Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

JS\Exploit-Blacole.eu (trojan)


  • Please log in to reply
28 replies to this topic

#1 cocojen3

cocojen3

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 20 February 2013 - 05:49 PM

Hello, With it being tax time and and working in the wee hours my computer shuts down and starts back up with all windows and programs still running as they were before it shut down on its own.

I have a 2002 Windows Xp Professional Computer.

So once this happened, I closed ot of all the programs after making sure I did not loose any information on my taxes. I then preceeded to open the

Macafee Virus Scan

DAT 2991.000

Scan Engine (32bit) 5400.1158

and predeeded to the Virus Scan Console checking them to make sure the

Auto updates were current Check

Full scan current CheckThen I checked the

Quarantine Manager Policy and opened the Manager Tab..........Well there they be! 3 Quarantined Trojans They were, Timed Quarantined on 2/8/2013 @ 10:51 am so they have been here awhile bc I had this happened on the 19th of this month.... They were detected as, " JS\Exploit-Blacole.eu"So I spent the day using some of the computer cleaners such as Crap Cleaner, Cleanup, Spy Bot and then I down loaded a malwarebytes program and it was able to get one critter and Quaranted a vendor called Adware.InstallCore..........So what I have read is this is pretty bad since it will allow a hacker to come in the back door of your computer and add or delete from you computer not to mention to then travel to your personal banking accounts...... As I understand it is passed on from user to user via e-mail or from website, ( all trojans might be like this but this is my first horse) So I would really like sme help getting this horse out to pasture or even perhaps to the factory...... PS dont worry I am using a tablet as of right now........

 

 

 


*Moderator Edit: Moved topic from  Windows XP to the more appropriate forum. ~ Queen-Evie*


Edited by Queen-Evie, 20 February 2013 - 06:14 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:56 AM

Posted 20 February 2013 - 09:03 PM

Welcome cocojen3
You have the jist of this infection.
 
Blacole is the name given to a family of malware that, if you encounter while browsing the Internet, will use any number of available exploits to compromise your computer. It does this by probing your computer to determine what software you have installed, then selects (from its pool of vulnerabilities) the ones that it can use to gain access to your computer by exploiting vulnerabilities in the software you have installed
 
 
More hereL@@K
 
Lets look for exploits and any more traces.
 
MiniToolBox
Please download MiniToolBox, save it to your desktop and run it.Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
 

 

Please download AdwCleaner by Xplode onto your desktop.

•Close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool.
•Click on Delete.
•Confirm each time with Ok.
•You will be prompted to restart your computer. A text file will open after the restart.
•Please post the contents of that logfile with your next reply.
•You can find the logfile at C:\AdwCleaner[S1].txt as well.

 

 

 

Now I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the   button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 20 February 2013 - 11:04 PM

Thanks for the quick response,    Since I am using my table to correspond should I use a jump drive to down load the program and then transfer it to the infected computer? or will I be ok to open up the web to get this downloaded right to the infected computer?



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:56 AM

Posted 20 February 2013 - 11:30 PM

Yes transfer or run off the drive if/where possible.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 21 February 2013 - 09:02 PM

Boopme, Here are the results

 

 

Mini Toolbox Results:

 

MiniToolBox by Farbar  Version:10-01-2013
Ran by Kay (administrator) on 21-02-2013 at 12:29:07
Running from "C:\Documents and Settings\Kay\Desktop\combo fix suggestions"
Microsoft Windows XP Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================
Windows IP ConfigurationSuccessfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Realtek RTL8139 Family PCI Fast Ethernet NIC = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "{53B1F38F-0774-4DBA-BA6D-4AE72050882A}"

set address name="{53B1F38F-0774-4DBA-BA6D-4AE72050882A}" source=dhcp
set dns name="{53B1F38F-0774-4DBA-BA6D-4AE72050882A}" source=dhcp register=NONE
set wins name="{53B1F38F-0774-4DBA-BA6D-4AE72050882A}" source=dhcp


popd
# End of interface IP configuration


Windows IP Configuration        Host Name . . . . . . . . . . . . : nelson        Primary Dns Suffix  . . . . . . . :         Node Type . . . . . . . . . . . . : Unknown        IP Routing Enabled. . . . . . . . : No        WINS Proxy Enabled. . . . . . . . : No        DNS Suffix Search List. . . . . . : fedex.com                                            corp.ds.fedex.com                                            ds.fedex.comEthernet adapter Local Area Connection:        Connection-specific DNS Suffix  . :         Description . . . . . . . . . . . : Realtek RTL8139 Family PCI Fast Ethernet NIC        Physical Address. . . . . . . . . : 00-16-17-E6-0A-DD        Dhcp Enabled. . . . . . . . . . . : Yes        Autoconfiguration Enabled . . . . : Yes        IP Address. . . . . . . . . . . . : 192.168.1.4        Subnet Mask . . . . . . . . . . . : 255.255.255.0        Default Gateway . . . . . . . . . : 192.168.1.1        DHCP Server . . . . . . . . . . . : 192.168.1.1        DNS Servers . . . . . . . . . . . : 192.168.1.1        Lease Obtained. . . . . . . . . . : Thursday, February 21, 2013 10:40:35 AM        Lease Expires . . . . . . . . . . : Friday, February 22, 2013 10:40:35 AMEthernet adapter {53B1F38F-0774-4DBA-BA6D-4AE72050882A}:        Media State . . . . . . . . . . . : Media disconnected        Description . . . . . . . . . . . : Check Point Virtual Network Adapter For Endpoint VPN Client - Packet Scheduler Miniport        Physical Address. . . . . . . . . : 54-68-F4-35-B2-0AServer:  UnKnown
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.137.139, 74.125.137.113, 74.125.137.138, 74.125.137.102
      74.125.137.100, 74.125.137.101

Pinging google.com [74.125.140.138] with 32 bytes of data:Reply from 74.125.140.138: bytes=32 time=27ms TTL=47Reply from 74.125.140.138: bytes=32 time=21ms TTL=47Ping statistics for 74.125.140.138:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 21ms, Maximum = 27ms, Average = 24msServer:  UnKnown
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  98.138.253.109, 98.139.183.24, 206.190.36.45

