GeekPolice Tech TutorialsLog in

 

ActivityMonitoring malware?

Share

descriptionRe: ActivityMonitoring malware?

more_horiz
Today I had big problems!

Every time I get the "ActivityMonitoring", and I decline it, it undoes what eve it was doing, and then my AVG updates, and always fails. So I thought maybe it's my AVG causing it. So I uninstalled my AVG, and then tried to re-install it. The "ActivityMonitoring" came up every time, and would not allow it to download.
So then I thought it was the firefox doing it, so I un-installed that also. Nope! I tried to re-install firefox, but the "ActivityMonitoring" kept stopping it from downloading it. I tried many different ways to install AVG, and I finally got it mostly installed, but not completely. I then finally got firefox installed. I then updated the AVG (which didn't complete the installation of it), and then ran it they way it is. It found 29 threats. I removed them, and then opened firefox to search for something, and it took a long time to bring it up. The site seem to run ok after they open.

I did update the Java, yesterday.

What did I do to my PC. it was running so good, and quick, and now it takes for ever to bring any site up.

 Sorry,  Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
Please download MiniToolBox to Desktop and run it.



Checkmark the following boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP Configuration
  • Lst Last 10 Event Viewer Errors
  • List Users, Partitions and Memory Size

Click Go and copy/paste the log (Result.txt) into your next post.

descriptionRe: ActivityMonitoring malware?

more_horiz
Here are the results from that.

--->
MiniToolBox by Farbar Version: 25-07-2015 01
Ran by ann summers (administrator) on 28-10-2015 at 08:40:01
Running from "C:\Documents and Settings\ann summers\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Model: Dell DE051 Manufacturer: Dell Computer Corporation
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel(R) PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : DFSVF091

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Intel(R) PRO/100 VE Network Connection

Physical Address. . . . . . . . . : 00-13-20-C6-5A-68

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.1.2

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DHCP Server . . . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 192.168.1.1

Lease Obtained. . . . . . . . . . : Wednesday, October 28, 2015 5:30:16 AM

Lease Expires . . . . . . . . . . : Thursday, October 29, 2015 5:30:16 AM

Server: UnKnown
Address: 192.168.1.1

Name: google.com
Addresses: 69.8.160.113, 69.8.160.93, 69.8.160.108, 69.8.160.102
69.8.160.98, 69.8.160.106, 69.8.160.83, 69.8.160.121, 69.8.160.117
69.8.160.91, 69.8.160.109, 69.8.160.123, 69.8.160.79, 69.8.160.94
69.8.160.87



Pinging google.com [69.8.160.93] with 32 bytes of data:



Reply from 69.8.160.93: bytes=32 time=6ms TTL=60

Reply from 69.8.160.93: bytes=32 time=6ms TTL=60



Ping statistics for 69.8.160.93:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 6ms, Maximum = 6ms, Average = 6ms

Server: UnKnown
Address: 192.168.1.1

Name: yahoo.com
Addresses: 98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [206.190.36.45] with 32 bytes of data:



Reply from 206.190.36.45: bytes=32 time=76ms TTL=46

Reply from 206.190.36.45: bytes=32 time=76ms TTL=46



Ping statistics for 206.190.36.45:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 76ms, Maximum = 76ms, Average = 76ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 20 c6 5a 68 ...... Intel(R) PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.2 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.1.0 255.255.255.0 192.168.1.2 192.168.1.2 20
192.168.1.2 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.1.255 255.255.255.255 192.168.1.2 192.168.1.2 20
224.0.0.0 240.0.0.0 192.168.1.2 192.168.1.2 20
255.255.255.255 255.255.255.255 192.168.1.2 192.168.1.2 1
Default Gateway: 192.168.1.1
===========================================================================
Persistent Routes:
None

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/28/2015 05:32:54 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800700ea.

Error: (10/27/2015 04:30:47 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800700ea.

Error: (10/26/2015 10:30:04 AM) (Source: MsiInstaller) (User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed

Error: (10/26/2015 10:30:04 AM) (Source: MsiInstaller) (User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallationFun(0xC007022F): Driver installation failed

Error: (10/26/2015 10:00:05 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800700ea.

Error: (10/26/2015 09:46:00 AM) (Source: MsiInstaller) (User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed

Error: (10/26/2015 09:46:00 AM) (Source: MsiInstaller) (User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallationFun(0xC007022F): Driver installation failed

Error: (10/26/2015 09:05:42 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800700ea.

Error: (10/26/2015 08:46:00 AM) (Source: MsiInstaller) (User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed

Error: (10/26/2015 08:46:00 AM) (Source: MsiInstaller) (User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallationFun(0xC007022F): Driver installation failed


System errors:
=============
Error: (10/26/2015 05:01:36 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/25/2015 06:14:44 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/23/2015 09:43:53 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/23/2015 05:35:10 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/21/2015 09:07:40 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/20/2015 05:25:58 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/19/2015 05:18:20 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/18/2015 06:03:32 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/17/2015 05:23:18 AM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2

Error: (10/15/2015 08:03:33 PM) (Source: 0) (User: )
Description: 0xC0000001HarddiskVolume2


Microsoft Office Sessions:
=========================
Error: (10/28/2015 05:32:54 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800700ea.

Error: (10/27/2015 04:30:47 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800700ea.

Error: (10/26/2015 10:30:04 AM) (Source: MsiInstaller)(User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)

Error: (10/26/2015 10:30:04 AM) (Source: MsiInstaller)(User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallationFun(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)

Error: (10/26/2015 10:00:05 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800700ea.

Error: (10/26/2015 09:46:00 AM) (Source: MsiInstaller)(User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)

Error: (10/26/2015 09:46:00 AM) (Source: MsiInstaller)(User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallationFun(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)

Error: (10/26/2015 09:05:42 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Service reached limit of transient errors. Will shut down. Last error returned from Service Manager: 0x800700ea.

Error: (10/26/2015 08:46:00 AM) (Source: MsiInstaller)(User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallation(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)

Error: (10/26/2015 08:46:00 AM) (Source: MsiInstaller)(User: DFSVF091)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG -- Error 27046. CA_Error27046: DriverInstallationFun(0xC007022F): Driver installation failed(NULL)(NULL)(NULL)


========================= Memory info: ===================================

Percentage of memory in use: 71%
Total physical RAM: 1021.98 MB
Available physical RAM: 290.48 MB
Total Virtual: 1695.19 MB
Available Virtual: 979.04 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:71.46 GB) (Free:45.43 GB) NTFS

========================= Users: ========================================

User accounts for \\DFSVF091

Administrator ann summers Guest
HelpAssistant SUPPORT_388945a0


**** End of log ****



Thanks, Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
You can uninstall HiJackthis. What is MCU for?
Could you please run AdwCleaner again and post the log?

  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.

  • If an infected file is detected, the default action will be Cure, click on Continue.

  • If a suspicious file is detected, the default action will be Skip, click on Continue.

  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.

  • Click the Report button and copy/paste the contents of it into your next reply
Note:It will also create a log in the C:\ directory..

descriptionRe: ActivityMonitoring malware?

more_horiz
"What is MCU for?"

