C2A400ECD23733B78B87, 4309BB2D27C62708023836A2EC420D488F18B9B2F633837A30568007808F8B59 ] SamSs           C:\WINDOWS\system32\lsass.exe
21:44:51.0875 0x05d8  SamSs - ok
21:44:51.0890 0x05d8  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
21:44:51.0890 0x05d8  SASDIFSV - ok
21:44:51.0937 0x05d8  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
21:44:51.0937 0x05d8  SASKUTIL - ok
21:44:51.0968 0x05d8  [ 5DBE70E8932492DCFE78D21965652968, 3A5C05834DC1F752021F90A8E67C1175FEA6DDC774DFA227041CA4D59B720B66 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
21:44:51.0968 0x05d8  SCardSvr - ok
21:44:52.0015 0x05d8  [ 20B2751CD4C8F3FD989739CA661B9F30, 7D2449FB3657DD219D7A401AB8BC0B3AF0FBB6BD784C1AC723825CB1B688BEC5 ] SCDEmu          C:\WINDOWS\system32\drivers\SCDEmu.sys
21:44:52.0015 0x05d8  SCDEmu - ok
21:44:52.0078 0x05d8  [ 9D48CFB98C9FD9159D00243FE665CF43, 87E8C88BCA4938AA7258C0C6D1730D26A8CCD1530EE49312394D02EA250ABFB8 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
21:44:52.0078 0x05d8  Schedule - ok
21:44:52.0125 0x05d8  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
21:44:52.0125 0x05d8  Secdrv - ok
21:44:52.0171 0x05d8  [ 1B2629D2114A76ED82D33D028CB9E9A0, ACCAB9E0DEB7DA40435EBB63502AB1CBFF0688A67C26728F4F918D5A44C2D4E5 ] seclogon        C:\WINDOWS\System32\seclogon.dll
21:44:52.0171 0x05d8  seclogon - ok
21:44:52.0265 0x05d8  [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] senfilt         C:\WINDOWS\system32\drivers\senfilt.sys
21:44:52.0281 0x05d8  senfilt - ok
21:44:52.0328 0x05d8  [ 5FED33452FD871BDE528AF32F0D5063F, 05064166CAF8311937BCFD9702C6C253DFDAF769CD2238626DA90D8FA3C4B08A ] SENS            C:\WINDOWS\system32\sens.dll
21:44:52.0328 0x05d8  SENS - ok
21:44:52.0359 0x05d8  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
21:44:52.0359 0x05d8  serenum - ok
21:44:52.0375 0x05d8  [ AD994A88BBFA3C686397951B11A701A5, D4C718282B6EEE4C50CC1E4F848B5C42BE69CA7522BABDAAB28341DAB4C3504D ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
21:44:52.0390 0x05d8  Serial - ok
21:44:52.0437 0x05d8  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
21:44:52.0437 0x05d8  Sfloppy - ok
21:44:52.0500 0x05d8  [ 522873DF0FFD34FB1A8AF7D7E276727E, B882BAE7C5B9B2778743DC0655BE17962B70A4735BEC22865BF979DC386908E0 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
21:44:52.0515 0x05d8  SharedAccess - ok
21:44:52.0531 0x05d8  [ 9ED683865B8F0D374B95F4159F33833C, 6570DBEABF2AD245867949FD5DB195D4B44C0BF4EAFF021515BCDE061058F756 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:44:52.0546 0x05d8  ShellHWDetection - ok
21:44:52.0546 0x05d8  Simbad - ok
21:44:52.0625 0x05d8  [ C6D9959E493682F872A639B6EC1B4A08, 5B6D3FD23A44422F8B3972CF47BF16B5015DC0CCF7EF59FADAFEEF1AEE32958B ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
21:44:52.0625 0x05d8  smwdm - ok
21:44:52.0640 0x05d8  Sparrow - ok
21:44:52.0656 0x05d8  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
21:44:52.0656 0x05d8  splitter - ok
21:44:52.0718 0x05d8  [ 2A5DA64E77498E92EC20DC36A747DC98, 4237829F8500A0D0489B3054A9DF3918B5C3ACDE70844DFABB32A67E87C2C93B ] Spooler         C:\WINDOWS\system32\spoolsv.exe
21:44:52.0718 0x05d8  Spooler - ok