Pinging yahoo.com [206.190.36.45] with 32 bytes of data:Reply from 206.190.36.45: bytes=32 time=120ms TTL=47Reply from 206.190.36.45: bytes=32 time=269ms TTL=47Ping statistics for 206.190.36.45:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 120ms, Maximum = 269ms, Average = 194msPinging 127.0.0.1 with 32 bytes of data:Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Reply from 127.0.0.1: bytes=32 time<1ms TTL=128Ping statistics for 127.0.0.1:    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),Approximate round trip times in milli-seconds:    Minimum = 0ms, Maximum = 0ms, Average = 0ms===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 16 17 e6 0a dd ...... Realtek RTL8139 Family PCI Fast Ethernet NIC - Packet Scheduler Miniport
0x3 ...54 68 f4 35 b2 0a ...... Check Point Virtual Network Adapter For Endpoint VPN Client - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.4      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
      192.168.1.0    255.255.255.0      192.168.1.4     192.168.1.4      20
      192.168.1.4  255.255.255.255        127.0.0.1       127.0.0.1      20
    192.168.1.255  255.255.255.255      192.168.1.4     192.168.1.4      20
        224.0.0.0        240.0.0.0      192.168.1.4     192.168.1.4      20
  255.255.255.255  255.255.255.255      192.168.1.4     192.168.1.4      1
  255.255.255.255  255.255.255.255      192.168.1.4               3      1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\Windows\System32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\Windows\System32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/21/2013 10:43:50 AM) (Source: McLogEvent) (User: )
Description: The McShield service terminated unexpectedly.

Please review event 5019 or 5051 for details.
The McShield service will be restarted in 5 seconds;

Error: (02/21/2013 10:43:50 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: A thread in process C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2904 (0xb58)

Thread address : 0x7C90E514

Thread message :

 Build VSCORE.13.3.2.137 / 5400.1158
 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee\VirusScan Enterprise\nailite.dll
 by C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (02/20/2013 00:47:54 PM) (Source: McLogEvent) (User: )
Description: The McShield service terminated unexpectedly.

Please review event 5019 or 5051 for details.
The McShield service will be restarted in 10 seconds;

Error: (02/20/2013 00:47:53 PM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: A thread in process C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2820 (0xb04)

Thread address : 0x7C90E514

Thread message :

 Build VSCORE.13.3.2.137 / 5400.1158
 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee\VirusScan Enterprise\adslokuu.dll
 by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (02/20/2013 06:43:57 AM) (Source: McLogEvent) (User: )
Description: The McShield service terminated unexpectedly.

Please review event 5019 or 5051 for details.
The McShield service will be restarted in 5 seconds;

Error: (02/20/2013 06:43:56 AM) (Source: McLogEvent) (User: NT AUTHORITY)
Description: A thread in process C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe took longer than 90000 ms to complete a request.

The process will be terminated.
Thread id : 2520 (0x9d8)

Thread address : 0x7C90E514

Thread message :

 Build VSCORE.13.3.2.137 / 5400.1158
 Object being scanned = \Device\HarddiskVolume1\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
 by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (02/10/2013 09:02:38 AM) (Source: Microsoft Office 14) (User: )
Description: Faulting application excel.exe, version 14.0.6126.5003, stamp 505b0834, faulting module kernel32.dll, version 5.1.2600.6293, stamp 506bc5e5, debug? 0, fault address 0x00012fd3.

Error: (02/08/2013 05:49:56 PM) (Source: Application Hang) (User: )
Description: Hanging application firefox.exe, version 18.0.2.4780, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/09/2013 09:51:56 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


System errors:
=============
Error: (02/21/2013 10:43:58 AM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/21/2013 10:40:47 AM) (Source: 0) (User: )
Description:

Error: (02/21/2013 10:40:47 AM) (Source: 0) (User: )
Description:

Error: (02/20/2013 09:51:30 PM) (Source: 0) (User: )
Description:

Error: (02/20/2013 09:51:30 PM) (Source: 0) (User: )
Description:

Error: (02/20/2013 09:47:57 PM) (Source: 0) (User: )
Description:

Error: (02/20/2013 09:47:57 PM) (Source: 0) (User: )
Description:

Error: (02/20/2013 00:47:54 PM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service terminated unexpectedly.  It has done this 2 time(s).

Error: (02/20/2013 06:43:58 AM) (Source: Service Control Manager) (User: )
Description: The McAfee McShield service terminated unexpectedly.  It has done this 1 time(s).

Error: (02/20/2013 06:43:57 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.


Microsoft Office Sessions:
=========================
Error: (02/21/2013 10:43:50 AM) (Source: McLogEvent)(User: )
Description: 5

Error: (02/21/2013 10:43:50 AM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe900002904 (0xb58)0x7C90E514
 Build VSCORE.13.3.2.137 / 5400.1158
 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee\VirusScan Enterprise\nailite.dll
 by C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (02/20/2013 00:47:54 PM) (Source: McLogEvent)(User: )
Description: 10

Error: (02/20/2013 00:47:53 PM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe900002820 (0xb04)0x7C90E514
 Build VSCORE.13.3.2.137 / 5400.1158
 Object being scanned = \Device\HarddiskVolume1\Program Files\McAfee\VirusScan Enterprise\adslokuu.dll
 by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (02/20/2013 06:43:57 AM) (Source: McLogEvent)(User: )
Description: 5

Error: (02/20/2013 06:43:56 AM) (Source: McLogEvent)(User: NT AUTHORITY)
Description: C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe900002520 (0x9d8)0x7C90E514
 Build VSCORE.13.3.2.137 / 5400.1158
 Object being scanned = \Device\HarddiskVolume1\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
 by C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
 4(0)(0)
 4(0)(0)
 7200(0)(0)
 7595(0)(0)
 7005(0)(0)
 7004(0)(0)
 5006(0)(0)
 5004(0)(0)

Error: (02/10/2013 09:02:38 AM) (Source: Microsoft Office 14)(User: )
Description: excel.exe14.0.6126.5003505b0834kernel32.dll5.1.2600.6293506bc5e5000012fd3