I don't know what "MCU" stands for, so I can not answer that.

Adwcleaner results --->

# AdwCleaner v5.015 - Logfile created 29/10/2015 at 08:26:58
# Updated 26/10/2015 by Xplode
# Database : 2015-10-29.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : ann summers - DFSVF091
# Running from : C:\Documents and Settings\ann summers\My Documents\Downloads\adwcleaner_5.015.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [631 bytes] ##########


Thanks, Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
It keeps telling me that the post is to large to post, when I try to post the results of the "Kdsskiller"
The results tell me this.
--->
07:52:05.0406 0x059c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
07:52:16.0796 0x059c ============================================================
07:52:16.0796 0x059c Current date / time: 2015/10/29 07:52:16.0796
07:52:16.0796 0x059c SystemInfo:
07:52:16.0796 0x059c
07:52:16.0796 0x059c OS Version: 5.1.2600 ServicePack: 3.0
07:52:16.0796 0x059c Product type: Workstation
07:52:16.0796 0x059c ComputerName: DFSVF091
07:52:16.0796 0x059c UserName: ann summers
07:52:16.0796 0x059c Windows directory: C:\WINDOWS
07:52:16.0796 0x059c System windows directory: C:\WINDOWS
07:52:16.0796 0x059c Processor architecture: Intel x86
07:52:16.0796 0x059c Number of processors: 1
07:52:16.0796 0x059c Page size: 0x1000
07:52:16.0796 0x059c Boot type: Normal boot
07:52:16.0796 0x059c ============================================================
07:52:19.0234 0x059c KLMD registered as C:\WINDOWS\system32\drivers\33383639.sys
07:52:19.0875 0x059c System UUID: {532E7B14-8F17-E8C0-D79F-01803337E10E}
07:52:20.0953 0x059c Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 ( 74.51 Gb ), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
07:52:20.0984 0x059c ============================================================
07:52:20.0984 0x059c \Device\Harddisk0\DR0:
07:52:20.0984 0x059c MBR partitions:
07:52:20.0984 0x059c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x8EE9870
07:52:20.0984 0x059c ============================================================
07:52:21.0046 0x059c C: <-> \Device\Harddisk0\DR0\Partition1
07:52:21.0046 0x059c ============================================================
07:52:21.0046 0x059c Initialize success
07:52:21.0046 0x059c ============================================================
07:52:24.0531 0x0448 ============================================================
07:52:24.0531 0x0448 Scan started
07:52:24.0531 0x0448 Mode: Manual;
07:52:24.0531 0x0448 ============================================================
07:52:24.0531 0x0448 KSN ping started
07:52:26.0937 0x0448 KSN ping finished: true
07:52:27.0703 0x0448 ================ Scan system memory ========================
07:52:27.0703 0x0448 System memory - ok
07:52:27.0703 0x0448 ================ Scan services =============================
07:52:27.0812 0x0448 Abiosdsk - ok
07:52:27.0843 0x0448 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
07:52:27.0843 0x0448 abp480n5 - ok
07:52:28.0015 0x0448 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
07:52:28.0031 0x0448 ACPI - ok
07:52:28.0062 0x0448 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
07:52:28.0062 0x0448 ACPIEC - ok
07:52:28.0140 0x0448 [ 8C194A201698B4B4F77D974549819D1F, 081A2496FE1CE519E48677D99A831FF1FEEB1B33C75224CF288FA52F3E0E5FF0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:52:28.0140 0x0448 AdobeFlashPlayerUpdateSvc - ok
07:52:28.0203 0x0448 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
07:52:28.0203 0x0448 adpu160m - ok
07:52:28.0250 0x0448 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
07:52:28.0265 0x0448 aec - ok
07:52:28.0312 0x0448 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
07:52:28.0312 0x0448 AFD - ok
07:52:28.0359 0x0448 [ 0EBB674888CBDEFD5773341C16DD6A07, EC87828DBD4E11079C1E7296EEC568917A7B4052AA3EFFA402DD5FAA7E45741D ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys
07:52:28.0359 0x0448 AFS2K - ok
07:52:28.0406 0x0448 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
07:52:28.0406 0x0448 agp440 - ok
07:52:28.0421 0x0448 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
07:52:28.0421 0x0448 agpCPQ - ok
07:52:28.0437 0x0448 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
07:52:28.0453 0x0448 Aha154x - ok
07:52:28.0453 0x0448 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
07:52:28.0468 0x0448 aic78u2 - ok
07:52:28.0484 0x0448 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
07:52:28.0500 0x0448 aic78xx - ok
07:52:28.0531 0x0448 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
07:52:28.0531 0x0448 Alerter - ok
07:52:28.0562 0x0448 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
07:52:28.0562 0x0448 ALG - ok
07:52:28.0593 0x0448 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
07:52:28.0593 0x0448 AliIde - ok
07:52:28.0625 0x0448 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
07:52:28.0640 0x0448 alim1541 - ok
07:52:28.0640 0x0448 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
07:52:28.0656 0x0448 amdagp - ok
07:52:28.0656 0x0448 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
07:52:28.0671 0x0448 amsint - ok
07:52:28.0671 0x0448 AppMgmt - ok
07:52:28.0703 0x0448 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
07:52:28.0703 0x0448 asc - ok
07:52:28.0718 0x0448 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
07:52:28.0718 0x0448 asc3350p - ok
07:52:28.0734 0x0448 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
07:52:28.0734 0x0448 asc3550 - ok
07:52:28.0843 0x0448 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
07:52:28.0843 0x0448 aspnet_state - ok
07:52:28.0890 0x0448 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
07:52:28.0890 0x0448 AsyncMac - ok
07:52:28.0921 0x0448 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
07:52:28.0921 0x0448 atapi - ok
07:52:28.0937 0x0448 Atdisk - ok
07:52:28.0953 0x0448 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
07:52:28.0953 0x0448 Atmarpc - ok
07:52:28.0984 0x0448 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
07:52:29.0000 0x0448 AudioSrv - ok
07:52:29.0031 0x0448 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
07:52:29.0031 0x0448 audstub - ok
07:52:29.0250 0x0448 [ 636347755757553AFCF77CF3120287B7, 5F3ED5546170F32A84AA12E922EBB73EB45544309D9F0EE0C4AC7E92FE673551 ] AvgAMPS C:\Program Files\AVG\Av\avgamps.exe
07:52:29.0265 0x0448 AvgAMPS - ok
07:52:29.0312 0x0448 [ 28ED163EBC48BF20F76B5A90032383A5, 3ADDEBD6CAADC923C8F5CF3206CBD6E4842EAFE3D0ACA39608E4A526BE1D8BF6 ] Avgdiskx C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
07:52:29.0312 0x0448 Avgdiskx - ok
07:52:29.0468 0x0448 [ 12863EC25C1C46D6CEA1236BA1A3E2D5, 0081FD31533D6B1A6CE379FA8FD7B37D995A6A4044E7BE4F42F825959C6E7513 ] avgfws C:\Program Files\AVG\AVG2015\avgfws.exe
07:52:29.0515 0x0448 avgfws - ok
07:52:29.0750 0x0448 [ D580A66587595A26EE6C6DD302D70BB7, EA75BF010341F6EB8D40973A4F80C5155B221170EFAAEDBAB51AFDAF90B1899D ] AVGIDSAgent C:\Program Files\AVG\Av\avgidsagent.exe
07:52:29.0875 0x0448 AVGIDSAgent - ok
07:52:29.0937 0x0448 [ E12570E23BB21AD8D51C983446E3D95C, 88EB293275BA1F8D4EDF0618A5740CA867FC80D6AF6CB5651A10A1EA1BE9EACC ] AVGIDSDriverl C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys
07:52:29.0937 0x0448 AVGIDSDriverl - ok
07:52:30.0000 0x0448 [ 58D2DD279EF94567F3ADE0A183AA8E73, 3039A598B2EE9D0A1BD2C2B1004279470710A6B450D4800C9CE89B8D3AB21ED3 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
07:52:30.0000 0x0448 AVGIDSHX - ok
07:52:30.0031 0x0448 [ B2A20F53C393247935B921831151C107, 6F4366DF54D4FDAE61E47DB6F20A5ED2D99E1273743CE8ED1F62F6BEF49E51B6 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys
07:52:30.0031 0x0448 AVGIDSShim - ok
07:52:30.0093 0x0448 [ 0279A6866096DDCF88E9774D4D026879, 9B561AA7450B73E88B21B122D48EDE36F2C4127469124B3E44C96962601C2740 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
