Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Not sure if I'm still infected with Sirefef or not


  • Please log in to reply
18 replies to this topic

#1 BNed

BNed

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 15 February 2013 - 03:23 PM

Hello. I thought I had my computer cleaned up but now I'm not so sure.  A couple weeks ago, MSE reported that it had found and quarantined something called Sirefef. 

 

I since have run numerous cleanup utilities such as Farbar, Rkill, OTL, etc.  However, in trying to interpret the reports generated by these utilities, I have to admit that I'm honestly not quite skilled enough to know if my computer is clean or not. 

 

This morning, for example, RogueKiller found HJDESK HideDesktopIcons\NewStartPanel.  It's found this before and cleaned it up but it's still ocurring.   I also just ran RKill and it's reporting a missing imagepath for HidServ as well as an incorrect imagepath for svchost.exe. 

 

I would just like to know if I'm still infected or not.  Please help.

 

Thanks,

B-Ned


Edited by hamluis, 15 February 2013 - 05:10 PM.
Moved from XP to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 15 February 2013 - 06:25 PM

Forgot to include the operating system details: XP Professional with Service Pack 3, Microsoft Security Essentials, Windows Firewall.

 

Thanks!!



#3 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 15 February 2013 - 06:28 PM

Do not run any other tool when you are being assisted.Do not post OTL logs

 


  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters




  • Check Loaded Modules  and Detect TDLFS file systemDo not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now




  • Click Start Scan and allow the scan process to run

  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue




  • Click Reboot computer
  • Please post the contents of  TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply


===================================================


aswMBR

--------------------

  • Download aswMBR and save it to your desktop.
  • Please disable your real time protection of any Antivirus, Antispyware or Antimalware programs temporarily. They will interfere and may cause unexpected results.
  • If you need help to disable your protection programs see here and here.
  • Double click the aswMBR.exe file to run it. Please allow when you are asked to download AVAST antivirus engine defs.
  • Wait until the AV update is done, then click on the Scan button to start. The program will launch a scan.



  • When done, you will see Scan finished successfully. Please click on Save log and save the file to your desktop.



  • Please post the contents of the log in your next reply.

NOTE:  aswMBR will create MBR.dat file on your desktop. This is a copy of your MBR. Do NOT delete it.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan  This process may may take several hours, that is normal

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:

    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply.   Note:  If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • TDSSKiller log
  • aswMBR log
  • ESET results

 



#4 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 15 February 2013 - 07:12 PM

Thanks, Narenxp. Okay, first is the TDSSkiller report, as follows:

 