Error: (02/08/2013 05:49:56 PM) (Source: Application Hang)(User: )
Description: firefox.exe18.0.2.4780hungapp0.0.0.000000000

Error: (01/09/2013 09:51:56 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.5.502.149)
Adobe Flash Player 11 Plugin (Version: 11.6.602.168)
Adobe Reader X (10.1.5) (Version: 10.1.5)
AllMusicConverter 4.3.8 (Version: 4.3.8)
AllMusicConverter Media Suite 4.3.8 (Version: 4.3.8)
AnswerWorks 5.0 English Runtime (Version: 5.0.7)
ATI - Software Uninstall Utility (Version: 6.14.10.1014)
ATI Display Driver (Version: 8.30-060908a1-036948C-HP)
Audacity 1.2.6
AudibleManager (Version: 1244056.1312632.1244652.2089871648)
AVS Media Player 4.1.9.95
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
CCleaner (Version: 3.27)
Check Point VPN (Version: 75.20.0000)
CleanUp!
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DriveImage XML (Private Edition) (Version: 2.30)
EASEUS Partition Master 9.1.0 Home Edition
Garmin Lifetime Updater (Version: 2.1.11)
GoToMeeting 5.2.0.952 (Version: 5.2.0.952)
HP Software Update (Version: 2.0.37.20031205)
LightScribe System Software  1.14.25.1 (Version: 1.14.25.1)
Malwarebytes Anti-Malware version 1.70.0.1100 (Version: 1.70.0.1100)
McAfee VirusScan Enterprise (Version: 8.6.0)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.10411.0)
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.6029.1000)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 19.0 (x86 en-US) (Version: 19.0)
Mozilla Maintenance Service (Version: 19.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
overland (Version: 2.1.5)
PDF-Viewer (Version: 2.5.201.0)
PDFCreator (Version: 1.2.3)
Photosmart 140,240,7200,7600,7700,7900 Series (Version: 2.0)
PS7700 (Version: 1.01.0000)
PSShortcutsP (Version: 1.01.0000)
PSUsage (Version: 1.30.0000)
QFolder (Version: 1.00.0000)
Quicken 2011 (Version: 20.1.8.6)
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0)
RealPlayer (Version: 15.0.4)
Realtek High Definition Audio Driver (Version: 5.10.0.5283)
RealUpgrade 1.1 (Version: 1.1.0)
Roxio Audio Module (Version: 2.0.4)
Roxio CinePlayer (Version: 2.3.0)
Roxio Copy Module (Version: 2.0.4)
Roxio Data Module (Version: 2.0.4)
Roxio DLA (Version: 5.1.0)
Roxio Express Labeler (Version: 2.0.0)
Roxio MyDVD Plus (Version: 6.1.3)
Roxio Update Manager (Version: 3.0.0)
Skype™ 5.10 (Version: 5.10.116)
SnagIt 8 (Version: 8.2.0)
Spybot - Search & Destroy (Version: 1.6.2)
SureThing CD Labeler Deluxe Update (Version: 5.2.693.0)
TurboTax 2009
TurboTax 2009 WinPerFedFormset (Version: 009.000.0620)
TurboTax 2009 WinPerReleaseEngine (Version: 009.000.0236)
TurboTax 2009 WinPerTaxSupport (Version: 009.000.0170)
TurboTax 2009 wrapper (Version: 009.000.0142)
TurboTax 2010
TurboTax 2010 WinPerFedFormset (Version: 010.000.5821)
TurboTax 2010 WinPerReleaseEngine (Version: 010.000.0501)
TurboTax 2010 WinPerTaxSupport (Version: 010.000.0222)
TurboTax 2010 wmsiper (Version: 010.000.1231)
TurboTax 2010 wrapper (Version: 010.000.0157)
TurboTax 2011
TurboTax 2011 WinPerFedFormset (Version: 011.000.3351)
TurboTax 2011 WinPerReleaseEngine (Version: 011.000.0496)
TurboTax 2011 WinPerTaxSupport (Version: 011.000.0222)
TurboTax 2011 wmoiper (Version: 011.000.1830)
TurboTax 2011 wmsiper (Version: 011.000.1721)
TurboTax 2011 wrapper (Version: 011.000.0121)
TurboTax 2012 (Version: 2012.0)
TurboTax 2012 WinPerFedFormset (Version: 012.000.1842)
TurboTax 2012 WinPerReleaseEngine (Version: 012.000.0419)
TurboTax 2012 WinPerTaxSupport (Version: 012.000.0178)
TurboTax 2012 wmoiper (Version: 012.000.1220)
TurboTax 2012 wmsiper (Version: 012.000.1218)
TurboTax 2012 wrapper (Version: 012.000.0127)
Ulead PhotoImpact 4.0
Unity Web Player (Version: )
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Walgreens PictureMover (Version: 3.5.0.27)
WebFldrs XP (Version: 9.50.7523)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)

========================= Memory info: ===================================

Percentage of memory in use: 46%
Total physical RAM: 1918.48 MB
Available physical RAM: 1024.15 MB
Total Pagefile: 3812.2 MB
Available Pagefile: 3091.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1970.98 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:146.5 GB) (Free:98.79 GB) NTFS
8 Drive j: (Files) (Fixed) (Total:785.01 GB) (Free:697.97 GB) NTFS

========================= Users: ========================================

User accounts for \\NELSON

Administrator            Guest                    HelpAssistant            
Kay                      SUPPORT_388945a0         


**** End of log ****

 

 

 

ADwCleaner Results:

# AdwCleaner v2.112 - Logfile created 02/21/2013 at 12:36:04
# Updated 10/02/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Kay - NELSON
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Kay\Desktop\combo fix suggestions\AdwCleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Documents and Settings\Kay\Application Data\Mozilla\Firefox\Profiles\o027ue2j.default-1349302905546\searchplugins\web-search.xml
File Deleted : C:\END
Folder Deleted : C:\Documents and Settings\Kay\Application Data\pdfforge
Folder Deleted : C:\Documents and Settings\Kay\Local Settings\Application Data\Conduit

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v19.0 (en-US)

File : C:\Documents and Settings\Kay\Application Data\Mozilla\Firefox\Profiles\522n8hbn.default-1349221279640\prefs.js

[OK] File is clean.