07:52:30.0093 0x0448 Avgldx86 - ok
07:52:30.0140 0x0448 [ 671832356F02077F305F711FF8894BDA, DD0F193EF2F40DDEEABBEE13A4D669654AECF57B0C54CBF87FA8871536688C83 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
07:52:30.0156 0x0448 Avglogx - ok
07:52:30.0187 0x0448 [ 5A5297A835310226A044F3FE87E7F1A2, ED484E4B302596391C8D1DDCA1845BAE6E0643C93563FA87FB6FC4A9E2FC6295 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
07:52:30.0187 0x0448 Avgmfx86 - ok
07:52:30.0203 0x0448 [ 961DA8B7CE470D85D67262A3E3F45F63, 86987FAF0E69D819F7EBA30C2C11C4650AC5F6CC64977DE8E790D3D6F0639F74 ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
07:52:30.0218 0x0448 Avgrkx86 - ok
07:52:30.0296 0x0448 [ EF5B460A6DD845A17D9AA1D06C622A7D, 4F5717A62AC8B087A90C507311AAEFBED0FA35A69FC02481F9471439A0D3F0AD ] avgsvc C:\Program Files\AVG\Framework\Common\avgsvcx.exe
07:52:30.0312 0x0448 avgsvc - ok
07:52:30.0375 0x0448 [ 771EB18C15CC90C716F7A88777384BB6, 3689A1E1A356E9BB9813493D391ECE361D6FF6C5050A7C1A7B04733BA3D5C5E8 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys
07:52:30.0390 0x0448 Avgtdix - ok
07:52:30.0468 0x0448 [ E3E9166D2CC7AB2E03800302644EE74F, 7E0C9B1E3C3F6C2C9E9908C05B9BBD7EEDDE26D328DBAE235DF742F8153528A0 ] avgwd C:\Program Files\AVG\Av\avgwdsvcx.exe
07:52:30.0484 0x0448 avgwd - ok
07:52:30.0546 0x0448 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
07:52:30.0546 0x0448 Beep - ok
07:52:30.0609 0x0448 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
07:52:30.0640 0x0448 BITS - ok
07:52:30.0671 0x0448 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
07:52:30.0687 0x0448 Browser - ok
07:52:30.0687 0x0448 bvrp_pci - ok
07:52:30.0828 0x0448 catchme - ok
07:52:30.0859 0x0448 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
07:52:30.0859 0x0448 cbidf - ok
07:52:30.0875 0x0448 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
07:52:30.0875 0x0448 cbidf2k - ok
07:52:30.0906 0x0448 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
07:52:30.0906 0x0448 cd20xrnt - ok
07:52:30.0937 0x0448 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
07:52:30.0937 0x0448 Cdaudio - ok
07:52:30.0984 0x0448 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
07:52:30.0984 0x0448 Cdfs - ok
07:52:31.0015 0x0448 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
07:52:31.0015 0x0448 Cdrom - ok
07:52:31.0046 0x0448 Changer - ok
07:52:31.0078 0x0448 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
07:52:31.0078 0x0448 CiSvc - ok
07:52:31.0109 0x0448 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
07:52:31.0109 0x0448 ClipSrv - ok
07:52:31.0140 0x0448 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:52:31.0156 0x0448 clr_optimization_v2.0.50727_32 - ok
07:52:31.0234 0x0448 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:52:31.0234 0x0448 clr_optimization_v4.0.30319_32 - ok
07:52:31.0281 0x0448 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
07:52:31.0281 0x0448 CmdIde - ok
07:52:31.0296 0x0448 COMSysApp - ok
07:52:31.0328 0x0448 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
07:52:31.0328 0x0448 Cpqarray - ok
07:52:31.0375 0x0448 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
07:52:31.0375 0x0448 CryptSvc - ok
07:52:31.0421 0x0448 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
07:52:31.0421 0x0448 dac2w2k - ok
07:52:31.0453 0x0448 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
07:52:31.0453 0x0448 dac960nt - ok
07:52:31.0515 0x0448 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
07:52:31.0531 0x0448 DcomLaunch - ok
07:52:31.0578 0x0448 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
07:52:31.0578 0x0448 Dhcp - ok
07:52:31.0593 0x0448 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
07:52:31.0593 0x0448 Disk - ok
07:52:31.0609 0x0448 dmadmin - ok
07:52:31.0671 0x0448 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
07:52:31.0687 0x0448 dmboot - ok
07:52:31.0734 0x0448 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
07:52:31.0750 0x0448 dmio - ok
07:52:31.0781 0x0448 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
07:52:31.0781 0x0448 dmload - ok
07:52:31.0812 0x0448 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
07:52:31.0812 0x0448 dmserver - ok
07:52:31.0843 0x0448 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
07:52:31.0843 0x0448 DMusic - ok
07:52:31.0906 0x0448 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
07:52:31.0906 0x0448 Dnscache - ok
07:52:31.0937 0x0448 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
07:52:31.0953 0x0448 Dot3svc - ok
07:52:31.0984 0x0448 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
07:52:31.0984 0x0448 dpti2o - ok
07:52:32.0015 0x0448 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
07:52:32.0015 0x0448 drmkaud - ok
07:52:32.0078 0x0448 [ 7D91DC6342248369F94D6EBA0CF42E99, 3A0B94862AF1E085F1FD9B8B96FC1F7BD6FF00342AC04D697AB65BC686F7BC2F ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
07:52:32.0093 0x0448 E100B - ok
07:52:32.0125 0x0448 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
07:52:32.0140 0x0448 EapHost - ok
07:52:32.0187 0x0448 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
07:52:32.0187 0x0448 ERSvc - ok
07:52:32.0218 0x0448 esgiguard - ok
07:52:32.0265 0x0448 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
07:52:32.0265 0x0448 Eventlog - ok
07:52:32.0312 0x0448 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
07:52:32.0328 0x0448 EventSystem - ok
07:52:32.0390 0x0448 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
07:52:32.0390 0x0448 Fastfat - ok
07:52:32.0437 0x0448 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
07:52:32.0453 0x0448 FastUserSwitchingCompatibility - ok
07:52:32.0500 0x0448 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe
07:52:32.0500 0x0448 Fax - ok
07:52:32.0531 0x0448 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
07:52:32.0531 0x0448 Fdc - ok
07:52:32.0578 0x0448 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
07:52:32.0578 0x0448 Fips - ok
07:52:32.0609 0x0448 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
07:52:32.0609 0x0448 Flpydisk - ok
07:52:32.0656 0x0448 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
07:52:32.0656 0x0448 FltMgr - ok
07:52:32.0718 0x0448 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
07:52:32.0718 0x0448 FontCache3.0.0.0 - ok
07:52:32.0750 0x0448 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
07:52:32.0750 0x0448 Fs_Rec - ok
07:52:32.0812 0x0448 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
07:52:32.0812 0x0448 Ftdisk - ok
07:52:32.0859 0x0448 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
07:52:32.0859 0x0448 Gpc - ok
07:52:32.0953 0x0448 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
07:52:32.0953 0x0448 gupdate - ok
07:52:32.0968 0x0448 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
07:52:32.0984 0x0448 gupdatem - ok
07:52:33.0031 0x0448 [ C818B973110A1C9F7763DD39BFFD0FD3, 2896295427691625242623A2ABA9C21462ADE2B9C9052455AA592EF46257B59C ] hardlock C:\WINDOWS\system32\drivers\hardlock.sys
07:52:33.0031 0x0448 hardlock - ok
07:52:33.0062 0x0448 [ 2DD25F060DC9F79B5CDF33D90ED93669, 1095E091B1F42E04B054478E029D166990A375D27E9B9D0D1170F35536462C8E ] Haspnt C:\WINDOWS\system32\drivers\Haspnt.sys
07:52:33.0062 0x0448 Haspnt - ok
07:52:33.0140 0x0448 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
07:52:33.0140 0x0448 helpsvc - ok
07:52:33.0187 0x0448 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
07:52:33.0203 0x0448 HidServ - ok
07:52:33.0234 0x0448 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
07:52:33.0234 0x0448 HidUsb - ok
07:52:33.0281 0x0448 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
07:52:33.0281 0x0448 hkmsvc - ok
07:52:33.0296 0x0448 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
07:52:33.0296 0x0448 hpn - ok