15:50:05.0625 1132  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:50:07.0640 1132  ============================================================
15:50:07.0640 1132  Current date / time: 2013/02/15 15:50:07.0640
15:50:07.0640 1132  SystemInfo:
15:50:07.0640 1132  
15:50:07.0640 1132  OS Version: 5.1.2600 ServicePack: 3.0
15:50:07.0640 1132  Product type: Workstation
15:50:08.0015 1132  ComputerName: NC9
15:50:08.0015 1132  UserName: Data
15:50:08.0015 1132  Windows directory: C:\WINDOWS
15:50:08.0015 1132  System windows directory: C:\WINDOWS
15:50:08.0015 1132  Processor architecture: Intel x86
15:50:08.0015 1132  Number of processors: 2
15:50:08.0031 1132  Page size: 0x1000
15:50:08.0031 1132  Boot type: Normal boot
15:50:08.0031 1132  ============================================================
15:50:13.0828 1132  BG loaded
15:50:14.0359 1132  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:50:14.0390 1132  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
15:50:14.0781 1132  ============================================================
15:50:14.0781 1132  \Device\Harddisk0\DR0:
15:50:14.0781 1132  MBR partitions:
15:50:14.0781 1132  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
15:50:14.0781 1132  \Device\Harddisk1\DR1:
15:50:14.0781 1132  MBR partitions:
15:50:14.0781 1132  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
15:50:14.0781 1132  ============================================================
15:50:14.0906 1132  C: <-> \Device\Harddisk1\DR1\Partition1
15:50:14.0937 1132  D: <-> \Device\Harddisk0\DR0\Partition1
15:50:14.0937 1132  ============================================================
15:50:14.0937 1132  Initialize success
15:50:14.0968 1132  ============================================================
15:50:20.0062 2120  ============================================================
15:50:20.0062 2120  Scan started
15:50:20.0062 2120  Mode: Manual;
15:50:20.0062 2120  ============================================================
15:50:22.0734 2120  ================ Scan system memory ========================
15:50:22.0734 2120  System memory - ok
15:50:22.0734 2120  ================ Scan services =============================
15:50:23.0296 2120  [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
15:50:23.0312 2120  !SASCORE - ok
15:50:23.0968 2120  [ 0ADFA052C927F2A214133E4DF2EF5AB0 ] a2AntiMalware   C:\PROGRAM FILES\A-SQUARED FREE\a2service.exe
15:50:24.0031 2120  a2AntiMalware - ok
15:50:24.0500 2120  Abiosdsk - ok
15:50:24.0515 2120  abp480n5 - ok
15:50:24.0609 2120  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
15:50:24.0625 2120  ACPI - ok
15:50:24.0703 2120  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
15:50:24.0734 2120  ACPIEC - ok
15:50:24.0875 2120  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
15:50:24.0890 2120  AdobeFlashPlayerUpdateSvc - ok
15:50:24.0906 2120  adpu160m - ok
15:50:24.0984 2120  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
15:50:24.0984 2120  aec - ok
15:50:25.0046 2120  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
15:50:25.0046 2120  AFD - ok
15:50:25.0062 2120  Aha154x - ok
15:50:25.0078 2120  aic78u2 - ok
15:50:25.0093 2120  aic78xx - ok
15:50:25.0171 2120  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
15:50:25.0218 2120  Alerter - ok
15:50:25.0250 2120  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
15:50:25.0250 2120  ALG - ok
15:50:25.0265 2120  AliIde - ok
15:50:25.0328 2120  [ 033448D435E65C4BD72E70521FD05C76 ] AmdPPM          C:\WINDOWS\system32\DRIVERS\AmdPPM.sys
15:50:25.0328 2120  AmdPPM - ok
15:50:25.0343 2120  amsint - ok
15:50:25.0453 2120  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
15:50:25.0484 2120  AppMgmt - ok
15:50:25.0500 2120  [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394         C:\WINDOWS\system32\DRIVERS\arp1394.sys
15:50:25.0500 2120  Arp1394 - ok
15:50:25.0500 2120  asc - ok
15:50:25.0515 2120  asc3350p - ok
15:50:25.0531 2120  asc3550 - ok
15:50:26.0312 2120  [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
15:50:26.0546 2120  aspnet_state - ok
15:50:26.0625 2120  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
15:50:26.0640 2120  AsyncMac - ok
15:50:26.0656 2120  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
15:50:26.0656 2120  atapi - ok
15:50:26.0671 2120  Atdisk - ok
15:50:26.0703 2120  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
15:50:26.0703 2120  Atmarpc - ok
15:50:26.0765 2120  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
15:50:26.0765 2120  AudioSrv - ok
15:50:26.0843 2120  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
15:50:26.0843 2120  audstub - ok
15:50:26.0921 2120  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:50:26.0937 2120  Beep - ok
15:50:27.0078 2120  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
15:50:27.0656 2120  BITS - ok
15:50:27.0687 2120  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
15:50:27.0687 2120  Browser - ok
15:50:28.0015 2120  catchme - ok
15:50:28.0171 2120  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
15:50:28.0187 2120  cbidf2k - ok
15:50:28.0203 2120  cd20xrnt - ok
15:50:28.0250 2120  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
15:50:28.0250 2120  Cdaudio - ok
15:50:28.0312 2120  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
15:50:28.0312 2120  Cdfs - ok
15:50:28.0328 2120  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
15:50:28.0328 2120  Cdrom - ok
15:50:28.0328 2120  Changer - ok
15:50:28.0390 2120  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
15:50:28.0406 2120  CiSvc - ok
15:50:28.0468 2120  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
15:50:28.0484 2120  ClipSrv - ok
15:50:28.0625 2120  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:50:28.0656 2120  clr_optimization_v2.0.50727_32 - ok
15:50:28.0718 2120  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:50:29.0218 2120  clr_optimization_v4.0.30319_32 - ok
15:50:29.0218 2120  CmdIde - ok
15:50:29.0234 2120  COMSysApp - ok
15:50:29.0250 2120  Cpqarray - ok
15:50:29.0312 2120  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
15:50:29.0312 2120  CryptSvc - ok
15:50:29.0375 2120  [ 8DB84DE3AAB34A8B4C2F644EFF41CD76 ] ctsfm2k         C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys
15:50:29.0453 2120  ctsfm2k - ok
15:50:29.0468 2120  dac2w2k - ok
15:50:29.0468 2120  dac960nt - ok
15:50:29.0562 2120  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:50:29.0562 2120  DcomLaunch - ok
15:50:29.0609 2120  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
15:50:29.0625 2120  Dhcp - ok
15:50:29.0671 2120  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
15:50:29.0687 2120  Disk - ok
15:50:29.0687 2120  dmadmin - ok
15:50:29.0890 2120  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
15:50:29.0906 2120  dmboot - ok
15:50:29.0968 2120  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
15:50:29.0984 2120  dmio - ok
15:50:30.0031 2120  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
15:50:30.0031 2120  dmload - ok
15:50:30.0078 2120  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
15:50:30.0093 2120  dmserver - ok
15:50:30.0140 2120  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
15:50:30.0140 2120  DMusic - ok
15:50:30.0203 2120  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:50:30.0203 2120  Dnscache - ok
15:50:30.0296 2120  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:50:30.0296 2120  Dot3svc - ok
15:50:30.0312 2120  dpti2o - ok
15:50:30.0375 2120  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
15:50:30.0375 2120  drmkaud - ok
15:50:30.0437 2120  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
15:50:30.0453 2120  EapHost - ok
15:50:30.0515 2120  [ 6E883BF518296A40959131C2304AF714 ] EL90XBC         C:\WINDOWS\system32\DRIVERS\el90xbc5.sys
15:50:30.0562 2120  EL90XBC - ok
15:50:30.0625 2120  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
15:50:30.0625 2120  ERSvc - ok
15:50:30.0687 2120  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
15:50:30.0687 2120  Eventlog - ok
15:50:30.0750 2120  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
15:50:30.0750 2120  EventSystem - ok
15:50:30.0796 2120  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
15:50:30.0812 2120  Fastfat - ok
15:50:30.0875 2120  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
15:50:30.0875 2120  FastUserSwitchingCompatibility - ok
15:50:30.0890 2120  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
15:50:30.0890 2120  Fdc - ok
15:50:30.0937 2120  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
15:50:30.0953 2120  Fips - ok
15:50:30.0953 2120  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
15:50:30.0953 2120  Flpydisk - ok
15:50:31.0031 2120  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:50:31.0031 2120  FltMgr - ok
15:50:31.0171 2120  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
15:50:31.0203 2120  FontCache3.0.0.0 - ok
15:50:31.0218 2120  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:50:31.0218 2120  Fs_Rec - ok
15:50:31.0218 2120  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
15:50:31.0218 2120  Ftdisk - ok
15:50:31.0281 2120  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
15:50:31.0281 2120  Gpc - ok
15:50:31.0296 2120  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
15:50:31.0296 2120  HDAudBus - ok
15:50:31.0406 2120  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
15:50:31.0406 2120  helpsvc - ok
15:50:31.0421 2120  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
15:50:31.0421 2120  hidusb - ok
15:50:31.0500 2120  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
15:50:31.0515 2120  hkmsvc - ok
15:50:31.0531 2120  hpn - ok
15:50:31.0671 2120  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
15:50:31.0703 2120  HTTP - ok
15:50:31.0765 2120  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
15:50:31.0781 2120  HTTPFilter - ok
15:50:31.0796 2120  i2omgmt - ok
15:50:31.0796 2120  i2omp - ok
15:50:31.0812 2120  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
15:50:31.0828 2120  i8042prt - ok
15:50:32.0062 2120  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:50:32.0093 2120  IDriverT - ok
15:50:32.0359 2120  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:50:32.0390 2120  idsvc - ok
15:50:32.0390 2120  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
15:50:32.0390 2120  Imapi - ok
15:50:32.0453 2120  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
15:50:32.0453 2120  ImapiService - ok
15:50:32.0468 2120  ini910u - ok
15:50:32.0484 2120  IntelIde - ok
15:50:32.0546 2120  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
15:50:32.0562 2120  Ip6Fw - ok
15:50:32.0640 2120  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:50:32.0656 2120  IpFilterDriver - ok
15:50:32.0671 2120  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
15:50:32.0687 2120  IpInIp - ok
15:50:32.0734 2120  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
15:50:32.0734 2120  IpNat - ok
15:50:32.0750 2120  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
15:50:32.0765 2120  IPSec - ok
15:50:32.0781 2120  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
15:50:32.0781 2120  IRENUM - ok
15:50:33.0015 2120  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
15:50:33.0015 2120  isapnp - ok
15:50:33.0062 2120  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
15:50:33.0078 2120  Kbdclass - ok
15:50:33.0250 2120  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
15:50:33.0250 2120  kmixer - ok
15:50:33.0390 2120  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
15:50:33.0406 2120  KSecDD - ok
15:50:33.0718 2120  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
15:50:33.0734 2120  lanmanserver - ok
15:50:33.0875 2120  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
15:50:33.0890 2120  lanmanworkstation - ok
15:50:33.0984 2120  Lavasoft Kernexplorer - ok
15:50:34.0000 2120  lbrtfdc - ok
15:50:34.0093 2120  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
15:50:34.0093 2120  LmHosts - ok
15:50:34.0171 2120  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
15:50:34.0218 2120  Messenger - ok
15:50:34.0218 2120  MFE_RR - ok
15:50:34.0375 2120  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
15:50:34.0375 2120  mnmdd - ok
15:50:34.0468 2120  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
15:50:34.0468 2120  mnmsrvc - ok
15:50:34.0531 2120  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
15:50:34.0546 2120  Modem - ok
15:50:34.0562 2120  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
15:50:34.0562 2120  Mouclass - ok
15:50:34.0562 2120  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
15:50:34.0578 2120  mouhid - ok
15:50:34.0578 2120  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
15:50:34.0578 2120  MountMgr - ok
15:50:34.0718 2120  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:50:34.0750 2120  MozillaMaintenance - ok
15:50:34.0796 2120  [ CF105EE42E3F71E648CEBB3F666E1CF0 ] MpFilter        C:\WINDOWS\system32\DRIVERS\MpFilter.sys
15:50:34.0812 2120  MpFilter - ok
15:50:35.0156 2120  [ A69630D039C38018689190234F866D77 ] MpKsl4ac052e6   C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7C2B3BDF-6EA3-4E25-AA91-89CAE506BD79}\MpKsl4ac052e6.sys
15:50:35.0156 2120  MpKsl4ac052e6 - ok
15:50:35.0156 2120  mraid35x - ok
15:50:35.0234 2120  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
15:50:35.0265 2120  MRxDAV - ok
15:50:35.0343 2120  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:50:35.0343 2120  MRxSmb - ok
15:50:35.0406 2120  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
15:50:35.0437 2120  MSDTC - ok
15:50:35.0453 2120  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:50:35.0453 2120  Msfs - ok
15:50:35.0468 2120  MSIServer - ok
15:50:35.0515 2120  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:50:35.0515 2120  MSKSSRV - ok
15:50:35.0625 2120  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:50:35.0625 2120  MsMpSvc - ok
15:50:35.0656 2120  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:50:35.0656 2120  MSPCLOCK - ok
15:50:35.0656 2120  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
15:50:35.0656 2120  MSPQM - ok
15:50:35.0734 2120  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
15:50:35.0734 2120  mssmbios - ok
15:50:35.0781 2120  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
15:50:35.0781 2120  Mup - ok
15:50:35.0921 2120  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
15:50:35.0937 2120  napagent - ok
15:50:36.0000 2120  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
15:50:36.0015 2120  NDIS - ok
15:50:36.0078 2120  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:50:36.0078 2120  NdisTapi - ok
15:50:36.0125 2120  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:50:36.0125 2120  Ndisuio - ok
15:50:36.0171 2120  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:50:36.0171 2120  NdisWan - ok
15:50:36.0468 2120  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
15:50:36.0468 2120  NDProxy - ok
15:50:36.0500 2120  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
15:50:36.0500 2120  NetBIOS - ok
15:50:36.0531 2120  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:50:36.0531 2120  NetBT - ok
15:50:36.0593 2120  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
15:50:36.0593 2120  NetDDE - ok
15:50:36.0593 2120  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
15:50:36.0609 2120  NetDDEdsdm - ok
15:50:36.0671 2120  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:50:36.0671 2120  Netlogon - ok
15:50:36.0734 2120  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
15:50:36.0734 2120  Netman - ok
15:50:36.0765 2120  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
15:50:36.0828 2120  NetTcpPortSharing - ok
15:50:36.0859 2120  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394         C:\WINDOWS\system32\DRIVERS\nic1394.sys
15:50:36.0859 2120  NIC1394 - ok
15:50:36.0937 2120  [ 832E4DD8964AB7ACC880B2837CB1ED20 ] Nla             C:\WINDOWS\System32\mswsock.dll
15:50:36.0953 2120  Nla - ok
15:50:37.0000 2120  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:50:37.0000 2120  Npfs - ok
15:50:37.0093 2120  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
15:50:37.0109 2120  Ntfs - ok
15:50:37.0109 2120  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
15:50:37.0125 2120  NtLmSsp - ok
15:50:37.0296 2120  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
15:50:37.0343 2120  NtmsSvc - ok
15:50:37.0375 2120  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:50:37.0375 2120  Null - ok
15:50:38.0125 2120  [ 774A0D43912F75DA99D32F2D9E6A674C ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
15:50:39.0531 2120  nv - ok
15:50:39.0593 2120  [ 6B665BDA473E2888A036D0BA5663B5A5 ] NVSvc           C:\WINDOWS\system32\nvsvc32.exe
15:50:39.0593 2120  NVSvc - ok
15:50:39.0718 2120  [ 8BB901D3DBD7CA15C4D9F1EC98927379 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:50:39.0890 2120  nvUpdatusService - ok
15:50:39.0937 2120  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
15:50:39.0937 2120  NwlnkFlt - ok
15:50:39.0937 2120  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
15:50:39.0937 2120  NwlnkFwd - ok
15:50:39.0984 2120  [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394        C:\WINDOWS\system32\DRIVERS\ohci1394.sys
15:50:39.0984 2120  ohci1394 - ok
15:50:40.0046 2120  [ 103A9B117A7D9903111955CDAFE65AC6 ] ossrv           C:\WINDOWS\system32\DRIVERS\ctoss2k.sys
15:50:40.0062 2120  ossrv - ok
15:50:40.0171 2120  [ 1DB419CB76493F6292CCFBDC3466F5FF ] P17             C:\WINDOWS\system32\drivers\P17.sys
15:50:40.0218 2120  P17 - ok
15:50:40.0250 2120  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
15:50:40.0250 2120  Parport - ok
15:50:40.0265 2120  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
15:50:40.0281 2120  PartMgr - ok
15:50:40.0312 2120  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
15:50:40.0312 2120  ParVdm - ok
15:50:40.0343 2120  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
15:50:40.0343 2120  PCI - ok
15:50:40.0359 2120  PCIDump - ok
15:50:40.0375 2120  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
15:50:40.0375 2120  PCIIde - ok
15:50:40.0390 2120  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
15:50:40.0406 2120  Pcmcia - ok
15:50:40.0421 2120  PDCOMP - ok
15:50:40.0421 2120  PDFRAME - ok
15:50:40.0437 2120  PDRELI - ok
15:50:40.0453 2120  PDRFRAME - ok
15:50:40.0453 2120  perc2 - ok
15:50:40.0468 2120  perc2hib - ok
15:50:40.0531 2120  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
15:50:40.0531 2120  PlugPlay - ok
15:50:40.0546 2120  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
15:50:40.0546 2120  PolicyAgent - ok
15:50:40.0609 2120  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
15:50:40.0609 2120  PptpMiniport - ok
15:50:40.0625 2120  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
15:50:40.0625 2120  Processor - ok
15:50:40.0640 2120  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
15:50:40.0640 2120  ProtectedStorage - ok
15:50:40.0656 2120  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
15:50:40.0656 2120  PSched - ok
15:50:40.0671 2120  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
15:50:40.0671 2120  Ptilink - ok
15:50:40.0765 2120  [ 933D92F0BD1D7A9835CD8A8B1235A11E ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
15:50:40.0812 2120  QBCFMonitorService - ok
15:50:40.0890 2120  [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService     C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe
15:50:40.0937 2120  QBFCService - ok
15:50:41.0125 2120  [ 0C7B65C8743442A37152FCFAC5F7D16A ] QBVSS           C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
15:50:41.0140 2120  QBVSS - ok
15:50:41.0140 2120  ql1080 - ok
15:50:41.0156 2120  Ql10wnt - ok
15:50:41.0156 2120  ql12160 - ok
15:50:41.0171 2120  ql1240 - ok
15:50:41.0171 2120  ql1280 - ok
15:50:41.0218 2120  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:50:41.0218 2120  RasAcd - ok
15:50:41.0359 2120  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:50:41.0375 2120  RasAuto - ok
15:50:41.0390 2120  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
15:50:41.0390 2120  Rasl2tp - ok
15:50:41.0515 2120  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:50:41.0546 2120  RasMan - ok
15:50:41.0562 2120  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:50:41.0562 2120  RasPppoe - ok
15:50:41.0578 2120  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
15:50:41.0578 2120  Raspti - ok
15:50:41.0640 2120  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:50:41.0640 2120  Rdbss - ok
15:50:41.0640 2120  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
15:50:41.0640 2120  RDPCDD - ok
15:50:41.0671 2120  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
15:50:41.0671 2120  rdpdr - ok
15:50:41.0718 2120  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
15:50:41.0734 2120  RDPWD - ok
15:50:41.0765 2120  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
15:50:41.0781 2120  RDSessMgr - ok
15:50:41.0796 2120  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
15:50:41.0796 2120  redbook - ok
15:50:41.0843 2120  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:50:41.0843 2120  RemoteAccess - ok
15:50:41.0875 2120  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:50:41.0890 2120  RemoteRegistry - ok