File : C:\Documents and Settings\Kay\Application Data\Mozilla\Firefox\Profiles\o027ue2j.default-1349302905546\prefs.js

Deleted : user_pref("keyword.URL", "hxxp://websearch.shopathome.com?user_id={27204eb8-7556-4ad9-91e9-88ac6ebae[...]

-\\ Google Chrome v [Unable to get version]

File : C:\Documents and Settings\Kay\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [1699 octets] - [21/02/2013 12:36:05]

########## EOF - C:\AdwCleaner[S1].txt - [1759 octets] ##########

 

ESETSCAN Results:

C:\Documents and Settings\Kay\Desktop\Applications\PDFCreator-1_2_3_setup.exe    multiple threats    cleaned by deleting - quarantined
C:\Documents and Settings\Kay\Desktop\Applications\UBCD4WinV360.exe    Win32/PrcView application    cleaned by deleting - quarantined
C:\Documents and Settings\Kay\Desktop\Applications\PDFXVwer\PDFXVwer.exe    a variant of Win32/Bundled.Toolbar.Ask application    cleaned by deleting - quarantined
C:\Program Files\PDFCreator\Toolbar\pdfforge Toolbar_setup.exe    Win32/Toolbar.Widgi application    cleaned by deleting - quarantined
J:\My Documents\Downloads\PDFReaderSetup(1).exe    a variant of Win32/InstallCore.AX application    cleaned by deleting - quarantined
J:\My Documents\Downloads\PDFReaderSetup.exe    a variant of Win32/InstallCore.AS application    cleaned by deleting - quarantined
 



#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:56 AM

Posted 21 February 2013 - 10:34 PM

Lets just do a rootkit check as it appears you got the blackole..

 

Please Download TDSSkiller
Launch it.
Click on change parameters-Select TDLFS file system
Click on "Scan".
Please post the LOG report(log file should be in your C drive)
 
Do not change the default options on scan results.

 

 

 

Please download aswMBR ( 4.5MB ) to your desktop.

  • Double click the aswMBR.exe icon, and click Run.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Click the Scan button to start the scan.
  • On completion of the scan, click the  save log button, save it to your desktop, then copy and paste it in your next reply.

 

 

Also update to Adobe reader XI


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 22 February 2013 - 12:52 AM

I have tried to update the Adobe reader and twice it has stopped responding........  but here are the other results