21:44:52.0781 0x05d8  [ A41AC0D87DC3054DB716F1456C84391C, 25F9E3C2BE3E2059BB6673BAFFCD7837B036CB704B7005FD2AD85660EC112637 ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
21:44:52.0781 0x05d8  sr - ok
21:44:52.0843 0x05d8  [ BB9B6E360FF1A701A7920AA798A335BF, 7AE7A6DD74434AFB192A6D47B8796DAAC8329E2E367DA051ACCE7F03BA5ECFD4 ] srservice       C:\WINDOWS\system32\srsvc.dll
21:44:52.0859 0x05d8  srservice - ok
21:44:52.0890 0x05d8  [ 5252605079810904E31C332E241CD59B, 039DD965DE2137219168F95CA3BF1CA7353957026BDD0481F7964E2578DF2128 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
21:44:52.0890 0x05d8  Srv - ok
21:44:52.0953 0x05d8  [ 0870FA719DCFC9C49044A4852CC0859E, 90417F6B4734852C1241A88E7914E2E4933028791B33A04B81634602084C48DD ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
21:44:52.0953 0x05d8  SSDPSRV - ok
21:44:53.0031 0x05d8  [ C93AAC10D3B6375E9C859AD8779B63BF, 8B00A50C9EBE91D04F32D7EAFECEAD5C9735A9B0AC45AD6AAFF164BB45F68ECE ] stisvc          C:\WINDOWS\system32\wiaservc.dll
21:44:53.0046 0x05d8  stisvc - ok
21:44:53.0093 0x05d8  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
21:44:53.0093 0x05d8  swenum - ok
21:44:53.0109 0x05d8  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
21:44:53.0109 0x05d8  swmidi - ok
21:44:53.0125 0x05d8  SwPrv - ok
21:44:53.0125 0x05d8  symc810 - ok
21:44:53.0140 0x05d8  symc8xx - ok
21:44:53.0140 0x05d8  sym_hi - ok
21:44:53.0156 0x05d8  sym_u3 - ok
21:44:53.0171 0x05d8  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
21:44:53.0171 0x05d8  sysaudio - ok
21:44:53.0234 0x05d8  [ C4AAC8BA839951337C8029CCC1841D8B, 7211FAEED828B479EDEBCC893E473B91DA8F35DAC5831AE1C2C8C4D41553FCC4 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
21:44:53.0234 0x05d8  SysmonLog - ok
21:44:53.0296 0x05d8  [ 3AFFC05E23E4A809B324952E8BCE29C0, 55889C0C10D6B8284553BB4BA68943F5A5CCF1B9C31DE78DB64AB47FF52D905A ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
21:44:53.0312 0x05d8  TapiSrv - ok
21:44:53.0343 0x05d8  [ 93EA8D04EC73A85DB02EB8805988F733, 013008E23F5F14E0C836C28524D1181759BAF84530C6331163882A772217F398 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
21:44:53.0343 0x05d8  Tcpip - ok
21:44:53.0390 0x05d8  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
21:44:53.0390 0x05d8  TDPIPE - ok
21:44:53.0421 0x05d8  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
21:44:53.0421 0x05d8  TDTCP - ok
21:44:53.0453 0x05d8  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
21:44:53.0453 0x05d8  TermDD - ok
21:44:53.0531 0x05d8  [ 949249FFEFBDF35AB5A3BB31800B7C20, C2836454A113E454E5AFF18F0FDD55C73B6E142BE8D28AC67984F5EFB08AF403 ] TermService     C:\WINDOWS\System32\termsrv.dll
21:44:53.0531 0x05d8  TermService - ok
21:44:53.0562 0x05d8  [ 9ED683865B8F0D374B95F4159F33833C, 6570DBEABF2AD245867949FD5DB195D4B44C0BF4EAFF021515BCDE061058F756 ] Themes          C:\WINDOWS\System32\shsvcs.dll
21:44:53.0562 0x05d8  Themes - ok
21:44:53.0578 0x05d8  TosIde - ok
21:44:53.0640 0x05d8  [ 3986C1B3E63E831288F4CE4AC5902886, C53EE2A1E3EED718B4C0BD145658BC8D2240D306C3B8E9C65FC1AD25B7109D0C ] TrkWks          C:\WINDOWS\system32\trkwks.dll
21:44:53.0640 0x05d8  TrkWks - ok
21:44:53.0671 0x05d8  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