07:52:33.0328 0x0448 [ 2A8A2AA68185B47632188F1A8BE44170, 1CA6799283A0F35B8755958C15E82FCAEDEF0D015F41A08C659208671E15B5FC ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
07:52:33.0328 0x0448 HPZid412 - ok
07:52:33.0359 0x0448 [ 0A520679B0AD3F438E88B746D0C5BA6C, 292B4029DBF80BF29819E786934B0D759D084928FEEFB6DE24F65729F3B614D2 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
07:52:33.0359 0x0448 HPZipr12 - ok
07:52:33.0390 0x0448 [ 1D53F2B2051A3FCE2C8EF0E01B042E25, D2FCE6EDEAE2EC56174228EC03320F30F0DFABFD3880750B1DF9BC0353F318AA ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
07:52:33.0390 0x0448 HPZius12 - ok
07:52:33.0453 0x0448 [ 77E4FF0B73BC0AEAAF39BF0C8104231F, A5D35FCD9E52003D990EB97DF1634DE9B516647C8DAAD3152550CD875DBBDA82 ] HSFHWBS2 C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
07:52:33.0468 0x0448 HSFHWBS2 - ok
07:52:33.0531 0x0448 [ 60E1604729A15EF4A3B05F298427B3B1, 139DE473F645A300DD436B4AA8359A23FCE3BB9688B6B597E89F8ADBC36A71B9 ] HSF_DP C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
07:52:33.0562 0x0448 HSF_DP - ok
07:52:33.0625 0x0448 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
07:52:33.0640 0x0448 HTTP - ok
07:52:33.0671 0x0448 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
07:52:33.0671 0x0448 HTTPFilter - ok
07:52:33.0718 0x0448 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
07:52:33.0718 0x0448 i2omgmt - ok
07:52:33.0718 0x0498 Object required for P2P: [ D580A66587595A26EE6C6DD302D70BB7 ] AVGIDSAgent
07:52:33.0765 0x0448 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
07:52:33.0765 0x0448 i2omp - ok
07:52:33.0875 0x0448 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
07:52:33.0875 0x0448 i8042prt - ok
07:52:33.0984 0x0448 [ 9A883C3C4D91292C0D09DE7C728E781C, 34DD9E781C42FF55BF83F62DFE7B0F4FE3CAEF19B517245BA004C2C641493A98 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
07:52:34.0031 0x0448 ialm - ok
07:52:34.0140 0x0448 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:52:34.0171 0x0448 idsvc - ok
07:52:34.0203 0x0448 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
07:52:34.0218 0x0448 Imapi - ok
07:52:34.0250 0x0448 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
07:52:34.0265 0x0448 ImapiService - ok
07:52:34.0296 0x0448 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
07:52:34.0296 0x0448 ini910u - ok
07:52:34.0343 0x0448 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
07:52:34.0343 0x0448 IntelIde - ok
07:52:34.0390 0x0448 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
07:52:34.0390 0x0448 intelppm - ok
07:52:34.0421 0x0448 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
07:52:34.0421 0x0448 Ip6Fw - ok
07:52:34.0468 0x0448 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
07:52:34.0468 0x0448 IpFilterDriver - ok
07:52:34.0500 0x0448 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
07:52:34.0500 0x0448 IpInIp - ok
07:52:34.0531 0x0448 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
07:52:34.0546 0x0448 IpNat - ok
07:52:34.0562 0x0448 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
07:52:34.0578 0x0448 IPSec - ok
07:52:34.0609 0x0448 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
07:52:34.0609 0x0448 IRENUM - ok
07:52:34.0656 0x0448 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
07:52:34.0656 0x0448 isapnp - ok
07:52:34.0671 0x0448 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
07:52:34.0671 0x0448 Kbdclass - ok
07:52:34.0718 0x0448 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
07:52:34.0718 0x0448 kbdhid - ok
07:52:34.0750 0x0448 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
07:52:34.0750 0x0448 kmixer - ok
07:52:34.0781 0x0448 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
07:52:34.0796 0x0448 KSecDD - ok
07:52:34.0843 0x0448 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
07:52:34.0843 0x0448 lanmanserver - ok
07:52:34.0906 0x0448 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
07:52:34.0906 0x0448 lanmanworkstation - ok
07:52:34.0921 0x0448 lbrtfdc - ok
07:52:34.0968 0x0448 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
07:52:34.0968 0x0448 LmHosts - ok
07:52:35.0031 0x0448 [ E2C45D8E17B7599AD665146B1E19CA57, 7B3B6379E21130D5259691968B5B8D71E215F73F2775494A69D87CAA76D91297 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
07:52:35.0031 0x0448 mbamchameleon - ok
07:52:35.0062 0x0448 [ EEAEA6514BA7C9D273B5E87C4E1AAB30, 3B724C6A8867B1B7A45D832150E0CFAC1004D3B972A2A7BFDD2ADDDB2488BB1E ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
07:52:35.0062 0x0448 mdmxsdk - ok
07:52:35.0109 0x0448 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
07:52:35.0109 0x0448 Messenger - ok
07:52:35.0140 0x0448 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
07:52:35.0140 0x0448 mnmdd - ok
07:52:35.0171 0x0448 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
07:52:35.0171 0x0448 mnmsrvc - ok
07:52:35.0218 0x0448 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
07:52:35.0234 0x0448 Modem - ok
07:52:35.0265 0x0448 [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys
07:52:35.0281 0x0448 MODEMCSA - ok
07:52:35.0281 0x0448 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
07:52:35.0296 0x0448 Mouclass - ok
07:52:35.0328 0x0448 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
07:52:35.0328 0x0448 mouhid - ok
07:52:35.0359 0x0448 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
07:52:35.0359 0x0448 MountMgr - ok
07:52:35.0437 0x0448 [ C34AB4280614658903BE848CE79ACDB5, 9A943D9B3CF941DAE4EA4E2771B5EC5DA37AB16AD43095EF092B4259D62FF810 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:52:35.0437 0x0448 MozillaMaintenance - ok
07:52:35.0468 0x0448 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
07:52:35.0484 0x0448 mraid35x - ok
07:52:35.0515 0x0448 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
07:52:35.0515 0x0448 MRxDAV - ok
07:52:35.0593 0x0448 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
07:52:35.0593 0x0448 MRxSmb - ok
07:52:35.0625 0x0448 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
07:52:35.0625 0x0448 MSDTC - ok
07:52:35.0671 0x0448 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
07:52:35.0671 0x0448 Msfs - ok
07:52:35.0687 0x0448 MSIServer - ok
07:52:35.0718 0x0448 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
07:52:35.0718 0x0448 MSKSSRV - ok
07:52:35.0750 0x0448 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
07:52:35.0750 0x0448 MSPCLOCK - ok
07:52:35.0765 0x0448 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
07:52:35.0765 0x0448 MSPQM - ok
07:52:35.0796 0x0448 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
07:52:35.0812 0x0448 mssmbios - ok
07:52:35.0859 0x0448 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
07:52:35.0859 0x0448 Mup - ok
07:52:35.0921 0x0448 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
07:52:35.0921 0x0448 napagent - ok
07:52:35.0968 0x0448 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
07:52:35.0984 0x0448 NDIS - ok
07:52:36.0015 0x0448 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
07:52:36.0031 0x0448 NdisTapi - ok
07:52:36.0062 0x0448 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
07:52:36.0062 0x0448 Ndisuio - ok
07:52:36.0093 0x0448 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
07:52:36.0093 0x0448 NdisWan - ok
07:52:36.0140 0x0448 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
07:52:36.0140 0x0448 NDProxy - ok
07:52:36.0187 0x0448 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
07:52:36.0187 0x0448 NetBIOS - ok
07:52:36.0203 0x0448 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
07:52:36.0218 0x0448 NetBT - ok
07:52:36.0250 0x0448 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
07:52:36.0265 0x0448 NetDDE - ok
07:52:36.0281 0x0448 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
07:52:36.0296 0x0448 NetDDEdsdm - ok