TDSSkiller

22:51:22.0937 2092  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:51:23.0546 2092  ============================================================
22:51:23.0546 2092  Current date / time: 2013/02/21 22:51:23.0546
22:51:23.0546 2092  SystemInfo:
22:51:23.0546 2092  
22:51:23.0546 2092  OS Version: 5.1.2600 ServicePack: 3.0
22:51:23.0546 2092  Product type: Workstation
22:51:23.0546 2092  ComputerName: NELSON
22:51:23.0546 2092  UserName: Kay
22:51:23.0546 2092  Windows directory: C:\WINDOWS
22:51:23.0546 2092  System windows directory: C:\WINDOWS
22:51:23.0546 2092  Processor architecture: Intel x86
22:51:23.0546 2092  Number of processors: 2
22:51:23.0546 2092  Page size: 0x1000
22:51:23.0546 2092  Boot type: Normal boot
22:51:23.0546 2092  ============================================================
22:51:26.0562 2092  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
22:51:26.0656 2092  ============================================================
22:51:26.0656 2092  \Device\Harddisk0\DR0:
22:51:26.0656 2092  MBR partitions:
22:51:26.0656 2092  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x124FE975
22:51:26.0671 2092  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x124FE9F3, BlocksNum 0x62206FCE
22:51:26.0671 2092  ============================================================
22:51:26.0687 2092  J: <-> \Device\Harddisk0\DR0\Partition2
22:51:26.0718 2092  C: <-> \Device\Harddisk0\DR0\Partition1
22:51:26.0718 2092  ============================================================
22:51:26.0718 2092  Initialize success
22:51:26.0718 2092  ============================================================
22:51:55.0453 2588  ============================================================
22:51:55.0453 2588  Scan started
22:51:55.0453 2588  Mode: Manual; TDLFS;
22:51:55.0453 2588  ============================================================
22:51:56.0453 2588  ================ Scan system memory ========================
22:51:56.0453 2588  System memory - ok
22:51:56.0453 2588  ================ Scan services =============================
22:51:56.0609 2588  Abiosdsk - ok
22:51:56.0609 2588  abp480n5 - ok
22:51:56.0640 2588  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:51:56.0656 2588  ACPI - ok
22:51:56.0687 2588  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
22:51:56.0687 2588  ACPIEC - ok
22:51:56.0765 2588  [ 563CDCFEEAEF97163E206AF71A61AA6E ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:51:56.0765 2588  AdobeFlashPlayerUpdateSvc - ok
22:51:56.0765 2588  adpu160m - ok
22:51:56.0828 2588  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
22:51:56.0828 2588  aec - ok
22:51:56.0875 2588  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
22:51:56.0968 2588  AFD - ok
22:51:56.0968 2588  Aha154x - ok
22:51:56.0984 2588  aic78u2 - ok
22:51:56.0984 2588  aic78xx - ok
22:51:57.0015 2588  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
22:51:57.0031 2588  Alerter - ok
22:51:57.0046 2588  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
22:51:57.0046 2588  ALG - ok
22:51:57.0062 2588  AliIde - ok
22:51:57.0062 2588  amsint - ok
22:51:57.0078 2588  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
22:51:57.0078 2588  AppMgmt - ok
22:51:57.0093 2588  asc - ok
22:51:57.0109 2588  asc3350p - ok
22:51:57.0109 2588  asc3550 - ok
22:51:57.0187 2588  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:51:57.0328 2588  aspnet_state - ok
22:51:57.0359 2588  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:51:57.0359 2588  AsyncMac - ok
22:51:57.0390 2588  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
22:51:57.0390 2588  atapi - ok
22:51:57.0390 2588  Atdisk - ok
22:51:57.0453 2588  [ D87EABD089A9EFBCBBDE00BFF00457EB ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
22:51:57.0562 2588  Ati HotKey Poller - ok
22:51:57.0625 2588  [ C702E0C01A24D45662AF91F43397D72C ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:51:57.0750 2588  ati2mtag - ok
22:51:57.0781 2588  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:51:57.0796 2588  Atmarpc - ok
22:51:57.0828 2588  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
22:51:57.0828 2588  AudioSrv - ok
22:51:57.0859 2588  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
22:51:57.0859 2588  audstub - ok
22:51:57.0890 2588  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:51:57.0906 2588  Beep - ok
22:51:57.0921 2588  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
22:51:57.0953 2588  BITS - ok
22:51:57.0984 2588  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
22:51:58.0062 2588  Browser - ok
22:51:58.0078 2588  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
22:51:58.0093 2588  cbidf2k - ok
22:51:58.0093 2588  cd20xrnt - ok
22:51:58.0125 2588  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
22:51:58.0125 2588  Cdaudio - ok
22:51:58.0140 2588  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
22:51:58.0140 2588  Cdfs - ok
22:51:58.0156 2588  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:51:58.0171 2588  Cdrom - ok
22:51:58.0171 2588  Changer - ok
22:51:58.0187 2588  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
22:51:58.0203 2588  CiSvc - ok
22:51:58.0218 2588  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
22:51:58.0218 2588  ClipSrv - ok
22:51:58.0234 2588  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:51:58.0359 2588  clr_optimization_v2.0.50727_32 - ok
22:51:58.0390 2588  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:51:58.0531 2588  clr_optimization_v4.0.30319_32 - ok
22:51:58.0531 2588  CmdIde - ok
22:51:58.0546 2588  COMSysApp - ok
22:51:58.0562 2588  Cpqarray - ok
22:51:58.0593 2588  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
22:51:58.0593 2588  CryptSvc - ok
22:51:58.0593 2588  dac2w2k - ok
22:51:58.0609 2588  dac960nt - ok
22:51:58.0656 2588  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:51:58.0671 2588  DcomLaunch - ok
22:51:58.0687 2588  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
22:51:58.0687 2588  Dhcp - ok
22:51:58.0703 2588  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
22:51:58.0703 2588  Disk - ok
22:51:58.0734 2588  [ 9209F9F9D11D8CCE6E70DFAB46121776 ] DLABOIOM        C:\WINDOWS\system32\DLA\DLABOIOM.SYS
22:51:58.0828 2588  DLABOIOM - ok
22:51:58.0843 2588  [ 8D45AC148FD8C1A25204AECA1397FA7E ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
22:51:58.0921 2588  DLACDBHM - ok
22:51:58.0937 2588  [ 84E8CD1B2FF95820FDA0B56133AE8345 ] DLADResN        C:\WINDOWS\system32\DLA\DLADResN.SYS
22:51:59.0015 2588  DLADResN - ok
22:51:59.0015 2588  [ 5745F6C87059F3C5780F865B6F77574F ] DLAIFS_M        C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
22:51:59.0109 2588  DLAIFS_M - ok
22:51:59.0125 2588  [ A250DF82EDAAC6D57F591295F7582B74 ] DLAOPIOM        C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
22:51:59.0203 2588  DLAOPIOM - ok
22:51:59.0218 2588  [ 2583C82A8999523A8F056B040B3DEE3D ] DLAPoolM        C:\WINDOWS\system32\DLA\DLAPoolM.SYS
22:51:59.0296 2588  DLAPoolM - ok
22:51:59.0312 2588  [ 94ACCF8F7B87FBEAA27266927319E6BA ] DLARTL_N        C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
22:51:59.0390 2588  DLARTL_N - ok
22:51:59.0406 2588  [ 0E4A62D06F3E017488F037D053ABA754 ] DLAUDFAM        C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
22:51:59.0500 2588  DLAUDFAM - ok
