Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow Computer with misc problems and 100% CPU


  • Please log in to reply
27 replies to this topic

#1 Frazzled1

Frazzled1

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 13 August 2012 - 10:19 PM

First off, thank you in advance. This machine will, I am sure, be a challenge. It is an old Emachine T-1600. It is running XP SP3, windows firewall, and currently no antivirus.
It had had one, but at some point started to bog down using 100% CPU. I tried to remedy this by uninstalling and trying various antivirus programs to find one that was better on recources than MSE which is my current preferred AV solution. I figure that they if anyone, should be able to make a program run in their operating system. Now when I try to reinstall MSE, it says I have other AV programs on my computer. I am thinking that there may be some type of conflict here causing the slow down, even though they were all uninstalled before I installed the next one. The biggest problem is that no matter what task I try to do, I end up getting 100% CPU usage and things slow to a crawl. I installed process lasso to try and help this along but all it does is keep the computer from locking up as opposed to speeding things up.
I have run many different virus scans, such as SAS, MBAM, Trend Micro Housecall etc. I am currently running Hitman Pro, and so far see that there might be several positives that are in some portable downloaded diagnostic programs I have, but none currently active in the running processes list.
And before this severe slowdown occured, the computer was hard to shut down. It would take a very long time, (5-10 minutes) and sometimes would display an error message about one program or another not responding.
I would appreciate any and all help I could receive, as I do not know the whereabouts of the restore disk that came with the computer, and I am sure that there are many special driver downloads that would be required to get it back up and running.... Hmmm, if I remember correctly, this problem seemed to exacerbate when an Epson workforce printer was hooked up...

Edited by hamluis, 01 September 2012 - 08:17 AM.
Merged topics - Hamluis.


BC AdBot (Login to Remove)

 


#2 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 01 September 2012 - 06:21 AM

I am running WinXP SP3 and somewhere along the way,(after malware removal) my system sounds have disappeared. The startup, shutdown, flash drive plugged in etc. The sound card works because I can listen to CD's or you tube etc. but no system sounds. Does anyone have an idea on how to repair this?
Thank you.

Edited by hamluis, 01 September 2012 - 08:16 AM.
Merged topics - Hamluis.


#3 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 01 September 2012 - 06:33 AM

Something is slowing down my computer to an unuseable state. Everything (various windows components)seems to be working fine, it just becomes unresponsive whenever I try to do anything. I have tried many things and this has been an ongoing problem so I will need some directed guidance to try and solve this problem.
The computer in question is an E-Machines T-1600 running WinXP SP3, It has 1.5Gig ram and connects to the internet via hard wired network cable.
This slowdown I felt was related to when AOL was installed on the machine along with it's bundled AV program. I removed both albeit with much effort, and installed MSE for my AV program and now use Internet explorer 7 for my browser. WHenever I do most anything on the computer, MsMpEng.exe and iexplore.exe are the two main cpu hogging culprits usually taking 94-98%. I have tried safe mode with not much difference. Oh, there have been in the past several (resolved) malware infections on the machine as well. I appreciate your expertise in this matter.

Edited by hamluis, 01 September 2012 - 08:13 AM.
Merged topics - Hamluis.


#4 hamluis

hamluis

    Moderator


  • Moderator
  • 56,571 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:09:07 AM

Posted 01 September 2012 - 08:12 AM

Just curious...what makes you talk about malware problems...as if they are all in the past?

How did you determine that you should believe that you don't have a malware problem now, especially since that seems to have possibly been the origin of problems over an extended period of time?

Louis

#5 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 01 September 2012 - 11:00 AM

Just curious...what makes you talk about malware problems...as if they are all in the past?

How did you determine that you should believe that you don't have a malware problem now, especially since that seems to have possibly been the origin of problems over an extended period of time?

Louis


Well, I had found a few files with malwarebytes which I run regularly.(I am not the primary user of this machine) I just assumed that if it found and removed them everything should be good now. BTW I posted two posts because they are two separate machines I am trying to straighten out.. I don't know what you mean by merged files, but I had a heck of a time finding this one to reply back to you as the link in my email notification gave me an error message.
Thanks,
Jerry

#6 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:07 PM

Posted 02 September 2012 - 08:29 AM

Hello,

I will be helping you with your problems. Please be patient while I assist you.

Some points for you to keep in mind while I am helping you to make things go easier and faster for both of us

  • Please do NOT run, install or uninstall any programs, unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.

NOTE: At the top of your post, click on the Watch Topic Button, select Immediate Notification, and click on Proceed. This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.

----------------------------------------------

NOTE: I will be helping you with the following computer only:

It is an old Emachine T-1600. It is running XP SP3, windows firewall, and currently no antivirus.


:step1:

Please also tell us, the details of the other computer (not the Emachine T-1600 I am helping you with), you mention in your previous posts above?

----------------

The next steps are to be done for the Emachine T-1600 only.
Please do the following:

:step2:

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe on your desktop to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click on change parameters
  • Under Objects to scan, check the box next to Loaded modules
  • If you are asked to reboot, then click Yes.

Next

  • Check the boxes next to Loaded modules, Verify file digital signatures, Detect TDLFS file system, then click OK.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do NOT choose Delete or Quarantine unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the full contents of that file in your next reply.

:step3:

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the full contents of that document.


:step4:

Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press Scan.
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the full contents of the log in your next reply.


:step5:

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices (Only Problems)
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore points
NOTE: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the full contents of the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#7 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 02 September 2012 - 11:24 PM

Hello Dev00790 and thank you for your help. I had almost thought you guys/gals had forgotten about me even though I am aware of the high caseload of malware problems you are trying to resolve for others. In the meantime I was busy doing a thorough cleaning of old programs and failed installations as well as reinstalling several versions of .net framework that were deemed bad by net verifier program. Most importantly, while removing some old antivirus stuff from the registry, I am now finally sucessfully able to install Microsoft Security Essentials. Still however I get 100%cpu while browsing or running other programs. I notice the resource hog usually seems to be MsMpEng.exe.
To keep this as short as possible, I will not requote you. Instead I will address each item by number as you originally laid them out, giving a brief comment before posting the required log files.

1. My other machine in question is a dell dimension 3300 running XPSP3 as well. I do not have any system sounds, beeps, startup, shutdown, hardware dings etc. All other sounds work fine as does the machine. I can watch youtube and adjust the volume as needed as well as listening to music tracks etc.

This machine.... E-Machine T1600

2.TDSSKiller in normal mode nothing was found
in extended mode, 4 files were found but no cure option was given so I skipped them per your instructions.