15:50:41.0890 2120  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:50:41.0890 2120  RpcLocator - ok
15:50:41.0937 2120  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
15:50:41.0937 2120  RpcSs - ok
15:50:41.0984 2120  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
15:50:41.0984 2120  RSVP - ok
15:50:42.0015 2120  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
15:50:42.0015 2120  SamSs - ok
15:50:42.0031 2120  [ 39763504067962108505BFF25F024345 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
15:50:42.0031 2120  SASDIFSV - ok
15:50:42.0046 2120  [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:50:42.0046 2120  SASKUTIL - ok
15:50:42.0062 2120  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
15:50:42.0062 2120  SCardSvr - ok
15:50:42.0093 2120  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:50:42.0109 2120  Schedule - ok
15:50:42.0140 2120  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
15:50:42.0140 2120  Secdrv - ok
15:50:42.0171 2120  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
15:50:42.0171 2120  seclogon - ok
15:50:42.0187 2120  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
15:50:42.0187 2120  SENS - ok
15:50:42.0234 2120  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
15:50:42.0250 2120  serenum - ok
15:50:42.0296 2120  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
15:50:42.0296 2120  Serial - ok
15:50:42.0359 2120  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
15:50:42.0359 2120  Sfloppy - ok
15:50:42.0437 2120  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:50:42.0437 2120  SharedAccess - ok
15:50:42.0453 2120  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:50:42.0453 2120  ShellHWDetection - ok
15:50:42.0468 2120  Simbad - ok
15:50:42.0546 2120  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
15:50:42.0546 2120  SkypeUpdate - ok
15:50:42.0562 2120  Sparrow - ok
15:50:42.0625 2120  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
15:50:42.0625 2120  splitter - ok
15:50:42.0656 2120  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
15:50:42.0656 2120  Spooler - ok
15:50:42.0656 2120  sptd - ok
15:50:42.0703 2120  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
15:50:42.0703 2120  sr - ok
15:50:42.0750 2120  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
15:50:42.0765 2120  srservice - ok
15:50:42.0796 2120  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:50:42.0796 2120  Srv - ok
15:50:42.0843 2120  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:50:42.0843 2120  SSDPSRV - ok
15:50:42.0859 2120  Steam Client Service - ok
15:50:42.0890 2120  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
15:50:42.0906 2120  stisvc - ok
15:50:42.0937 2120  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
15:50:42.0937 2120  swenum - ok
15:50:42.0953 2120  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
15:50:42.0953 2120  swmidi - ok
15:50:42.0953 2120  SwPrv - ok
15:50:42.0968 2120  symc810 - ok
15:50:42.0984 2120  symc8xx - ok
15:50:42.0984 2120  sym_hi - ok
15:50:43.0000 2120  sym_u3 - ok
15:50:43.0031 2120  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
15:50:43.0031 2120  sysaudio - ok
15:50:43.0078 2120  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
15:50:43.0078 2120  SysmonLog - ok
15:50:43.0109 2120  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:50:43.0109 2120  TapiSrv - ok
15:50:43.0156 2120  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:50:43.0156 2120  Tcpip - ok
15:50:43.0171 2120  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
15:50:43.0171 2120  TDPIPE - ok
15:50:43.0203 2120  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
15:50:43.0203 2120  TDTCP - ok
15:50:43.0218 2120  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
15:50:43.0218 2120  TermDD - ok
15:50:43.0234 2120  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
15:50:43.0234 2120  TermService - ok
15:50:43.0234 2120  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
15:50:43.0250 2120  Themes - ok
15:50:43.0281 2120  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
15:50:43.0281 2120  TlntSvr - ok
15:50:43.0296 2120  TosIde - ok
15:50:43.0312 2120  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
15:50:43.0328 2120  TrkWks - ok
15:50:43.0343 2120  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
15:50:43.0343 2120  Udfs - ok
15:50:43.0343 2120  ultra - ok
15:50:43.0375 2120  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
15:50:43.0390 2120  Update - ok
15:50:43.0406 2120  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:50:43.0406 2120  upnphost - ok
15:50:43.0421 2120  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
15:50:43.0421 2120  UPS - ok
15:50:43.0437 2120  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
15:50:43.0453 2120  usbccgp - ok
15:50:43.0468 2120  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
15:50:43.0468 2120  usbehci - ok
15:50:43.0500 2120  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
15:50:43.0500 2120  usbhub - ok
15:50:43.0500 2120  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
15:50:43.0500 2120  usbohci - ok
15:50:43.0515 2120  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
15:50:43.0515 2120  usbstor - ok
15:50:43.0531 2120  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
15:50:43.0531 2120  VgaSave - ok
15:50:43.0531 2120  ViaIde - ok
15:50:43.0546 2120  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
15:50:43.0562 2120  VolSnap - ok
15:50:43.0578 2120  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
15:50:43.0593 2120  VSS - ok
15:50:43.0609 2120  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
15:50:43.0609 2120  W32Time - ok
15:50:43.0625 2120  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
15:50:43.0625 2120  Wanarp - ok
15:50:43.0640 2120  WDICA - ok
15:50:43.0687 2120  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
15:50:43.0687 2120  wdmaud - ok
15:50:43.0718 2120  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:50:43.0718 2120  WebClient - ok
15:50:43.0796 2120  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:50:43.0796 2120  winmgmt - ok
15:50:43.0843 2120  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN        C:\WINDOWS\system32\mspmsnsv.dll
15:50:43.0843 2120  WmdmPmSN - ok
15:50:43.0921 2120  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
15:50:43.0921 2120  Wmi - ok
15:50:43.0937 2120  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
15:50:43.0953 2120  WmiApSrv - ok
15:50:44.0062 2120  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:50:44.0078 2120  WPFFontCache_v0400 - ok
15:50:44.0140 2120  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
15:50:44.0140 2120  WS2IFSL - ok
15:50:44.0187 2120  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
15:50:44.0203 2120  wscsvc - ok
15:50:44.0234 2120  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
15:50:44.0281 2120  wuauserv - ok
15:50:44.0312 2120  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
15:50:44.0328 2120  WZCSVC - ok
15:50:44.0343 2120  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
15:50:44.0375 2120  xmlprov - ok
15:50:44.0406 2120  [ 4322C32CED8C4772E039616DCBF01D3F ] yukonwxp        C:\WINDOWS\system32\DRIVERS\yk51x86.sys
15:50:44.0437 2120  yukonwxp - ok
15:50:44.0453 2120  ================ Scan global ===============================
15:50:44.0484 2120  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:50:44.0546 2120  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:50:44.0562 2120  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:50:44.0578 2120  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
15:50:44.0578 2120  [Global] - ok
15:50:44.0578 2120  ================ Scan MBR ==================================
15:50:44.0593 2120  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
15:50:44.0718 2120  \Device\Harddisk0\DR0 - ok
15:50:44.0750 2120  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
15:50:44.0906 2120  \Device\Harddisk1\DR1 - ok
15:50:44.0906 2120  ================ Scan VBR ==================================
15:50:44.0906 2120  [ 3B672E355C1E1C18CA2283E8ACA16305 ] \Device\Harddisk0\DR0\Partition1
15:50:44.0921 2120  \Device\Harddisk0\DR0\Partition1 - ok
15:50:44.0921 2120  [ CFF38883069C9F3F1116210CE49D8DF9 ] \Device\Harddisk1\DR1\Partition1
15:50:44.0921 2120  \Device\Harddisk1\DR1\Partition1 - ok
15:50:44.0921 2120  ================ Scan active images ========================
15:50:44.0921 2120  [ 033448D435E65C4BD72E70521FD05C76 ] C:\WINDOWS\system32\drivers\AmdPPM.sys
15:50:44.0921 2120  C:\WINDOWS\system32\drivers\AmdPPM.sys - ok
15:50:44.0937 2120  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
15:50:44.0937 2120  C:\WINDOWS\system32\drivers\usbport.sys - ok
15:50:44.0937 2120  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
15:50:44.0937 2120  C:\WINDOWS\system32\drivers\usbehci.sys - ok
15:50:44.0953 2120  [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
15:50:44.0953 2120  C:\WINDOWS\system32\drivers\usbohci.sys - ok
15:50:44.0953 2120  [ 6E883BF518296A40959131C2304AF714 ] C:\WINDOWS\system32\drivers\el90xbc5.sys
15:50:44.0953 2120  C:\WINDOWS\system32\drivers\el90xbc5.sys - ok
15:50:44.0968 2120  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
15:50:44.0968 2120  C:\WINDOWS\system32\drivers\ks.sys - ok
15:50:44.0968 2120  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
15:50:44.0968 2120  C:\WINDOWS\system32\drivers\drmk.sys - ok
15:50:44.0968 2120  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
15:50:44.0968 2120  C:\WINDOWS\system32\drivers\portcls.sys - ok
15:50:44.0984 2120  [ 1DB419CB76493F6292CCFBDC3466F5FF ] C:\WINDOWS\system32\drivers\P17.sys
15:50:44.0984 2120  C:\WINDOWS\system32\drivers\P17.sys - ok
15:50:44.0984 2120  [ 103A9B117A7D9903111955CDAFE65AC6 ] C:\WINDOWS\system32\drivers\ctoss2k.sys
15:50:44.0984 2120  C:\WINDOWS\system32\drivers\ctoss2k.sys - ok
15:50:45.0000 2120  [ 8DB84DE3AAB34A8B4C2F644EFF41CD76 ] C:\WINDOWS\system32\drivers\ctsfm2k.sys
15:50:45.0000 2120  C:\WINDOWS\system32\drivers\ctsfm2k.sys - ok
15:50:45.0000 2120  [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys
15:50:45.0000 2120  C:\WINDOWS\system32\drivers\nic1394.sys - ok
15:50:45.0015 2120  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
15:50:45.0015 2120  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
15:50:45.0015 2120  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
15:50:45.0015 2120  C:\WINDOWS\system32\drivers\imapi.sys - ok
15:50:45.0031 2120  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
15:50:45.0031 2120  C:\WINDOWS\system32\drivers\cdrom.sys - ok
15:50:45.0031 2120  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
15:50:45.0031 2120  C:\WINDOWS\system32\drivers\redbook.sys - ok
15:50:45.0031 2120  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
15:50:45.0031 2120  C:\WINDOWS\system32\drivers\videoprt.sys - ok
15:50:45.0046 2120  [ 774A0D43912F75DA99D32F2D9E6A674C ] C:\WINDOWS\system32\drivers\nv4_mini.sys
15:50:45.0046 2120  C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
15:50:45.0046 2120  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
15:50:45.0046 2120  C:\WINDOWS\system32\drivers\serial.sys - ok
15:50:45.0062 2120  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
15:50:45.0062 2120  C:\WINDOWS\system32\drivers\audstub.sys - ok
15:50:45.0062 2120  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
15:50:45.0062 2120  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
15:50:45.0078 2120  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
15:50:45.0078 2120  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
15:50:45.0078 2120  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
15:50:45.0078 2120  C:\WINDOWS\system32\drivers\parport.sys - ok
15:50:45.0078 2120  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
15:50:45.0078 2120  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
15:50:45.0093 2120  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
15:50:45.0093 2120  C:\WINDOWS\system32\drivers\serenum.sys - ok
15:50:45.0093 2120  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
15:50:45.0093 2120  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
15:50:45.0109 2120  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
15:50:45.0109 2120  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
15:50:45.0109 2120  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
15:50:45.0109 2120  C:\WINDOWS\system32\drivers\psched.sys - ok
15:50:45.0109 2120  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
15:50:45.0109 2120  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
15:50:45.0125 2120  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
15:50:45.0125 2120  C:\WINDOWS\system32\drivers\raspptp.sys - ok
15:50:45.0125 2120  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
15:50:45.0125 2120  C:\WINDOWS\system32\drivers\tdi.sys - ok
15:50:45.0140 2120  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
15:50:45.0140 2120  C:\WINDOWS\system32\drivers\msgpc.sys - ok
15:50:45.0140 2120  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
15:50:45.0140 2120  C:\WINDOWS\system32\drivers\ptilink.sys - ok
15:50:45.0156 2120  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
15:50:45.0156 2120  C:\WINDOWS\system32\drivers\raspti.sys - ok
15:50:45.0156 2120  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
15:50:45.0156 2120  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
15:50:45.0171 2120  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
15:50:45.0171 2120  C:\WINDOWS\system32\drivers\mouclass.sys - ok
15:50:45.0171 2120  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
15:50:45.0171 2120  C:\WINDOWS\system32\drivers\swenum.sys - ok
15:50:45.0171 2120  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
15:50:45.0171 2120  C:\WINDOWS\system32\drivers\termdd.sys - ok
15:50:45.0187 2120  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
15:50:45.0187 2120  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
15:50:45.0187 2120  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
15:50:45.0187 2120  C:\WINDOWS\system32\drivers\update.sys - ok
15:50:45.0203 2120  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
15:50:45.0203 2120  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
15:50:45.0203 2120  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
15:50:45.0203 2120  C:\WINDOWS\system32\drivers\usbd.sys - ok
15:50:45.0218 2120  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
15:50:45.0218 2120  C:\WINDOWS\system32\drivers\usbhub.sys - ok
15:50:45.0218 2120  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
15:50:45.0218 2120  C:\WINDOWS\system32\drivers\fdc.sys - ok
15:50:45.0234 2120  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
15:50:45.0234 2120  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
15:50:45.0234 2120  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
15:50:45.0234 2120  C:\WINDOWS\system32\drivers\beep.sys - ok
15:50:45.0234 2120  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
15:50:45.0234 2120  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
15:50:45.0250 2120  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
15:50:45.0250 2120  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
15:50:45.0250 2120  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
15:50:45.0250 2120  C:\WINDOWS\system32\drivers\null.sys - ok
15:50:45.0265 2120  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
15:50:45.0265 2120  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
15:50:45.0265 2120  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
15:50:45.0265 2120  C:\WINDOWS\system32\drivers\vga.sys - ok
15:50:45.0281 2120  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
15:50:45.0281 2120  C:\WINDOWS\system32\drivers\ipsec.sys - ok
15:50:45.0281 2120  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
15:50:45.0281 2120  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
15:50:45.0281 2120  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
15:50:45.0281 2120  C:\WINDOWS\system32\drivers\msfs.sys - ok
15:50:45.0296 2120  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
15:50:45.0296 2120  C:\WINDOWS\system32\drivers\npfs.sys - ok
15:50:45.0296 2120  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
15:50:45.0296 2120  C:\WINDOWS\system32\drivers\rasacd.sys - ok
15:50:45.0312 2120  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
15:50:45.0312 2120  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
15:50:45.0312 2120  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
15:50:45.0312 2120  C:\WINDOWS\system32\drivers\netbt.sys - ok
15:50:45.0328 2120  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
15:50:45.0328 2120  C:\WINDOWS\system32\drivers\tcpip.sys - ok
15:50:45.0328 2120  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
15:50:45.0328 2120  C:\WINDOWS\system32\drivers\afd.sys - ok
15:50:45.0328 2120  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
15:50:45.0328 2120  C:\WINDOWS\system32\drivers\ipnat.sys - ok
15:50:45.0343 2120  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
15:50:45.0343 2120  C:\WINDOWS\system32\drivers\netbios.sys - ok
15:50:45.0343 2120  [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
15:50:45.0343 2120  C:\WINDOWS\system32\drivers\processr.sys - ok
15:50:45.0359 2120  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:50:45.0359 2120  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
15:50:45.0359 2120  [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
15:50:45.0359 2120  C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
15:50:45.0375 2120  [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
15:50:45.0375 2120  C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
15:50:45.0375 2120  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
15:50:45.0375 2120  C:\WINDOWS\system32\drivers\rdbss.sys - ok
15:50:45.0375 2120  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
15:50:45.0375 2120  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
15:50:45.0390 2120  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
15:50:45.0390 2120  C:\WINDOWS\system32\drivers\fips.sys - ok
15:50:45.0390 2120  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
15:50:45.0390 2120  C:\WINDOWS\system32\smss.exe - ok
15:50:45.0406 2120  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
15:50:45.0406 2120  C:\WINDOWS\system32\ntdll.dll - ok
15:50:45.0406 2120  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
15:50:45.0406 2120  C:\WINDOWS\system32\autochk.exe - ok
15:50:45.0421 2120  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
15:50:45.0421 2120  C:\WINDOWS\system32\drivers\wanarp.sys - ok
15:50:45.0421 2120  [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys
15:50:45.0421 2120  C:\WINDOWS\system32\drivers\arp1394.sys - ok
15:50:45.0437 2120  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
15:50:45.0437 2120  C:\WINDOWS\system32\drivers\hidclass.sys - ok
15:50:45.0437 2120  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
15:50:45.0437 2120  C:\WINDOWS\system32\drivers\hidparse.sys - ok
15:50:45.0437 2120  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
15:50:45.0437 2120  C:\WINDOWS\system32\drivers\hidusb.sys - ok
15:50:45.0453 2120  [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
15:50:45.0453 2120  C:\WINDOWS\system32\drivers\usbstor.sys - ok
15:50:45.0453 2120  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
15:50:45.0453 2120  C:\WINDOWS\system32\drivers\mouhid.sys - ok
15:50:45.0468 2120  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
15:50:45.0468 2120  C:\WINDOWS\system32\sfcfiles.dll - ok
15:50:45.0468 2120  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
15:50:45.0468 2120  C:\WINDOWS\system32\drivers\cdfs.sys - ok
15:50:45.0484 2120  [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
15:50:45.0484 2120  C:\WINDOWS\system32\drivers\wmilib.sys - ok
15:50:45.0484 2120  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
15:50:45.0484 2120  C:\WINDOWS\system32\drivers\atapi.sys - ok
15:50:45.0500 2120  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
15:50:45.0500 2120  C:\WINDOWS\system32\drivers\dxapi.sys - ok
15:50:45.0500 2120  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
15:50:45.0500 2120  C:\WINDOWS\system32\basesrv.dll - ok
15:50:45.0515 2120  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
15:50:45.0515 2120  C:\WINDOWS\system32\csrsrv.dll - ok
15:50:45.0515 2120  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
15:50:45.0515 2120  C:\WINDOWS\system32\csrss.exe - ok
15:50:45.0515 2120  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
15:50:45.0515 2120  C:\WINDOWS\system32\watchdog.sys - ok
15:50:45.0531 2120  [ BD39EC6064A1B5DFDABCF312A38A37EE ] C:\WINDOWS\system32\win32k.sys
15:50:45.0531 2120  C:\WINDOWS\system32\win32k.sys - ok
15:50:45.0531 2120  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
15:50:45.0531 2120  C:\WINDOWS\system32\gdi32.dll - ok
15:50:45.0546 2120  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
15:50:45.0546 2120  C:\WINDOWS\system32\winsrv.dll - ok
15:50:45.0546 2120  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