22:51:59.0500 2588  [ E2306CC8E7A1C62EE7C2352143128520 ] DLAUDF_M        C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
22:51:59.0593 2588  DLAUDF_M - ok
22:51:59.0609 2588  dmadmin - ok
22:51:59.0625 2588  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
22:51:59.0656 2588  dmboot - ok
22:51:59.0671 2588  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
22:51:59.0671 2588  dmio - ok
22:51:59.0687 2588  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
22:51:59.0687 2588  dmload - ok
22:51:59.0703 2588  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
22:51:59.0718 2588  dmserver - ok
22:51:59.0750 2588  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
22:51:59.0750 2588  DMusic - ok
22:51:59.0765 2588  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:51:59.0843 2588  Dnscache - ok
22:51:59.0859 2588  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:51:59.0875 2588  Dot3svc - ok
22:51:59.0875 2588  dpti2o - ok
22:51:59.0890 2588  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:51:59.0890 2588  drmkaud - ok
22:51:59.0906 2588  [ AB6C5C26FFF9B3C456AEAF7E0093C2FE ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
22:52:00.0000 2588  DRVMCDB - ok
22:52:00.0000 2588  [ 4A307ADE1638D9358B6EB90076481CC6 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
22:52:00.0093 2588  DRVNDDM - ok
22:52:00.0109 2588  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:52:00.0125 2588  EapHost - ok
22:52:00.0140 2588  [ F07BA56B0235F15EFF8F10DC6389C42E ] epmntdrv        C:\WINDOWS\system32\epmntdrv.sys
22:52:00.0296 2588  epmntdrv - ok
22:52:00.0312 2588  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
22:52:00.0312 2588  ERSvc - ok
22:52:00.0328 2588  [ 1F2F4AB15CE03ECC257FEB2F6DC5A013 ] EuGdiDrv        C:\WINDOWS\system32\EuGdiDrv.sys
22:52:00.0484 2588  EuGdiDrv - ok
22:52:00.0546 2588  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
22:52:00.0546 2588  Eventlog - ok
22:52:00.0578 2588  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
22:52:00.0578 2588  EventSystem - ok
22:52:00.0609 2588  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
22:52:00.0609 2588  Fastfat - ok
22:52:00.0625 2588  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:52:00.0703 2588  FastUserSwitchingCompatibility - ok
22:52:00.0718 2588  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\drivers\Fdc.sys
22:52:00.0718 2588  Fdc - ok
22:52:00.0734 2588  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
22:52:00.0750 2588  Fips - ok
22:52:00.0750 2588  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\drivers\Flpydisk.sys
22:52:00.0765 2588  Flpydisk - ok
22:52:00.0765 2588  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
22:52:00.0781 2588  FltMgr - ok
22:52:00.0796 2588  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:52:00.0812 2588  FontCache3.0.0.0 - ok
22:52:00.0812 2588  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:52:00.0828 2588  Fs_Rec - ok
22:52:00.0828 2588  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:52:00.0843 2588  Ftdisk - ok
22:52:00.0859 2588  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:52:00.0859 2588  Gpc - ok
22:52:00.0906 2588  [ A423E4E2187B5E8DEA8A6B31950ACC18 ] GSService       C:\WINDOWS\system32\GSService.exe
22:52:01.0000 2588  GSService - ok
22:52:01.0015 2588  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:52:01.0015 2588  HDAudBus - ok
22:52:01.0046 2588  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:52:01.0046 2588  helpsvc - ok
22:52:01.0046 2588  HidServ - ok
22:52:01.0062 2588  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:52:01.0062 2588  hidusb - ok
22:52:01.0093 2588  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
22:52:01.0109 2588  hkmsvc - ok
22:52:01.0109 2588  hpn - ok
22:52:01.0156 2588  [ 5FABA4775D4C61E55EC669D643FFC71F ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
22:52:01.0234 2588  HPZid412 - ok
22:52:01.0250 2588  [ A3C43980EE1F1BEAC778B44EA65DBDD4 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
22:52:01.0312 2588  HPZipr12 - ok
22:52:01.0359 2588  [ 2906949BD4E206F2BB0DD1896CE9F66F ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
22:52:01.0421 2588  HPZius12 - ok
22:52:01.0500 2588  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
22:52:01.0515 2588  HTTP - ok
22:52:01.0546 2588  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
22:52:01.0562 2588  HTTPFilter - ok
22:52:01.0562 2588  i2omgmt - ok
22:52:01.0578 2588  i2omp - ok
22:52:01.0578 2588  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:52:01.0593 2588  i8042prt - ok
22:52:01.0640 2588  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:52:01.0750 2588  idsvc - ok
22:52:01.0750 2588  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
22:52:01.0765 2588  Imapi - ok
22:52:01.0781 2588  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
22:52:01.0796 2588  ImapiService - ok
22:52:01.0812 2588  ini910u - ok
22:52:01.0921 2588  [ A7D3A1B2CABDAB81EAD07C204ADB7CE1 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
22:52:02.0109 2588  IntcAzAudAddService - ok
22:52:02.0125 2588  IntelIde - ok
22:52:02.0140 2588  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:52:02.0140 2588  intelppm - ok
22:52:02.0250 2588  [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
22:52:02.0328 2588  IntuitUpdateService - ok
22:52:02.0375 2588  [ D9DA7B3117BF5EFF921C0CDED4D58050 ] IntuitUpdateServiceV4 C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
22:52:02.0468 2588  IntuitUpdateServiceV4 - ok
22:52:02.0484 2588  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
22:52:02.0484 2588  Ip6Fw - ok
22:52:02.0500 2588  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:52:02.0500 2588  IpFilterDriver - ok
22:52:02.0515 2588  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:52:02.0515 2588  IpInIp - ok
22:52:02.0531 2588  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:52:02.0531 2588  IpNat - ok
22:52:02.0546 2588  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:52:02.0562 2588  IPSec - ok
22:52:02.0578 2588  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
22:52:02.0578 2588  IRENUM - ok
22:52:02.0593 2588  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:52:02.0593 2588  isapnp - ok
22:52:02.0609 2588  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:52:02.0609 2588  Kbdclass - ok
22:52:02.0640 2588  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
22:52:02.0640 2588  kmixer - ok
22:52:02.0656 2588  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
22:52:02.0671 2588  KSecDD - ok
22:52:02.0687 2588  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
22:52:02.0750 2588  lanmanserver - ok
22:52:02.0765 2588  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:52:02.0781 2588  lanmanworkstation - ok
22:52:02.0796 2588  lbrtfdc - ok
22:52:02.0859 2588  [ E75ADCFAFDEF3F4C3AF3332928D59926 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
22:52:02.0937 2588  LightScribeService - ok
22:52:02.0953 2588  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
22:52:02.0953 2588  LmHosts - ok
22:52:02.0984 2588  [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
22:52:03.0140 2588  MBAMProtector - ok
22:52:03.0187 2588  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
22:52:03.0281 2588  MBAMScheduler - ok
22:52:03.0296 2588  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
22:52:03.0406 2588  MBAMService - ok