That is the first half.
Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
Her is the second half

--->

07:52:36.0328 0x0448 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
07:52:36.0328 0x0448 Netlogon - ok
07:52:36.0359 0x0448 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
07:52:36.0375 0x0448 Netman - ok
07:52:36.0468 0x0448 [ 02D0798F376FCBD0210EDA58476D0B1B, 7658BFBF216FC92C27A60D7E6FF105E89AF2C125519174F27AC73D2E9F397E4C ] NetSvc C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
07:52:36.0484 0x0448 NetSvc - ok
07:52:36.0515 0x0448 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:52:36.0515 0x0448 NetTcpPortSharing - ok
07:52:36.0562 0x0448 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
07:52:36.0578 0x0448 Nla - ok
07:52:36.0593 0x0498 Object send P2P result: true
07:52:36.0625 0x0448 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
07:52:36.0640 0x0448 Npfs - ok
07:52:36.0671 0x0448 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
07:52:36.0703 0x0448 Ntfs - ok
07:52:36.0718 0x0448 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
07:52:36.0718 0x0448 NtLmSsp - ok
07:52:36.0781 0x0448 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
07:52:36.0796 0x0448 NtmsSvc - ok
07:52:36.0828 0x0448 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
07:52:36.0828 0x0448 Null - ok
07:52:36.0953 0x0448 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
07:52:37.0015 0x0448 nv - ok
07:52:37.0046 0x0448 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
07:52:37.0046 0x0448 NwlnkFlt - ok
07:52:37.0078 0x0448 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
07:52:37.0078 0x0448 NwlnkFwd - ok
07:52:37.0140 0x0448 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:52:37.0156 0x0448 ose - ok
07:52:37.0203 0x0448 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
07:52:37.0203 0x0448 Parport - ok
07:52:37.0218 0x0448 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
07:52:37.0218 0x0448 PartMgr - ok
07:52:37.0250 0x0448 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
07:52:37.0250 0x0448 ParVdm - ok
07:52:37.0265 0x0448 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
07:52:37.0265 0x0448 PCI - ok
07:52:37.0281 0x0448 PCIDump - ok
07:52:37.0312 0x0448 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
07:52:37.0328 0x0448 PCIIde - ok
07:52:37.0343 0x0448 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
07:52:37.0359 0x0448 Pcmcia - ok
07:52:37.0375 0x0448 PDCOMP - ok
07:52:37.0390 0x0448 PDFRAME - ok
07:52:37.0406 0x0448 PDRELI - ok
07:52:37.0421 0x0448 PDRFRAME - ok
07:52:37.0437 0x0448 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
07:52:37.0437 0x0448 perc2 - ok
07:52:37.0468 0x0448 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
07:52:37.0468 0x0448 perc2hib - ok
07:52:37.0531 0x0448 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
07:52:37.0531 0x0448 PlugPlay - ok
07:52:37.0578 0x0448 [ 364E30F27BE1E6DED83E81C4DE93E808, 4C66D8B0654E87306291249CC95876F930AC490C77365B0A7FBACD1D6376A514 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
07:52:37.0593 0x0448 Pml Driver HPZ12 - ok
07:52:37.0609 0x0448 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
07:52:37.0609 0x0448 PolicyAgent - ok
07:52:37.0656 0x0448 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
07:52:37.0671 0x0448 PptpMiniport - ok
07:52:37.0671 0x0448 Profos - ok
07:52:37.0687 0x0448 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
07:52:37.0703 0x0448 ProtectedStorage - ok
07:52:37.0718 0x0448 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
07:52:37.0718 0x0448 PSched - ok
07:52:37.0750 0x0448 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
07:52:37.0750 0x0448 Ptilink - ok
07:52:37.0796 0x0448 [ 49452BFCEC22F36A7A9B9C2181BC3042, C01A2005E9897B142FF9BC6155770F70C19725C425E48D14239195E81E2E42D0 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
07:52:37.0796 0x0448 PxHelp20 - ok
07:52:37.0812 0x0448 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
07:52:37.0812 0x0448 ql1080 - ok
07:52:37.0843 0x0448 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
07:52:37.0843 0x0448 Ql10wnt - ok
07:52:37.0875 0x0448 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
07:52:37.0875 0x0448 ql12160 - ok
07:52:37.0906 0x0448 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
07:52:37.0906 0x0448 ql1240 - ok
07:52:37.0937 0x0448 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
07:52:37.0937 0x0448 ql1280 - ok
07:52:37.0984 0x0448 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
07:52:37.0984 0x0448 RasAcd - ok
07:52:38.0015 0x0448 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
07:52:38.0031 0x0448 RasAuto - ok
07:52:38.0062 0x0448 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
07:52:38.0062 0x0448 Rasl2tp - ok
07:52:38.0109 0x0448 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
07:52:38.0125 0x0448 RasMan - ok
07:52:38.0171 0x0448 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
07:52:38.0171 0x0448 RasPppoe - ok
07:52:38.0187 0x0448 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
07:52:38.0187 0x0448 Raspti - ok
07:52:38.0218 0x0448 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
07:52:38.0234 0x0448 Rdbss - ok
07:52:38.0250 0x0448 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
07:52:38.0250 0x0448 RDPCDD - ok
07:52:38.0296 0x0448 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
07:52:38.0312 0x0448 rdpdr - ok
07:52:38.0343 0x0448 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
07:52:38.0359 0x0448 RDPWD - ok
07:52:38.0390 0x0448 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
07:52:38.0390 0x0448 RDSessMgr - ok
07:52:38.0421 0x0448 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
07:52:38.0437 0x0448 redbook - ok
07:52:38.0468 0x0448 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
07:52:38.0468 0x0448 RemoteAccess - ok
07:52:38.0515 0x0448 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
07:52:38.0531 0x0448 RpcLocator - ok
07:52:38.0562 0x0448 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
07:52:38.0578 0x0448 RpcSs - ok
07:52:38.0625 0x0448 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
07:52:38.0640 0x0448 RSVP - ok
07:52:38.0671 0x0448 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
07:52:38.0671 0x0448 SamSs - ok
07:52:38.0718 0x0448 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
07:52:38.0718 0x0448 SCardSvr - ok
07:52:38.0765 0x0448 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
07:52:38.0765 0x0448 Schedule - ok
07:52:38.0812 0x0448 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
07:52:38.0812 0x0448 Secdrv - ok
07:52:38.0859 0x0448 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
07:52:38.0859 0x0448 seclogon - ok
07:52:38.0937 0x0448 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
07:52:38.0968 0x0448 senfilt - ok
07:52:39.0015 0x0448 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
07:52:39.0015 0x0448 SENS - ok
07:52:39.0078 0x0448 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