22:32:07.0031 0400 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
22:32:07.0703 0400 ============================================================
22:32:07.0718 0400 Current date / time: 2012/09/02 22:32:07.0703
22:32:07.0718 0400 SystemInfo:
22:32:07.0718 0400
22:32:07.0718 0400 OS Version: 5.1.2600 ServicePack: 3.0
22:32:07.0718 0400 Product type: Workstation
22:32:07.0718 0400 ComputerName: T1600
22:32:07.0718 0400 UserName: Judy
22:32:07.0718 0400 Windows directory: C:\WINDOWS
22:32:07.0750 0400 System windows directory: C:\WINDOWS
22:32:07.0750 0400 Processor architecture: Intel x86
22:32:07.0750 0400 Number of processors: 1
22:32:07.0750 0400 Page size: 0x1000
22:32:07.0750 0400 Boot type: Normal boot
22:32:07.0750 0400 ============================================================
22:32:11.0343 0400 BG loaded
22:32:12.0265 0400 Drive \Device\Harddisk0\DR0 - Size: 0x9516AE000 (37.27 Gb), SectorSize: 0x200, Cylinders: 0x1301, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:32:12.0359 0400 ============================================================
22:32:12.0359 0400 \Device\Harddisk0\DR0:
22:32:12.0359 0400 MBR partitions:
22:32:12.0359 0400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x4A89182
22:32:12.0359 0400 ============================================================
22:32:12.0406 0400 C: <-> \Device\Harddisk0\DR0\Partition1
22:32:12.0406 0400 ============================================================
22:32:12.0406 0400 Initialize success
22:32:12.0406 0400 ============================================================
22:34:58.0250 2036 ============================================================
22:34:58.0250 2036 Scan started
22:34:58.0250 2036 Mode: Manual; SigCheck; TDLFS;
22:34:58.0250 2036 ============================================================
22:34:59.0468 2036 ================ Scan system memory ========================
22:35:07.0687 2036 System memory - ok
22:35:07.0703 2036 ================ Scan services =============================
22:35:08.0531 2036 Abiosdsk - ok
22:35:08.0578 2036 abp480n5 - ok
22:35:08.0781 2036 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:35:13.0953 2036 ACPI - ok
22:35:14.0046 2036 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
22:35:14.0671 2036 ACPIEC - ok
22:35:14.0734 2036 adpu160m - ok
22:35:14.0843 2036 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
22:35:15.0687 2036 aec - ok
22:35:15.0734 2036 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
22:35:16.0015 2036 AFD - ok
22:35:16.0093 2036 [ 0EBB674888CBDEFD5773341C16DD6A07 ] AFS2K C:\WINDOWS\system32\drivers\AFS2K.sys
22:35:16.0281 2036 AFS2K - ok
22:35:16.0328 2036 Aha154x - ok
22:35:16.0375 2036 aic78u2 - ok
22:35:16.0437 2036 aic78xx - ok
22:35:16.0859 2036 [ 26FDC8C283F4714B5F999D90B00A80A0 ] ALCXWDM C:\WINDOWS\system32\drivers\ALCXWDM.SYS
22:35:17.0031 2036 ALCXWDM - ok
22:35:17.0140 2036 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
22:35:17.0843 2036 Alerter - ok
22:35:17.0937 2036 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
22:35:18.0437 2036 ALG - ok
22:35:18.0468 2036 AliIde - ok
22:35:18.0562 2036 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] AmdK7 C:\WINDOWS\system32\DRIVERS\amdk7.sys
22:35:18.0921 2036 AmdK7 - ok
22:35:18.0937 2036 amsint - ok
22:35:19.0031 2036 asc - ok
22:35:19.0062 2036 asc3350p - ok
22:35:19.0109 2036 asc3550 - ok
22:35:19.0218 2036 [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
22:35:19.0296 2036 ASCTRM ( UnsignedFile.Multi.Generic ) - warning
22:35:19.0296 2036 ASCTRM - detected UnsignedFile.Multi.Generic (1)
22:35:19.0734 2036 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:35:19.0953 2036 aspnet_state - ok
22:35:20.0046 2036 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:35:20.0515 2036 AsyncMac - ok
22:35:20.0625 2036 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
22:35:21.0031 2036 atapi - ok
22:35:21.0078 2036 Atdisk - ok
22:35:21.0187 2036 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:35:21.0656 2036 Atmarpc - ok
22:35:21.0843 2036 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
22:35:22.0265 2036 AudioSrv - ok
22:35:22.0343 2036 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
22:35:22.0906 2036 audstub - ok
22:35:22.0984 2036 [ 565193073892B2C12D22C22A0F77400D ] basic2 C:\WINDOWS\system32\DRIVERS\basic2.sys
22:35:23.0234 2036 basic2 - ok
22:35:23.0359 2036 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:35:24.0250 2036 Beep - ok
22:35:24.0359 2036 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
22:35:25.0156 2036 BITS - ok
22:35:25.0203 2036 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
22:35:25.0468 2036 Browser - ok
22:35:25.0531 2036 catchme - ok
22:35:25.0625 2036 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
22:35:26.0359 2036 cbidf2k - ok
22:35:26.0390 2036 cd20xrnt - ok
22:35:26.0468 2036 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
22:35:27.0109 2036 Cdaudio - ok
22:35:27.0156 2036 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
22:35:27.0828 2036 Cdfs - ok
22:35:27.0890 2036 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:35:28.0734 2036 Cdrom - ok
22:35:28.0765 2036 Changer - ok
22:35:28.0859 2036 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] cisvc C:\WINDOWS\system32\cisvc.exe
22:35:29.0625 2036 cisvc - ok
22:35:29.0765 2036 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
22:35:30.0562 2036 ClipSrv - ok
22:35:30.0640 2036 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:35:30.0968 2036 clr_optimization_v2.0.50727_32 - ok
22:35:31.0000 2036 CmdIde - ok
22:35:31.0078 2036 [ 152DF881731439107A889FBE1DF5AF6A ] Cnxtdiag C:\WINDOWS\system32\DRIVERS\cnxtdiag.sys
22:35:31.0328 2036 Cnxtdiag - ok
22:35:31.0375 2036 COMSysApp - ok
22:35:31.0453 2036 Cpqarray - ok
22:35:31.0500 2036 cpuz128 - ok
22:35:31.0656 2036 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
22:35:32.0671 2036 CryptSvc - ok
22:35:32.0703 2036 dac2w2k - ok
22:35:32.0781 2036 dac960nt - ok
22:35:32.0906 2036 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:35:33.0234 2036 DcomLaunch - ok
22:35:33.0328 2036 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
22:35:34.0031 2036 Dhcp - ok
22:35:34.0109 2036 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
22:35:34.0906 2036 Disk - ok
22:35:34.0968 2036 [ B1D85EA325C796374BDB4CF59F07BBFD ] DisplayLinkmirror C:\WINDOWS\system32\DRIVERS\DisplayLinkmirrorport.sys
22:35:35.0093 2036 DisplayLinkmirror - ok
22:35:35.0359 2036 [ B3DB43D8A8E4A574BE1E3F66E5434353 ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkService.exe
22:35:36.0640 2036 DisplayLinkService - ok
22:35:36.0687 2036 dmadmin - ok
22:35:36.0796 2036 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
22:35:37.0921 2036 dmboot - ok
22:35:38.0015 2036 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
22:35:38.0734 2036 dmio - ok
22:35:38.0796 2036 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
22:35:39.0515 2036 dmload - ok
22:35:39.0609 2036 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
22:35:40.0531 2036 dmserver - ok
22:35:40.0625 2036 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
22:35:41.0312 2036 DMusic - ok
22:35:41.0375 2036 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:35:42.0140 2036 Dnscache - ok
22:35:42.0312 2036 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
22:35:43.0046 2036 Dot3svc - ok
22:35:43.0062 2036 dpti2o - ok
22:35:43.0218 2036 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:35:43.0921 2036 drmkaud - ok
22:35:43.0984 2036 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:35:44.0843 2036 EapHost - ok
22:35:45.0031 2036 [ 577DC4BEE3F8E54DCCDB9AD02ADC9A33 ] eBoost C:\WINDOWS\system32\drivers\eBoost.sys
22:35:46.0171 2036 eBoost - ok
22:35:46.0375 2036 [ 5F11E9C49B9C94213F67F6E7AA191DEE ] EBOOSTRSVC C:\Program Files\eBoostr\EBstrSvc.exe
22:35:46.0656 2036 EBOOSTRSVC - ok
22:35:46.0718 2036 [ CE37E3D51912E59C80C6D84337C0B4CD ] ElbyCDFL C:\WINDOWS\system32\Drivers\ElbyCDFL.sys
22:35:47.0046 2036 ElbyCDFL - ok
22:35:47.0140 2036 [ AAA8999A169E39FB8B48AE49CD6AC30A ] ElbyCDIO C:\WINDOWS\system32\Drivers\ElbyCDIO.sys
22:35:47.0281 2036 ElbyCDIO - ok
22:35:47.0343 2036 [ 4FC527253A40486E39046E2B7B75A8CA ] EntDrv51 C:\WINDOWS\system32\drivers\EntDrv51.sys
22:35:47.0562 2036 EntDrv51 ( UnsignedFile.Multi.Generic ) - warning
22:35:47.0562 2036 EntDrv51 - detected UnsignedFile.Multi.Generic (1)
22:35:47.0640 2036 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
22:35:48.0406 2036 ERSvc - ok
22:35:48.0562 2036 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
22:35:48.0781 2036 Eventlog - ok
22:35:48.0921 2036 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\System32\es.dll
22:35:49.0156 2036 EventSystem - ok
22:35:49.0250 2036 [ D0ABA5CE65AB5F1DD898F1EF3696A81F ] Fallback C:\WINDOWS\system32\DRIVERS\fallback.sys
22:35:49.0500 2036 Fallback - ok
22:35:49.0609 2036 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
22:35:50.0437 2036 Fastfat - ok
22:35:50.0500 2036 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:35:50.0937 2036 FastUserSwitchingCompatibility - ok
22:35:51.0000 2036 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
22:35:51.0734 2036 Fdc - ok
22:35:51.0796 2036 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
22:35:52.0687 2036 Fips - ok
22:35:52.0750 2036 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:35:53.0531 2036 Flpydisk - ok
22:35:53.0734 2036 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:35:54.0531 2036 FltMgr - ok
22:35:54.0640 2036 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:35:54.0828 2036 FontCache3.0.0.0 - ok
22:35:54.0921 2036 [ A057E6686C22D2101CC650208096F153 ] Fsks C:\WINDOWS\system32\DRIVERS\fsksnt.sys
22:35:55.0093 2036 Fsks - ok
22:35:55.0156 2036 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:35:55.0953 2036 Fs_Rec - ok
22:35:56.0093 2036 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:35:56.0984 2036 Ftdisk - ok
22:35:57.0062 2036 [ 065639773D8B03F33577F6CDAEA21063 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
22:35:57.0828 2036 gameenum - ok
22:35:57.0906 2036 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:35:58.0671 2036 Gpc - ok
22:35:58.0875 2036 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:35:59.0671 2036 HidUsb - ok
22:35:59.0765 2036 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
22:36:00.0562 2036 hkmsvc - ok
22:36:00.0593 2036 hpn - ok
22:36:00.0656 2036 hpt3xx - ok
22:36:00.0812 2036 [ 74E379857D4C0DFB56DE2D19B8F4C434 ] hsf_msft C:\WINDOWS\system32\DRIVERS\HSF_MSFT.sys
22:36:01.0703 2036 hsf_msft - ok
22:36:02.0000 2036 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
22:36:02.0343 2036 HTTP - ok
22:36:02.0406 2036 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
22:36:03.0203 2036 HTTPFilter - ok
22:36:03.0218 2036 i2omgmt - ok
22:36:03.0328 2036 i2omp - ok
22:36:03.0421 2036 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:36:04.0125 2036 i8042prt - ok
22:36:04.0453 2036 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:36:04.0906 2036 idsvc - ok
22:36:04.0968 2036 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\drivers\Imapi.sys
22:36:05.0781 2036 Imapi - ok
22:36:06.0000 2036 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
22:36:07.0000 2036 ImapiService - ok
22:36:07.0093 2036 ini910u - ok
22:36:07.0156 2036 IntelIde - ok
22:36:07.0265 2036 [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
22:36:08.0046 2036 ip6fw - ok
22:36:08.0093 2036 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:36:08.0875 2036 IpFilterDriver - ok
22:36:08.0906 2036 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:36:09.0671 2036 IpInIp - ok
22:36:09.0718 2036 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:36:10.0406 2036 IpNat - ok
22:36:10.0500 2036 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:36:11.0281 2036 IPSec - ok
22:36:11.0359 2036 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
22:36:11.0921 2036 IRENUM - ok
22:36:12.0046 2036 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:36:12.0812 2036 isapnp - ok
22:36:12.0921 2036 [ 02B68EFFE84A5D5E9A35FC23134CF850 ] K56 C:\WINDOWS\system32\DRIVERS\k56nt.sys
22:36:13.0109 2036 K56 - ok
22:36:13.0203 2036 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:36:13.0984 2036 Kbdclass - ok
22:36:14.0046 2036 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
22:36:14.0796 2036 kmixer - ok
22:36:14.0890 2036 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
22:36:15.0281 2036 KSecDD - ok
22:36:15.0390 2036 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
22:36:15.0875 2036 lanmanserver - ok
22:36:15.0953 2036 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:36:16.0375 2036 lanmanworkstation - ok
22:36:16.0453 2036 [ 713CD5267ABFB86FE90A72E384E82A38 ] Lbd C:\WINDOWS\system32\DRIVERS\Lbd.sys
22:36:16.0609 2036 Lbd - ok
22:36:16.0656 2036 lbrtfdc - ok
22:36:16.0781 2036 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
22:36:17.0656 2036 LmHosts - ok
22:36:17.0859 2036 [ DDF15A42E27E8EFE27B18FD403151A86 ] MatSvc C:\Program Files\Microsoft Fix it Center\Matsvc.exe
22:36:18.0078 2036 MatSvc - ok
22:36:18.0171 2036 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
22:36:19.0093 2036 Messenger - ok
22:36:19.0156 2036 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
22:36:19.0906 2036 mnmdd - ok
22:36:19.0968 2036 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
22:36:20.0765 2036 mnmsrvc - ok
22:36:20.0828 2036 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
22:36:21.0593 2036 Modem - ok
22:36:21.0671 2036 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:36:22.0593 2036 Mouclass - ok
22:36:22.0671 2036 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:36:23.0359 2036 mouhid - ok
22:36:23.0453 2036 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
22:36:24.0359 2036 MountMgr - ok
22:36:24.0453 2036 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
22:36:24.0593 2036 MpFilter - ok
22:36:24.0921 2036 [ A69630D039C38018689190234F866D77 ] MpKsl0e6e9cdc c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CCFEDD4B-4C3E-433B-A713-C03F10AF3E99}\MpKsl0e6e9cdc.sys
22:36:25.0000 2036 MpKsl0e6e9cdc - ok
22:36:25.0078 2036 mraid35x - ok
22:36:25.0156 2036 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:36:25.0796 2036 MRxDAV - ok
22:36:25.0906 2036 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:36:26.0281 2036 MRxSmb - ok
22:36:26.0328 2036 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:36:27.0234 2036 MSDTC - ok
22:36:27.0328 2036 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:36:28.0093 2036 Msfs - ok
22:36:28.0125 2036 MSIServer - ok
22:36:28.0250 2036 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:36:29.0046 2036 MSKSSRV - ok
22:36:29.0171 2036 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
22:36:29.0359 2036 MsMpSvc - ok
22:36:29.0437 2036 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:36:30.0203 2036 MSPCLOCK - ok
22:36:30.0234 2036 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:36:30.0875 2036 MSPQM - ok
22:36:30.0953 2036 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:36:31.0796 2036 mssmbios - ok
22:36:32.0000 2036 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
22:36:32.0687 2036 ms_mpu401 - ok
22:36:32.0765 2036 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
22:36:33.0015 2036 Mup - ok
22:36:33.0250 2036 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
22:36:34.0171 2036 napagent - ok
22:36:34.0343 2036 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
22:36:35.0109 2036 NDIS - ok
22:36:35.0140 2036 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:36:35.0453 2036 NdisTapi - ok
22:36:35.0546 2036 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:36:36.0343 2036 Ndisuio - ok
22:36:36.0453 2036 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:36:37.0265 2036 NdisWan - ok
22:36:37.0343 2036 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:36:37.0687 2036 NDProxy - ok
22:36:37.0750 2036 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:36:38.0578 2036 NetBIOS - ok
22:36:38.0656 2036 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:36:39.0281 2036 NetBT - ok
22:36:39.0484 2036 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
22:36:40.0281 2036 NetDDE - ok
22:36:40.0312 2036 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
22:36:41.0046 2036 NetDDEdsdm - ok
22:36:41.0125 2036 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
22:36:42.0000 2036 Netlogon - ok
22:36:42.0062 2036 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
22:36:42.0875 2036 Netman - ok
22:36:43.0000 2036 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:36:43.0171 2036 NetTcpPortSharing - ok
22:36:43.0265 2036 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
22:36:43.0562 2036 Nla - ok
22:36:43.0656 2036 [ 1E421A6BCF2203CC61B821ADA9DE878B ] nm C:\WINDOWS\system32\DRIVERS\NMnt.sys
22:36:44.0531 2036 nm - ok
22:36:44.0593 2036 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:36:45.0343 2036 Npfs - ok
22:36:45.0609 2036 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:36:46.0484 2036 Ntfs - ok
22:36:46.0546 2036 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
22:36:47.0375 2036 NtLmSsp - ok
22:36:47.0484 2036 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
22:36:48.0203 2036 NtmsSvc - ok
22:36:48.0312 2036 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
22:36:49.0015 2036 Null - ok
22:36:49.0093 2036 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:36:49.0796 2036 NwlnkFlt - ok
22:36:49.0843 2036 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:36:50.0625 2036 NwlnkFwd - ok
22:36:50.0781 2036 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
22:36:51.0453 2036 Parport - ok
22:36:51.0593 2036 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
22:36:52.0453 2036 PartMgr - ok
22:36:52.0531 2036 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
22:36:53.0281 2036 ParVdm - ok
22:36:53.0328 2036 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
22:36:54.0125 2036 PCI - ok
22:36:54.0156 2036 PCIDump - ok
22:36:54.0250 2036 PCIIde - ok
22:36:54.0343 2036 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
22:36:55.0062 2036 Pcmcia - ok
22:36:55.0109 2036 PDCOMP - ok
22:36:55.0156 2036 PDFRAME - ok
22:36:55.0234 2036 PDRELI - ok
22:36:55.0265 2036 PDRFRAME - ok
22:36:55.0328 2036 perc2 - ok
22:36:55.0421 2036 perc2hib - ok
22:36:55.0734 2036 [ 6C1618A07B49E3873582B6449E744088 ] pfc C:\WINDOWS\system32\drivers\pfc.sys
22:36:55.0984 2036 pfc ( UnsignedFile.Multi.Generic ) - warning
22:36:55.0984 2036 pfc - detected UnsignedFile.Multi.Generic (1)
22:36:56.0078 2036 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
22:36:56.0265 2036 PlugPlay - ok
22:36:56.0312 2036 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
22:36:57.0093 2036 PolicyAgent - ok
22:36:57.0171 2036 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:36:57.0875 2036 PptpMiniport - ok
22:36:57.0953 2036 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
22:36:58.0765 2036 Processor - ok
22:36:58.0859 2036 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:36:59.0531 2036 ProtectedStorage - ok
22:36:59.0609 2036 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
22:37:00.0390 2036 PSched - ok
22:37:00.0453 2036 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:37:01.0171 2036 Ptilink - ok
22:37:01.0218 2036 ql1080 - ok
22:37:01.0265 2036 Ql10wnt - ok
22:37:01.0328 2036 ql12160 - ok
22:37:01.0375 2036 ql1240 - ok
22:37:01.0421 2036 ql1280 - ok
22:37:01.0546 2036 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:37:02.0437 2036 RasAcd - ok
22:37:02.0500 2036 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:37:03.0265 2036 RasAuto - ok
22:37:03.0359 2036 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:37:04.0250 2036 Rasl2tp - ok
22:37:04.0328 2036 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:37:05.0031 2036 RasMan - ok
22:37:05.0125 2036 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:37:05.0890 2036 RasPppoe - ok
22:37:05.0968 2036 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
22:37:06.0609 2036 Raspti - ok
22:37:06.0734 2036 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:37:07.0515 2036 Rdbss - ok
22:37:07.0625 2036 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:37:08.0390 2036 RDPCDD - ok
22:37:08.0484 2036 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
22:37:08.0796 2036 RDPWD - ok
22:37:08.0906 2036 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
22:37:09.0937 2036 RDSessMgr - ok
22:37:10.0015 2036 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
22:37:10.0875 2036 redbook - ok
22:37:10.0953 2036 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:37:11.0781 2036 RemoteAccess - ok
22:37:12.0000 2036 [ 72DEC8652E747CBF22A81ED4BA5AE969 ] Rksample C:\WINDOWS\system32\DRIVERS\rksample.sys
22:37:12.0234 2036 Rksample - ok
22:37:12.0343 2036 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\System32\locator.exe
22:37:13.0000 2036 RpcLocator - ok
22:37:13.0109 2036 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
22:37:13.0343 2036 RpcSs - ok
22:37:13.0546 2036 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
22:37:14.0296 2036 RSVP - ok
22:37:14.0328 2036 [ 8BE348F9AEEB4DA0005B7F500F46F6AD ] rtl8139 C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
22:37:14.0656 2036 rtl8139 - ok
22:37:14.0781 2036 [ F5C5903C601A193E659485CD8258FCB3 ] S3Psddr C:\WINDOWS\system32\DRIVERS\s3gnbm.sys
22:37:15.0171 2036 S3Psddr - ok
22:37:15.0250 2036 SABProcEnum - ok
22:37:15.0312 2036 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
22:37:16.0093 2036 SamSs - ok
22:37:16.0187 2036 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:37:16.0312 2036 SASDIFSV - ok
22:37:16.0390 2036 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
22:37:16.0515 2036 SASENUM - ok