15:50:45.0546 2120  C:\WINDOWS\system32\kernel32.dll - ok
15:50:45.0562 2120  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
15:50:45.0562 2120  C:\WINDOWS\system32\user32.dll - ok
15:50:45.0562 2120  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
15:50:45.0562 2120  C:\WINDOWS\system32\drivers\dxg.sys - ok
15:50:45.0562 2120  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
15:50:45.0562 2120  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
15:50:45.0578 2120  [ C8FECC22F8C97931028EE4668D52D162 ] C:\WINDOWS\system32\nv4_disp.dll
15:50:45.0578 2120  C:\WINDOWS\system32\nv4_disp.dll - ok
15:50:45.0578 2120  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
15:50:45.0578 2120  C:\WINDOWS\system32\vga.dll - ok
15:50:45.0593 2120  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
15:50:45.0593 2120  C:\WINDOWS\system32\winlogon.exe - ok
15:50:45.0593 2120  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
15:50:45.0593 2120  C:\WINDOWS\system32\advapi32.dll - ok
15:50:45.0593 2120  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
15:50:45.0593 2120  C:\WINDOWS\system32\rpcrt4.dll - ok
15:50:45.0609 2120  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
15:50:45.0609 2120  C:\WINDOWS\system32\authz.dll - ok
15:50:45.0609 2120  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
15:50:45.0609 2120  C:\WINDOWS\system32\secur32.dll - ok
15:50:45.0625 2120  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
15:50:45.0625 2120  C:\WINDOWS\system32\crypt32.dll - ok
15:50:45.0625 2120  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
15:50:45.0625 2120  C:\WINDOWS\system32\msvcrt.dll - ok
15:50:45.0640 2120  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
15:50:45.0640 2120  C:\WINDOWS\system32\msasn1.dll - ok
15:50:45.0640 2120  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
15:50:45.0640 2120  C:\WINDOWS\system32\nddeapi.dll - ok
15:50:45.0656 2120  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
15:50:45.0656 2120  C:\WINDOWS\system32\netapi32.dll - ok
15:50:45.0656 2120  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
15:50:45.0656 2120  C:\WINDOWS\system32\profmap.dll - ok
15:50:45.0671 2120  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
15:50:45.0671 2120  C:\WINDOWS\system32\userenv.dll - ok
15:50:45.0671 2120  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
15:50:45.0671 2120  C:\WINDOWS\system32\psapi.dll - ok
15:50:45.0671 2120  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
15:50:45.0671 2120  C:\WINDOWS\system32\regapi.dll - ok
15:50:45.0687 2120  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
15:50:45.0687 2120  C:\WINDOWS\system32\setupapi.dll - ok
15:50:45.0687 2120  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
15:50:45.0687 2120  C:\WINDOWS\system32\imagehlp.dll - ok
15:50:45.0703 2120  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
15:50:45.0703 2120  C:\WINDOWS\system32\version.dll - ok
15:50:45.0703 2120  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
15:50:45.0703 2120  C:\WINDOWS\system32\winsta.dll - ok
15:50:45.0718 2120  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
15:50:45.0718 2120  C:\WINDOWS\system32\wintrust.dll - ok
15:50:45.0718 2120  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
15:50:45.0718 2120  C:\WINDOWS\system32\ws2_32.dll - ok
15:50:45.0734 2120  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
15:50:45.0734 2120  C:\WINDOWS\system32\kbdus.dll - ok
15:50:45.0734 2120  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
15:50:45.0734 2120  C:\WINDOWS\system32\ws2help.dll - ok
15:50:45.0734 2120  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
15:50:45.0734 2120  C:\WINDOWS\system32\msgina.dll - ok
15:50:45.0750 2120  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
15:50:45.0750 2120  C:\WINDOWS\system32\comctl32.dll - ok
15:50:45.0750 2120  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
15:50:45.0750 2120  C:\WINDOWS\system32\comdlg32.dll - ok
15:50:45.0765 2120  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
15:50:45.0765 2120  C:\WINDOWS\system32\odbc32.dll - ok
15:50:45.0765 2120  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
15:50:45.0765 2120  C:\WINDOWS\system32\shell32.dll - ok
15:50:45.0781 2120  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
15:50:45.0781 2120  C:\WINDOWS\system32\shlwapi.dll - ok
15:50:45.0781 2120  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
15:50:45.0781 2120  C:\WINDOWS\system32\sxs.dll - ok
15:50:45.0781 2120  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
15:50:45.0781 2120  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
15:50:45.0796 2120  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
15:50:45.0796 2120  C:\WINDOWS\system32\odbcint.dll - ok
15:50:45.0796 2120  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
15:50:45.0796 2120  C:\WINDOWS\system32\ole32.dll - ok
15:50:45.0812 2120  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
15:50:45.0812 2120  C:\WINDOWS\system32\sfc.dll - ok
15:50:45.0812 2120  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
15:50:45.0812 2120  C:\WINDOWS\system32\sfc_os.dll - ok
15:50:45.0828 2120  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
15:50:45.0828 2120  C:\WINDOWS\system32\shsvcs.dll - ok
15:50:45.0828 2120  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
15:50:45.0828 2120  C:\WINDOWS\system32\apphelp.dll - ok
15:50:45.0843 2120  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
15:50:45.0843 2120  C:\WINDOWS\system32\lsasrv.dll - ok
15:50:45.0843 2120  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
15:50:45.0843 2120  C:\WINDOWS\system32\lsass.exe - ok
15:50:45.0843 2120  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
15:50:45.0843 2120  C:\WINDOWS\system32\msvcp60.dll - ok
15:50:45.0859 2120  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
15:50:45.0859 2120  C:\WINDOWS\system32\ncobjapi.dll - ok
15:50:45.0859 2120  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
15:50:45.0859 2120  C:\WINDOWS\system32\services.exe - ok
15:50:45.0875 2120  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
15:50:45.0875 2120  C:\WINDOWS\system32\scesrv.dll - ok
15:50:45.0875 2120  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
15:50:45.0875 2120  C:\WINDOWS\system32\mpr.dll - ok
15:50:45.0890 2120  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
15:50:45.0890 2120  C:\WINDOWS\system32\ntdsapi.dll - ok
15:50:45.0890 2120  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
15:50:45.0890 2120  C:\WINDOWS\system32\umpnpmgr.dll - ok
15:50:45.0906 2120  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
15:50:45.0906 2120  C:\WINDOWS\AppPatch\acadproc.dll - ok
15:50:45.0906 2120  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
15:50:45.0906 2120  C:\WINDOWS\system32\dnsapi.dll - ok
15:50:45.0906 2120  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
15:50:45.0906 2120  C:\WINDOWS\system32\shimeng.dll - ok
15:50:45.0921 2120  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
15:50:45.0921 2120  C:\WINDOWS\system32\wldap32.dll - ok
15:50:45.0921 2120  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
15:50:45.0921 2120  C:\WINDOWS\system32\samlib.dll - ok
15:50:45.0937 2120  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
15:50:45.0937 2120  C:\WINDOWS\system32\samsrv.dll - ok
15:50:45.0937 2120  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
15:50:45.0937 2120  C:\WINDOWS\AppPatch\acgenral.dll - ok
15:50:45.0953 2120  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
15:50:45.0953 2120  C:\WINDOWS\system32\cryptdll.dll - ok
15:50:45.0953 2120  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
15:50:45.0953 2120  C:\WINDOWS\system32\oleaut32.dll - ok
15:50:45.0953 2120  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
15:50:45.0953 2120  C:\WINDOWS\system32\winmm.dll - ok
15:50:45.0968 2120  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
15:50:45.0968 2120  C:\WINDOWS\system32\msacm32.dll - ok
15:50:45.0968 2120  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
15:50:45.0968 2120  C:\WINDOWS\system32\uxtheme.dll - ok
15:50:45.0984 2120  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
15:50:45.0984 2120  C:\WINDOWS\system32\msapsspc.dll - ok
15:50:45.0984 2120  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
15:50:45.0984 2120  C:\WINDOWS\system32\msvcrt40.dll - ok
15:50:46.0000 2120  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
15:50:46.0000 2120  C:\WINDOWS\system32\digest.dll - ok
15:50:46.0000 2120  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
15:50:46.0000 2120  C:\WINDOWS\system32\msnsspc.dll - ok
15:50:46.0015 2120  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
15:50:46.0015 2120  C:\WINDOWS\system32\schannel.dll - ok
15:50:46.0015 2120  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
15:50:46.0015 2120  C:\WINDOWS\system32\atmfd.dll - ok
15:50:46.0015 2120  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
15:50:46.0015 2120  C:\WINDOWS\system32\msprivs.dll - ok
15:50:46.0031 2120  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
15:50:46.0031 2120  C:\WINDOWS\system32\kerberos.dll - ok
15:50:46.0031 2120  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
15:50:46.0031 2120  C:\WINDOWS\system32\iphlpapi.dll - ok
15:50:46.0046 2120  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
15:50:46.0046 2120  C:\WINDOWS\system32\msv1_0.dll - ok
15:50:46.0046 2120  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
15:50:46.0046 2120  C:\WINDOWS\system32\netlogon.dll - ok
15:50:46.0062 2120  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
15:50:46.0062 2120  C:\WINDOWS\system32\w32time.dll - ok
15:50:46.0062 2120  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
15:50:46.0062 2120  C:\WINDOWS\system32\rsaenh.dll - ok
15:50:46.0078 2120  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
15:50:46.0078 2120  C:\WINDOWS\system32\wdigest.dll - ok
15:50:46.0078 2120  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
15:50:46.0078 2120  C:\WINDOWS\system32\winscard.dll - ok
15:50:46.0078 2120  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
15:50:46.0078 2120  C:\WINDOWS\system32\wtsapi32.dll - ok
15:50:46.0093 2120  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
15:50:46.0093 2120  C:\WINDOWS\system32\scecli.dll - ok
15:50:46.0093 2120  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
15:50:46.0093 2120  C:\WINDOWS\system32\svchost.exe - ok
15:50:46.0109 2120  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
15:50:46.0109 2120  C:\WINDOWS\system32\ntmarta.dll - ok
15:50:46.0109 2120  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
15:50:46.0109 2120  C:\WINDOWS\system32\rpcss.dll - ok
15:50:46.0109 2120  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
15:50:46.0109 2120  C:\WINDOWS\system32\xpsp2res.dll - ok
15:50:46.0125 2120  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
15:50:46.0125 2120  C:\WINDOWS\system32\eventlog.dll - ok
15:50:46.0125 2120  [ 832E4DD8964AB7ACC880B2837CB1ED20 ] C:\WINDOWS\system32\mswsock.dll
15:50:46.0125 2120  C:\WINDOWS\system32\mswsock.dll - ok
15:50:46.0140 2120  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
15:50:46.0140 2120  C:\WINDOWS\system32\hnetcfg.dll - ok
15:50:46.0140 2120  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
15:50:46.0140 2120  C:\WINDOWS\system32\wshtcpip.dll - ok
15:50:46.0156 2120  [ F556912E70B22D740C9C99E310E3C11F ] C:\Program Files\Microsoft Security Client\MpSvc.dll
15:50:46.0156 2120  C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
15:50:46.0156 2120  [ C1F19D2BACBEE9AB64D9AE69E9859AC0 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:50:46.0156 2120  C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
15:50:46.0171 2120  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
15:50:46.0171 2120  C:\WINDOWS\system32\rasadhlp.dll - ok
15:50:46.0171 2120  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
15:50:46.0171 2120  C:\WINDOWS\system32\winrnr.dll - ok
15:50:46.0171 2120  [ 3D9381A332E4373F8811C71BA5078B31 ] C:\Program Files\Microsoft Security Client\MpClient.dll
15:50:46.0171 2120  C:\Program Files\Microsoft Security Client\MpClient.dll - ok
15:50:46.0187 2120  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
15:50:46.0187 2120  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
15:50:46.0187 2120  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
15:50:46.0187 2120  C:\WINDOWS\system32\dhcpcsvc.dll - ok
15:50:46.0203 2120  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
15:50:46.0203 2120  C:\WINDOWS\system32\dnsrslvr.dll - ok
15:50:46.0203 2120  [ AA87D7709021503687326432DC59590D ] C:\Program Files\Microsoft Security Client\MpRTP.dll
15:50:46.0203 2120  C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
15:50:46.0218 2120  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
15:50:46.0218 2120  C:\WINDOWS\system32\lmhsvc.dll - ok
15:50:46.0218 2120  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
15:50:46.0218 2120  C:\WINDOWS\system32\wzcsvc.dll - ok
15:50:46.0234 2120  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
15:50:46.0234 2120  C:\WINDOWS\system32\fltlib.dll - ok
15:50:46.0234 2120  [ 5F4B4BD17FA4C8D03A4D1B5D9FF96641 ] C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7C2B3BDF-6EA3-4E25-AA91-89CAE506BD79}\mpengine.dll
15:50:46.0234 2120  C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7C2B3BDF-6EA3-4E25-AA91-89CAE506BD79}\mpengine.dll - ok
15:50:46.0234 2120  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
15:50:46.0234 2120  C:\WINDOWS\system32\atl.dll - ok
15:50:46.0250 2120  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
15:50:46.0250 2120  C:\WINDOWS\system32\dot3api.dll - ok
15:50:46.0250 2120  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
15:50:46.0250 2120  C:\WINDOWS\system32\eapolqec.dll - ok
15:50:46.0265 2120  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
15:50:46.0265 2120  C:\WINDOWS\system32\esent.dll - ok
15:50:46.0265 2120  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
15:50:46.0265 2120  C:\WINDOWS\system32\qutil.dll - ok
15:50:46.0281 2120  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
15:50:46.0281 2120  C:\WINDOWS\system32\rtutils.dll - ok
15:50:46.0281 2120  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
15:50:46.0281 2120  C:\WINDOWS\system32\wmi.dll - ok
15:50:46.0281 2120  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
15:50:46.0281 2120  C:\WINDOWS\system32\clbcatq.dll - ok
15:50:46.0296 2120  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
15:50:46.0296 2120  C:\WINDOWS\system32\comres.dll - ok
15:50:46.0296 2120  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
15:50:46.0296 2120  C:\WINDOWS\system32\cscdll.dll - ok
15:50:46.0312 2120  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
15:50:46.0312 2120  C:\WINDOWS\system32\logonui.exe - ok
15:50:46.0312 2120  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
15:50:46.0312 2120  C:\WINDOWS\system32\rastls.dll - ok
15:50:46.0328 2120  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
15:50:46.0328 2120  C:\WINDOWS\system32\dimsntfy.dll - ok
15:50:46.0328 2120  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
15:50:46.0328 2120  C:\WINDOWS\system32\cryptui.dll - ok
15:50:46.0328 2120  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
15:50:46.0328 2120  C:\WINDOWS\system32\wlnotify.dll - ok
15:50:46.0343 2120  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
15:50:46.0343 2120  C:\WINDOWS\system32\winspool.drv - ok
15:50:46.0343 2120  [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
15:50:46.0343 2120  C:\WINDOWS\system32\WgaLogon.dll - ok
15:50:46.0359 2120  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
15:50:46.0359 2120  C:\WINDOWS\system32\duser.dll - ok
15:50:46.0359 2120  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
15:50:46.0359 2120  C:\WINDOWS\system32\msxml3.dll - ok
15:50:46.0375 2120  [ D175F91A4C98B8848818C9B5089F88A2 ] C:\WINDOWS\system32\wininet.dll
15:50:46.0375 2120  C:\WINDOWS\system32\wininet.dll - ok
15:50:46.0375 2120  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
15:50:46.0375 2120  C:\WINDOWS\system32\msimg32.dll - ok
15:50:46.0375 2120  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
15:50:46.0375 2120  C:\WINDOWS\system32\oleacc.dll - ok
15:50:46.0390 2120  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
15:50:46.0390 2120  C:\WINDOWS\system32\normaliz.dll - ok
15:50:46.0390 2120  [ 84A5C7B9B1B82F94A8245781FD44D8BA ] C:\WINDOWS\system32\urlmon.dll
15:50:46.0390 2120  C:\WINDOWS\system32\urlmon.dll - ok
15:50:46.0406 2120  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
15:50:46.0406 2120  C:\WINDOWS\system32\shgina.dll - ok
15:50:46.0406 2120  [ D1B3D1E05BEDC8F9B0BBBC03D6033F82 ] C:\WINDOWS\system32\iertutil.dll
15:50:46.0406 2120  C:\WINDOWS\system32\iertutil.dll - ok
15:50:46.0421 2120  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
15:50:46.0421 2120  C:\WINDOWS\system32\mprapi.dll - ok
15:50:46.0421 2120  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
15:50:46.0421 2120  C:\WINDOWS\system32\activeds.dll - ok
15:50:46.0421 2120  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
15:50:46.0421 2120  C:\WINDOWS\system32\adsldpc.dll - ok
15:50:46.0437 2120  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
15:50:46.0437 2120  C:\WINDOWS\system32\rasapi32.dll - ok
15:50:46.0437 2120  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
15:50:46.0437 2120  C:\WINDOWS\system32\rasman.dll - ok
15:50:46.0453 2120  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
15:50:46.0453 2120  C:\WINDOWS\system32\tapi32.dll - ok
15:50:46.0453 2120  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
15:50:46.0453 2120  C:\WINDOWS\system32\riched20.dll - ok
15:50:46.0468 2120  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
15:50:46.0468 2120  C:\WINDOWS\system32\raschap.dll - ok
15:50:46.0468 2120  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
15:50:46.0468 2120  C:\WINDOWS\system32\schedsvc.dll - ok
15:50:46.0484 2120  [ CB6B671ED6D97F2E9F2274EADB7517B2 ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
15:50:46.0484 2120  C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
15:50:46.0484 2120  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
15:50:46.0484 2120  C:\WINDOWS\system32\msidle.dll - ok
15:50:46.0484 2120  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
15:50:46.0484 2120  C:\WINDOWS\system32\spoolsv.exe - ok
15:50:46.0500 2120  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
15:50:46.0500 2120  C:\WINDOWS\system32\audiosrv.dll - ok
15:50:46.0500 2120  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
15:50:46.0500 2120  C:\WINDOWS\system32\cabinet.dll - ok
15:50:46.0515 2120  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
15:50:46.0515 2120  C:\WINDOWS\system32\wkssvc.dll - ok
15:50:46.0515 2120  [ 42DD9011D54C3A91F14BDBBF50791DA9 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
15:50:46.0515 2120  C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
15:50:46.0531 2120  [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
15:50:46.0531 2120  C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
15:50:46.0531 2120  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
15:50:46.0531 2120  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
15:50:46.0546 2120  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
15:50:46.0546 2120  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
15:50:46.0546 2120  [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:50:46.0546 2120  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
15:50:46.0546 2120  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
15:50:46.0546 2120  C:\WINDOWS\system32\drivers\parvdm.sys - ok
15:50:46.0562 2120  [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
15:50:46.0562 2120  C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
15:50:46.0562 2120  [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
15:50:46.0562 2120  C:\WINDOWS\system32\mscoree.dll - ok
15:50:46.0578 2120  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
15:50:46.0578 2120  C:\WINDOWS\system32\certcli.dll - ok
15:50:46.0578 2120  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
15:50:46.0578 2120  C:\WINDOWS\system32\cryptsvc.dll - ok
15:50:46.0578 2120  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
15:50:46.0578 2120  C:\WINDOWS\system32\dmserver.dll - ok
15:50:46.0593 2120  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
15:50:46.0593 2120  C:\WINDOWS\system32\ersvc.dll - ok
15:50:46.0593 2120  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
15:50:46.0593 2120  C:\WINDOWS\system32\es.dll - ok
15:50:46.0609 2120  [ 6B665BDA473E2888A036D0BA5663B5A5 ] C:\WINDOWS\system32\nvsvc32.exe
15:50:46.0609 2120  C:\WINDOWS\system32\nvsvc32.exe - ok
15:50:46.0609 2120  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
15:50:46.0609 2120  C:\WINDOWS\system32\powrprof.dll - ok
15:50:46.0625 2120  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
15:50:46.0625 2120  C:\WINDOWS\system32\srvsvc.dll - ok
15:50:46.0625 2120  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
15:50:46.0625 2120  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
15:50:46.0640 2120  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