07:52:39.0078 0x0448 serenum - ok
07:52:39.0093 0x0448 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
07:52:39.0093 0x0448 Serial - ok
07:52:39.0156 0x0448 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
07:52:39.0156 0x0448 Sfloppy - ok
07:52:39.0203 0x0448 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
07:52:39.0218 0x0448 SharedAccess - ok
07:52:39.0250 0x0448 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
07:52:39.0265 0x0448 ShellHWDetection - ok
07:52:39.0281 0x0448 Simbad - ok
07:52:39.0312 0x0448 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
07:52:39.0312 0x0448 sisagp - ok
07:52:39.0375 0x0448 [ 0066FF77AEB4AE70066F7E94D5A6D866, 5067FC7F71FD3D1AFF4173D6379EF85DCB2B6B5588897430F3B440F3BB85D967 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
07:52:39.0390 0x0448 smwdm - ok
07:52:39.0421 0x0448 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
07:52:39.0421 0x0448 Sparrow - ok
07:52:39.0453 0x0448 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
07:52:39.0453 0x0448 splitter - ok
07:52:39.0500 0x0448 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
07:52:39.0515 0x0448 Spooler - ok
07:52:39.0546 0x0448 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
07:52:39.0562 0x0448 sr - ok
07:52:39.0609 0x0448 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
07:52:39.0609 0x0448 srservice - ok
07:52:39.0671 0x0448 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
07:52:39.0687 0x0448 Srv - ok
07:52:39.0718 0x0448 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
07:52:39.0718 0x0448 SSDPSRV - ok
07:52:39.0781 0x0448 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
07:52:39.0781 0x0448 stisvc - ok
07:52:39.0828 0x0448 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
07:52:39.0828 0x0448 swenum - ok
07:52:39.0859 0x0448 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
07:52:39.0859 0x0448 swmidi - ok
07:52:39.0875 0x0448 SwPrv - ok
07:52:39.0906 0x0448 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
07:52:39.0906 0x0448 symc810 - ok
07:52:39.0921 0x0448 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
07:52:39.0921 0x0448 symc8xx - ok
07:52:39.0953 0x0448 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
07:52:39.0953 0x0448 sym_hi - ok
07:52:39.0984 0x0448 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
07:52:39.0984 0x0448 sym_u3 - ok
07:52:40.0015 0x0448 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
07:52:40.0015 0x0448 sysaudio - ok
07:52:40.0062 0x0448 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
07:52:40.0062 0x0448 SysmonLog - ok
07:52:40.0093 0x0448 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
07:52:40.0109 0x0448 TapiSrv - ok
07:52:40.0171 0x0448 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
07:52:40.0171 0x0448 Tcpip - ok
07:52:40.0218 0x0448 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
07:52:40.0218 0x0448 TDPIPE - ok
07:52:40.0250 0x0448 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
07:52:40.0250 0x0448 TDTCP - ok
07:52:40.0281 0x0448 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
07:52:40.0296 0x0448 TermDD - ok
07:52:40.0343 0x0448 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
07:52:40.0359 0x0448 TermService - ok
07:52:40.0390 0x0448 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
07:52:40.0390 0x0448 Themes - ok
07:52:40.0421 0x0448 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
07:52:40.0421 0x0448 TosIde - ok
07:52:40.0484 0x0448 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
07:52:40.0484 0x0448 TrkWks - ok
07:52:40.0500 0x0448 Trufos - ok
07:52:40.0531 0x0448 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
07:52:40.0531 0x0448 Udfs - ok
07:52:40.0562 0x0448 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
07:52:40.0562 0x0448 ultra - ok
07:52:40.0625 0x0448 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
07:52:40.0640 0x0448 Update - ok
07:52:40.0687 0x0448 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
07:52:40.0687 0x0448 upnphost - ok
07:52:40.0718 0x0448 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
07:52:40.0718 0x0448 UPS - ok
07:52:40.0750 0x0448 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
07:52:40.0750 0x0448 usbccgp - ok
07:52:40.0781 0x0448 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
07:52:40.0781 0x0448 usbehci - ok
07:52:40.0828 0x0448 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
07:52:40.0828 0x0448 usbhub - ok
07:52:40.0859 0x0448 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
07:52:40.0859 0x0448 usbprint - ok
07:52:40.0906 0x0448 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
07:52:40.0906 0x0448 usbscan - ok
07:52:40.0921 0x0448 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
07:52:40.0937 0x0448 USBSTOR - ok
07:52:40.0953 0x0448 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
07:52:40.0953 0x0448 usbuhci - ok
07:52:41.0000 0x0448 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
07:52:41.0000 0x0448 VgaSave - ok
07:52:41.0031 0x0448 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
07:52:41.0046 0x0448 viaagp - ok
07:52:41.0062 0x0448 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
07:52:41.0062 0x0448 ViaIde - ok
07:52:41.0109 0x0448 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
07:52:41.0109 0x0448 VolSnap - ok
07:52:41.0171 0x0448 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
07:52:41.0171 0x0448 VSS - ok
07:52:41.0234 0x0448 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
07:52:41.0234 0x0448 w32time - ok
07:52:41.0265 0x0448 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
07:52:41.0265 0x0448 Wanarp - ok
07:52:41.0312 0x0448 [ 0A716C08CB13C3A8F4F51E882DBF7416, 66FFDC9151CB3676B5DF073431DE055E7F2CDA5722F7EAAC6EC45F2CF9910882 ] wanatw C:\WINDOWS\system32\DRIVERS\wanatw4.sys
07:52:41.0312 0x0448 wanatw - ok
07:52:41.0328 0x0448 WDICA - ok
07:52:41.0375 0x0448 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
07:52:41.0375 0x0448 wdmaud - ok
07:52:41.0421 0x0448 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
07:52:41.0421 0x0448 WebClient - ok
07:52:41.0468 0x0448 [ F59ED5A43B988A18EF582BB07B2327A7, E870821C9C4E31D3B05049FBA5D81358F9C30E6A67F600D4EA3A5736CA344028 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
07:52:41.0500 0x0448 winachsf - ok
07:52:41.0609 0x0448 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
07:52:41.0609 0x0448 winmgmt - ok
07:52:41.0687 0x0448 [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM C:\WINDOWS\system32\WsmSvc.dll
07:52:41.0734 0x0448 WinRM - ok
07:52:41.0812 0x0448 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
07:52:41.0812 0x0448 WmdmPmSN - ok
07:52:41.0875 0x0448 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
07:52:41.0875 0x0448 WmiApSrv - ok
07:52:41.0968 0x0448 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
07:52:42.0015 0x0448 WMPNetworkSvc - ok
07:52:42.0093 0x0448 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:52:42.0125 0x0448 WPFFontCache_v0400 - ok