22:37:16.0640 2036 [ 61DB0D0756A99506207FD724E3692B25 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
22:37:16.0703 2036 SASKUTIL - ok
22:37:16.0906 2036 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
22:37:17.0625 2036 SCardSvr - ok
22:37:17.0703 2036 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:37:18.0625 2036 Schedule - ok
22:37:18.0765 2036 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:37:19.0234 2036 Secdrv - ok
22:37:19.0328 2036 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
22:37:20.0015 2036 seclogon - ok
22:37:20.0125 2036 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
22:37:20.0890 2036 SENS - ok
22:37:20.0984 2036 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
22:37:21.0750 2036 serenum - ok
22:37:21.0875 2036 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
22:37:22.0656 2036 Serial - ok
22:37:22.0828 2036 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
22:37:23.0593 2036 Sfloppy - ok
22:37:23.0812 2036 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:37:24.0593 2036 SharedAccess - ok
22:37:24.0656 2036 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:37:24.0828 2036 ShellHWDetection - ok
22:37:24.0875 2036 Simbad - ok
22:37:24.0968 2036 [ F91A2526C4162542F99FE3F95676C45E ] SoftFax C:\WINDOWS\system32\DRIVERS\faxnt.sys
22:37:25.0171 2036 SoftFax - ok
22:37:25.0187 2036 Sparrow - ok
22:37:25.0265 2036 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
22:37:26.0000 2036 splitter - ok
22:37:26.0125 2036 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
22:37:26.0421 2036 Spooler - ok
22:37:26.0531 2036 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
22:37:27.0078 2036 sr - ok
22:37:27.0171 2036 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
22:37:27.0609 2036 srservice - ok
22:37:27.0703 2036 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:37:27.0937 2036 Srv - ok
22:37:28.0031 2036 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:37:28.0593 2036 SSDPSRV - ok
22:37:28.0671 2036 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
22:37:29.0421 2036 stisvc - ok
22:37:29.0500 2036 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
22:37:30.0234 2036 swenum - ok
22:37:30.0343 2036 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
22:37:31.0062 2036 swmidi - ok
22:37:31.0109 2036 SwPrv - ok
22:37:31.0171 2036 symc810 - ok
22:37:31.0250 2036 symc8xx - ok
22:37:31.0312 2036 sym_hi - ok
22:37:31.0375 2036 sym_u3 - ok
22:37:31.0546 2036 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
22:37:32.0437 2036 sysaudio - ok
22:37:32.0500 2036 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
22:37:33.0250 2036 SysmonLog - ok
22:37:33.0328 2036 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:37:33.0843 2036 TapiSrv - ok
22:37:34.0421 2036 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:37:34.0640 2036 Tcpip - ok
22:37:34.0765 2036 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
22:37:35.0218 2036 TDPIPE - ok
22:37:35.0296 2036 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
22:37:35.0718 2036 TDTCP - ok
22:37:35.0781 2036 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
22:37:36.0562 2036 TermDD - ok
22:37:36.0937 2036 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
22:37:37.0718 2036 TermService - ok
22:37:37.0812 2036 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
22:37:38.0046 2036 Themes - ok
22:37:38.0109 2036 [ 165231B2C9A0C1B539EAC4D73CF80A5D ] Tones C:\WINDOWS\system32\DRIVERS\tonesnt.sys
22:37:38.0203 2036 Tones - ok
22:37:38.0281 2036 TosIde - ok
22:37:38.0515 2036 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
22:37:39.0265 2036 TrkWks - ok
22:37:39.0359 2036 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
22:37:40.0203 2036 Udfs - ok
22:37:40.0250 2036 ultra - ok
22:37:40.0359 2036 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
22:37:41.0140 2036 Update - ok
22:37:41.0375 2036 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:37:41.0984 2036 upnphost - ok
22:37:42.0031 2036 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
22:37:43.0203 2036 UPS - ok
22:37:43.0265 2036 USBAAPL - ok
22:37:43.0359 2036 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:37:44.0062 2036 usbhub - ok
22:37:44.0156 2036 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:37:45.0015 2036 usbprint - ok
22:37:45.0109 2036 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:37:45.0859 2036 usbscan - ok
22:37:45.0906 2036 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:37:46.0718 2036 USBSTOR - ok
22:37:46.0875 2036 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:37:47.0703 2036 usbuhci - ok
22:37:47.0859 2036 [ 315733C3978076652F4338743EBB6B9D ] V124 C:\WINDOWS\system32\DRIVERS\v124nt.sys
22:37:48.0046 2036 V124 - ok
22:37:48.0171 2036 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
22:37:48.0812 2036 VgaSave - ok
22:37:48.0875 2036 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:37:49.0453 2036 viaagp - ok
22:37:49.0531 2036 [ A5D8B6C8D43786D4215C1DF6FAB0AAE0 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaidexp.sys
22:37:49.0796 2036 ViaIde - ok
22:37:49.0906 2036 [ 662626BCCF060F2F4B6D5AF7AC121FF5 ] VIAPFD C:\WINDOWS\System32\Drivers\VIAPFD.SYS
22:37:50.0156 2036 VIAPFD ( UnsignedFile.Multi.Generic ) - warning
22:37:50.0156 2036 VIAPFD - detected UnsignedFile.Multi.Generic (1)
22:37:50.0203 2036 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
22:37:50.0703 2036 VolSnap - ok
22:37:51.0062 2036 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
22:37:51.0562 2036 VSS - ok
22:37:51.0843 2036 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
22:37:52.0328 2036 W32Time - ok
22:37:52.0500 2036 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:37:53.0031 2036 Wanarp - ok
22:37:53.0062 2036 WDICA - ok
22:37:53.0218 2036 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
22:37:53.0734 2036 wdmaud - ok
22:37:53.0828 2036 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:37:54.0562 2036 WebClient - ok
22:37:54.0671 2036 [ 93FD9BAA77E12E668D4FB4D773BC8D45 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
22:37:54.0906 2036 winachsf - ok
22:37:55.0078 2036 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:37:55.0437 2036 winmgmt - ok
22:37:55.0609 2036 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
22:37:55.0859 2036 WmdmPmSN - ok
22:37:56.0078 2036 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
22:37:56.0796 2036 WmiApSrv - ok
22:37:57.0109 2036 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
22:37:57.0671 2036 WMPNetworkSvc - ok
22:37:57.0734 2036 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
22:37:58.0265 2036 wscsvc - ok
22:37:58.0359 2036 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
22:37:58.0859 2036 wuauserv - ok
22:37:59.0109 2036 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:37:59.0500 2036 WudfPf - ok
22:37:59.0640 2036 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:37:59.0968 2036 WudfRd - ok
22:38:00.0156 2036 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
22:38:00.0625 2036 WudfSvc - ok
22:38:00.0921 2036 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
22:38:01.0562 2036 WZCSVC - ok
22:38:01.0781 2036 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
22:38:02.0359 2036 xmlprov - ok
22:38:02.0375 2036 ================ Scan global ===============================
22:38:02.0484 2036 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:38:02.0734 2036 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:38:02.0812 2036 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:38:02.0890 2036 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:38:02.0890 2036 [Global] - ok
22:38:02.0921 2036 ================ Scan MBR ==================================
22:38:02.0953 2036 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
22:38:05.0328 2036 \Device\Harddisk0\DR0 - ok
22:38:05.0343 2036 ================ Scan VBR ==================================
22:38:05.0421 2036 [ 1888B106270A1BF06603DFBC3D0097B2 ] \Device\Harddisk0\DR0\Partition1
22:38:05.0484 2036 \Device\Harddisk0\DR0\Partition1 - ok
22:38:05.0500 2036 ================ Scan active images ========================
22:38:05.0515 2036 [ 8FCE268CDBDD83B23419D1F35F42C7B1 ] C:\WINDOWS\system32\drivers\amdk7.sys
22:38:05.0515 2036 C:\WINDOWS\system32\drivers\amdk7.sys - ok
22:38:05.0546 2036 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
22:38:05.0546 2036 C:\WINDOWS\system32\drivers\videoprt.sys - ok
22:38:05.0609 2036 [ F5C5903C601A193E659485CD8258FCB3 ] C:\WINDOWS\system32\drivers\s3gnbm.sys
22:38:05.0609 2036 C:\WINDOWS\system32\drivers\s3gnbm.sys - ok
22:38:05.0640 2036 [ 565193073892B2C12D22C22A0F77400D ] C:\WINDOWS\system32\drivers\basic2.sys
22:38:05.0640 2036 C:\WINDOWS\system32\drivers\basic2.sys - ok
22:38:05.0687 2036 [ A49C38E72C84257BF514CAD9BBB58AAD ] C:\WINDOWS\system32\drivers\soar.sys
22:38:05.0687 2036 C:\WINDOWS\system32\drivers\soar.sys - ok
22:38:05.0718 2036 [ 72DEC8652E747CBF22A81ED4BA5AE969 ] C:\WINDOWS\system32\drivers\rksample.sys
22:38:05.0718 2036 C:\WINDOWS\system32\drivers\rksample.sys - ok
22:38:05.0765 2036 [ 56EF50C7DA429A20DD526E172AF16409 ] C:\WINDOWS\system32\drivers\amosnt.sys
22:38:05.0765 2036 C:\WINDOWS\system32\drivers\amosnt.sys - ok
22:38:05.0796 2036 [ 93FD9BAA77E12E668D4FB4D773BC8D45 ] C:\WINDOWS\system32\drivers\HSF_CNXT.sys
22:38:05.0796 2036 C:\WINDOWS\system32\drivers\HSF_CNXT.sys - ok
22:38:05.0843 2036 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
22:38:05.0843 2036 C:\WINDOWS\system32\drivers\modem.sys - ok
22:38:05.0875 2036 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
22:38:05.0875 2036 C:\WINDOWS\system32\drivers\imapi.sys - ok
22:38:05.0906 2036 [ 8BE348F9AEEB4DA0005B7F500F46F6AD ] C:\WINDOWS\system32\drivers\RTL8139.sys
22:38:05.0906 2036 C:\WINDOWS\system32\drivers\RTL8139.sys - ok
22:38:05.0953 2036 [ CE37E3D51912E59C80C6D84337C0B4CD ] C:\WINDOWS\system32\drivers\elbycdfl.sys
22:38:05.0953 2036 C:\WINDOWS\system32\drivers\elbycdfl.sys - ok
22:38:05.0984 2036 [ 6C1618A07B49E3873582B6449E744088 ] C:\WINDOWS\system32\drivers\pfc.sys
22:38:05.0984 2036 C:\WINDOWS\system32\drivers\pfc.sys - ok
22:38:06.0031 2036 [ 0EBB674888CBDEFD5773341C16DD6A07 ] C:\WINDOWS\system32\drivers\AFS2K.SYS
22:38:06.0031 2036 C:\WINDOWS\system32\drivers\AFS2K.SYS - ok
22:38:06.0078 2036 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
22:38:06.0078 2036 C:\WINDOWS\system32\drivers\cdrom.sys - ok
22:38:06.0125 2036 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
22:38:06.0125 2036 C:\WINDOWS\system32\drivers\ks.sys - ok
22:38:06.0140 2036 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
22:38:06.0140 2036 C:\WINDOWS\system32\drivers\redbook.sys - ok
22:38:06.0234 2036 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
22:38:06.0234 2036 C:\WINDOWS\system32\drivers\usbport.sys - ok
22:38:06.0328 2036 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
22:38:06.0328 2036 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
22:38:06.0375 2036 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
22:38:06.0375 2036 C:\WINDOWS\system32\drivers\drmk.sys - ok
22:38:06.0437 2036 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
22:38:06.0437 2036 C:\WINDOWS\system32\drivers\portcls.sys - ok
22:38:06.0468 2036 [ 26FDC8C283F4714B5F999D90B00A80A0 ] C:\WINDOWS\system32\drivers\alcxwdm.sys
22:38:06.0468 2036 C:\WINDOWS\system32\drivers\alcxwdm.sys - ok
22:38:06.0515 2036 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
22:38:06.0515 2036 C:\WINDOWS\system32\drivers\fdc.sys - ok
22:38:06.0546 2036 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
22:38:06.0546 2036 C:\WINDOWS\system32\drivers\serial.sys - ok
22:38:06.0593 2036 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
22:38:06.0593 2036 C:\WINDOWS\system32\drivers\serenum.sys - ok
22:38:06.0625 2036 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
22:38:06.0625 2036 C:\WINDOWS\system32\drivers\parport.sys - ok
22:38:06.0656 2036 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
22:38:06.0656 2036 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
22:38:06.0703 2036 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
22:38:06.0703 2036 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
22:38:06.0750 2036 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] C:\WINDOWS\system32\drivers\msmpu401.sys
22:38:06.0750 2036 C:\WINDOWS\system32\drivers\msmpu401.sys - ok
22:38:06.0781 2036 [ 065639773D8B03F33577F6CDAEA21063 ] C:\WINDOWS\system32\drivers\gameenum.sys
22:38:06.0781 2036 C:\WINDOWS\system32\drivers\gameenum.sys - ok
22:38:06.0828 2036 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
22:38:06.0828 2036 C:\WINDOWS\system32\drivers\audstub.sys - ok
22:38:06.0859 2036 [ B1D85EA325C796374BDB4CF59F07BBFD ] C:\WINDOWS\system32\drivers\displaylinkmirrorport.sys
22:38:06.0859 2036 C:\WINDOWS\system32\drivers\displaylinkmirrorport.sys - ok
22:38:06.0890 2036 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
22:38:06.0890 2036 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
22:38:06.0937 2036 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
22:38:06.0937 2036 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
22:38:06.0968 2036 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
22:38:06.0968 2036 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
22:38:07.0031 2036 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
22:38:07.0031 2036 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
22:38:07.0093 2036 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
22:38:07.0093 2036 C:\WINDOWS\system32\drivers\tdi.sys - ok
22:38:07.0171 2036 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
22:38:07.0171 2036 C:\WINDOWS\system32\drivers\raspptp.sys - ok
22:38:07.0203 2036 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
22:38:07.0203 2036 C:\WINDOWS\system32\drivers\psched.sys - ok
22:38:07.0250 2036 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
22:38:07.0250 2036 C:\WINDOWS\system32\drivers\msgpc.sys - ok
22:38:07.0296 2036 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
22:38:07.0296 2036 C:\WINDOWS\system32\drivers\ptilink.sys - ok
22:38:07.0328 2036 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
22:38:07.0328 2036 C:\WINDOWS\system32\drivers\raspti.sys - ok
22:38:07.0375 2036 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
22:38:07.0375 2036 C:\WINDOWS\system32\drivers\termdd.sys - ok
22:38:07.0390 2036 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
22:38:07.0390 2036 C:\WINDOWS\system32\drivers\mouclass.sys - ok
22:38:07.0437 2036 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
22:38:07.0437 2036 C:\WINDOWS\system32\drivers\swenum.sys - ok
22:38:07.0468 2036 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
22:38:07.0468 2036 C:\WINDOWS\system32\drivers\update.sys - ok
22:38:07.0531 2036 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
22:38:07.0531 2036 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
22:38:07.0562 2036 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
22:38:07.0562 2036 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
22:38:07.0609 2036 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
22:38:07.0609 2036 C:\WINDOWS\system32\drivers\usbd.sys - ok
22:38:07.0640 2036 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
22:38:07.0640 2036 C:\WINDOWS\system32\drivers\usbhub.sys - ok
22:38:07.0671 2036 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
22:38:07.0671 2036 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
22:38:07.0734 2036 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
22:38:07.0734 2036 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
22:38:07.0765 2036 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
22:38:07.0765 2036 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
22:38:07.0875 2036 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
22:38:07.0875 2036 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
22:38:07.0921 2036 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
22:38:07.0921 2036 C:\WINDOWS\system32\drivers\null.sys - ok
22:38:07.0937 2036 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
22:38:07.0937 2036 C:\WINDOWS\system32\drivers\beep.sys - ok
22:38:07.0984 2036 [ 662626BCCF060F2F4B6D5AF7AC121FF5 ] C:\WINDOWS\system32\drivers\VIAPFD.SYS
22:38:07.0984 2036 C:\WINDOWS\system32\drivers\VIAPFD.SYS - ok
22:38:08.0015 2036 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
22:38:08.0015 2036 C:\WINDOWS\system32\drivers\vga.sys - ok
22:38:08.0062 2036 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
22:38:08.0062 2036 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
22:38:08.0093 2036 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
22:38:08.0093 2036 C:\WINDOWS\system32\drivers\hidparse.sys - ok
22:38:08.0140 2036 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
22:38:08.0140 2036 C:\WINDOWS\system32\drivers\hidclass.sys - ok
22:38:08.0171 2036 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
22:38:08.0171 2036 C:\WINDOWS\system32\drivers\hidusb.sys - ok
22:38:08.0203 2036 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
22:38:08.0203 2036 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
22:38:08.0234 2036 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
22:38:08.0234 2036 C:\WINDOWS\system32\drivers\msfs.sys - ok
22:38:08.0281 2036 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
22:38:08.0281 2036 C:\WINDOWS\system32\drivers\mouhid.sys - ok
22:38:08.0328 2036 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
22:38:08.0328 2036 C:\WINDOWS\system32\drivers\npfs.sys - ok
22:38:08.0359 2036 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
22:38:08.0359 2036 C:\WINDOWS\system32\drivers\rasacd.sys - ok
22:38:08.0406 2036 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
22:38:08.0406 2036 C:\WINDOWS\system32\drivers\ipsec.sys - ok
22:38:08.0437 2036 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
22:38:08.0437 2036 C:\WINDOWS\system32\drivers\tcpip.sys - ok
22:38:08.0468 2036 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
22:38:08.0484 2036 C:\WINDOWS\system32\drivers\netbt.sys - ok
22:38:08.0500 2036 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
22:38:08.0500 2036 C:\WINDOWS\system32\drivers\ipnat.sys - ok
22:38:08.0546 2036 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
22:38:08.0546 2036 C:\WINDOWS\system32\drivers\wanarp.sys - ok
22:38:08.0578 2036 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
22:38:08.0578 2036 C:\WINDOWS\system32\drivers\afd.sys - ok
22:38:08.0625 2036 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
22:38:08.0625 2036 C:\WINDOWS\system32\drivers\netbios.sys - ok
22:38:08.0656 2036 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
22:38:08.0656 2036 C:\WINDOWS\system32\drivers\processr.sys - ok
22:38:08.0687 2036 [ A3281AEC37E0720A2BC28034C2DF2A56 ] C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
22:38:08.0687 2036 C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS - ok
22:38:08.0718 2036 [ 61DB0D0756A99506207FD724E3692B25 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
22:38:08.0718 2036 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
22:38:08.0765 2036 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
22:38:08.0765 2036 C:\WINDOWS\system32\drivers\rdbss.sys - ok
22:38:08.0812 2036 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
22:38:08.0812 2036 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
22:38:08.0859 2036 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
22:38:08.0859 2036 C:\WINDOWS\system32\drivers\fips.sys - ok
22:38:08.0890 2036 [ AAA8999A169E39FB8B48AE49CD6AC30A ] C:\WINDOWS\system32\drivers\ElbyCDIO.sys
22:38:08.0890 2036 C:\WINDOWS\system32\drivers\ElbyCDIO.sys - ok
22:38:08.0937 2036 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
22:38:08.0937 2036 C:\WINDOWS\system32\smss.exe - ok
22:38:08.0953 2036 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
22:38:08.0953 2036 C:\WINDOWS\system32\ntdll.dll - ok
22:38:09.0000 2036 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
22:38:09.0000 2036 C:\WINDOWS\system32\autochk.exe - ok
22:38:09.0031 2036 [ C880FD19784292F45D2D20859F6A98E8 ] C:\WINDOWS\system32\lsdelete.exe
22:38:09.0031 2036 C:\WINDOWS\system32\lsdelete.exe - ok
22:38:09.0078 2036 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
22:38:09.0078 2036 C:\WINDOWS\system32\sfcfiles.dll - ok
22:38:09.0125 2036 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
22:38:09.0125 2036 C:\WINDOWS\system32\drivers\cdfs.sys - ok
22:38:09.0156 2036 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
22:38:09.0156 2036 C:\WINDOWS\system32\drivers\dxapi.sys - ok
22:38:09.0203 2036 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
22:38:09.0203 2036 C:\WINDOWS\system32\watchdog.sys - ok
22:38:09.0218 2036 [ D6F934A361D7F0BE8271673988D4E7FD ] C:\WINDOWS\system32\win32k.sys
22:38:09.0218 2036 C:\WINDOWS\system32\win32k.sys - ok
22:38:09.0265 2036 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
22:38:09.0265 2036 C:\WINDOWS\system32\csrss.exe - ok
22:38:09.0296 2036 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:38:09.0296 2036 C:\WINDOWS\system32\basesrv.dll - ok
22:38:09.0343 2036 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
22:38:09.0343 2036 C:\WINDOWS\system32\csrsrv.dll - ok
22:38:09.0390 2036 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
22:38:09.0390 2036 C:\WINDOWS\system32\gdi32.dll - ok
22:38:09.0421 2036 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:38:09.0421 2036 C:\WINDOWS\system32\winsrv.dll - ok
22:38:09.0453 2036 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
22:38:09.0453 2036 C:\WINDOWS\system32\kernel32.dll - ok
22:38:09.0500 2036 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
22:38:09.0500 2036 C:\WINDOWS\system32\user32.dll - ok
22:38:09.0531 2036 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