15:50:46.0640 2120  C:\WINDOWS\system32\ipsecsvc.dll - ok
15:50:46.0640 2120  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
15:50:46.0640 2120  C:\WINDOWS\system32\netman.dll - ok
15:50:46.0640 2120  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
15:50:46.0640 2120  C:\WINDOWS\system32\netmsg.dll - ok
15:50:46.0656 2120  [ 676794AF49553C722848F3078F632AAC ] C:\WINDOWS\system32\nvcpl.dll
15:50:46.0656 2120  C:\WINDOWS\system32\nvcpl.dll - ok
15:50:46.0656 2120  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
15:50:46.0656 2120  C:\WINDOWS\system32\netshell.dll - ok
15:50:46.0671 2120  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
15:50:46.0671 2120  C:\WINDOWS\system32\oakley.dll - ok
15:50:46.0671 2120  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
15:50:46.0671 2120  C:\WINDOWS\system32\winipsec.dll - ok
15:50:46.0687 2120  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
15:50:46.0687 2120  C:\WINDOWS\system32\psbase.dll - ok
15:50:46.0687 2120  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
15:50:46.0687 2120  C:\WINDOWS\system32\pstorsvc.dll - ok
15:50:46.0703 2120  [ 0C7B65C8743442A37152FCFAC5F7D16A ] C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe
15:50:46.0703 2120  C:\Program Files\Common Files\Intuit\DataProtect\QBIDPService.exe - ok
15:50:46.0703 2120  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
15:50:46.0703 2120  C:\WINDOWS\system32\dssenh.dll - ok
15:50:46.0703 2120  [ F5DF6846F30E9F54EA60CCAEB3FB2055 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
15:50:46.0703 2120  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
15:50:46.0718 2120  [ 82A98D0EB83505529AD81E4C1FADC37D ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
15:50:46.0718 2120  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
15:50:46.0718 2120  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
15:50:46.0718 2120  C:\WINDOWS\system32\credui.dll - ok
15:50:46.0734 2120  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
15:50:46.0734 2120  C:\WINDOWS\system32\dot3dlg.dll - ok
15:50:46.0734 2120  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
15:50:46.0734 2120  C:\WINDOWS\system32\onex.dll - ok
15:50:46.0750 2120  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
15:50:46.0750 2120  C:\WINDOWS\system32\eappcfg.dll - ok
15:50:46.0750 2120  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
15:50:46.0750 2120  C:\WINDOWS\system32\eappprxy.dll - ok
15:50:46.0765 2120  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
15:50:46.0765 2120  C:\WINDOWS\system32\wzcsapi.dll - ok
15:50:46.0765 2120  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
15:50:46.0765 2120  C:\WINDOWS\system32\drivers\srv.sys - ok
15:50:46.0765 2120  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
15:50:46.0765 2120  C:\WINDOWS\system32\spoolss.dll - ok
15:50:46.0781 2120  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
15:50:46.0781 2120  C:\WINDOWS\system32\localspl.dll - ok
15:50:46.0781 2120  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
15:50:46.0781 2120  C:\WINDOWS\system32\cnbjmon.dll - ok
15:50:46.0796 2120  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
15:50:46.0796 2120  C:\WINDOWS\system32\pjlmon.dll - ok
15:50:46.0796 2120  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
15:50:46.0796 2120  C:\WINDOWS\system32\tcpmon.dll - ok
15:50:46.0812 2120  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
15:50:46.0812 2120  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
15:50:46.0812 2120  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
15:50:46.0812 2120  C:\WINDOWS\system32\usbmon.dll - ok
15:50:46.0812 2120  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
15:50:46.0812 2120  C:\WINDOWS\system32\netrap.dll - ok
15:50:46.0828 2120  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
15:50:46.0828 2120  C:\WINDOWS\system32\win32spl.dll - ok
15:50:46.0828 2120  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
15:50:46.0828 2120  C:\WINDOWS\system32\inetpp.dll - ok
15:50:46.0843 2120  [ FDA1BA7B2179F29D6DEB3DEC9C9037D0 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll
15:50:46.0843 2120  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\3f95a6d480ed1ebe45cf27b770ba94ed\mscorlib.ni.dll - ok
15:50:46.0843 2120  [ BFDEDA37DE512BDEE122F8339DBFE711 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll
15:50:46.0843 2120  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Culture.dll - ok
15:50:46.0843 2120  [ E5BC8D93CDCB957146D971647849A154 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
15:50:46.0843 2120  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
15:50:46.0859 2120  [ 07BBB3CBB86D2626B46BC1D210C4781B ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
15:50:46.0859 2120  C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
15:50:46.0859 2120  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll
15:50:46.0859 2120  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcr90.dll - ok
15:50:46.0875 2120  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
15:50:46.0875 2120  C:\WINDOWS\system32\imm32.dll - ok
15:50:46.0875 2120  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
15:50:46.0875 2120  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
15:50:46.0890 2120  [ D34A527493F39AF4491B3E909DC697CA ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll
15:50:46.0890 2120  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.6161_x-ww_31a54e43\msvcm90.dll - ok
15:50:46.0890 2120  [ 2EEE3203C651857C83020235B7F4E5FD ] C:\WINDOWS\system32\nvapi.dll
15:50:46.0890 2120  C:\WINDOWS\system32\nvapi.dll - ok
15:50:46.0906 2120  [ EA346C10397CBE20755FEE63B64E8000 ] C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll
15:50:46.0906 2120  C:\Program Files\NVIDIA Corporation\Display\nvdisps.dll - ok
15:50:46.0906 2120  [ D7999068E94589045BB8C5380AC79937 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll
15:50:46.0906 2120  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\15872842e3e63ddf0f720f406706198e\System.ni.dll - ok
15:50:46.0906 2120  [ EC6F7F18D3CE55E3BE7AA25D7724EC22 ] C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll
15:50:46.0906 2120  C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\766ccafdc4a09b964aa9286a15bca48a\System.ServiceProcess.ni.dll - ok
15:50:46.0921 2120  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
15:50:46.0921 2120  C:\WINDOWS\system32\seclogon.dll - ok
15:50:46.0921 2120  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
15:50:46.0921 2120  C:\WINDOWS\system32\termsrv.dll - ok
15:50:46.0937 2120  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
15:50:46.0937 2120  C:\WINDOWS\system32\sens.dll - ok
15:50:46.0937 2120  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
15:50:46.0937 2120  C:\WINDOWS\system32\icaapi.dll - ok
15:50:46.0953 2120  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
15:50:46.0953 2120  C:\WINDOWS\system32\trkwks.dll - ok
15:50:46.0953 2120  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
15:50:46.0953 2120  C:\WINDOWS\system32\mstlsapi.dll - ok
15:50:46.0968 2120  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
15:50:46.0968 2120  C:\WINDOWS\system32\srsvc.dll - ok
15:50:46.0968 2120  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
15:50:46.0968 2120  C:\WINDOWS\system32\vssapi.dll - ok
15:50:46.0968 2120  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
15:50:46.0968 2120  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
15:50:46.0984 2120  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
15:50:46.0984 2120  C:\WINDOWS\system32\wuaueng.dll - ok
15:50:46.0984 2120  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
15:50:46.0984 2120  C:\WINDOWS\system32\wuauserv.dll - ok
15:50:47.0000 2120  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
15:50:47.0000 2120  C:\WINDOWS\system32\winhttp.dll - ok
15:50:47.0000 2120  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
15:50:47.0000 2120  C:\WINDOWS\system32\mspatcha.dll - ok
15:50:47.0015 2120  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
15:50:47.0015 2120  C:\WINDOWS\system32\browser.dll - ok
15:50:47.0015 2120  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
15:50:47.0015 2120  C:\WINDOWS\system32\ipnathlp.dll - ok
15:50:47.0031 2120  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
15:50:47.0031 2120  C:\WINDOWS\system32\wscsvc.dll - ok
15:50:47.0031 2120  [ ABF1962C902E85AD36761956BDE72325 ] C:\WINDOWS\system32\msi.dll
15:50:47.0031 2120  C:\WINDOWS\system32\msi.dll - ok
15:50:47.0031 2120  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
15:50:47.0031 2120  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
15:50:47.0046 2120  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
15:50:47.0046 2120  C:\WINDOWS\system32\wbem\esscli.dll - ok
15:50:47.0046 2120  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
15:50:47.0046 2120  C:\WINDOWS\system32\wbem\fastprox.dll - ok
15:50:47.0062 2120  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
15:50:47.0062 2120  C:\WINDOWS\system32\comsvcs.dll - ok
15:50:47.0062 2120  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
15:50:47.0062 2120  C:\WINDOWS\system32\clusapi.dll - ok
15:50:47.0078 2120  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
15:50:47.0078 2120  C:\WINDOWS\system32\colbact.dll - ok
15:50:47.0078 2120  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
15:50:47.0078 2120  C:\WINDOWS\system32\mtxclu.dll - ok
15:50:47.0078 2120  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
15:50:47.0078 2120  C:\WINDOWS\system32\resutils.dll - ok
15:50:47.0093 2120  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
15:50:47.0093 2120  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
15:50:47.0093 2120  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
15:50:47.0093 2120  C:\WINDOWS\system32\wsock32.dll - ok
15:50:47.0109 2120  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
15:50:47.0109 2120  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
15:50:47.0109 2120  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
15:50:47.0109 2120  C:\WINDOWS\system32\wups.dll - ok
15:50:47.0109 2120  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
15:50:47.0109 2120  C:\WINDOWS\system32\wups2.dll - ok
15:50:47.0125 2120  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
15:50:47.0125 2120  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
15:50:47.0125 2120  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
15:50:47.0125 2120  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
15:50:47.0140 2120  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
15:50:47.0140 2120  C:\WINDOWS\system32\wbem\wbemess.dll - ok
15:50:47.0140 2120  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
15:50:47.0140 2120  C:\WINDOWS\system32\wuauclt.exe - ok
15:50:47.0156 2120  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
15:50:47.0156 2120  C:\WINDOWS\system32\wuapi.dll - ok
15:50:47.0156 2120  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
15:50:47.0156 2120  C:\WINDOWS\system32\wbem\ncprov.dll - ok
15:50:47.0171 2120  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
15:50:47.0171 2120  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
15:50:47.0171 2120  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
15:50:47.0171 2120  C:\WINDOWS\system32\alg.exe - ok
15:50:47.0171 2120  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
15:50:47.0171 2120  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
15:50:47.0187 2120  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
15:50:47.0187 2120  C:\WINDOWS\system32\licwmi.dll - ok
15:50:47.0187 2120  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
15:50:47.0187 2120  C:\WINDOWS\system32\wbem\framedyn.dll - ok
15:50:47.0203 2120  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
15:50:47.0203 2120  C:\WINDOWS\system32\netcfgx.dll - ok
15:50:47.0203 2120  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
15:50:47.0203 2120  C:\WINDOWS\system32\dpcdll.dll - ok
15:50:47.0218 2120  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
15:50:47.0218 2120  C:\WINDOWS\system32\licdll.dll - ok
15:50:47.0218 2120  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
15:50:47.0218 2120  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
15:50:47.0234 2120  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
15:50:47.0234 2120  C:\WINDOWS\system32\security.dll - ok
15:50:47.0234 2120  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
15:50:47.0234 2120  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
15:50:47.0234 2120  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
15:50:47.0234 2120  C:\WINDOWS\system32\cfgmgr32.dll - ok
15:50:47.0250 2120  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
15:50:47.0250 2120  C:\WINDOWS\system32\cscui.dll - ok
15:50:47.0250 2120  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
15:50:47.0250 2120  C:\WINDOWS\system32\wdmaud.drv - ok
15:50:47.0265 2120  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
15:50:47.0265 2120  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
15:50:47.0265 2120  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
15:50:47.0265 2120  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
15:50:47.0281 2120  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
15:50:47.0281 2120  C:\WINDOWS\system32\drivers\splitter.sys - ok
15:50:47.0281 2120  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
15:50:47.0281 2120  C:\WINDOWS\system32\drivers\aec.sys - ok
15:50:47.0281 2120  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
15:50:47.0281 2120  C:\WINDOWS\system32\drivers\DMusic.sys - ok
15:50:47.0296 2120  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
15:50:47.0296 2120  C:\WINDOWS\system32\drivers\swmidi.sys - ok
15:50:47.0296 2120  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
15:50:47.0296 2120  C:\WINDOWS\system32\drivers\kmixer.sys - ok
15:50:47.0312 2120  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
15:50:47.0312 2120  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
15:50:47.0312 2120  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
15:50:47.0312 2120  C:\WINDOWS\system32\msacm32.drv - ok
15:50:47.0328 2120  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
15:50:47.0328 2120  C:\WINDOWS\system32\midimap.dll - ok
15:50:47.0328 2120  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
15:50:47.0328 2120  C:\WINDOWS\system32\userinit.exe - ok
15:50:47.0328 2120  [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
15:50:47.0328 2120  C:\WINDOWS\system32\WgaTray.exe - ok
15:50:47.0343 2120  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
15:50:47.0343 2120  C:\WINDOWS\explorer.exe - ok
15:50:47.0343 2120  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
15:50:47.0343 2120  C:\WINDOWS\system32\cryptnet.dll - ok
15:50:47.0359 2120  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
15:50:47.0359 2120  C:\WINDOWS\system32\sensapi.dll - ok
15:50:47.0359 2120  [ 3307A07B81206F354F0D4BEFEE922437 ] C:\WINDOWS\system32\LegitCheckControl.DLL
15:50:47.0359 2120  C:\WINDOWS\system32\LegitCheckControl.DLL - ok
15:50:47.0375 2120  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
15:50:47.0375 2120  C:\WINDOWS\system32\msxml6.dll - ok
15:50:47.0375 2120  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
15:50:47.0375 2120  C:\WINDOWS\system32\browseui.dll - ok
15:50:47.0375 2120  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
15:50:47.0375 2120  C:\WINDOWS\system32\shdocvw.dll - ok
15:50:47.0390 2120  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
15:50:47.0390 2120  C:\WINDOWS\system32\desk.cpl - ok
15:50:47.0390 2120  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
15:50:47.0390 2120  C:\WINDOWS\system32\themeui.dll - ok
15:50:47.0406 2120  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
15:50:47.0406 2120  C:\WINDOWS\system32\actxprxy.dll - ok
15:50:47.0406 2120  [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
15:50:47.0406 2120  C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
15:50:47.0421 2120  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
15:50:47.0421 2120  C:\WINDOWS\system32\cmd.exe - ok
15:50:47.0421 2120  [ 53249B2147DDC8212B290ACF80570290 ] C:\WINDOWS\system32\ieframe.dll
15:50:47.0421 2120  C:\WINDOWS\system32\ieframe.dll - ok
15:50:47.0421 2120  [ 9435C1C2D2111573111367F92F208C1F ] C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE
15:50:47.0437 2120  C:\PROGRA~1\COMMON~1\MICROS~1\DW\DWTRIG20.EXE - ok
15:50:47.0437 2120  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
15:50:47.0437 2120  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
15:50:47.0437 2120  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Data.NC9\LOCALS~1\temp\EE2DBA99-A89C-4EFD-9C53-249EF5358900.exe
15:50:47.0437 2120  C:\DOCUME~1\Data.NC9\LOCALS~1\temp\EE2DBA99-A89C-4EFD-9C53-249EF5358900.exe - ok
15:50:47.0453 2120  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
15:50:47.0453 2120  C:\WINDOWS\system32\linkinfo.dll - ok
15:50:47.0453 2120  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
15:50:47.0453 2120  C:\WINDOWS\system32\ntshrui.dll - ok
15:50:47.0468 2120  [ 4D2F7561D8A840450AABFAD3740B0E6B ] C:\Program Files\Microsoft Security Client\msseces.exe
15:50:47.0468 2120  C:\Program Files\Microsoft Security Client\msseces.exe - ok
15:50:47.0468 2120  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
15:50:47.0468 2120  C:\WINDOWS\system32\rundll32.exe - ok
15:50:47.0484 2120  [ BF9ADDB37C6F5F3159AA78DF586DDA8D ] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe
15:50:47.0484 2120  C:\Program Files\NVIDIA Corporation\nView\nwiz.exe - ok
15:50:47.0484 2120  [ 3CB07566302BCEEB898DE270A0BEC175 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:50:47.0484 2120  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
15:50:47.0484 2120  [ 79D59391600984117795F2AA47880C68 ] C:\Program Files\NVIDIA Corporation\nView\nView.dll
15:50:47.0484 2120  C:\Program Files\NVIDIA Corporation\nView\nView.dll - ok
15:50:47.0500 2120  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
15:50:47.0500 2120  C:\WINDOWS\system32\webcheck.dll - ok
15:50:47.0500 2120  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
15:50:47.0500 2120  C:\WINDOWS\system32\mlang.dll - ok
15:50:47.0515 2120  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\01266484.sys
15:50:47.0515 2120  C:\WINDOWS\system32\drivers\01266484.sys - ok
15:50:47.0515 2120  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
15:50:47.0515 2120  C:\WINDOWS\system32\imapi.exe - ok
15:50:47.0531 2120  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
15:50:47.0531 2120  C:\WINDOWS\system32\stobject.dll - ok
15:50:47.0531 2120  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
15:50:47.0531 2120  C:\WINDOWS\system32\batmeter.dll - ok
15:50:47.0546 2120  [ 317C54DCAB9EE29CD4B9F55D197A90D1 ] C:\WINDOWS\system32\msisip.dll
15:50:47.0546 2120  C:\WINDOWS\system32\msisip.dll - ok
15:50:47.0546 2120  [ FAE6DD260E68F5B6AEB47DDB058394B3 ] C:\WINDOWS\system32\nvwddi.dll
15:50:47.0546 2120  C:\WINDOWS\system32\nvwddi.dll - ok
15:50:47.0546 2120  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
15:50:47.0546 2120  C:\WINDOWS\system32\wshext.dll - ok
15:50:47.0562 2120  [ F3AD8EA144F411A6292775FA2B230DE5 ] C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll
15:50:47.0562 2120  C:\WINDOWS\system32\windowspowershell\v1.0\pwrshsip.dll - ok
15:50:47.0562 2120  [ F5BA8D80C86FCB8FB1CD4ABDFEC94AD1 ] C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe
15:50:47.0562 2120  C:\Program Files\Common Files\Intuit\DataProtect\IntuitDataProtect.exe - ok
15:50:47.0578 2120  [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
15:50:47.0578 2120  C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
15:50:47.0578 2120  [ 118D81523EA80B9E252CB840E94754C6 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
15:50:47.0578 2120  C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
15:50:47.0578 2120  [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
15:50:47.0578 2120  C:\WINDOWS\system32\msftedit.dll - ok
15:50:47.0593 2120  [ BC83108B18756547013ED443B8CDB31B ] C:\WINDOWS\system32\msvcp100.dll
15:50:47.0593 2120  C:\WINDOWS\system32\msvcp100.dll - ok
15:50:47.0593 2120  [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
15:50:47.0593 2120  C:\WINDOWS\system32\msvcr100.dll - ok
15:50:47.0609 2120  [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\sqmapi.dll
15:50:47.0609 2120  C:\Program Files\Microsoft Security Client\sqmapi.dll - ok
15:50:47.0609 2120  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
15:50:47.0609 2120  C:\WINDOWS\system32\rasdlg.dll - ok
15:50:47.0625 2120  [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7C2B3BDF-6EA3-4E25-AA91-89CAE506BD79}\MpKsl4ac052e6.sys
15:50:47.0625 2120  C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7C2B3BDF-6EA3-4E25-AA91-89CAE506BD79}\MpKsl4ac052e6.sys - ok
15:50:47.0625 2120  ============================================================
15:50:47.0625 2120  Scan finished
15:50:47.0625 2120  ============================================================
15:50:47.0640 2112  Detected object count: 0
15:50:47.0640 2112  Actual detected object count: 0
15:51:56.0484 1760  Deinitialize success
 