21:44:53.0671 0x05d8  Udfs - ok
21:44:53.0687 0x05d8  ultra - ok
21:44:53.0765 0x05d8  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
21:44:53.0765 0x05d8  Update - ok
21:44:53.0812 0x05d8  [ 0A0435BE61CE7BB2F43A529EAC811CB8, 2624BA570B5192898FFE71B372E1B77D463BB6CB8327289E612E2218470533D9 ] upnphost        C:\WINDOWS\System32\upnphost.dll
21:44:53.0828 0x05d8  upnphost - ok
21:44:53.0859 0x05d8  [ A7F37334A19A15F41935C8EC9037007F, 3FEC70885EB9B74C74CEC414DA295304925AB80AE9A0A8279C8B81AB4047DC3B ] UPS             C:\WINDOWS\System32\ups.exe
21:44:53.0859 0x05d8  UPS - ok
21:44:53.0921 0x05d8  [ 173F317CE0DB8E21322E71B7E60A27E8, 7042441BA63AE38AE9D7BE0BC5CA7404FC9EE5BB3F084604A68F01E82769652A ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
21:44:53.0921 0x05d8  usbccgp - ok
21:44:53.0968 0x05d8  [ 65DCF09D0E37D4C6B11B5B0B76D470A7, 90EBA8BAF45932B453D905EDF2BDDDF3A432BFD50B9F7DF58CDEAE98D11C2E2F ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
21:44:53.0968 0x05d8  usbehci - ok
21:44:54.0031 0x05d8  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
21:44:54.0031 0x05d8  usbhub - ok
21:44:54.0046 0x05d8  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
21:44:54.0046 0x05d8  usbprint - ok
21:44:54.0078 0x05d8  [ A0B8CF9DEB1184FBDD20784A58FA75D4, D8AFD45BD9CF7B02F2554AA6085194DE82893AF794EDF479BC9B9E9C1758DC75 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
21:44:54.0093 0x05d8  usbscan - ok
21:44:54.0125 0x05d8  [ 1C888B000C2F9492F4B15B5B6B84873E, 40698DFA5CD7BCFAFC14A2227FBF58CAD44D95C4E48B4B81160A6BCC33A8C3E3 ] usbser          C:\WINDOWS\system32\DRIVERS\usbser.sys
21:44:54.0125 0x05d8  usbser - ok
21:44:54.0156 0x05d8  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
21:44:54.0156 0x05d8  USBSTOR - ok
21:44:54.0203 0x05d8  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
21:44:54.0203 0x05d8  usbuhci - ok
21:44:54.0218 0x05d8  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
21:44:54.0218 0x05d8  VgaSave - ok
21:44:54.0218 0x05d8  ViaIde - ok
21:44:54.0281 0x05d8  [ 3CF5DC3FDF17AE17D488D4548AC33741, 217036C8C7650B73A1733E9087A22A1ABBB6EEDCF037C33633C4F69012051225 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
21:44:54.0281 0x05d8  VolSnap - ok
21:44:54.0359 0x05d8  [ 2B2B357B63ACBEE389BEA503B5CA89CE, 18D04627ED301A2442047625EBF88CB182F43A8DEDD3FEA7B103630B1FC13A04 ] VSS             C:\WINDOWS\System32\vssvc.exe
21:44:54.0359 0x05d8  VSS - ok
21:44:54.0437 0x05d8  [ B49EE293A184A0FFFF710CDD6713BD47, 433D45CC36E797B4E886049CF7CDC14EF89FCAADE6D14ACF7B3072CEF6362EEA ] W32Time         C:\WINDOWS\system32\w32time.dll
21:44:54.0437 0x05d8  W32Time - ok
21:44:54.0500 0x05d8  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:44:54.0500 0x05d8  Wanarp - ok
21:44:54.0500 0x05d8  WDICA - ok
21:44:54.0515 0x05d8  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
21:44:54.0515 0x05d8  wdmaud - ok
21:44:54.0578 0x05d8  [ 7D28CEE58219B1ADE976C8438442BF41, 379A124B25A7C1A906B049F0D84902DFEE900BDE44BFEC84642E608DD28D4C5E ] WebClient       C:\WINDOWS\System32\webclnt.dll
21:44:54.0578 0x05d8  WebClient - ok