22:38:09.0531 2036 C:\WINDOWS\system32\drivers\dxg.sys - ok
22:38:09.0578 2036 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
22:38:09.0578 2036 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
22:38:09.0609 2036 [ 362370209E7E7416A2A08B4E3B51B298 ] C:\WINDOWS\system32\s3gnb.dll
22:38:09.0609 2036 C:\WINDOWS\system32\s3gnb.dll - ok
22:38:09.0656 2036 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
22:38:09.0656 2036 C:\WINDOWS\system32\vga.dll - ok
22:38:09.0703 2036 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
22:38:09.0703 2036 C:\WINDOWS\system32\winlogon.exe - ok
22:38:09.0718 2036 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
22:38:09.0718 2036 C:\WINDOWS\system32\advapi32.dll - ok
22:38:09.0765 2036 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
22:38:09.0765 2036 C:\WINDOWS\system32\rpcrt4.dll - ok
22:38:09.0796 2036 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
22:38:09.0796 2036 C:\WINDOWS\system32\authz.dll - ok
22:38:09.0843 2036 [ 64416C6E07606720C1ECE6DD374BDFFD ] C:\WINDOWS\system32\crypt32.dll
22:38:09.0843 2036 C:\WINDOWS\system32\crypt32.dll - ok
22:38:09.0890 2036 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
22:38:09.0890 2036 C:\WINDOWS\system32\msvcrt.dll - ok
22:38:09.0921 2036 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
22:38:09.0921 2036 C:\WINDOWS\system32\secur32.dll - ok
22:38:09.0953 2036 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
22:38:09.0953 2036 C:\WINDOWS\system32\msasn1.dll - ok
22:38:09.0984 2036 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
22:38:09.0984 2036 C:\WINDOWS\system32\nddeapi.dll - ok
22:38:10.0031 2036 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
22:38:10.0031 2036 C:\WINDOWS\system32\netapi32.dll - ok
22:38:10.0078 2036 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
22:38:10.0078 2036 C:\WINDOWS\system32\profmap.dll - ok
22:38:10.0109 2036 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
22:38:10.0109 2036 C:\WINDOWS\system32\userenv.dll - ok
22:38:10.0156 2036 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
22:38:10.0156 2036 C:\WINDOWS\system32\psapi.dll - ok
22:38:10.0187 2036 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
22:38:10.0187 2036 C:\WINDOWS\system32\regapi.dll - ok
22:38:10.0218 2036 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
22:38:10.0218 2036 C:\WINDOWS\system32\setupapi.dll - ok
22:38:10.0250 2036 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
22:38:10.0250 2036 C:\WINDOWS\system32\imagehlp.dll - ok
22:38:10.0296 2036 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
22:38:10.0296 2036 C:\WINDOWS\system32\imm32.dll - ok
22:38:10.0328 2036 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
22:38:10.0328 2036 C:\WINDOWS\system32\version.dll - ok
22:38:10.0375 2036 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
22:38:10.0375 2036 C:\WINDOWS\system32\winsta.dll - ok
22:38:10.0406 2036 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll
22:38:10.0406 2036 C:\WINDOWS\system32\wintrust.dll - ok
22:38:10.0453 2036 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
22:38:10.0453 2036 C:\WINDOWS\system32\ws2help.dll - ok
22:38:10.0484 2036 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
22:38:10.0484 2036 C:\WINDOWS\system32\ws2_32.dll - ok
22:38:10.0531 2036 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
22:38:10.0531 2036 C:\WINDOWS\system32\kbdus.dll - ok
22:38:10.0562 2036 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
22:38:10.0562 2036 C:\WINDOWS\system32\msgina.dll - ok
22:38:10.0609 2036 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
22:38:10.0609 2036 C:\WINDOWS\system32\comctl32.dll - ok
22:38:10.0656 2036 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
22:38:10.0656 2036 C:\WINDOWS\system32\comdlg32.dll - ok
22:38:10.0687 2036 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
22:38:10.0687 2036 C:\WINDOWS\system32\odbc32.dll - ok
22:38:10.0734 2036 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
22:38:10.0734 2036 C:\WINDOWS\system32\shell32.dll - ok
22:38:10.0750 2036 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
22:38:10.0750 2036 C:\WINDOWS\system32\shlwapi.dll - ok
22:38:10.0796 2036 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
22:38:10.0796 2036 C:\WINDOWS\system32\sxs.dll - ok
22:38:10.0968 2036 [ BD38D1EBE24A46BD3EDA059560AFBA12 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
22:38:10.0968 2036 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - ok
22:38:11.0015 2036 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
22:38:11.0015 2036 C:\WINDOWS\system32\odbcint.dll - ok
22:38:11.0031 2036 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
22:38:11.0031 2036 C:\WINDOWS\system32\sfc.dll - ok
22:38:11.0078 2036 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
22:38:11.0078 2036 C:\WINDOWS\system32\sfc_os.dll - ok
22:38:11.0109 2036 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
22:38:11.0109 2036 C:\WINDOWS\system32\shsvcs.dll - ok
22:38:11.0156 2036 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
22:38:11.0156 2036 C:\WINDOWS\system32\ole32.dll - ok
22:38:11.0203 2036 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
22:38:11.0203 2036 C:\WINDOWS\system32\apphelp.dll - ok
22:38:11.0234 2036 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
22:38:11.0234 2036 C:\WINDOWS\system32\lsass.exe - ok
22:38:11.0265 2036 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:38:11.0265 2036 C:\WINDOWS\system32\services.exe - ok
22:38:11.0296 2036 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
22:38:11.0296 2036 C:\WINDOWS\system32\lsasrv.dll - ok
22:38:11.0343 2036 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
22:38:11.0343 2036 C:\WINDOWS\system32\msvcp60.dll - ok
22:38:11.0375 2036 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
22:38:11.0390 2036 C:\WINDOWS\system32\ncobjapi.dll - ok
22:38:11.0421 2036 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
22:38:11.0421 2036 C:\WINDOWS\system32\dnsapi.dll - ok
22:38:11.0468 2036 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
22:38:11.0468 2036 C:\WINDOWS\system32\mpr.dll - ok
22:38:11.0515 2036 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
22:38:11.0515 2036 C:\WINDOWS\system32\ntdsapi.dll - ok
22:38:11.0531 2036 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
22:38:11.0531 2036 C:\WINDOWS\system32\scesrv.dll - ok
22:38:11.0562 2036 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
22:38:11.0578 2036 C:\WINDOWS\system32\samlib.dll - ok
22:38:11.0609 2036 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
22:38:11.0609 2036 C:\WINDOWS\system32\samsrv.dll - ok
22:38:11.0656 2036 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
22:38:11.0656 2036 C:\WINDOWS\system32\shimeng.dll - ok
22:38:11.0703 2036 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
22:38:11.0703 2036 C:\WINDOWS\system32\umpnpmgr.dll - ok
22:38:11.0734 2036 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
22:38:11.0734 2036 C:\WINDOWS\system32\wldap32.dll - ok
22:38:11.0781 2036 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
22:38:11.0781 2036 C:\WINDOWS\AppPatch\acadproc.dll - ok
22:38:11.0796 2036 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
22:38:11.0796 2036 C:\WINDOWS\AppPatch\acgenral.dll - ok
22:38:11.0843 2036 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
22:38:11.0843 2036 C:\WINDOWS\system32\cryptdll.dll - ok
22:38:11.0875 2036 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
22:38:11.0875 2036 C:\WINDOWS\system32\winmm.dll - ok
22:38:11.0921 2036 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
22:38:11.0921 2036 C:\WINDOWS\system32\msacm32.dll - ok
22:38:11.0953 2036 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
22:38:11.0953 2036 C:\WINDOWS\system32\oleaut32.dll - ok
22:38:12.0000 2036 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
22:38:12.0000 2036 C:\WINDOWS\system32\uxtheme.dll - ok
22:38:12.0031 2036 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
22:38:12.0031 2036 C:\WINDOWS\system32\msapsspc.dll - ok
22:38:12.0062 2036 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
22:38:12.0062 2036 C:\WINDOWS\system32\msvcrt40.dll - ok
22:38:12.0093 2036 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
22:38:12.0093 2036 C:\WINDOWS\system32\schannel.dll - ok
22:38:12.0140 2036 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
22:38:12.0140 2036 C:\WINDOWS\system32\digest.dll - ok
22:38:12.0171 2036 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
22:38:12.0171 2036 C:\WINDOWS\system32\msnsspc.dll - ok
22:38:12.0218 2036 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
22:38:12.0218 2036 C:\WINDOWS\system32\msctfime.ime - ok
22:38:12.0265 2036 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
22:38:12.0265 2036 C:\WINDOWS\system32\atmfd.dll - ok
22:38:12.0281 2036 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
22:38:12.0281 2036 C:\WINDOWS\system32\kerberos.dll - ok
22:38:12.0328 2036 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
22:38:12.0328 2036 C:\WINDOWS\system32\msprivs.dll - ok
22:38:12.0375 2036 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
22:38:12.0375 2036 C:\WINDOWS\system32\iphlpapi.dll - ok
22:38:12.0406 2036 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
22:38:12.0406 2036 C:\WINDOWS\system32\msv1_0.dll - ok
22:38:12.0453 2036 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
22:38:12.0453 2036 C:\WINDOWS\system32\netlogon.dll - ok
22:38:12.0500 2036 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
22:38:12.0500 2036 C:\WINDOWS\system32\w32time.dll - ok
22:38:12.0531 2036 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
22:38:12.0531 2036 C:\WINDOWS\system32\wdigest.dll - ok
22:38:12.0546 2036 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
22:38:12.0546 2036 C:\WINDOWS\system32\rsaenh.dll - ok
22:38:12.0593 2036 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
22:38:12.0593 2036 C:\WINDOWS\system32\winscard.dll - ok
22:38:12.0625 2036 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
22:38:12.0625 2036 C:\WINDOWS\system32\wtsapi32.dll - ok
22:38:12.0703 2036 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
22:38:12.0703 2036 C:\WINDOWS\system32\scecli.dll - ok
22:38:12.0750 2036 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
22:38:12.0750 2036 C:\WINDOWS\system32\svchost.exe - ok
22:38:12.0781 2036 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
22:38:12.0781 2036 C:\WINDOWS\system32\ntmarta.dll - ok
22:38:12.0812 2036 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
22:38:12.0812 2036 C:\WINDOWS\system32\rpcss.dll - ok
22:38:12.0859 2036 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
22:38:12.0859 2036 C:\WINDOWS\system32\xpsp2res.dll - ok
22:38:12.0890 2036 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
22:38:12.0890 2036 C:\WINDOWS\system32\eventlog.dll - ok
22:38:12.0937 2036 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
22:38:12.0937 2036 C:\WINDOWS\system32\logonui.exe - ok
22:38:13.0000 2036 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
22:38:13.0000 2036 C:\WINDOWS\system32\hnetcfg.dll - ok
22:38:13.0046 2036 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
22:38:13.0046 2036 C:\WINDOWS\system32\mswsock.dll - ok
22:38:13.0062 2036 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
22:38:13.0062 2036 C:\WINDOWS\system32\wshtcpip.dll - ok
22:38:13.0109 2036 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
22:38:13.0109 2036 C:\WINDOWS\system32\winrnr.dll - ok
22:38:13.0140 2036 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
22:38:13.0140 2036 C:\WINDOWS\system32\duser.dll - ok
22:38:13.0187 2036 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
22:38:13.0187 2036 C:\WINDOWS\system32\msimg32.dll - ok
22:38:13.0218 2036 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
22:38:13.0218 2036 C:\WINDOWS\system32\oleacc.dll - ok
22:38:13.0265 2036 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
22:38:13.0265 2036 C:\WINDOWS\system32\rasadhlp.dll - ok
22:38:13.0312 2036 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
22:38:13.0312 2036 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
22:38:13.0343 2036 [ 120AA0938E8B76CE044D5307DD6CAA11 ] C:\Program Files\Microsoft Security Client\MpSvc.dll
22:38:13.0343 2036 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
22:38:13.0375 2036 [ 410CCADF699CEE2C0C741DF0FD90F204 ] C:\Program Files\Microsoft Security Client\MpClient.dll
22:38:13.0375 2036 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
22:38:13.0421 2036 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
22:38:13.0421 2036 C:\WINDOWS\system32\clbcatq.dll - ok
22:38:13.0453 2036 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
22:38:13.0453 2036 C:\WINDOWS\system32\comres.dll - ok
22:38:13.0500 2036 [ B3DB43D8A8E4A574BE1E3F66E5434353 ] C:\Program Files\DisplayLink Core Software\displaylinkservice.exe
22:38:13.0500 2036 C:\Program Files\DisplayLink Core Software\displaylinkservice.exe - ok
22:38:13.0531 2036 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
22:38:13.0531 2036 C:\WINDOWS\system32\shgina.dll - ok
22:38:13.0562 2036 [ 0B3E2A065BB0E0C8854FEF37F90DC3BE ] C:\Program Files\Microsoft Security Client\MpRTP.dll
22:38:13.0562 2036 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
22:38:13.0593 2036 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
22:38:13.0593 2036 C:\WINDOWS\system32\fltlib.dll - ok
22:38:13.0640 2036 [ F63F9699C346B058EEDDA46C7349795A ] C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
22:38:13.0640 2036 C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe - ok
22:38:13.0687 2036 [ 93EE68BC38225A0BDB340D4B1767CEBB ] C:\Program Files\DisplayLink Core Software\DisplayLinkusb.dll
22:38:13.0687 2036 C:\Program Files\DisplayLink Core Software\DisplayLinkusb.dll - ok
22:38:13.0718 2036 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
22:38:13.0718 2036 C:\WINDOWS\system32\wsock32.dll - ok
22:38:13.0765 2036 [ 03C76895F47A1339A697269000675266 ] C:\WINDOWS\system32\newdev.dll
22:38:13.0765 2036 C:\WINDOWS\system32\newdev.dll - ok
22:38:13.0812 2036 [ A4AF4F29A1653CD9552617CDA990A6D1 ] C:\WINDOWS\system32\wininet.dll
22:38:13.0812 2036 C:\WINDOWS\system32\wininet.dll - ok
22:38:13.0828 2036 [ 599D6D59B6C8E2D466BCCBD121FF1812 ] C:\WINDOWS\system32\iertutil.dll
22:38:13.0828 2036 C:\WINDOWS\system32\iertutil.dll - ok
22:38:13.0875 2036 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
22:38:13.0875 2036 C:\WINDOWS\system32\normaliz.dll - ok
22:38:13.0921 2036 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
22:38:13.0921 2036 C:\WINDOWS\system32\credui.dll - ok
22:38:13.0984 2036 [ 664CC3CC6A19BE437AAEF2EB4333F5DC ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CCFEDD4B-4C3E-433B-A713-C03F10AF3E99}\mpengine.dll
22:38:13.0984 2036 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CCFEDD4B-4C3E-433B-A713-C03F10AF3E99}\mpengine.dll - ok
22:38:14.0062 2036 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
22:38:14.0062 2036 C:\WINDOWS\system32\cscdll.dll - ok
22:38:14.0125 2036 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
22:38:14.0125 2036 C:\WINDOWS\system32\dimsntfy.dll - ok
22:38:14.0171 2036 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
22:38:14.0171 2036 C:\WINDOWS\system32\wlnotify.dll - ok
22:38:14.0203 2036 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
22:38:14.0203 2036 C:\WINDOWS\system32\winspool.drv - ok
22:38:14.0250 2036 [ 147429092C26D18AF550790AC102F32A ] C:\WINDOWS\system32\wgalogon.dll
22:38:14.0250 2036 C:\WINDOWS\system32\wgalogon.dll - ok
22:38:14.0296 2036 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
22:38:14.0296 2036 C:\WINDOWS\system32\msxml3.dll - ok
22:38:14.0312 2036 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
22:38:14.0312 2036 C:\WINDOWS\system32\dhcpcsvc.dll - ok
22:38:14.0343 2036 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
22:38:14.0343 2036 C:\WINDOWS\system32\lmhsvc.dll - ok
22:38:14.0390 2036 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
22:38:14.0390 2036 C:\WINDOWS\system32\schedsvc.dll - ok
22:38:14.0437 2036 [ 2237B9735F3C81DFDE267F7E909D8F87 ] C:\WINDOWS\system32\displaylinkmirrordisp.dll
22:38:14.0437 2036 C:\WINDOWS\system32\displaylinkmirrordisp.dll - ok
22:38:14.0468 2036 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
22:38:14.0484 2036 C:\WINDOWS\system32\cabinet.dll - ok
22:38:14.0515 2036 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
22:38:14.0515 2036 C:\WINDOWS\system32\msidle.dll - ok
22:38:14.0546 2036 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
22:38:14.0546 2036 C:\WINDOWS\system32\spoolsv.exe - ok
22:38:14.0578 2036 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
22:38:14.0578 2036 C:\WINDOWS\system32\audiosrv.dll - ok
22:38:14.0609 2036 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
22:38:14.0609 2036 C:\WINDOWS\system32\wkssvc.dll - ok
22:38:14.0656 2036 [ D66E48ABA96AFB61A29580713FB19D4B ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
22:38:14.0656 2036 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
22:38:14.0687 2036 [ 950163AE5EE91E60CE0D7BC36FF15202 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
22:38:14.0687 2036 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
22:38:14.0734 2036 [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
22:38:14.0734 2036 C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
22:38:14.0781 2036 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
22:38:14.0781 2036 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
22:38:14.0812 2036 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
22:38:14.0812 2036 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
22:38:14.0843 2036 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
22:38:14.0843 2036 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
22:38:14.0875 2036 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
22:38:14.0875 2036 C:\WINDOWS\system32\webclnt.dll - ok
22:38:14.0921 2036 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
22:38:14.0921 2036 C:\WINDOWS\system32\drivers\parvdm.sys - ok
22:38:14.0968 2036 [ D880831279ED91F9A4190A2DB9539EA9 ] C:\WINDOWS\system32\drivers\asctrm.sys
22:38:14.0968 2036 C:\WINDOWS\system32\drivers\asctrm.sys - ok
22:38:15.0000 2036 [ 152DF881731439107A889FBE1DF5AF6A ] C:\WINDOWS\system32\drivers\cnxtdiag.sys
22:38:15.0000 2036 C:\WINDOWS\system32\drivers\cnxtdiag.sys - ok
22:38:15.0046 2036 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
22:38:15.0046 2036 C:\WINDOWS\system32\qmgr.dll - ok
22:38:15.0062 2036 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
22:38:15.0062 2036 C:\WINDOWS\system32\shfolder.dll - ok
22:38:15.0109 2036 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
22:38:15.0109 2036 C:\WINDOWS\system32\winhttp.dll - ok
22:38:15.0140 2036 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
22:38:15.0140 2036 C:\WINDOWS\system32\activeds.dll - ok
22:38:15.0187 2036 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
22:38:15.0187 2036 C:\WINDOWS\system32\adsldpc.dll - ok
22:38:15.0234 2036 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
22:38:15.0234 2036 C:\WINDOWS\system32\mprapi.dll - ok
22:38:15.0265 2036 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
22:38:15.0265 2036 C:\WINDOWS\system32\netman.dll - ok
22:38:15.0328 2036 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
22:38:15.0328 2036 C:\WINDOWS\system32\atl.dll - ok
22:38:15.0343 2036 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
22:38:15.0343 2036 C:\WINDOWS\system32\netshell.dll - ok
22:38:15.0406 2036 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
22:38:15.0406 2036 C:\WINDOWS\system32\rtutils.dll - ok
22:38:15.0453 2036 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
22:38:15.0453 2036 C:\WINDOWS\system32\dot3api.dll - ok
22:38:15.0515 2036 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
22:38:15.0515 2036 C:\WINDOWS\system32\dot3dlg.dll - ok
22:38:15.0546 2036 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
22:38:15.0546 2036 C:\WINDOWS\system32\eappcfg.dll - ok
22:38:15.0593 2036 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
22:38:15.0593 2036 C:\WINDOWS\system32\eappprxy.dll - ok
22:38:15.0609 2036 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
22:38:15.0609 2036 C:\WINDOWS\system32\onex.dll - ok
22:38:15.0656 2036 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
22:38:15.0656 2036 C:\WINDOWS\system32\rasapi32.dll - ok
22:38:15.0703 2036 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
22:38:15.0703 2036 C:\WINDOWS\system32\rasman.dll - ok
22:38:15.0750 2036 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
22:38:15.0750 2036 C:\WINDOWS\system32\tapi32.dll - ok
22:38:15.0781 2036 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
22:38:15.0781 2036 C:\WINDOWS\system32\wzcsapi.dll - ok
22:38:15.0937 2036 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
22:38:15.0937 2036 C:\WINDOWS\system32\eapolqec.dll - ok
22:38:16.0000 2036 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
22:38:16.0000 2036 C:\WINDOWS\system32\esent.dll - ok
22:38:16.0062 2036 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
22:38:16.0062 2036 C:\WINDOWS\system32\qutil.dll - ok
22:38:16.0125 2036 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
22:38:16.0125 2036 C:\WINDOWS\system32\wmi.dll - ok
22:38:16.0171 2036 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
22:38:16.0171 2036 C:\WINDOWS\system32\wzcsvc.dll - ok
22:38:16.0203 2036 [ 5F11E9C49B9C94213F67F6E7AA191DEE ] C:\Program Files\eBoostr\EBstrSvc.exe
22:38:16.0203 2036 C:\Program Files\eBoostr\EBstrSvc.exe - ok
22:38:16.0234 2036 [ A1EE4931424B62D8E8D5B107DFDC9C5F ] C:\Program Files\eBoostr\sqlite.dll
22:38:16.0234 2036 C:\Program Files\eBoostr\sqlite.dll - ok
22:38:16.0281 2036 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