07:52:42.0156 0x0448 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
07:52:42.0156 0x0448 WS2IFSL - ok
07:52:42.0203 0x0448 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
07:52:42.0203 0x0448 wscsvc - ok
07:52:42.0218 0x0448 WSearch - ok
07:52:42.0250 0x0448 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
07:52:42.0250 0x0448 wuauserv - ok
07:52:42.0296 0x0448 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
07:52:42.0296 0x0448 WudfPf - ok
07:52:42.0312 0x0448 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
07:52:42.0312 0x0448 WudfRd - ok
07:52:42.0343 0x0448 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
07:52:42.0343 0x0448 WudfSvc - ok
07:52:42.0406 0x0448 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
07:52:42.0421 0x0448 WZCSVC - ok
07:52:42.0468 0x0448 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
07:52:42.0484 0x0448 xmlprov - ok
07:52:42.0500 0x0448 ================ Scan global ===============================
07:52:42.0546 0x0448 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
07:52:42.0593 0x0448 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
07:52:42.0640 0x0448 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
07:52:42.0671 0x0448 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
07:52:42.0671 0x0448 [ Global ] - ok
07:52:42.0671 0x0448 ================ Scan MBR ==================================
07:52:42.0703 0x0448 [ 5CB90281D1A59B251F6603134774EEC3 ] \Device\Harddisk0\DR0
07:52:42.0937 0x0448 \Device\Harddisk0\DR0 - ok
07:52:42.0937 0x0448 ================ Scan VBR ==================================
07:52:42.0937 0x0448 [ 28F3B8167AB8A1E39B6D0439A28D2719 ] \Device\Harddisk0\DR0\Partition1
07:52:42.0953 0x0448 \Device\Harddisk0\DR0\Partition1 - ok
07:52:42.0953 0x0448 ================ Scan generic autorun ======================
07:52:43.0046 0x0448 [ 10247C15D999CC116C87DA36BD0AD64D, C2F0EE62505690DD7A11E08B555C522843B9A0902E05A6A75EB6FFFF3654606A ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
07:52:43.0093 0x0448 SoundMAXPnP - ok
07:52:43.0140 0x0448 [ B3E3C57FD22E71CE20389372D972C6DC, 846996C47292E8AFA553C4792F2C3DC4ABBB2396E4EB71499408DAE1C72F682A ] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
07:52:43.0140 0x0448 DVDLauncher - ok
07:52:43.0187 0x0448 [ C341CCFBE98BC7DF6E0B856BB9FC265A, 7EA0A5407591EC8D97A9658DBEB7CB57550E143C526C3502E73F12FEF46F778C ] C:\Program Files\QuickTime\qttask.exe
07:52:43.0187 0x0448 QuickTime Task - ok
07:52:43.0250 0x0448 [ 9E109B03018763FDCB075CE74547BE22, 7321873E646F24B63B7C88B6BC9F4BE5D4DAB60284A9C2E9F0EB895A9E90231B ] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
07:52:43.0265 0x0448 ISUSPM Startup - ok
07:52:43.0296 0x0448 [ 583B7D111304BE63D7D9CB65482D2187, BD9618C9EFED73BC0EB1029502FE0AE0AECD8B0ABA506797C78327E71FF0FC0F ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
07:52:43.0296 0x0448 ISUSScheduler - ok
07:52:43.0359 0x0448 [ 526874EFE8D1F0EC1B7BBB87D5C433E6, 1F4EA90C74EAEABA632F3528884D670AAA1D58F0B14F5A30C7D5BDCE4E76422C ] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
07:52:43.0359 0x0448 DMXLauncher - ok
07:52:43.0390 0x0448 [ 3F2C8DD08549BB3419CDA372F5999FFA, D2AF3C3BD950A027094034B40C6F81BE966A557F9BD403D3D10E3D0D31CF8A76 ] C:\WINDOWS\system32\igfxtray.exe
07:52:43.0406 0x0448 igfxtray - ok
07:52:43.0421 0x0448 [ 01018F75F3F18CE629FAC9689954A2AE, F10802A5DEE4527B34939A5FF77B6B3184F7A2FF2963DE6C872C85C25233C7CF ] C:\WINDOWS\system32\hkcmd.exe
07:52:43.0421 0x0448 igfxhkcmd - ok
07:52:43.0453 0x0448 [ 996ABAC2332DE28F3B6A179C6DA20205, D9E7D690400FA5816555A1030BB39CC9DC3C5EF195A44085B072BEF5EDA7A67A ] C:\WINDOWS\system32\igfxpers.exe
07:52:43.0453 0x0448 igfxpers - ok
07:52:43.0531 0x0448 [ 01CA06B4A25EE7832D8959667D4FD42D, C6F288677575085C623F70020B1908AD164A05698DCFA724E8C143791483CE1C ] C:\Program Files\Common Files\AOL\1150313312\ee\AOLSoftware.exe
07:52:43.0531 0x0448 HostManager - ok
07:52:43.0625 0x0448 [ 1AC2C58B587C70DE64582AD41EE79FBA, 6CCA4B7A839E75AB7C5C8ACD20DF66A9570FD9EEDC5F24C537D1C269E22E22B8 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
07:52:43.0625 0x0448 TkBellExe - ok
07:52:43.0687 0x0448 [ B361E86404522CEFFEBFB9D24ED4E7B5, D2FBE9D04059EB7497773D4D333D86B9543ECAC05348A1A0B7D01ECC571F1FC1 ] C:\Program Files\Mouse Driver\MouseDrv.exe
07:52:43.0703 0x0448 CreativeMouse - ok
07:52:43.0796 0x0448 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
07:52:43.0828 0x0448 Adobe ARM - ok
07:52:43.0921 0x0448 [ 2D9CE5DDE52CEEA539E0DD20735A0797, 258D81DE33DD37FC044E56D50BB8DD338AB9534A736C9A41640B038C65DE213D ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
07:52:43.0921 0x0448 HPDJ Taskbar Utility - ok
07:52:43.0953 0x0448 KernelFaultCheck - ok
07:52:44.0000 0x0448 [ FCEC6F664FA7E5FE323165FBC9314470, 4E5AB1E6C3D2881D95E74F2F28649A7DBC4919CA249829A0E4CD9804E401A025 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
07:52:44.0031 0x0448 SunJavaUpdateSched - ok
07:52:44.0171 0x0448 [ 69E6AA230410AF75DE5C81B77C63BBDF, 56D6B2823695EA116FBEB3F3F49FC1023359528BF6377069D7E320EC28AE6561 ] C:\Program Files\AVG\Framework\Common\avguix.exe
07:52:44.0203 0x0448 AvgUi - ok
07:52:44.0484 0x0448 [ 2C2B353AF7F1EFC451988E14E2380B48, 5F4B98C1CFFFF8E334B48080E2A25C69F69CC3FBFA5F339E9C359BE1EEFD6CB5 ] C:\Program Files\AVG\Av\avgui.exe
07:52:44.0593 0x0448 AVG_UI - ok
07:52:44.0671 0x0448 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
07:52:44.0671 0x0448 ctfmon.exe - ok
07:52:44.0984 0x0448 [ 2E4EE47FBD9BB663A5220DBC38579986, 264A48ADA13FEC6F49F34C3118ABFFEEB569B631E9EE35168FE19DE78AF9C7C8 ] C:\Program Files\CCleaner\CCleaner.exe
07:52:45.0125 0x0448 CCleaner Monitoring - ok
07:52:45.0187 0x0448 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
07:52:45.0187 0x0448 ctfmon.exe - ok
07:52:45.0187 0x0448 Waiting for KSN requests completion. In queue: 251
07:52:46.0187 0x0448 Waiting for KSN requests completion. In queue: 251
07:52:47.0187 0x0448 Waiting for KSN requests completion. In queue: 251
07:52:47.0718 0x0b90 Object required for P2P: [ 2C2B353AF7F1EFC451988E14E2380B48 ] C:\Program Files\AVG\Av\avgui.exe
07:52:48.0187 0x0448 Waiting for KSN requests completion. In queue: 4
07:52:49.0187 0x0448 Waiting for KSN requests completion. In queue: 4
07:52:50.0187 0x0448 Waiting for KSN requests completion. In queue: 4
07:52:50.0453 0x0b90 Object send P2P result: true
07:52:51.0234 0x0448 AV detected via SS1: Defender Pro Antivirus, 12.0, disabled, updated
07:52:51.0234 0x0448 AV detected via SS1: AVG AntiVirus Free Edition, 2016.0, enabled, updated
07:52:51.0234 0x0448 FW detected via SS1: AVG Internet Security 2015, 2015.0, disabled
07:52:51.0234 0x0448 FW detected via SS1: Defender Pro Firewall, 12.0, enabled
07:52:53.0703 0x0448 ============================================================
07:52:53.0703 0x0448 Scan finished
07:52:53.0703 0x0448 ============================================================
07:52:53.0718 0x0468 Detected object count: 0
07:52:53.0718 0x0468 Actual detected object count: 0
07:53:18.0890 0x0fb4 Deinitialize success