21:44:54.0703 0x05d8  [ 075EC50CA60F1B4EE576886BEF72AB21, 8391C74EAE6216F7836848DE243B9AAE81CB367D7E0FB1838E3672F7820DD28A ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
21:44:54.0703 0x05d8  winmgmt - ok
21:44:54.0750 0x05d8  [ E3122C37EFE571F99EA955CBD7EF08D3, 4D27E043AB5519FBC5C66393C4D46CAF9BC5A26FE8FF3C6BC6F5ABF0BD2A1D13 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
21:44:54.0765 0x05d8  WmdmPmSN - ok
21:44:54.0796 0x05d8  [ DDED6630AFD8227395A714E3162A97D7, 2672C5BEB018D4A63684ED493120361F9D2DC1350534ECF6FD2DF3002821D709 ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
21:44:54.0812 0x05d8  WmiApSrv - ok
21:44:54.0953 0x05d8  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
21:44:54.0968 0x05d8  WPFFontCache_v0400 - ok
21:44:55.0015 0x05d8  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
21:44:55.0015 0x05d8  WS2IFSL - ok
21:44:55.0078 0x05d8  [ 1A5DDC44B0AB7C40C13796DB7DB82989, 4DB5742A69FDE879E7FAC3E10DE5DC920B090D3DB51D74BF84FC250C5E0BDEC0 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
21:44:55.0078 0x05d8  wscsvc - ok
21:44:55.0140 0x05d8  [ 6F55057EE883AC1675F31242B6DD6EF3, 2A0B02440C3FB3BB6ACF3C770AA896A6149464A5D57401BE51AB39A6A5690678 ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
21:44:55.0156 0x05d8  wuauserv - ok
21:44:55.0218 0x05d8  [ 0AF6479664B3AAB3B46881143345AEAA, 5CCA12371A8EDDEE337001D5804D17C94123A96E26B662BBC6D89F06AC5BBCF7 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
21:44:55.0234 0x05d8  WZCSVC - ok
21:44:55.0296 0x05d8  [ 34994678129C0BD63E4C29E5780F4D34, A1F2D80F9D486BA2D30D25F45A17AA1C9AFDC0CF5BDB02486070D6E4DD7240D4 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
21:44:55.0296 0x05d8  xmlprov - ok
21:44:55.0312 0x05d8  ================ Scan global ===============================
21:44:55.0359 0x05d8  [ E8944EEC78EC2FE5F3A613DDF201C815, BD2746229A76F58E7564CB740466AA3B332F783515FD5AB4872156222BCD1FA4 ] C:\WINDOWS\system32\basesrv.dll
21:44:55.0375 0x05d8  [ D1556933FB2E69FDA72AABC05348C60C, 5C6BF487D610996101D713D7594A6ADD8419011DDD0546592194591ACE4354EF ] C:\WINDOWS\system32\winsrv.dll
21:44:55.0406 0x05d8  [ D1556933FB2E69FDA72AABC05348C60C, 5C6BF487D610996101D713D7594A6ADD8419011DDD0546592194591ACE4354EF ] C:\WINDOWS\system32\winsrv.dll
21:44:55.0421 0x05d8  [ 207AB7A1A36004BB6F33E58E71C1C90E, C4B4729276A5C1E523C5E48DCFA436E15311C85AC775A8CF3B549A71E7D3C2D2 ] C:\WINDOWS\system32\services.exe
21:44:55.0421 0x05d8  [ Global ] - ok
21:44:55.0421 0x05d8  ================ Scan MBR ==================================
21:44:55.0453 0x05d8  [ 3C27C0429156ADC19E0F46AF77CD22D7 ] \Device\Harddisk0\DR0
21:44:55.0656 0x05d8  \Device\Harddisk0\DR0 - ok
21:44:55.0656 0x05d8  ================ Scan VBR ==================================
21:44:55.0656 0x05d8  [ 9C152BBCD1664EFAB2720EA14D625830 ] \Device\Harddisk0\DR0\Partition1
21:44:55.0671 0x05d8  \Device\Harddisk0\DR0\Partition1 - ok
21:44:55.0687 0x05d8  Win FW state via NFM: enabled
21:45:10.0125 0x05d8  ============================================================
21:45:10.0125 0x05d8  Scan finished
21:45:10.0125 0x05d8  ============================================================
21:45:10.0125 0x058c  Detected object count: 0
21:45:10.0125 0x058c  Actual detected object count: 0