22:38:16.0281 2036 C:\WINDOWS\system32\pdh.dll - ok
22:38:16.0343 2036 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
22:38:16.0343 2036 C:\WINDOWS\system32\odbcbcp.dll - ok
22:38:16.0390 2036 [ D0ABA5CE65AB5F1DD898F1EF3696A81F ] C:\WINDOWS\system32\drivers\fallback.sys
22:38:16.0390 2036 C:\WINDOWS\system32\drivers\fallback.sys - ok
22:38:16.0453 2036 [ A057E6686C22D2101CC650208096F153 ] C:\WINDOWS\system32\drivers\fsksnt.sys
22:38:16.0453 2036 C:\WINDOWS\system32\drivers\fsksnt.sys - ok
22:38:16.0484 2036 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
22:38:16.0484 2036 C:\WINDOWS\system32\es.dll - ok
22:38:16.0531 2036 [ 02B68EFFE84A5D5E9A35FC23134CF850 ] C:\WINDOWS\system32\drivers\k56nt.sys
22:38:16.0531 2036 C:\WINDOWS\system32\drivers\k56nt.sys - ok
22:38:16.0562 2036 [ F91A2526C4162542F99FE3F95676C45E ] C:\WINDOWS\system32\drivers\faxnt.sys
22:38:16.0562 2036 C:\WINDOWS\system32\drivers\faxnt.sys - ok
22:38:16.0625 2036 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
22:38:16.0625 2036 C:\WINDOWS\system32\pstorsvc.dll - ok
22:38:16.0671 2036 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
22:38:16.0671 2036 C:\WINDOWS\system32\psbase.dll - ok
22:38:16.0718 2036 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
22:38:16.0718 2036 C:\WINDOWS\system32\srvsvc.dll - ok
22:38:16.0734 2036 [ 165231B2C9A0C1B539EAC4D73CF80A5D ] C:\WINDOWS\system32\drivers\tonesnt.sys
22:38:16.0734 2036 C:\WINDOWS\system32\drivers\tonesnt.sys - ok
22:38:16.0781 2036 [ 315733C3978076652F4338743EBB6B9D ] C:\WINDOWS\system32\drivers\v124nt.sys
22:38:16.0781 2036 C:\WINDOWS\system32\drivers\v124nt.sys - ok
22:38:16.0812 2036 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
22:38:16.0812 2036 C:\WINDOWS\system32\sens.dll - ok
22:38:16.0875 2036 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
22:38:16.0875 2036 C:\WINDOWS\system32\netmsg.dll - ok
22:38:16.0906 2036 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
22:38:16.0906 2036 C:\WINDOWS\system32\seclogon.dll - ok
22:38:16.0968 2036 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
22:38:16.0968 2036 C:\WINDOWS\system32\tapisrv.dll - ok
22:38:16.0984 2036 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
22:38:16.0984 2036 C:\WINDOWS\system32\powrprof.dll - ok
22:38:17.0062 2036 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
22:38:17.0062 2036 C:\WINDOWS\system32\srsvc.dll - ok
22:38:17.0109 2036 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
22:38:17.0109 2036 C:\WINDOWS\system32\drivers\srv.sys - ok
22:38:17.0156 2036 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
22:38:17.0156 2036 C:\WINDOWS\system32\wuauserv.dll - ok
22:38:17.0218 2036 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
22:38:17.0218 2036 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
22:38:17.0234 2036 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
22:38:17.0234 2036 C:\WINDOWS\system32\vssapi.dll - ok
22:38:17.0281 2036 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
22:38:17.0281 2036 C:\WINDOWS\system32\wuaueng.dll - ok
22:38:17.0328 2036 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
22:38:17.0328 2036 C:\WINDOWS\system32\mspatcha.dll - ok
22:38:17.0390 2036 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
22:38:17.0390 2036 C:\WINDOWS\system32\netcfgx.dll - ok
22:38:17.0531 2036 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
22:38:17.0531 2036 C:\WINDOWS\system32\rasmans.dll - ok
22:38:17.0562 2036 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
22:38:17.0562 2036 C:\WINDOWS\system32\winipsec.dll - ok
22:38:17.0671 2036 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
22:38:17.0671 2036 C:\WINDOWS\system32\browser.dll - ok
22:38:17.0796 2036 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
22:38:17.0796 2036 C:\WINDOWS\system32\clusapi.dll - ok
22:38:17.0828 2036 [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
22:38:17.0828 2036 C:\WINDOWS\system32\mpnotify.exe - ok
22:38:17.0921 2036 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
22:38:17.0921 2036 C:\WINDOWS\system32\wups.dll - ok
22:38:18.0015 2036 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
22:38:18.0015 2036 C:\WINDOWS\system32\wscsvc.dll - ok
22:38:18.0093 2036 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
22:38:18.0093 2036 C:\WINDOWS\system32\msi.dll - ok
22:38:18.0140 2036 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
22:38:18.0140 2036 C:\WINDOWS\system32\wups2.dll - ok
22:38:18.0171 2036 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
22:38:18.0171 2036 C:\WINDOWS\system32\cscui.dll - ok
22:38:18.0218 2036 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
22:38:18.0218 2036 C:\WINDOWS\system32\ipnathlp.dll - ok
22:38:18.0265 2036 [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
22:38:18.0265 2036 C:\WINDOWS\system32\dpcdll.dll - ok
22:38:18.0296 2036 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
22:38:18.0296 2036 C:\WINDOWS\system32\rastapi.dll - ok
22:38:18.0343 2036 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
22:38:18.0343 2036 C:\WINDOWS\system32\wdmaud.drv - ok
22:38:18.0484 2036 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
22:38:18.0484 2036 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
22:38:18.0578 2036 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
22:38:18.0578 2036 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
22:38:18.0656 2036 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
22:38:18.0656 2036 C:\WINDOWS\system32\userinit.exe - ok
22:38:18.0734 2036 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
22:38:18.0734 2036 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
22:38:18.0875 2036 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
22:38:18.0875 2036 C:\WINDOWS\system32\wbem\esscli.dll - ok
22:38:18.0921 2036 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
22:38:18.0921 2036 C:\WINDOWS\system32\wbem\fastprox.dll - ok
22:38:18.0968 2036 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
22:38:18.0968 2036 C:\WINDOWS\system32\comsvcs.dll - ok
22:38:19.0000 2036 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
22:38:19.0000 2036 C:\WINDOWS\system32\colbact.dll - ok
22:38:19.0046 2036 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
22:38:19.0046 2036 C:\WINDOWS\system32\mtxclu.dll - ok
22:38:19.0078 2036 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
22:38:19.0078 2036 C:\WINDOWS\system32\resutils.dll - ok
22:38:19.0125 2036 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
22:38:19.0125 2036 C:\WINDOWS\system32\drivers\splitter.sys - ok
22:38:19.0171 2036 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
22:38:19.0171 2036 C:\WINDOWS\system32\unimdm.tsp - ok
22:38:19.0187 2036 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
22:38:19.0187 2036 C:\WINDOWS\system32\uniplat.dll - ok
22:38:19.0234 2036 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
22:38:19.0234 2036 C:\WINDOWS\system32\drivers\aec.sys - ok
22:38:19.0281 2036 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
22:38:19.0281 2036 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
22:38:19.0312 2036 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
22:38:19.0312 2036 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
22:38:19.0343 2036 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
22:38:19.0359 2036 C:\WINDOWS\system32\drivers\swmidi.sys - ok
22:38:19.0390 2036 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
22:38:19.0390 2036 C:\WINDOWS\system32\wuauclt.exe - ok
22:38:19.0437 2036 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
22:38:19.0437 2036 C:\WINDOWS\system32\drivers\dmusic.sys - ok
22:38:19.0453 2036 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
22:38:19.0453 2036 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
22:38:19.0500 2036 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
22:38:19.0500 2036 C:\WINDOWS\system32\drivers\kmixer.sys - ok
22:38:19.0546 2036 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
22:38:19.0546 2036 C:\WINDOWS\explorer.exe - ok
22:38:19.0609 2036 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
22:38:19.0609 2036 C:\WINDOWS\system32\browseui.dll - ok
22:38:19.0687 2036 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
22:38:19.0687 2036 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
22:38:19.0734 2036 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
22:38:19.0734 2036 C:\WINDOWS\system32\shdocvw.dll - ok
22:38:19.0828 2036 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
22:38:19.0828 2036 C:\WINDOWS\system32\cryptui.dll - ok
22:38:19.0890 2036 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
22:38:19.0890 2036 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
22:38:19.0921 2036 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
22:38:19.0921 2036 C:\WINDOWS\system32\wbem\wbemess.dll - ok
22:38:19.0968 2036 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
22:38:19.0968 2036 C:\WINDOWS\system32\msacm32.drv - ok
22:38:20.0015 2036 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
22:38:20.0015 2036 C:\WINDOWS\system32\midimap.dll - ok
22:38:20.0109 2036 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
22:38:20.0109 2036 C:\WINDOWS\system32\wuapi.dll - ok
22:38:20.0203 2036 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
22:38:20.0203 2036 C:\WINDOWS\system32\riched20.dll - ok
22:38:20.0281 2036 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
22:38:20.0281 2036 C:\WINDOWS\system32\wbem\ncprov.dll - ok
22:38:20.0359 2036 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
22:38:20.0359 2036 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
22:38:20.0421 2036 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
22:38:20.0421 2036 C:\WINDOWS\system32\desk.cpl - ok
22:38:20.0453 2036 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
22:38:20.0453 2036 C:\WINDOWS\system32\themeui.dll - ok
22:38:20.0500 2036 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
22:38:20.0500 2036 C:\WINDOWS\system32\unimdmat.dll - ok
22:38:20.0546 2036 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
22:38:20.0546 2036 C:\WINDOWS\system32\modemui.dll - ok
22:38:20.0562 2036 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
22:38:20.0562 2036 C:\WINDOWS\system32\kmddsp.tsp - ok
22:38:20.0687 2036 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
22:38:20.0687 2036 C:\WINDOWS\system32\actxprxy.dll - ok
22:38:20.0750 2036 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
22:38:20.0750 2036 C:\WINDOWS\system32\ndptsp.tsp - ok
22:38:20.0796 2036 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
22:38:20.0796 2036 C:\WINDOWS\system32\ipconf.tsp - ok
22:38:20.0890 2036 [ 598C6C440522E4461A245F47B9175F17 ] C:\WINDOWS\system32\urlmon.dll
22:38:20.0890 2036 C:\WINDOWS\system32\urlmon.dll - ok
22:38:20.0921 2036 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
22:38:20.0921 2036 C:\WINDOWS\system32\cmd.exe - ok
22:38:20.0968 2036 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
22:38:20.0968 2036 C:\WINDOWS\system32\h323.tsp - ok
22:38:21.0015 2036 [ 44594270F745D676600E2825F0962F69 ] C:\WINDOWS\system32\ieframe.dll
22:38:21.0015 2036 C:\WINDOWS\system32\ieframe.dll - ok
22:38:21.0109 2036 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
22:38:21.0109 2036 C:\WINDOWS\system32\hidphone.tsp - ok
22:38:21.0140 2036 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
22:38:21.0140 2036 C:\WINDOWS\system32\hid.dll - ok
22:38:21.0234 2036 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
22:38:21.0234 2036 C:\WINDOWS\system32\rasppp.dll - ok
22:38:21.0312 2036 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
22:38:21.0312 2036 C:\WINDOWS\system32\ntlsapi.dll - ok
22:38:21.0343 2036 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
22:38:21.0343 2036 C:\WINDOWS\system32\raschap.dll - ok
22:38:21.0390 2036 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
22:38:21.0390 2036 C:\WINDOWS\system32\rasqec.dll - ok
22:38:21.0406 2036 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
22:38:21.0406 2036 C:\WINDOWS\system32\rastls.dll - ok
22:38:21.0453 2036 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] C:\WINDOWS\system32\rasauto.dll
22:38:21.0453 2036 C:\WINDOWS\system32\rasauto.dll - ok
22:38:21.0500 2036 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
22:38:21.0500 2036 C:\WINDOWS\system32\icmp.dll - ok
22:38:21.0531 2036 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
22:38:21.0531 2036 C:\WINDOWS\system32\cryptsvc.dll - ok
22:38:21.0578 2036 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
22:38:21.0578 2036 C:\WINDOWS\system32\certcli.dll - ok
22:38:21.0609 2036 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
22:38:21.0609 2036 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
22:38:21.0640 2036 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
22:38:21.0640 2036 C:\WINDOWS\system32\alg.exe - ok
22:38:21.0671 2036 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
22:38:21.0671 2036 C:\WINDOWS\system32\cryptnet.dll - ok
22:38:21.0718 2036 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
22:38:21.0718 2036 C:\WINDOWS\system32\sensapi.dll - ok
22:38:21.0750 2036 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
22:38:21.0750 2036 C:\WINDOWS\system32\licwmi.dll - ok
22:38:21.0796 2036 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
22:38:21.0796 2036 C:\WINDOWS\system32\wbem\framedyn.dll - ok
22:38:21.0828 2036 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
22:38:21.0828 2036 C:\WINDOWS\system32\licdll.dll - ok
22:38:21.0875 2036 [ DFE108D9A8DBD0297A8633067B4A6035 ] C:\Program Files\DisplayLink Core Software\displaylinkui.exe
22:38:21.0875 2036 C:\Program Files\DisplayLink Core Software\displaylinkui.exe - ok
22:38:21.0890 2036 [ DDCB143753CF6D0CAB4FA6862750FF14 ] C:\Program Files\DisplayLink Core Software\addonapi.dll
22:38:21.0890 2036 C:\Program Files\DisplayLink Core Software\addonapi.dll - ok
22:38:21.0937 2036 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
22:38:21.0937 2036 C:\WINDOWS\system32\spoolss.dll - ok
22:38:21.0968 2036 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
22:38:21.0968 2036 C:\WINDOWS\system32\localspl.dll - ok
22:38:22.0015 2036 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
22:38:22.0015 2036 C:\WINDOWS\system32\cnbjmon.dll - ok
22:38:22.0062 2036 [ A31D3787ECB0E43EF63CE410F4E96C18 ] C:\WINDOWS\system32\cnbjmon2.dll
22:38:22.0062 2036 C:\WINDOWS\system32\cnbjmon2.dll - ok
22:38:22.0171 2036 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
22:38:22.0171 2036 C:\WINDOWS\system32\pjlmon.dll - ok
22:38:22.0203 2036 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
22:38:22.0203 2036 C:\WINDOWS\system32\tcpmon.dll - ok
22:38:22.0265 2036 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
22:38:22.0265 2036 C:\WINDOWS\system32\usbmon.dll - ok
22:38:22.0312 2036 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
22:38:22.0312 2036 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
22:38:22.0359 2036 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
22:38:22.0359 2036 C:\WINDOWS\system32\netrap.dll - ok
22:38:22.0390 2036 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
22:38:22.0390 2036 C:\WINDOWS\system32\win32spl.dll - ok
22:38:22.0437 2036 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
22:38:22.0437 2036 C:\WINDOWS\system32\inetpp.dll - ok
22:38:22.0453 2036 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
22:38:22.0453 2036 C:\WINDOWS\system32\perfos.dll - ok
22:38:22.0500 2036 [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CCFEDD4B-4C3E-433B-A713-C03F10AF3E99}\MpKsl0e6e9cdc.sys
22:38:22.0500 2036 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CCFEDD4B-4C3E-433B-A713-C03F10AF3E99}\MpKsl0e6e9cdc.sys - ok
22:38:22.0531 2036 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
22:38:22.0531 2036 C:\WINDOWS\system32\cfgmgr32.dll - ok
22:38:22.0578 2036 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\DOCUME~1\Judy\LOCALS~1\temp\92980994-D2EE-4581-9C35-17223ADA7F99.exe
22:38:22.0578 2036 C:\DOCUME~1\Judy\LOCALS~1\temp\92980994-D2EE-4581-9C35-17223ADA7F99.exe - ok
22:38:22.0609 2036 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
22:38:22.0609 2036 C:\WINDOWS\system32\linkinfo.dll - ok
22:38:22.0656 2036 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
22:38:22.0656 2036 C:\WINDOWS\system32\ntshrui.dll - ok
22:38:22.0687 2036 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\18220233.sys
22:38:22.0687 2036 C:\WINDOWS\system32\drivers\18220233.sys - ok
22:38:22.0718 2036 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
22:38:22.0718 2036 C:\WINDOWS\system32\verclsid.exe - ok
22:38:22.0750 2036 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
22:38:22.0750 2036 C:\WINDOWS\system32\mlang.dll - ok
22:38:22.0796 2036 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
22:38:22.0796 2036 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
22:38:22.0843 2036 [ D25157F21BB233E48F1F0706A7E59CF4 ] C:\Program Files\DiskTrix\SystemBooster2\SystemBooster.exe
22:38:22.0843 2036 C:\Program Files\DiskTrix\SystemBooster2\SystemBooster.exe - ok
22:38:22.0890 2036 [ 184E0FDF854993117E35C4EB8E49E28A ] C:\Program Files\Process Lasso\ProcessLasso.exe
22:38:22.0890 2036 C:\Program Files\Process Lasso\ProcessLasso.exe - ok
22:38:22.0921 2036 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
22:38:22.0921 2036 C:\WINDOWS\system32\security.dll - ok
22:38:22.0953 2036 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
22:38:22.0953 2036 C:\WINDOWS\system32\dssenh.dll - ok
22:38:22.0984 2036 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
22:38:22.0984 2036 C:\WINDOWS\system32\mfc42.dll - ok
22:38:23.0031 2036 [ 23638856ECC866650B696A848008B14B ] C:\WINDOWS\system32\webcheck.dll
22:38:23.0031 2036 C:\WINDOWS\system32\webcheck.dll - ok
22:38:23.0078 2036 [ E38A5C93913CF4C44C619AB2C2E354A5 ] C:\Program Files\Process Lasso\ProcessGovernor.exe
22:38:23.0078 2036 C:\Program Files\Process Lasso\ProcessGovernor.exe - ok
22:38:23.0125 2036 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
22:38:23.0125 2036 C:\WINDOWS\system32\stobject.dll - ok
22:38:23.0156 2036 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
22:38:23.0156 2036 C:\WINDOWS\system32\batmeter.dll - ok
22:38:23.0218 2036 [ 687B71C161B246ECE1A13D24AACF0413 ] C:\Program Files\Microsoft Security Client\msseces.exe
22:38:23.0218 2036 C:\Program Files\Microsoft Security Client\msseces.exe - ok
22:38:23.0250 2036 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
22:38:23.0250 2036 C:\WINDOWS\system32\upnp.dll - ok
22:38:23.0343 2036 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
22:38:23.0343 2036 C:\WINDOWS\system32\ssdpapi.dll - ok
22:38:23.0437 2036 [ 4721AB485E0C29CD1617A5F296B9CC47 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll
22:38:23.0437 2036 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6001.22319_x-ww_f0b4c2df\GdiPlus.dll - ok
22:38:23.0484 2036 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
22:38:23.0484 2036 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
22:38:23.0578 2036 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
22:38:23.0578 2036 C:\WINDOWS\system32\msisip.dll - ok
22:38:23.0656 2036 [ 7167E42692D092E0714C7D3CF09A3EF9 ] C:\Program Files\Process Lasso\pl_rsrc_english.dll
22:38:23.0656 2036 C:\Program Files\Process Lasso\pl_rsrc_english.dll - ok
22:38:23.0703 2036 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
22:38:23.0703 2036 C:\WINDOWS\system32\wshext.dll - ok
22:38:23.0734 2036 [ F3AD8EA144F411A6292775FA2B230DE5 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
22:38:23.0734 2036 C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
22:38:23.0765 2036 [ B6CC32E0511150469A69FDA6F6FC4C9A ] C:\Program Files\eBoostr\eBoostrCP.exe
22:38:23.0765 2036 C:\Program Files\eBoostr\eBoostrCP.exe - ok
22:38:23.0796 2036 [ A8E35801E04A4183A27DF60829402867 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
22:38:23.0796 2036 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
22:38:23.0828 2036 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
22:38:23.0828 2036 C:\WINDOWS\system32\msftedit.dll - ok
22:38:23.0875 2036 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
22:38:23.0875 2036 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
22:38:23.0921 2036 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
22:38:23.0921 2036 C:\WINDOWS\system32\rasdlg.dll - ok
22:38:23.0968 2036 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
22:38:23.0968 2036 C:\WINDOWS\system32\ntlanman.dll - ok
22:38:23.0984 2036 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
22:38:23.0984 2036 C:\WINDOWS\system32\netui0.dll - ok
22:38:24.0031 2036 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
22:38:24.0031 2036 C:\WINDOWS\system32\netui1.dll - ok
22:38:24.0078 2036 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
22:38:24.0078 2036 C:\WINDOWS\system32\davclnt.dll - ok
22:38:24.0093 2036 ============================================================
22:38:24.0093 2036 Scan finished
22:38:24.0093 2036 ============================================================
22:38:24.0265 0428 Detected object count: 4
22:38:24.0265 0428 Actual detected object count: 4
22:39:15.0218 0428 ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
22:39:15.0218 0428 ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:39:15.0234 0428 EntDrv51 ( UnsignedFile.Multi.Generic ) - skipped by user
22:39:15.0234 0428 EntDrv51 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:39:15.0250 0428 pfc ( UnsignedFile.Multi.Generic ) - skipped by user
22:39:15.0250 0428 pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:39:15.0265 0428 VIAPFD ( UnsignedFile.Multi.Generic ) - skipped by user
22:39:15.0265 0428 VIAPFD ( UnsignedFile.Multi.Generic ) - User select action: Skip