#5 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 15 February 2013 - 07:47 PM

And here is the log for aswMBR:

 

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-15 16:16:14
-----------------------------
16:16:14.390    OS Version: Windows 5.1.2600 Service Pack 3
16:16:14.390    Number of processors: 2 586 0x4B02
16:16:14.390    ComputerName: NC9  UserName:
16:16:15.156    Initialize success
16:17:58.765    AVAST engine defs: 13021501
16:18:24.593    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-e
16:18:24.593    Disk 0 Vendor: ST31000528AS CC38 Size: 953869MB BusType: 3
16:18:24.593    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP3T0L0-19
16:18:24.593    Disk 1 Vendor: WDC_WD5000AAKS-00A7B0 01.03B01 Size: 476940MB BusType: 3
16:18:24.609    Disk 1 MBR read successfully
16:18:24.609    Disk 1 MBR scan
16:18:24.656    Disk 1 Windows XP default MBR code
16:18:24.656    Disk 1 Partition 1 80 (A) 07    HPFS/NTFS NTFS       476937 MB offset 63
16:18:24.671    Disk 1 scanning sectors +976768065
16:18:24.734    Disk 1 scanning C:\WINDOWS\system32\drivers
16:18:32.765    Service scanning
16:18:37.828    Service MpKsl4ac052e6 C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{7C2B3BDF-6EA3-4E25-AA91-89CAE506BD79}\MpKsl4ac052e6.sys **LOCKED** 32
16:18:45.406    Modules scanning
16:18:49.015    Disk 1 trace - called modules:
16:18:49.015    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
16:18:49.031    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0x8acf7ab8]
16:18:49.031    3 CLASSPNP.SYS[b8108fd7] -> nt!IofCallDriver -> \Device\0000006c[0x8aceb9e8]
16:18:49.031    5 ACPI.sys[b7f51620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP3T0L0-19[0x8ad88d98]
16:18:50.046    AVAST engine scan C:\WINDOWS
16:18:55.875    AVAST engine scan C:\WINDOWS\system32
16:22:51.078    AVAST engine scan C:\WINDOWS\system32\drivers
16:23:17.625    AVAST engine scan C:\Documents and Settings\Data.NC9
16:43:08.031    AVAST engine scan C:\Documents and Settings\All Users.WINDOWS
16:45:05.484    Scan finished successfully
16:46:18.203    Disk 1 MBR has been saved successfully to "C:\Documents and Settings\Data.NC9\Desktop\MBR.dat"
16:46:18.203    The log file has been saved successfully to "C:\Documents and Settings\Data.NC9\Desktop\aswMBR.txt"
 



#6 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 16 February 2013 - 03:54 AM

And finally the report from ESET Online Scanner:

 

C:\Downloads\Foxit PDF Reader\FoxitReader543.0920_enu_Setup.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Downloads\RegCleaner_majorgeeks\Auslogic Reg Cleaner_frommajorgeeksalso\registry-cleaner-setup.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Downloads\SDFix\SDFix.exe    Win32/PrcView application    deleted - quarantined
C:\Downloads\SmitFraudFix v2.423\SmitfraudFix\Process.exe    Win32/PrcView application    cleaned by deleting - quarantined
C:\Downloads\Wordpress Business Themes\GenM30\genm30.zip    PHP/Obfuscated.F application    deleted - quarantined
C:\Downloads\Wordpress Business Themes\GenM30\genm30\footer.php    PHP/Obfuscated.F application    cleaned by deleting - quarantined
C:\System Volume Information\_restore{9E963188-9A00-4A9C-B440-52E440B6CEED}\RP13\A0004739.exe    multiple threats    cleaned by deleting - quarantined
D:\Work\Websites\full_June_2012\wwwroot\wp-content\themes\genm30\footer.php    PHP/Obfuscated.F application    cleaned by deleting - quarantined
 



#7 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 16 February 2013 - 07:59 AM

Malwarebytes

--------------------

Please download Malwarebytes Anti-Malware and save it to your desktop.  If you already have it installed launch the program and update the database.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.  You can also right click on the link and select Save Link As

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings except to uncheck any offer for a free Pro trial version
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Farbar's MiniToolBox

--------------------

  • Please download MiniToolBox, save it to your desktop
  • Please close any Firefox browsers you may have open
  • Double click the icon to launch the program
  • Make sure the following options are checked:

    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP configuration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Devices
    • List Users, Partitions and Memory size.
  • Click Go and once the scan is completed a Result.txt Notepad document will open on your desktop
  • Please copy and paste the contents in your reply


===================================================


Farbar's Service Scanner

--------------------

Please download Farbar Service Scanner, save it to your desktop, and run it.