22:52:03.0421 2588  [ 447D4617B99AC0A4BA056713DFE02279 ] McAfeeFramework C:\Program Files\McAfee\Common Framework\FrameworkService.exe
22:52:03.0515 2588  McAfeeFramework - ok
22:52:03.0531 2588  [ 023C3B3B5369EA36BA65674B330E66B9 ] McShield        C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
22:52:03.0625 2588  McShield - ok
22:52:03.0640 2588  [ 3CBB6D0798111DC749C87F12E1561DC4 ] McTaskManager   C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
22:52:03.0718 2588  McTaskManager - ok
22:52:03.0750 2588  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
22:52:03.0750 2588  Messenger - ok
22:52:03.0796 2588  [ 11115E2281DD9B885B038ABB11DD8A75 ] mfeapfk         C:\WINDOWS\system32\drivers\mfeapfk.sys
22:52:03.0796 2588  mfeapfk - ok
22:52:03.0812 2588  [ A14941AEA876C395214F918B011A1371 ] mfeavfk         C:\WINDOWS\system32\drivers\mfeavfk.sys
22:52:03.0828 2588  mfeavfk - ok
22:52:03.0843 2588  [ 59B8443B78C46D2AC4767938E778F043 ] mfebopk         C:\WINDOWS\system32\drivers\mfebopk.sys
22:52:03.0921 2588  mfebopk - ok
22:52:03.0953 2588  [ FD97E5470650C28140BF79586104A40E ] mfehidk         C:\WINDOWS\system32\drivers\mfehidk.sys
22:52:04.0046 2588  mfehidk - ok
22:52:04.0078 2588  [ 6E1E4BB2866260F2949A3B7A0759E3C6 ] mferkdk         C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys
22:52:04.0156 2588  mferkdk - ok
22:52:04.0171 2588  [ A763BBBB755C634E6F7A3D951E9CC855 ] mfetdik         C:\WINDOWS\system32\drivers\Mfetdik.sys
22:52:04.0250 2588  mfetdik - ok
22:52:04.0312 2588  Microsoft SharePoint Workspace Audit Service - ok
22:52:04.0328 2588  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
22:52:04.0328 2588  mnmdd - ok
22:52:04.0359 2588  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
22:52:04.0375 2588  mnmsrvc - ok
22:52:04.0390 2588  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
22:52:04.0390 2588  Modem - ok
22:52:04.0406 2588  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:52:04.0406 2588  Mouclass - ok
22:52:04.0421 2588  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:52:04.0437 2588  mouhid - ok
22:52:04.0437 2588  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
22:52:04.0453 2588  MountMgr - ok
22:52:04.0468 2588  [ 5C5E45DDABEFBC9F564F1D5C83258B8F ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:52:04.0562 2588  MozillaMaintenance - ok
22:52:04.0562 2588  mraid35x - ok
22:52:04.0578 2588  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:52:04.0593 2588  MRxDAV - ok
22:52:04.0625 2588  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:52:04.0796 2588  MRxSmb - ok
22:52:04.0828 2588  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
22:52:04.0843 2588  MSDTC - ok
22:52:04.0859 2588  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:52:04.0875 2588  Msfs - ok
22:52:04.0875 2588  MSIServer - ok
22:52:04.0921 2588  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:52:04.0921 2588  MSKSSRV - ok
22:52:04.0937 2588  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:52:04.0937 2588  MSPCLOCK - ok
22:52:04.0953 2588  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
22:52:04.0953 2588  MSPQM - ok
22:52:04.0968 2588  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:52:04.0968 2588  mssmbios - ok
22:52:05.0000 2588  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
22:52:05.0078 2588  Mup - ok
22:52:05.0140 2588  [ D20C40F57640C09B3910102AF06675DF ] MusCAudio       C:\WINDOWS\system32\drivers\MusCAudio.sys
22:52:05.0234 2588  MusCAudio - ok
22:52:05.0265 2588  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
22:52:05.0281 2588  napagent - ok
22:52:05.0312 2588  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
22:52:05.0328 2588  NDIS - ok
22:52:05.0343 2588  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:52:05.0421 2588  NdisTapi - ok
22:52:05.0453 2588  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:52:05.0453 2588  Ndisuio - ok
22:52:05.0468 2588  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:52:05.0468 2588  NdisWan - ok
22:52:05.0484 2588  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
22:52:05.0562 2588  NDProxy - ok
22:52:05.0578 2588  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
22:52:05.0578 2588  NetBIOS - ok
22:52:05.0593 2588  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:52:05.0593 2588  NetBT - ok
22:52:05.0625 2588  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
22:52:05.0625 2588  NetDDE - ok
22:52:05.0640 2588  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
22:52:05.0640 2588  NetDDEdsdm - ok
22:52:05.0671 2588  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:52:05.0687 2588  Netlogon - ok
22:52:05.0734 2588  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
22:52:05.0750 2588  Netman - ok
22:52:05.0781 2588  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:52:05.0796 2588  NetTcpPortSharing - ok
22:52:05.0812 2588  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
22:52:05.0828 2588  Nla - ok
22:52:05.0828 2588  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:52:05.0843 2588  Npfs - ok
22:52:05.0859 2588  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
22:52:05.0875 2588  Ntfs - ok
22:52:05.0890 2588  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
22:52:05.0890 2588  NtLmSsp - ok
22:52:05.0921 2588  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
22:52:05.0937 2588  NtmsSvc - ok
22:52:05.0968 2588  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:52:05.0984 2588  Null - ok
22:52:06.0015 2588  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:52:06.0015 2588  NwlnkFlt - ok
22:52:06.0015 2588  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:52:06.0031 2588  NwlnkFwd - ok
22:52:06.0062 2588  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:52:06.0156 2588  ose - ok
22:52:06.0312 2588  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:52:06.0625 2588  osppsvc - ok
22:52:06.0640 2588  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
22:52:06.0656 2588  Parport - ok
22:52:06.0671 2588  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
22:52:06.0671 2588  PartMgr - ok
22:52:06.0718 2588  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
22:52:06.0718 2588  ParVdm - ok
22:52:06.0734 2588  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
22:52:06.0734 2588  PCI - ok
22:52:06.0750 2588  PCIDump - ok
22:52:06.0750 2588  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
22:52:06.0765 2588  PCIIde - ok
22:52:06.0796 2588  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
22:52:06.0796 2588  Pcmcia - ok
22:52:06.0812 2588  PDCOMP - ok
22:52:06.0812 2588  PDFRAME - ok
22:52:06.0828 2588  PDRELI - ok
22:52:06.0843 2588  PDRFRAME - ok
22:52:06.0843 2588  perc2 - ok
22:52:06.0859 2588  perc2hib - ok
22:52:06.0906 2588  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
22:52:06.0906 2588  PlugPlay - ok
22:52:06.0937 2588  [ 901C43516504CBE582E4C4193E00876A ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.exe
22:52:07.0031 2588  Pml Driver HPZ12 - ok
22:52:07.0046 2588  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
22:52:07.0046 2588  PolicyAgent - ok
22:52:07.0062 2588  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:52:07.0078 2588  PptpMiniport - ok
22:52:07.0078 2588  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:52:07.0078 2588  ProtectedStorage - ok