3. Security check produced the following log:

Results of screen317's Security Check version 0.99.49
Windows XP Service Pack 3 x86
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
SpywareBlaster 4.4
Spybot - Search & Destroy
SUPERAntiSpyware Free Edition
Malwarebytes Anti-Malware version 1.62.0.1300
CCleaner
Cleanersoft Free Registry Fix
Eusing Free Registry Cleaner
Little Registry Cleaner
TweakNow RegCleaner
Wise Disk Cleaner 4.23
Wise Registry Cleaner 4 Free 4.24
CheckIt Registry Cleaner
AML Free Registry Cleaner 4.20
Auslogics Registry Cleaner
COMODO System Cleaner 1.1.64946.38(32bit)
EasyCleaner
Java™ 6 Update 19
Java version out of Date!
Adobe Flash Player 10 Flash Player out of Date!
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 13% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

4. FSS produced the following log:

Farbar Service Scanner Version: 06-08-2012
Ran by Judy (administrator) on 02-09-2012 at 22:43:41
Running from "C:\Documents and Settings\Judy\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode:
****************************************************************

Internet Services:
============
Dnscache Service is not running. Checking service configuration:
The start type of Dnscache service is set to Demand. The default start type is Auto.
The ImagePath of Dnscache service is OK.
The ServiceDll of Dnscache service is OK.


Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit

Extra List:
=======
Gpc(6) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0B000000040000000100000002000000030000000B0000000A0000000800000005000000060000000700000009000000
IpSec Tag value is correct.

**** End of log ****

5. MiniToolBox produced the following log:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Judy (administrator) on 02-09-2012 at 22:46:13
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode:
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Could not flush the DNS Resolver Cache: Function failed during execution.




========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 14477 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek RTL8139/810X Family PCI Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : T1600

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8139/810X Family PCI Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-07-95-EF-B9-E1

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.15.94

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.15.1

DHCP Server . . . . . . . . . . . : 192.168.15.1

DNS Servers . . . . . . . . . . . : 192.168.15.1

Lease Obtained. . . . . . . . . . : Sunday, September 02, 2012 10:31:08 PM

Lease Expires . . . . . . . . . . : Monday, September 03, 2012 10:31:08 PM

Server: WiMaxCPE
Address: 192.168.15.1

Name: google.com
Addresses: 74.125.225.64, 74.125.225.67, 74.125.225.73, 74.125.225.66
74.125.225.68, 74.125.225.72, 74.125.225.71, 74.125.225.65, 74.125.225.78
74.125.225.70, 74.125.225.69



Pinging google.com [74.125.225.69] with 32 bytes of data:



Reply from 74.125.225.69: bytes=32 time=70ms TTL=56

Reply from 74.125.225.69: bytes=32 time=74ms TTL=56



Ping statistics for 74.125.225.69:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 70ms, Maximum = 74ms, Average = 72ms

Server: WiMaxCPE
Address: 192.168.15.1

Name: yahoo.com
Addresses: 98.139.183.24, 98.138.253.109, 72.30.38.140



Pinging yahoo.com [72.30.38.140] with 32 bytes of data:



Reply from 72.30.38.140: bytes=32 time=317ms TTL=54

Reply from 72.30.38.140: bytes=32 time=121ms TTL=54



Ping statistics for 72.30.38.140:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 121ms, Maximum = 317ms, Average = 219ms

Server: WiMaxCPE
Address: 192.168.15.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 07 95 ef b9 e1 ...... Realtek RTL8139/810X Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.15.1 192.168.15.94 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
157.56.52.158 255.255.255.255 192.168.15.1 192.168.15.94 20
192.168.15.0 255.255.255.0 192.168.15.94 192.168.15.94 20
192.168.15.94 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.15.255 255.255.255.255 192.168.15.94 192.168.15.94 20
224.0.0.0 240.0.0.0 192.168.15.94 192.168.15.94 20
255.255.255.255 255.255.255.255 192.168.15.94 192.168.15.94 1
Default Gateway: 192.168.15.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF_Other_32' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WCS' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'XPS' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF2' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WF_32' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF_Other' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WF' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF_1' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WCF' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF2_32' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.