descriptionRe: Browser hijacked "Do Searches"

more_horiz
Please run AdwCleaner and MBAM again and see if anything shows up.

descriptionRe: Browser hijacked "Do Searches"

more_horiz
# AdwCleaner v3.008 - Report created 18/10/2013 at 22:07:49
# Updated 17/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Vlad&Luciferia - USER-HQAI7P9NL5
# Running from : C:\Documents and Settings\Vlad&Luciferia\Επιφάνεια εργασίας\Aρχεία\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v24.0 (el)

[ File : C:\Documents and Settings\Vlad&Luciferia\Application Data\Mozilla\Firefox\Profiles\fpegqkwo.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Vlad&Luciferia\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10707 octets] - [17/10/2013 22:31:11]
AdwCleaner[R1].txt - [1129 octets] - [18/10/2013 00:44:28]
AdwCleaner[R2].txt - [990 octets] - [18/10/2013 22:07:49]
AdwCleaner[S0].txt - [9979 octets] - [17/10/2013 22:33:22]
AdwCleaner[S1].txt - [1191 octets] - [18/10/2013 00:45:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1169 octets] ##########

descriptionRe: Browser hijacked "Do Searches"

more_horiz
this is the correct, sorry
# AdwCleaner v3.008 - Report created 18/10/2013 at 22:07:49
# Updated 17/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Vlad&Luciferia - USER-HQAI7P9NL5
# Running from : C:\Documents and Settings\Vlad&Luciferia\Επιφάνεια εργασίας\Aρχεία\adwcleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v6.0.2900.5512


-\\ Mozilla Firefox v24.0 (el)

[ File : C:\Documents and Settings\Vlad&Luciferia\Application Data\Mozilla\Firefox\Profiles\fpegqkwo.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Documents and Settings\Vlad&Luciferia\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10707 octets] - [17/10/2013 22:31:11]
AdwCleaner[R1].txt - [1129 octets] - [18/10/2013 00:44:28]
AdwCleaner[R2].txt - [990 octets] - [18/10/2013 22:07:49]
AdwCleaner[S0].txt - [9979 octets] - [17/10/2013 22:33:22]
AdwCleaner[S1].txt - [1191 octets] - [18/10/2013 00:45:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [1169 octets] ##########

descriptionRe: Browser hijacked "Do Searches"

more_horiz
scanning with mbam now..virus is still present :/

descriptionRe: Browser hijacked "Do Searches"

more_horiz
Here is the MBAM:

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Έκδοση βάσης δεδομένων: v2013.10.13.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 6.0.2900.5512
Vlad&Luciferia :: USER-HQAI7P9NL5 [διαχειριστής]

18/10/2013 10:11:19 μμ
mbam-log-2013-10-18 (22-11-19).txt

Τύπος σάρωσης: Πλήρης σάρωση (C:\|)
Ενεργοποιημένες επιλογές σάρωσης: Μνήμη | Εκκίνηση | Μητρώο | Σύστημα αρχείων | Ευρετική μέθοδος/Extra | Ευρετική μέθοδος/Shuriken | PUP | PUM
Απενεργοποιημένες επιλογές σάρωσης: P2P
Αντικείμενα που σαρώθηκαν: 232059
Χρόνος που έχει διανυθεί: 32 λεπτό(ά), 2 δευτερόλεπτο(α)

Εντοπίστηκαν διεργασίες στη μνήμη: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν στοιχεία στη μνήμη: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν κλειδιά στο μητρώο: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν τιμές στο μητρώο: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν αντικείμενα δεδομένων στο μητρώο: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν φάκελοι: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

Εντοπίστηκαν αρχεία: 0
(Δεν εντοπίστηκαν επιβλαβή αντικείμενα)

(τέλος)

descriptionRe: Browser hijacked "Do Searches"

more_horiz
I think that those are weird, what do you think :

descriptionRe: Browser hijacked "Do Searches"

more_horiz
You can try stopping those suspicious processes one at a time and see if it helps.

Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
*********************************************
I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

  • Click on to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the icon on your desktop.

•Check
•Click the button.
•Accept any security warnings from your browser.

  • Leave the check mark next to Remove found threats.

•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

descriptionRe: Browser hijacked "Do Searches"

more_horiz
I don't know why, but as I said on my previous posts, security check cannot run as it should and I get some kind of error inside the program saying "Could not locate the disk path"...


Eset:
C:\AdwCleaner\Quarantine\C\Documents and Settings\VLAD&L~1\LOCALS~1\Temp\eIntaller\A77CB00929914442BD038C99765B0F83\eGdpSvc.exe.vir a variant of Win32/ELEX.S application cleaned by deleting - quarantined
C:\Documents and Settings\Vlad&Luciferia\?? ??????? ???\Downloads\Windows XP Pro SP3, Activated, +genuine, +sata, (July 2013)\Windows_XP_Pro_SP3_activated.iso a variant of Win32/HackTool.WpaKill.E application deleted - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Vlad&Luciferia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\fcgmehbfdnnenigpjeloaghefejfanka\1.6\zYiVoyT.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\Vlad&Luciferia\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iibljhbgeihagednfcefiohkkhlebafm\1.0\8OlTFzsklOl.js.vir Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\System Volume Information\_restore{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP75\A0014268.exe Win32/SProtector.B application cleaned by deleting - quarantined
C:\System Volume Information\_restore{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP77\A0014337.exe a variant of Win32/Adware.SpeedingUpMyPC.C application cleaned by deleting - quarantined
C:\System Volume Information\_restore{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP77\A0014341.exe a variant of Win32/SpeedingUpMyPC application deleted - quarantined
C:\System Volume Information\_restore{233CA534-2ECC-468B-9319-1BCF517C9EE4}\RP84\A0014832.exe Win32/SProtector.B application cleaned by deleting - quarantined

descriptionRe: Browser hijacked "Do Searches"

more_horiz
Virus still exists... Sad tearing
Permissions in this forum:
You cannot reply to topics in this forum