  • Make sure the following options are checked:

    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


===================================================


AdwCleaner by Xplode - Search for Adware

-------------------

  • Please download AdwCleaner by Xplode onto your desktop.
  • Double click on AdwCleaner.exe, select OK, then Run
  • Click on DELETE
  • A logfile will automatically open after the scan has finished
  • Copy and paste the contents in your reply
  • You can find the logfile at C:\AdwCleaner[R1].txt as well


===================================================


Junkware Removal Tooll by thisisu

-------------------

  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply


===================================================


Rkill

-------------------

Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another...) and save it to your desktop:


  • In order for Rkill to run properly you must disable your anti-malware software.  Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
    • Note:  You may have to run Rkill a few times before it is successful.  You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear.  Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again.  If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.


===================================================


Autoruns

--------------------

  • Please download AutoRuns and save it to your desktop
  • Double click the AutoRuns.zip folder
  • Double click autoruns.exe (not autorunsc.exe), select Run, then Run again and allow the information to populate
  • Select File, Save, Desktop (in the left hand pane), then Save filename as Autoruns.txt and change Save as type to  Text(*.txt).
  • Double click on the text file,copy and paste the contents in your reply


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:

  • Malwarebytes log
  • MiniToolBox log
  • Farbar's Service Scanner log
  • AdwCleaner log
  • Junkware Removal Tool log
  • Rkill log
  • Autoruns log

 



#8 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 16 February 2013 - 12:53 PM

And here's the Mbam report:

 

Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2013.02.16.04

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Data :: NC9 [administrator]

2/16/2013 9:47:31 AM
mbam-log-2013-02-16 (09-47-31).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 350678
Time elapsed: 5 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)



#9 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 16 February 2013 - 01:05 PM

And here's the Minitoolbox report:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Data (administrator) on 16-02-2013 at 09:55:40
Running from "C:\Documents and Settings\Data.NC9\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15064 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller = Local Area Connection 4 (Disconnected)
1394 Net Adapter = 1394 Connection (Connected)
3Com EtherLink XL 10/100 PCI TX NIC (3C905B-TX) = Local Area Connection 3 (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection 3"

set address name="Local Area Connection 3" source=dhcp
set dns name="Local Area Connection 3" source=dhcp register=PRIMARY
set wins name="Local Area Connection 3" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : nc9

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No



Ethernet adapter Local Area Connection 3:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : 3Com EtherLink XL 10/100 PCI TX NIC (3C905B-TX)

        Physical Address. . . . . . . . . : 00-01-02-C6-D4-D8

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.19

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 24.205.192.61

                                            24.205.224.36

                                            68.116.46.115

        Lease Obtained. . . . . . . . . . : Saturday, February 16, 2013 9:42:49 AM

        Lease Expires . . . . . . . . . . : Saturday, February 16, 2013 10:42:49 AM

Server:  vip01renonv.reno.nv.charter.com
Address:  24.205.192.61

Name:    google.com
Addresses:  74.125.224.64, 74.125.224.65, 74.125.224.72, 74.125.224.66
      74.125.224.67, 74.125.224.71, 74.125.224.73, 74.125.224.68, 74.125.224.69
      74.125.224.70, 74.125.224.78



Pinging google.com [74.125.224.68] with 32 bytes of data:



Reply from 74.125.224.68: bytes=32 time=27ms TTL=56

Reply from 74.125.224.68: bytes=32 time=25ms TTL=56



Ping statistics for 74.125.224.68:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 25ms, Maximum = 27ms, Average = 26ms

Server:  vip01renonv.reno.nv.charter.com
Address:  24.205.192.61

Name:    yahoo.com
Addresses:  98.139.183.24, 206.190.36.45, 98.138.253.109



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=325ms TTL=45

Reply from 98.139.183.24: bytes=32 time=430ms TTL=46



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 325ms, Maximum = 430ms, Average = 377ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time=-6ms TTL=128

Reply from 127.0.0.1: bytes=32 time=-6ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = -6ms, Maximum = -6ms, Average = 2147483642ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 01 02 c6 d4 d8 ...... 3Com EtherLink XL 10/100 PCI TX NIC (3C905B-TX) - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1    192.168.0.19      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.0.0    255.255.255.0     192.168.0.19    192.168.0.19      20
     192.168.0.19  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.0.255  255.255.255.255     192.168.0.19    192.168.0.19      20
        224.0.0.0        240.0.0.0     192.168.0.19    192.168.0.19      20
  255.255.255.255  255.255.255.255     192.168.0.19    192.168.0.19      1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/15/2013 04:15:53 PM) (Source: MPSampleSubmission) (User: )
Description: EventType mptelemetry, P1 unspecified, P2 hardeningtelemetry, P3 hardeningtelemetrydisablertp, P4 4.2.223.0, P5 unspecified, P6 unspecified, P7 unspecified, P8 NIL, P9 mptelemetry0, P10 mptelemetry1.

Error: (02/14/2013 05:33:42 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2012":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (02/14/2013 05:33:42 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2012":
Connection Error:Invalid user ID or password

Error: (02/14/2013 05:33:23 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (02/14/2013 05:33:23 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (02/14/2013 05:33:23 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks":
Returning NULL QBWinInstance Handle

Error: (02/14/2013 03:39:30 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2012":
DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (02/14/2013 03:39:30 PM) (Source: QuickBooks) (User: )
Description: An unexpected error has occured in "QuickBooks Pro 2012":
Connection Error:Invalid user ID or password


System errors:
=============
Error: (02/16/2013 09:41:14 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/15/2013 03:47:37 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/15/2013 03:18:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/15/2013 02:06:37 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/15/2013 00:35:45 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/15/2013 11:58:56 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/15/2013 10:27:11 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/15/2013 09:57:44 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/15/2013 09:48:59 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd

Error: (02/14/2013 09:35:26 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
sptd


Microsoft Office Sessions:
=========================
Error: (02/15/2013 04:15:53 PM) (Source: MPSampleSubmission)(User: )
Description: mptelemetryunspecifiedhardeningtelemetryhardeningtelemetrydisablertp4.2.223.0unspecifiedunspecifiedunspecifiedNILNILNIL

Error: (02/14/2013 05:33:42 PM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2012DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (02/14/2013 05:33:42 PM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2012Connection Error:Invalid user ID or password

Error: (02/14/2013 05:33:23 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (02/14/2013 05:33:23 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (02/14/2013 05:33:23 PM) (Source: QuickBooks)(User: )
Description: QuickBooksReturning NULL QBWinInstance Handle

Error: (02/14/2013 03:39:30 PM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2012DBConnPool::HandleConnectionError errorCode:-6069, dbCode:-103 from file:'.\.\src\ConnPool.cpp' at line 1038 from function:'DBMgr::DBConnPool::init'

Error: (02/14/2013 03:39:30 PM) (Source: QuickBooks)(User: )
Description: QuickBooks Pro 2012Connection Error:Invalid user ID or password


=========================== Installed Programs ============================

µTorrent (Version: 3.1.3)
7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.5.502.149)
Adobe Reader XI (11.0.01) (Version: 11.0.01)
Age of Empires III - The Asian Dynasties (Version: 1.00.0000)
Age of Empires III - The WarChiefs (Version: 1.00.0000)
Age of Empires III (Version: 1.00.0000)
Boxer Text Editor
CCleaner (Version: 3.27)
CoffeeCup HTML Editor
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Creative System Information
ESET Online Scanner v3
Game Booster 3 (Version: 3.4)
GIMP 2.8.2 (Version: 2.8.2)
HijackThis 2.0.2 (Version: 2.0.2)
Ipswitch WS_FTP Professional 2007 (Version: 11.1.0000)
Malwarebytes Anti-Malware version 1.65.1.1000 (Version: 1.65.1.1000)
Mass Effect 2 (Version: 1.01)
Mass Effect™ 3 (Version: 1.04.0.0)
md5atl
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Multi-Targeting Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Help Viewer 1.1 (Version: 1.1.40219)
Microsoft Office 2000 Premium (Version: 9.00.2720)
Microsoft Security Client (Version: 4.2.0223.1)
Microsoft Security Essentials (Version: 4.2.223.1)
Microsoft SQL Server 2008 R2 Management Objects (Version: 10.50.1750.9)
Microsoft SQL Server Compact 3.5 SP1 Design Tools English (Version: 3.5.5692.0)
Microsoft SQL Server Compact 3.5 SP2 ENU (Version: 3.5.8080.0)
Microsoft SQL Server System CLR Types (Version: 10.50.1750.9)
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU
Microsoft Visual Basic 2008 Express Edition with SP1 - ENU (Version: 9.0.30729)
Microsoft Visual Basic 2010 Express - ENU (Version: 10.0.40219)
Microsoft Visual Basic 6.0 Professional Edition
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (Version: 10.0.40219)
Microsoft Visual Studio 2010 Service Pack 1 (Version: 10.0.40219)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40303)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (Version: 10.0.40308)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (Version: 3.5.30729)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (Version: 6.1.5295.17011)
Mozilla Firefox 18.0.2 (x86 en-US) (Version: 18.0.2)
Mozilla Maintenance Service (Version: 18.0.2)
Mp3tag v2.50 (Version: v2.50)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
MySQL Workbench 5.2 CE (Version: 5.2.37)
NVIDIA Control Panel 306.23 (Version: 306.23)
NVIDIA Graphics Driver 306.23 (Version: 306.23)
NVIDIA Install Application (Version: 2.1002.85.551)
NVIDIA nView 136.28 (Version: 136.28)
NVIDIA PhysX (Version: 9.12.0604)
NVIDIA PhysX System Software 9.12.0604 (Version: 9.12.0604)
NVIDIA Update 1.10.8 (Version: 1.10.8)
NVIDIA Update Components (Version: 1.10.8)
Origin (Version: 8.5.0.4550)
Panda Cloud Cleaner (Version: 1.0.39)
QuickBooks (Version: 22.0.4008.2206)
QuickBooks Pro 2012 (Version: 22.0.4008.2206)
Revo Uninstaller 1.94 (Version: 1.94)
Safari (Version: 5.34.52.7)
Skype™ 5.10 (Version: 5.10.116)
Sophos Virus Removal Tool (Version: 2.3)
Sound Blaster Audigy (Version: 1.0)
Spotify (Version: 0.8.5.1333.g822e0de8)
Spybot - Search & Destroy (Version: 1.6.2)
Steam (Version: 1.0.0.0)
SUPERAntiSpyware (Version: 5.6.1014)
Team Fortress 2
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows Internet Explorer 8 (KB2632503) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2492386) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2616676) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (Version: 4.0.8080.0)
VLC media player 1.1.11 (Version: 1.1.11)
WebFldrs XP (Version: 9.50.7523)
WexTech AnswerWorks (Version: 1.00.000)
Win32Pad 1.5.10
Windows Genuine Advantage Notifications (KB905474) (Version: 1.9.0040.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows PowerShell™ 1.0 (Version: 2)
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR archiver
WS_FTP Professional 2007.1 HF1 (Version: 1.00.0000)
Xceed components (Version: 1.1.1)
XML Paper Specification Shared Components Pack 1.0

========================= Devices: ================================

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Audio Device on High Definition Audio Bus
Description: Audio Device on High Definition Audio Bus
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Marvell
Service: yukonwxp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


========================= Memory info: ===================================

Percentage of memory in use: 16%
Total physical RAM: 3071.48 MB
Available physical RAM: 2556.26 MB
Total Pagefile: 4957.32 MB
Available Pagefile: 4666.18 MB
Total Virtual: 2047.88 MB
Available Virtual: 1972.82 MB

========================= Partitions: =====================================

1 Drive c: (New Volume) (Fixed) (Total:465.76 GB) (Free:251.33 GB) NTFS
2 Drive d: () (Fixed) (Total:931.51 GB) (Free:544.5 GB) NTFS

========================= Users: ========================================

User accounts for \\NC9

Administrator            ASPNET                   Data                     
Design                   Guest                    HelpAssistant            
SUPPORT_388945a0         UpdatusUser              


**** End of log ****
 



#10 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 16 February 2013 - 01:14 PM

And here's the report from Farbar Service Scanner:

 

Farbar Service Scanner Version: 15-02-2013
Ran by Data (administrator) on 16-02-2013 at 10:07:33
Running from "C:\Documents and Settings\Data.NC9\Desktop"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Attempt to access Google IP returned error. Google IP is offline
Google.com is accessible.
Yahoo IP is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Disabled Policy:
========================


Security Center:
============

Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll
[2011-09-12 14:54] - [2008-04-13 16:12] - 0006656 ____A (Microsoft Corporation) 35321FB577CDC98CE3EB3A3EB9E4610A

C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe
[2006-02-28 04:00] - [2009-02-06 03:11] - 0110592 ____A (Microsoft Corporation) 65DF52F5B8B6E9BBD183505225C37315


Extra List:
=======
Gpc(3) IPSec(5) NetBT(6) PSched(7) Tcpip(4)
0x0700000005000000010000000200000003000000040000000600000007000000
IpSec Tag value is correct.