System errors:
=============
Error: (09/02/2012 10:39:57 PM) (Source: DCOM) (User: T1600)
Description: DCOM got error "%%1058" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (09/02/2012 10:31:30 PM) (Source: 0) (User: )
Description: 0xC000024376016465.sysHarddiskVolume1

Error: (09/02/2012 10:31:25 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (09/02/2012 10:31:25 PM) (Source: Service Control Manager) (User: )
Description: The gupdate service failed to start due to the following error:
%%3

Error: (09/02/2012 08:37:39 PM) (Source: DCOM) (User: T1600)
Description: DCOM got error "%%1058" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (09/02/2012 08:03:15 PM) (Source: DCOM) (User: T1600)
Description: DCOM got error "%%1058" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (09/02/2012 08:02:44 PM) (Source: DCOM) (User: T1600)
Description: DCOM got error "%%1058" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (09/02/2012 08:01:48 PM) (Source: DCOM) (User: T1600)
Description: DCOM got error "%%1058" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (09/02/2012 07:57:54 PM) (Source: DCOM) (User: T1600)
Description: DCOM got error "%%1058" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (09/02/2012 07:44:01 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF_Other_321603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WCS1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2XPS1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF21603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WF_321603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF_Other1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WF1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF_11603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WCF1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF2_321603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt


=========================== Installed Programs ============================

7-Zip 4.65
Acer Monitor (Version: 4.3.8432.0)
Ad-Aware SE Plus (Version: 1.06)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Advanced SystemCare 3 (Version: 3.3.4)
AMD Processor Driver (Version: 1.3.2.0053)
AML Free Registry Cleaner 4.20
Ashampoo StartUp Tuner 2.00 (Version: 2.0.0)
Auslogics Registry Cleaner (Version: version 2.1)
Avance AC'97 Audio
BadCopy Pro
BigFix
CCleaner (Version: 2.32)
CheckIt Registry Cleaner (Version: 2.0.3.4)
Cleanersoft Free Registry Fix
CleanUp!
ClearType Tuning Control Panel Applet (Version: 1.01.0000)
COMODO System Cleaner 1.1.64946.38(32bit)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant SoftK56 Modem(M)
Critical Update for Windows Media Player 11 (KB959772)
DefragExpress! (Version: 1.0.0.46)
DefragMagic (Version: 1.0.3)
DisplayLink Core Software (Version: 4.3.8432.0)
Driver Detective (Version: 8.0.1)
Driver Genius Professional Edition 2007
EasyCleaner (Version: 2.0.6.380)
eBoostr 4 (Version: 4.0 (BETA))
Emsa FlexInfo Pro 1.0
ERUNT 1.1j
Eusing Free Registry Cleaner
Filehand Search 3.0 (Version: 3.0)
Flobo Floppy Bad Sector Repair 2.0
Glary Registry Repair 3.2.0.828
Glary Utilities 2.26.0.956 (Version: 2.26.0.956)
ImgBurn (Version: 2.4.2.0)
InkSaver (Version: 2.0)
Internet Explorer (Enable DEP)
IrfanView (remove only)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 19 (Version: 6.0.190)
jv16 PowerTools 2006
Little Registry Cleaner
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Micro-Sys Ajour (Version: 5.63)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Data Access Components KB870669
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Plus! for Windows XP (Version: 1.00.01.0732)
Microsoft Press Interactive Training
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Web Publishing Wizard 1.52
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MV RegClean 5.9 English
OptionsOracle (Version: 1.43)
Paint.NET v3.36 (Version: 3.36.0)
Photo Resize Magic 1.1 (Version: 1.1)
PhotoBlender 3.0
PicoZip Recovery Tool 1.02 (Version: 1.02)
PowerTools Lite
Print Perfect Business Cards DVD (Version: 9.4.17)
PrintMaster Platinum 17 (Version: 17.00.0000)
Process Lasso (Version: 3.84.7)
ProSavageDDR and Utilities
QuoteTracker
RealPlayer Basic
Registry Smoker 1.5 (Version: 1.5)
Registry Trash Keys Finder (Freeware) (Version: 3.9.0.1)
RegScrubXP 3.1
Revo Uninstaller 1.89 (Version: 1.89)
Smart Defrag 1.03
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.4 (Version: 4.4.0)
SUPERAntiSpyware Free Edition (Version: 4.29.0.1002)
SystemBooster 2.0
The Ultimate Troubleshooter
TweakNow RegCleaner (Version: 4.7.1)
UltimateDefrag V1 FREE Public Domain Version (Version: 1.72)
Uninstall Startup Inspector
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.5318)
WinASO Registry Optimizer 4.0.5
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Media Format 11 runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
Wise Disk Cleaner 4.23
Wise Registry Cleaner 4 Free 4.24

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 40%
Total physical RAM: 1503.48 MB
Available physical RAM: 898.25 MB
Total Pagefile: 3613.96 MB
Available Pagefile: 3253.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1979.72 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.27 GB) (Free:8.84 GB) NTFS

========================= Users: ========================================

User accounts for \\T1600

Administrator ASPNET Guest
HelpAssistant Judy SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

25-08-2012 11:54:30 Revo Uninstaller's restore point - Microsoft Money 2002 System Pack
25-08-2012 11:54:41 Removed Microsoft Money 2002 System Pack
25-08-2012 11:55:59 Revo Uninstaller's restore point - Microsoft Office Excel Viewer 2003
25-08-2012 11:56:18 Removed Microsoft Office Excel Viewer 2003
25-08-2012 11:57:17 Revo Uninstaller's restore point - Microsoft Office PowerPoint Viewer 2007 (English)
25-08-2012 11:57:39 Removed Microsoft Office PowerPoint Viewer 2007 (English)
25-08-2012 11:59:13 Revo Uninstaller's restore point - Microsoft Office Word Viewer 2003
25-08-2012 11:59:52 Removed Microsoft Office Word Viewer 2003
25-08-2012 12:00:54 Revo Uninstaller's restore point - Microsoft Press Interactive Training
26-08-2012 11:20:24 Software Distribution Service 3.0
27-08-2012 11:30:12 Software Distribution Service 3.0
28-08-2012 02:23:56 Revo Uninstaller's restore point - Malwarebytes' Anti-Malware
28-08-2012 12:14:35 Removed Microsoft .NET Framework 1.1
28-08-2012 12:17:42 Revo Uninstaller's restore point - Microsoft .NET Framework 2.0 Service Pack 2
28-08-2012 12:21:21 Revo Uninstaller's restore point - Microsoft .NET Framework 3.0 Service Pack 2
28-08-2012 12:22:50 Revo Uninstaller's restore point - Microsoft .NET Framework 3.5 SP1
29-08-2012 03:06:39 Installed Microsoft .NET Framework 1.1
29-08-2012 03:10:48 Revo Uninstaller's restore point - Microsoft .NET Framework 1.1
29-08-2012 03:11:01 Removed Microsoft .NET Framework 1.1
29-08-2012 03:13:03 Revo Uninstaller's restore point - Microsoft .NET Framework 3.5 SP1
29-08-2012 03:36:37 Installed Microsoft .NET Framework 1.1
29-08-2012 10:35:45 Software Distribution Service 3.0
29-08-2012 11:32:59 Software Distribution Service 3.0
30-08-2012 22:49:30 Software Distribution Service 3.0
31-08-2012 10:31:43 Software Distribution Service 3.0
31-08-2012 11:01:45 Software Distribution Service 3.0
31-08-2012 11:39:43 Software Distribution Service 3.0
01-09-2012 08:00:20 Software Distribution Service 3.0
01-09-2012 16:46:18 Software Distribution Service 3.0
03-09-2012 00:55:06 Software Distribution Service 3.0

**** End of log ****

And while I was messing around waiting for the initial response from you guys, I had downloaded autoruns by sysinternals, ran it, and noticed sveral highlighted files that are named but have no files associated with them. I don't know if this has any bearing on the current problem or not.
Thank you.

#8 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 05 September 2012 - 07:01 AM

While waiting for my logs to be read, I noticed something strange, I have under my program files,
C:\Program Files\Microsoft Security Client and
C:\Program Files\Microsoft Security Client(2)
the directoriesand files within are not completely identical but there are a few of the same files in each one, some with a different date, some with just a different timestamp? What gives here?

#9 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:07 PM

Posted 08 September 2012 - 09:14 AM

Hi,

Sorry for the delay.
Please do the following next:

:step1:

We need to change the startup type for the DNS Client service to automatic

  • Click the Posted Image button
  • Click Run.
  • In the search box type "services.msc" without the quotes, then press enter. A window named "Services" should open.
  • Click the on the header of the column "Name" until the small triangle has it's tip facing upwards (like: ^ )
  • Scroll down the names until you find the service named "DNS Client"
  • Right click on this, then click "Properties"
  • On the "General" tab, there is a dropdown for "startup type" - please select "automatic"
  • Click on Apply

:step2:

  • Launch Malwarebytes' Anti-Malware (MBAM)
  • Click on the tab update, then click Check for Updates
  • If an update is found, it will download and install the latest version.
  • Then on the Scanner tab select Perform full scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the full contents of the log in your next reply.

Note: Be sure to restart the computer.

The log can also be found here:
C:\Documents and Settings\<Username>\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
Or at C:\Users\<Username>\AppData\Roaming\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt


:step3:

Ad-Aware is no longer recommended

  • mvps.org is no longer recommending Ad-Aware due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products).
  • Therefore, I strongly recommend uninstalling Ad-Aware.

  • To uninstall Ad-aware: click the Start button (windows XP) or "windows Orb" button (Windows Vista / 7).
  • Type "control" in the search box and press enter
  • Double click "Programs and Features" (Vista / Win7) or "Add / Remove Programs" (Win XP)
  • Please uninstall all programs whose name contains:


    Ad-aware

  • After the programs have been uninstalled, make sure you restart the computer.


:step4:

Please rerun minitoolbox as per Step 5 of my earlier post.
Post the log in your next reply.


:step5:

How is the computer running now?
Do you still get the following?

100% CPU usage and things slow to a crawl


Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#10 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 09 September 2012 - 08:55 AM

Hello Again Dev00790,
I confess, I WAS getting a bit worried. :-)
OK, followed directions and here are the logs:
Mbam:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.09.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 7.0.5730.13
Judy :: T1600 [administrator]

9/8/2012 10:03:41 PM
mbam-log-2012-09-08 (22-03-41).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 294568
Time elapsed: 2 hour(s), 46 minute(s), 27 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Documents and Settings\Judy\My Documents\My Received Files\wkey_demo.exe (PUP.WEPKey) -> Quarantined and deleted successfully.
C:\Documents and Settings\Judy\My Documents\My Received Files\RemoveWGA.exe (PUP.RemoveWGA) -> Quarantined and deleted successfully.

(end)


Mini toolbox:

MiniToolBox by Farbar Version: 23-07-2012
Ran by Judy (administrator) on 09-09-2012 at 08:36:57
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode:
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================



127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com

There are 14477 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek RTL8139/810X Family PCI Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



Host Name . . . . . . . . . . . . : T1600

Primary Dns Suffix . . . . . . . :

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . :

Description . . . . . . . . . . . : Realtek RTL8139/810X Family PCI Fast Ethernet NIC

Physical Address. . . . . . . . . : 00-07-95-EF-B9-E1

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 192.168.15.94

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.15.1

DHCP Server . . . . . . . . . . . : 192.168.15.1

DNS Servers . . . . . . . . . . . : 192.168.15.1

Lease Obtained. . . . . . . . . . : Sunday, September 09, 2012 4:53:07 AM

Lease Expires . . . . . . . . . . : Monday, September 10, 2012 4:53:07 AM

Server: WiMaxCPE
Address: 192.168.15.1

Name: google.com
Addresses: 74.125.225.65, 74.125.225.70, 74.125.225.68, 74.125.225.73
74.125.225.67, 74.125.225.64, 74.125.225.66, 74.125.225.69, 74.125.225.71
74.125.225.72, 74.125.225.78



Pinging google.com [74.125.225.72] with 32 bytes of data:



Reply from 74.125.225.72: bytes=32 time=69ms TTL=56

Reply from 74.125.225.72: bytes=32 time=68ms TTL=56



Ping statistics for 74.125.225.72:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 68ms, Maximum = 69ms, Average = 68ms

Server: WiMaxCPE
Address: 192.168.15.1

Name: yahoo.com
Addresses: 98.139.183.24, 72.30.38.140, 98.138.253.109



Pinging yahoo.com [98.138.253.109] with 32 bytes of data:



Reply from 98.138.253.109: bytes=32 time=210ms TTL=54

Reply from 98.138.253.109: bytes=32 time=109ms TTL=54



Ping statistics for 98.138.253.109:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 109ms, Maximum = 210ms, Average = 159ms

Server: WiMaxCPE
Address: 192.168.15.1

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:



Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=64

Reply from 127.0.0.1: bytes=32 time<1ms TTL=64



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 07 95 ef b9 e1 ...... Realtek RTL8139/810X Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.15.1 192.168.15.94 20
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.15.0 255.255.255.0 192.168.15.94 192.168.15.94 20
192.168.15.94 255.255.255.255 127.0.0.1 127.0.0.1 20
192.168.15.255 255.255.255.255 192.168.15.94 192.168.15.94 20
224.0.0.0 240.0.0.0 192.168.15.94 192.168.15.94 20
255.255.255.255 255.255.255.255 192.168.15.94 192.168.15.94 1
Default Gateway: 192.168.15.1
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF_Other_32' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WCS' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'XPS' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF2' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WF_32' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF_Other' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WF' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF_1' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WCF' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller) (User: T1600)T1600
Description: Product: Microsoft .NET Framework 3.0 Service Pack 2 - Update 'WPF2_32' could not be installed. Error code 1603. Additional information is available in the log file C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt.


System errors:
=============
Error: (09/09/2012 04:53:22 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (09/09/2012 04:53:22 AM) (Source: Service Control Manager) (User: )
Description: The gupdate service failed to start due to the following error:
%%3

Error: (09/09/2012 04:40:17 AM) (Source: DCOM) (User: T1600)
Description: DCOM got error "%%1058" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (09/09/2012 04:30:20 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (09/09/2012 04:30:20 AM) (Source: Service Control Manager) (User: )
Description: The gupdate service failed to start due to the following error:
%%3

Error: (09/08/2012 09:49:36 PM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3

Error: (09/08/2012 09:49:35 PM) (Source: Service Control Manager) (User: )
Description: The gupdate service failed to start due to the following error:
%%3

Error: (09/06/2012 06:13:18 AM) (Source: Service Control Manager) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Microsoft Antimalware Service service, but this action failed with the following error:
%%1056

Error: (09/06/2012 06:13:02 AM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 15000 milliseconds: Restart the service.