Thanks, Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
I don't know what "MCU" stands for, so I can not answer that.

You can find out by going to Start, All Programs and see if you can start MCU from there. If you didn't install it or want it you should uninstall it.
It keeps telling me that the post is to large to post, when I try to post the results of the "Kdsskiller"

Any large logs may have to be split into two or more posts.
Please let me know if there is any change?

descriptionRe: ActivityMonitoring malware?

more_horiz
I went to Start, All Programs, I looked through everything, and I don't see anything MCU, or anything with the initials MCU.

My pc seems to be running good again. Thank you!!!

I will go and try to reinstall the AVG, and see if I can get the whole thing this time. I will let you know how it goes.

Thanks again! Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
Since doing all this work on my PC, I have lost the volume to my speakers. I have checked everything I can think of, but no luck. I also don't have the speaker icon on my task bar anymore. When I turn on my speakers, they make the normal pop sound when I turn them on, but nothing else.

Any idea's how to get them back?

Thanks, Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
Go into Device Manager and see if there are any yellow warnings anywhere. Did you check all your connections.

descriptionRe: ActivityMonitoring malware?

more_horiz
Sorry, I have been busy with my wife in and out of the hospital.
I went into the sounds and audio devices, in the control panel. I do not see any yellow warnings any where.

I have removed my desk top speakers, and replaced them with another set, and still no sounds. I have been trying to watch some you tube video's to repair something, but I get no sound.

I keep getting the same 28 virus's every time I run my AVG. My pc is slow to open a site, and I get "Not responding" all the time again. It's constant stop, and go when on any internet site.

Thanks, Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
You need to get into the Device Manager to see if there is anything not correct on your computer. Right-click on My Computer, select Manage and click on Device Manager.
What browser are you using?
Please download, install and run a scan with MSE (below) to see if it finds anything.


MicroSoft Security Essentials All versions and all languages.

descriptionRe: ActivityMonitoring malware?

more_horiz
I found the "Device Manager" you wanted me to check. I see no yellow warnings any where in there.

I am running XP Home, it won't down load any of the "MSE" on to XP.

Thanks, Pat

descriptionRe: ActivityMonitoring malware?

more_horiz
Ok, Please try this one.

Avira AntiVir Personal
Permissions in this forum:
You cannot reply to topics in this forum