**** End of log ****



#11 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 16 February 2013 - 01:21 PM

And here is the report from AdwCleaner:

 

# AdwCleaner v2.112 - Logfile created 02/16/2013 at 10:16:40
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Data - NC9
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Data.NC9\Desktop\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0.2 (en-US)

-\\ Opera v [Unable to get version]

*************************

AdwCleaner[R1].txt - [1359 octets] - [14/02/2013 11:19:53]
AdwCleaner[R2].txt - [891 octets] - [14/02/2013 11:28:37]
AdwCleaner[R3].txt - [950 octets] - [14/02/2013 14:44:31]
AdwCleaner[S1].txt - [1431 octets] - [14/02/2013 11:20:50]
AdwCleaner[S2].txt - [843 octets] - [16/02/2013 10:16:40]

########## EOF - C:\AdwCleaner[S2].txt - [902 octets] ##########
 



#12 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 16 February 2013 - 01:31 PM

And now the JRT log:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.3 (02.12.2013:1)
OS: Microsoft Windows XP x86
Ran by Data on Sat 02/16/2013 at 10:24:21.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\DisplayName
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0633ee93-d776-472f-a0ff-e1416b8b2e3a}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{6a1806cd-94d4-4689-ba73-e35ea1ea9990}



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Data.NC9\Application Data\mozilla\firefox\profiles\a32jia9s.default\user.js





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sat 02/16/2013 at 10:29:35.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#13 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 16 February 2013 - 01:36 PM

Here is the report from Rkill:

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 02/16/2013 10:34:02 AM in x86 mode.
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * HidServ [Missing ImagePath]

 * RpcSs => %SystemRoot%\system32\svchost.exe -k rpcss [Incorrect ImagePath]

Searching for Missing Digital Signatures:

 * C:\WINDOWS\System32\drivers\mqac.sys [NoSig]
 +-> C:\WINDOWS\$hf_mig$\KB971032\SP2QFE\mqac.sys : 91,776 : 06/22/2009 00:30 AM : 9229e191fe206628be17d1e67a5faed9 [Pos Repl]
 +-> C:\WINDOWS\$NtUninstallKB971032$\mqac.sys : 72,960 : 02/28/2006 00:00 AM : db07b0088cdfd20c2a22e675120ede34 [Pos Repl]
 +-> C:\WINDOWS\ServicePackFiles\i386\mqac.sys : 92,544 : 04/13/2008 00:39 AM : 70c14f5cca5cf73f8a645c73a01d8726 [Pos Repl]
 +-> C:\WINDOWS\system32\dllcache\mqac.sys : 91,776 : 06/22/2009 00:48 AM : eee50bf24caeedb515a8f3b22756d3bb [Pos Repl]

Checking HOSTS File:

 * Cannot edit the HOSTS file.
 * Permissions Fixed. Administrators can now edit the HOSTS file.

 * HOSTS file entries found:

  127.0.0.1 localhost
  127.0.0.1    www.007guard.com
  127.0.0.1    007guard.com
  127.0.0.1    008i.com
  127.0.0.1    www.008k.com
  127.0.0.1    008k.com
  127.0.0.1    www.00hq.com
  127.0.0.1    00hq.com
  127.0.0.1    010402.com
  127.0.0.1    www.032439.com
  127.0.0.1    032439.com
  127.0.0.1    www.0scan.com
  127.0.0.1    0scan.com
  127.0.0.1    1000gratisproben.com
  127.0.0.1    www.1000gratisproben.com
  127.0.0.1    1001namen.com
  127.0.0.1    www.1001namen.com
  127.0.0.1    100888290cs.com
  127.0.0.1    www.100888290cs.com
  127.0.0.1    www.100sexlinks.com

  20 out of 15084 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 02/16/2013 10:35:05 AM
Execution time: 0 hours(s), 1 minute(s), and 2 seconds(s)
 



#14 BNed

BNed
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:12:38 AM

Posted 16 February 2013 - 01:42 PM

And here's the Autoruns report:

 

"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"    ""    ""    ""
+ "Adobe ARM"    "Adobe Reader and Acrobat Manager"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\arm\1.0\adobearm.exe"
+ "NvCplDaemon"    "NVIDIA Display Properties Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvcpl.dll"
+ "nwiz"    "NVIDIA nView Wizard, Version 136.28 "    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nview\nwiz.exe"
"C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup"    ""    ""    ""
+ "Intuit Data Protect.lnk"    "Intuit Data Protect"    "Intuit Inc."    "c:\program files\common files\intuit\dataprotect\intuitdataprotect.exe"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks"    ""    ""    ""
+ "SABShellExecuteHook Class"    "ShellExecuteHook"    "SuperAdBlocker.com"    "c:\program files\superantispyware\sasseh.dll"
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
+ "WS_FTP"    "wsftpsi Module"    "Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421"    "c:\program files\ipswitch\ws_ftp professional\wsftpsi.dll"
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "GB3ContextMenu"    "Game Booster v3 Context Menu"    "IObit"    "c:\program files\iobit\game booster 3\gbv3contextmenu.dll"
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "SASContextMenu Class"    "SUPERAntiSpyware Context Menu Extension"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasctxmn.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Classes\Directory\Shellex\DragDropHandlers"    ""    ""    ""
+ "7-Zip"    "7-Zip Shell Extension"    "Igor Pavlov"    "c:\program files\7-zip\7-zip.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
+ "WS_FTP"    "wsftpsi Module"    "Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421"    "c:\program files\ipswitch\ws_ftp professional\wsftpsi.dll"
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "00nView"    "NVIDIA Desktop Explorer, Version 136.28 "    "NVIDIA Corporation"    "c:\program files\nvidia corporation\nview\nvshell.dll"
+ "NvCplDesktopContext"    "NVIDIA Display Properties Extension"    "NVIDIA Corporation"    "c:\windows\system32\nvcpl.dll"
"HKLM\Software\Classes\Folder\Shellex\ColumnHandlers"    ""    ""    ""
+ "PDF Shell Extension"    "PDF Shell Extension"    "Adobe Systems, Inc."    "c:\program files\common files\adobe\acrobat\activex\pdfshell.dll"
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers"    ""    ""    ""
+ "MBAMShlExt"    "Malwarebytes Anti-Malware"    "Malwarebytes Corporation"    "c:\program files\malwarebytes' anti-malware\mbamext.dll"
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
+ "WS_FTP"    "wsftpsi Module"    "Ipswitch, Inc. 10 Maguire Road - Suite 220 Lexington, MA 02421"    "c:\program files\ipswitch\ws_ftp professional\wsftpsi.dll"
"HKLM\Software\Classes\Folder\ShellEx\DragDropHandlers"    ""    ""    ""
+ "WinRAR"    ""    ""    "c:\program files\winrar\rarext.dll"
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects"    ""    ""    ""
+ "Adobe PDF Link Helper"    "Adobe PDF Helper for Internet Explorer"    "Adobe Systems Incorporated"    "c:\program files\common files\adobe\acrobat\activex\acroiehelpershim.dll"
"Task Scheduler"    ""    ""    ""
+ "Adobe Flash Player Updater.job"    "Adobe® Flash® Player Update Service 11.5 r502"    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
X "Game_Booster_AutoUpdate.job"    "Helps you update Game Booster to latest version."    "IObit"    "c:\program files\iobit\game booster 3\autoupdate.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "!SASCORE"    "SUPERAntiSpyware Core Service"    "SUPERAntiSpyware.com"    "c:\program files\superantispyware\sascore.exe"
X "a2AntiMalware"    "Scans the PC for unwanted software and provides protection from malicious code"    "Emsi Software GmbH"    "c:\program files\a-squared free\a2service.exe"
+ "AdobeFlashPlayerUpdateSvc"    "This service keeps your Adobe Flash Player installation up to date with the latest enhancements and security fixes."    "Adobe Systems Incorporated"    "c:\windows\system32\macromed\flash\flashplayerupdateservice.exe"
+ "IDriverT"    "Provides support for the Running Object Table for InstallShield Drivers"    "Macrovision Corporation"    "c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe"
+ "MozillaMaintenance"    "The Mozilla Maintenance Service ensures that you have the latest and most secure version of Mozilla Firefox on your computer. Keeping Firefox up to date is very important for your online security, and Mozilla strongly recommends that you keep this service enabled."    "Mozilla Foundation"    "c:\program files\mozilla maintenance service\maintenanceservice.exe"
+ "NVSvc"    "NVIDIA Driver Helper Service, Version 306.23"    "NVIDIA Corporation"    "c:\windows\system32\nvsvc32.exe"
+ "QBFCService"    "QuickBooks FCS module"    "Intuit Inc."    "c:\program files\common files\intuit\quickbooks\fcs\intuit.quickbooks.fcs.exe"
+ "QBVSS"    "Enables standard users to access Intuit Data Protect service."    "Intuit Inc."    "c:\program files\common files\intuit\dataprotect\qbidpservice.exe"
"HKLM\System\CurrentControlSet\Services"    ""    ""    ""
+ "AmdPPM"    "AMD Processor Driver"    "Advanced Micro Devices"    "c:\windows\system32\drivers\amdppm.sys"
+ "catchme"    ""    ""    "File not found: C:\DOCUME~1\Data.NC9\LOCALS~1\Temp\catchme.sys"
+ "Changer"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\Changer.sys"
+ "ctsfm2k"    "SoundFont® Manager (WDM)"    "Creative Technology Ltd"    "c:\windows\system32\drivers\ctsfm2k.sys"
+ "EL90XBC"    "3Com EtherLink PCI Driver"    "3Com Corporation"    "c:\windows\system32\drivers\el90xbc5.sys"
+ "HDAudBus"    "High Definition Audio Bus Driver v1.0a"    "Windows ® Server 2003 DDK provider"    "c:\windows\system32\drivers\hdaudbus.sys"
+ "i2omgmt"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys"
+ "Lavasoft Kernexplorer"    ""    ""    "File not found: C:\Program Files\Lavasoft\Ad-Aware\KernExplorer.sys"
+ "lbrtfdc"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys"
+ "MFE_RR"    ""    ""    "File not found: C:\DOCUME~1\Data.NC9\LOCALS~1\Temp\mfe_rr.sys"
+ "nv"    "NVIDIA Windows XP Miniport Driver, Version 306.23 "    "NVIDIA Corporation"    "c:\windows\system32\drivers\nv4_mini.sys"
+ "ossrv"    "Creative OS Services Driver (WDM)"    "Creative Technology Ltd."    "c:\windows\system32\drivers\ctoss2k.sys"
+ "P17"    "WDM Audio Miniport"    "Creative Technology Ltd."    "c:\windows\system32\drivers\p17.sys"
+ "PCIDump"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys"
+ "PDCOMP"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys"
+ "PDFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys"
+ "PDRELI"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys"
+ "PDRFRAME"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys"
+ "Ptilink"    "Direct Parallel Link Driver"    "Parallel Technologies, Inc."    "c:\windows\system32\drivers\ptilink.sys"
+ "SASDIFSV"    "SASDIFSV.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\sasdifsv.sys"
+ "SASKUTIL"    "SASKUTIL.SYS"    "SUPERAdBlocker.com and SUPERAntiSpyware.com"    "c:\program files\superantispyware\saskutil.sys"
+ "Secdrv"    "SafeDisc driver"    "Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K."    "c:\windows\system32\drivers\secdrv.sys"
+ "sptd"    ""    ""    "File not found: C:\WINDOWS\SystemRoot\System32\Drivers\sptd.sys"
+ "WDICA"    ""    ""    "File not found: C:\WINDOWS\System32\Drivers\WDICA.sys"
+ "yukonwxp"    "Miniport Driver for Marvell Yukon Ethernet Controller."    "Marvell"    "c:\windows\system32\drivers\yk51x86.sys"
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Drivers32"    ""    ""    ""
+ "msacm.iac2"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "msacm.l3acm"    "MPEG Layer-3 Audio Codec for MSACM"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codeca.acm"
+ "msacm.sl_anet"    "Audio codec for MS ACM"    "Sipro Lab Telecom Inc."    "c:\windows\system32\sl_anet.acm"
+ "msacm.trspch"    "DSP Group TrueSpeech™ Audio Codec for MSACM V3.50"    "DSP GROUP, INC."    "c:\windows\system32\tssoft32.acm"
+ "vidc.cvid"    "Cinepak® Codec"    "Radius Inc."    "c:\windows\system32\iccvid.dll"
+ "vidc.iv31"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv32"    ""    ""    "c:\windows\system32\ir32_32.dll"
+ "vidc.iv41"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "vidc.iv50"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
"HKLM\Software\Classes\Filter"    ""    ""    ""
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Compression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
+ "Indeo® video 4.4 Decompression Filter"    "Intel Indeo® Video 4.5"    "Intel Corporation"    "c:\windows\system32\ir41_32.ax"
"HKLM\Software\Classes\CLSID\{083863F1-70DE-11d0-BD40-00A0C911CE86}\Instance"    ""    ""    ""
+ "ACELP.net Audio Decoder"    "ACELP.net Audio Decoder"    "Sipro Lab Telecom Inc."    "c:\windows\system32\acelpdec.ax"
+ "Indeo® audio software"    "Indeo® audio software"    "Intel Corporation"    "c:\windows\system32\iac25_32.ax"
+ "Indeo® video 5.10 Compression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "Indeo® video 5.10 Decompression Filter"    "Intel Indeo® video 5.10"    "Intel Corporation"    "c:\windows\system32\ir50_32.dll"
+ "MPEG Layer-3 Decoder"    "MPEG Layer-3 Audio Decoder"    "Fraunhofer Institut Integrierte Schaltungen IIS"    "c:\windows\system32\l3codecx.ax"
+ "WIA Stream Snapshot Filter"    "WIA Stream Snapshot Filter"    "MyCompanyName"    "c:\windows\system32\wiasf.ax"
 



#15 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:03:38 AM

Posted 16 February 2013 - 02:03 PM


That looks good

Remove temporary and junk files

Download

TFC

Launch it,it will close all running programs

click on START,it should ask for reboot.If TFC locks up the system,run it in safemode


Create a new restore point

Follow this guide to turn off and turn on your restore points

XP- http://support.microsoft.com/kb/310405

Vista & windows 7- http://windows.microsoft.com/en-US/windows7/Turn-System-Restore-on-or-off

Turn off your system restore-It deletes old infected restore points

Turn on system restore and create a new restore point

Update JAVA and Flash player

Uninstall old version of java from control panel-Add or remove programs.Download the latest version from here

http://java.com/en/

Update your flash player

Antivirus recommendations

Update your antivirus frequently.Two free antivirus that i would suggest are

Microsoft security essentials or Avast.You can select either one of them.

If you have a paid one,make sure to update it frequently.Do not use multiple security softwares.

Informative guides that could prevent you from being infected again

How did I get infected?

http://www.bleepingcomputer.com/forums/topic2520.html

Best Practices for Safe Computing - Prevention of Malware Infection

http://www.bleepingcomputer.com/forums/topic407147.html

Simple and easy ways to keep your computer safe and secure on the Internet

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

Safe surfing :)
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users