Error: (09/06/2012 06:05:47 AM) (Source: Service Control Manager) (User: )
Description: The Java Quick Starter service failed to start due to the following error:
%%3


Microsoft Office Sessions:
=========================
Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF_Other_321603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WCS1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2XPS1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF21603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WF_321603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF_Other1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WF1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF_11603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WCF1603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt

Error: (08/29/2012 05:48:05 AM) (Source: MsiInstaller)(User: T1600)T1600
Description: Microsoft .NET Framework 3.0 Service Pack 2WPF2_321603C:\DOCUME~1\Judy\LOCALS~1\Temp\dd_NET_Framework30_Setup5B81.txt


=========================== Installed Programs ============================

7-Zip 4.65
Acer Monitor (Version: 4.3.8432.0)
Adobe Acrobat 5.0 (Version: 5.0)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.26)
Adobe Flash Player 10 Plugin (Version: 10.0.32.18)
Advanced SystemCare 3 (Version: 3.3.4)
AMD Processor Driver (Version: 1.3.2.0053)
AML Free Registry Cleaner 4.20
Ashampoo StartUp Tuner 2.00 (Version: 2.0.0)
Auslogics Registry Cleaner (Version: version 2.1)
Avance AC'97 Audio
BadCopy Pro
BigFix
CCleaner (Version: 2.32)
CheckIt Registry Cleaner (Version: 2.0.3.4)
Cleanersoft Free Registry Fix
CleanUp!
ClearType Tuning Control Panel Applet (Version: 1.01.0000)
COMODO System Cleaner 1.1.64946.38(32bit)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Conexant SoftK56 Modem(M)
Critical Update for Windows Media Player 11 (KB959772)
DefragExpress! (Version: 1.0.0.46)
DefragMagic (Version: 1.0.3)
DisplayLink Core Software (Version: 4.3.8432.0)
Driver Detective (Version: 8.0.1)
Driver Genius Professional Edition 2007
EasyCleaner (Version: 2.0.6.380)
eBoostr 4 (Version: 4.0 (BETA))
Emsa FlexInfo Pro 1.0
ERUNT 1.1j
Eusing Free Registry Cleaner
Filehand Search 3.0 (Version: 3.0)
Flobo Floppy Bad Sector Repair 2.0
Glary Registry Repair 3.2.0.828
Glary Utilities 2.26.0.956 (Version: 2.26.0.956)
ImgBurn (Version: 2.4.2.0)
InkSaver (Version: 2.0)
Internet Explorer (Enable DEP)
IrfanView (remove only)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 19 (Version: 6.0.190)
jv16 PowerTools 2006
Little Registry Cleaner
Malwarebytes Anti-Malware version 1.62.0.1300 (Version: 1.62.0.1300)
Micro-Sys Ajour (Version: 5.63)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2656353)
Microsoft .NET Framework 1.1 Security Update (KB2656370)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Data Access Components KB870669
Microsoft Fix it Center (Version: 1.0.0100)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Plus! for Windows XP (Version: 1.00.01.0732)
Microsoft Press Interactive Training
Microsoft Security Client (Version: 4.0.1526.0)
Microsoft Security Essentials (Version: 4.0.1526.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Web Publishing Wizard 1.52
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MV RegClean 5.9 English
OptionsOracle (Version: 1.43)
Paint.NET v3.36 (Version: 3.36.0)
Photo Resize Magic 1.1 (Version: 1.1)
PhotoBlender 3.0
PicoZip Recovery Tool 1.02 (Version: 1.02)
PowerTools Lite
Print Perfect Business Cards DVD (Version: 9.4.17)
PrintMaster Platinum 17 (Version: 17.00.0000)
Process Lasso (Version: 3.84.7)
ProSavageDDR and Utilities
QuoteTracker
RealPlayer Basic
Registry Smoker 1.5 (Version: 1.5)
Registry Trash Keys Finder (Freeware) (Version: 3.9.0.1)
RegScrubXP 3.1
Revo Uninstaller 1.89 (Version: 1.89)
Smart Defrag 1.03
Spybot - Search & Destroy (Version: 1.6.2)
SpywareBlaster 4.4 (Version: 4.4.0)
SUPERAntiSpyware Free Edition (Version: 4.29.0.1002)
SystemBooster 2.0
The Ultimate Troubleshooter
TweakNow RegCleaner (Version: 4.7.1)
UltimateDefrag V1 FREE Public Domain Version (Version: 1.72)
Uninstall Startup Inspector
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
WebFldrs XP (Version: 9.50.5318)
WinASO Registry Optimizer 4.0.5
Windows Installer Clean Up (Version: 3.00.00.0000)
Windows Media Format 11 runtime
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
Wise Disk Cleaner 4.23
Wise Registry Cleaner 4 Free 4.24

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 1503.48 MB
Available physical RAM: 805.64 MB
Total Pagefile: 3614.12 MB
Available Pagefile: 3247.77 MB
Total Virtual: 2047.88 MB
Available Virtual: 1975.72 MB

========================= Partitions: =====================================

2 Drive c: () (Fixed) (Total:37.27 GB) (Free:8.46 GB) NTFS

========================= Users: ========================================

User accounts for \\T1600

Administrator ASPNET Guest
HelpAssistant Judy SUPPORT_388945a0

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

25-08-2012 11:54:30 Revo Uninstaller's restore point - Microsoft Money 2002 System Pack
25-08-2012 11:54:41 Removed Microsoft Money 2002 System Pack
25-08-2012 11:55:59 Revo Uninstaller's restore point - Microsoft Office Excel Viewer 2003
25-08-2012 11:56:18 Removed Microsoft Office Excel Viewer 2003
25-08-2012 11:57:17 Revo Uninstaller's restore point - Microsoft Office PowerPoint Viewer 2007 (English)
25-08-2012 11:57:39 Removed Microsoft Office PowerPoint Viewer 2007 (English)
25-08-2012 11:59:13 Revo Uninstaller's restore point - Microsoft Office Word Viewer 2003
25-08-2012 11:59:52 Removed Microsoft Office Word Viewer 2003
25-08-2012 12:00:54 Revo Uninstaller's restore point - Microsoft Press Interactive Training
26-08-2012 11:20:24 Software Distribution Service 3.0
27-08-2012 11:30:12 Software Distribution Service 3.0
28-08-2012 02:23:56 Revo Uninstaller's restore point - Malwarebytes' Anti-Malware
28-08-2012 12:14:35 Removed Microsoft .NET Framework 1.1
28-08-2012 12:17:42 Revo Uninstaller's restore point - Microsoft .NET Framework 2.0 Service Pack 2
28-08-2012 12:21:21 Revo Uninstaller's restore point - Microsoft .NET Framework 3.0 Service Pack 2
28-08-2012 12:22:50 Revo Uninstaller's restore point - Microsoft .NET Framework 3.5 SP1
29-08-2012 03:06:39 Installed Microsoft .NET Framework 1.1
29-08-2012 03:10:48 Revo Uninstaller's restore point - Microsoft .NET Framework 1.1
29-08-2012 03:11:01 Removed Microsoft .NET Framework 1.1
29-08-2012 03:13:03 Revo Uninstaller's restore point - Microsoft .NET Framework 3.5 SP1
29-08-2012 03:36:37 Installed Microsoft .NET Framework 1.1
29-08-2012 10:35:45 Software Distribution Service 3.0
29-08-2012 11:32:59 Software Distribution Service 3.0
30-08-2012 22:49:30 Software Distribution Service 3.0
31-08-2012 10:31:43 Software Distribution Service 3.0
31-08-2012 11:01:45 Software Distribution Service 3.0
31-08-2012 11:39:43 Software Distribution Service 3.0
01-09-2012 08:00:20 Software Distribution Service 3.0
01-09-2012 16:46:18 Software Distribution Service 3.0
03-09-2012 00:55:06 Software Distribution Service 3.0
04-09-2012 01:35:03 System Checkpoint
04-09-2012 03:42:50 Software Distribution Service 3.0
05-09-2012 03:54:43 System Checkpoint
06-09-2012 11:24:09 Software Distribution Service 3.0
09-09-2012 03:02:42 Software Distribution Service 3.0
09-09-2012 07:18:26 Software Distribution Service 3.0

**** End of log ****

In addition I uninstalled AdAware and set the DNS Client to automatic.

Unfortunately, my computer is still agonizingly slow... No improvement.
While running the mini toolbox, at first MsMpEng.exe was using 98%cpu then it switched after about a minute+ to mini tool box using the 98% cpu for the duration of the scan. Between the two and a few other processes, th ecpu utilization stayed at 100%+ thereby slowing the computer to a standstill. This occurs no matter what program I try to run. While running internet explorer, it is Iexplore that is the resource hog, again at between 96 and 98% of cpu. I am at a loss....

#11 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:07 PM

Posted 09 September 2012 - 11:43 AM

Hi

Try this next:

:step1:

Please download Rkill by Grinler from Link 1 and save it to your desktop.

Link 1
Link 2 (renamed Rkill)

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7, right-click on it and Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If that does not work: delete the file, then download and use the one provided in Link 2 above.
  • If that does not work: repeat the process and attempt to use one of the remaining links under RKill download links here until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
Do not reboot your computer after running rkill as the malware programs will start again. Or if rebooting is required run it again.

Please post the log created by rkill in your next reply.

Edited by dev00790, 09 September 2012 - 11:43 AM.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#12 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 09 September 2012 - 08:43 PM

OK, I ran Rkill. The log is as follows.

Rkill 2.3.10 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 09/09/2012 08:37:36 PM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* helpsvc [Missing Service]

* AppMgmt [Missing ServiceDLL Value]
* HidServ [Missing ServiceDLL Value]

Searching for Missing Digital Signatures:

* No issues found.

Program finished at: 09/09/2012 08:37:54 PM
Execution time: 0 hours(s), 0 minute(s), and 18 seconds(s)

Thank you again for your time and effort in trying to solve this dilemma.

#13 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:07 PM

Posted 10 September 2012 - 04:39 PM

Ok nothing that is jumping out from your logs at the moment.
Some outdated software, but we'll take care of that later.

:step1:

I'd like us to scan your machine with ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Note: Vista/Windows 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • On ESET: Click the Back button, then the Finish button.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!


:step2:

I see you have a lot of "Registry cleaners" installed.
Often these are unnecessary, but more importantly one small mistake in the Registry can leave computers unbootable.
We reccommend removing them. You can do this via the following:

Uninstall Programs
  • Click the Start button (windows XP) or "windows Orb" button (Windows Vista / 7).
  • Type "control" in the search box and press enter
  • Double click "Programs and Features" (Vista / Win7) or "Add / Remove Programs" (Win XP)
  • Please uninstall the following programs:

    AML Free Registry Cleaner 4.20
    Ashampoo StartUp Tuner 2.00 (Version: 2.0.0)
    Auslogics Registry Cleaner (Version: version 2.1)
    CheckIt Registry Cleaner (Version: 2.0.3.4)
    Cleanersoft Free Registry Fix
    CleanUp!
    EasyCleaner (Version: 2.0.6.380)
    eBoostr 4 (Version: 4.0 (BETA))
    Eusing Free Registry Cleaner
    Glary Registry Repair 3.2.0.828
    Glary Utilities 2.26.0.956 (Version: 2.26.0.956)
    Little Registry Cleaner
    MV RegClean 5.9 English
    Registry Smoker 1.5 (Version: 1.5)
    Registry Trash Keys Finder (Freeware) (Version: 3.9.0.1)
    RegScrubXP 3.1
    SystemBooster 2.0
    TweakNow RegCleaner (Version: 4.7.1)
    WinASO Registry Optimizer 4.0.5
    Wise Registry Cleaner 4 Free 4.24
    
  • After the programs have been uninstalled, make sure you restart the computer.


:step3:

Unfortunately, my computer is still agonizingly slow... No improvement.
While running the mini toolbox, at first MsMpEng.exe was using 98%cpu then it switched after about a minute+ to mini tool box using the 98% cpu for the duration of the scan. Between the two and a few other processes, th ecpu utilization stayed at 100%+ thereby slowing the computer to a standstill. This occurs no matter what program I try to run. While running internet explorer, it is Iexplore that is the resource hog, again at between 96 and 98% of cpu. I am at a loss....

Are you still having problems with CPU usage?
How is the computer running now?

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog


#14 Frazzled1

Frazzled1
  • Topic Starter

  • Members
  • 110 posts
  • OFFLINE
  •  
  • Local time:10:07 AM

Posted 11 September 2012 - 08:05 AM

Hello again Dev00790,
Whew, big job but finished. Ran the Eset program as directed except for (didn't notice where to check the anti-stealth technology) The log is as follows:

C:\Documents and Settings\Judy\My Documents\Antispy\AVzips\jZipV1c.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\ByeTunes.exe Win32/PrcView application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\DriverReviverSetup.exe a variant of Win32/RegistryReviver application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\engagedTheme.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\GoldenTheme.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\HotSpotShield-1.15.zip a variant of Win32/HotSpotShield application deleted - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\McRem2.exe Win32/PrcView application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\MSNuisance.exe Win32/PrcView application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\NoBeReader.exe Win32/PrcView application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\RainbowTheme.exe multiple threats cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\RegistryCleanerFreeSetup.exe a variant of Win32/Adware.RealRegistryCleaner application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\RegistryReviverSetup.exe Win32/RegistryReviver application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\spyeraserslc.exe a variant of Win32/UbSpyEraser application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\SpywareBegone.exe Win32/Adware.SpywareBeGone application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\unlocker1.8.9.exe Win32/Adware.ADON application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\UnZoone.exe Win32/PrcView application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\My Received Files\Troubleshooting\testmh-repair.exe Win32/Adware.ErrorRepairPro application deleted - quarantined
C:\Documents and Settings\Judy\My Documents\Trading\TradingSoft\free-spyware-removal.exe Win32/Adware.SpywareBeGone application cleaned by deleting - quarantined
C:\Documents and Settings\Judy\My Documents\Trading\TradingSoft\fwrc.exe a variant of Win32/Adware.ErrorRepairPro application deleted - quarantined
C:\System Volume Information\_restore{F8B0FBE4-FA30-46F3-90B4-6BCE89523DE9}\RP2180\A0483836.exe Win32/PrcView application cleaned by deleting - quarantined
C:\WINDOWS\wimn32.bat BAT/Netstop.NAC trojan cleaned by deleting - quarantined


All of the "suspicious files" were most likely diagnostic progras used at one time or another to try and fix this problem. The one that I was concerned about was the wimn32.bat file... I do NOT know what that was for.

As for the uninstalls I ran into a couple of problems:
Auslogics registry cleaner produced an error message as follows:
uninst000.dat is in a format not recognised by this version of the uninstaller: Cannot uninstall

Glary utilities had the same problem as the auslogics program.

Real Player (didn't want it anymore) error message said that the uninstaller is missing.

WinASO error uninst000.dat does not exist.
After that I rebooted and it took a looong time for the system to become useable... think 7 minutes.
I looked at the Process lasso log and noticed that the svhost.exe (netsvcs) process was hogging the cpu and had to be throttled several times, after which my old beloved MsMpEng.exe was using up 98% of the cpu for the duration of the bootup as it usually does whenever I do anything. And Yes, when I go to the aol webpage, iexplore.exe is the culprit slowing the system down.
So in answer to your last question, NO the computer does not seem to be any better.

Oh, two items not addressed, are eboostr and system booster, I purchased and use these regularly on all of my xp machines and have never had any problems. I would like to continue to do so if at all possible. Can I just prevent them from loading if we need to do further diagnostics?

Just an aside, why did you choose the specific programs you did for me to uninstall? (of course if you have time to explain)
Thanks again

#15 dev00790

dev00790

    Bleeping Chocoholic


  • Members
  • 5,037 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:UK
  • Local time:03:07 PM

Posted 11 September 2012 - 02:29 PM

Hi

Just an aside, why did you choose the specific programs you did for me to uninstall? (of course if you have time to explain)

These are all cleaners, many of which are registry only/mostly.
Another reason is that removing them helps us troubleshoot problem(s).

Whew, big job but finished. Ran the Eset program as directed except for (didn't notice where to check the anti-stealth technology)

It's under "Computer scan settings" > "Advanced settings"

Please run ESET again with "Enable Anti-Stealth technology" checked & other mentioned options.

Then post the results in your next reply.

Regards, dev00790

---------------------------------------

Marge: "Homer, the plant called. They said if you don't show up tomorrow don't bother showing up on Monday." Homer: "Woo-hoo! Four-day weekend!"I do not reply to Private Messages (PMs) asking for assistance - please use the forums instead. If I have been helping you, and I have not replied to your latest post in 48 hours please send me a PM. My Blog





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users