22:52:07.0093 2588  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
22:52:07.0109 2588  PSched - ok
22:52:07.0109 2588  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:52:07.0109 2588  Ptilink - ok
22:52:07.0125 2588  [ 86724469CD077901706854974CD13C3E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:52:07.0140 2588  PxHelp20 - ok
22:52:07.0140 2588  ql1080 - ok
22:52:07.0156 2588  Ql10wnt - ok
22:52:07.0156 2588  ql12160 - ok
22:52:07.0171 2588  ql1240 - ok
22:52:07.0187 2588  ql1280 - ok
22:52:07.0203 2588  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:52:07.0203 2588  RasAcd - ok
22:52:07.0250 2588  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:52:07.0250 2588  RasAuto - ok
22:52:07.0265 2588  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:52:07.0265 2588  Rasl2tp - ok
22:52:07.0296 2588  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:52:07.0296 2588  RasMan - ok
22:52:07.0312 2588  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:52:07.0312 2588  RasPppoe - ok
22:52:07.0328 2588  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
22:52:07.0328 2588  Raspti - ok
22:52:07.0343 2588  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:52:07.0343 2588  Rdbss - ok
22:52:07.0390 2588  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:52:07.0406 2588  RDPCDD - ok
22:52:07.0421 2588  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:52:07.0421 2588  rdpdr - ok
22:52:07.0453 2588  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
22:52:07.0640 2588  RDPWD - ok
22:52:07.0656 2588  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
22:52:07.0671 2588  RDSessMgr - ok
22:52:07.0671 2588  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
22:52:07.0687 2588  redbook - ok
22:52:07.0687 2588  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:52:07.0703 2588  RemoteAccess - ok
22:52:07.0718 2588  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
22:52:07.0718 2588  RemoteRegistry - ok
22:52:07.0750 2588  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:52:07.0750 2588  RpcLocator - ok
22:52:07.0781 2588  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\system32\rpcss.dll
22:52:07.0781 2588  RpcSs - ok
22:52:07.0812 2588  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
22:52:07.0828 2588  RSVP - ok
22:52:07.0843 2588  [ D507C1400284176573224903819FFDA3 ] rtl8139         C:\WINDOWS\system32\DRIVERS\RTL8139.SYS
22:52:07.0843 2588  rtl8139 - ok
22:52:07.0859 2588  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
22:52:07.0859 2588  SamSs - ok
22:52:07.0875 2588  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
22:52:07.0890 2588  SCardSvr - ok
22:52:07.0921 2588  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:52:07.0921 2588  Schedule - ok
22:52:07.0953 2588  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:52:07.0953 2588  Secdrv - ok
22:52:07.0968 2588  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
22:52:07.0984 2588  seclogon - ok
22:52:07.0984 2588  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
22:52:08.0000 2588  SENS - ok
22:52:08.0000 2588  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
22:52:08.0015 2588  serenum - ok
22:52:08.0015 2588  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
22:52:08.0031 2588  Serial - ok
22:52:08.0062 2588  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
22:52:08.0078 2588  Sfloppy - ok
22:52:08.0125 2588  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:52:08.0140 2588  SharedAccess - ok
22:52:08.0156 2588  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:52:08.0156 2588  ShellHWDetection - ok
22:52:08.0171 2588  Simbad - ok
22:52:08.0203 2588  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
22:52:17.0750 2588  SkypeUpdate - ok
22:52:17.0796 2588  [ 6A06C60C6CAE39A87603B03EA7DD404C ] SMServer        C:\WINDOWS\system32\snmvtsvc.exe
22:52:17.0890 2588  SMServer - ok
22:52:17.0906 2588  Sparrow - ok
22:52:17.0968 2588  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
22:52:17.0968 2588  splitter - ok
22:52:18.0000 2588  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
22:52:18.0078 2588  Spooler - ok
22:52:18.0093 2588  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
22:52:18.0109 2588  sr - ok
22:52:18.0125 2588  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
22:52:18.0125 2588  srservice - ok
22:52:18.0156 2588  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:52:18.0250 2588  Srv - ok
22:52:18.0265 2588  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:52:18.0281 2588  SSDPSRV - ok
22:52:18.0296 2588  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
22:52:18.0312 2588  stisvc - ok
22:52:18.0328 2588  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
22:52:18.0328 2588  swenum - ok
22:52:18.0343 2588  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
22:52:18.0343 2588  swmidi - ok
22:52:18.0359 2588  SwPrv - ok
22:52:18.0375 2588  symc810 - ok
22:52:18.0375 2588  symc8xx - ok
22:52:18.0390 2588  sym_hi - ok
22:52:18.0406 2588  sym_u3 - ok
22:52:18.0468 2588  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
22:52:18.0468 2588  sysaudio - ok
22:52:18.0531 2588  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
22:52:18.0546 2588  SysmonLog - ok
22:52:18.0593 2588  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:52:18.0593 2588  TapiSrv - ok
22:52:18.0625 2588  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:52:18.0640 2588  Tcpip - ok
22:52:18.0640 2588  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
22:52:18.0656 2588  TDPIPE - ok
22:52:18.0671 2588  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
22:52:18.0671 2588  TDTCP - ok
22:52:18.0687 2588  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
22:52:18.0687 2588  TermDD - ok
22:52:18.0718 2588  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
22:52:18.0734 2588  TermService - ok
22:52:18.0734 2588  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
22:52:18.0750 2588  Themes - ok
22:52:18.0765 2588  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
22:52:18.0781 2588  TlntSvr - ok
22:52:18.0796 2588  TosIde - ok
22:52:18.0906 2588  [ 3144B3FAF519AF2914629FE11A53CDE5 ] TracSrvWrapper  C:\Program Files\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
22:52:19.0078 2588  TracSrvWrapper - ok
22:52:19.0093 2588  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
22:52:19.0109 2588  TrkWks - ok
22:52:19.0125 2588  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
22:52:19.0140 2588  Udfs - ok
22:52:19.0140 2588  ultra - ok
22:52:19.0156 2588  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
22:52:19.0171 2588  Update - ok
22:52:19.0203 2588  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:52:19.0218 2588  upnphost - ok
22:52:19.0234 2588  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
22:52:19.0234 2588  UPS - ok
22:52:19.0265 2588  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:52:19.0265 2588  usbccgp - ok
22:52:19.0281 2588  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:52:19.0281 2588  usbehci - ok
22:52:19.0296 2588  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:52:19.0296 2588  usbhub - ok
22:52:19.0328 2588  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
22:52:19.0328 2588  usbohci - ok
22:52:19.0343 2588  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
22:52:19.0359 2588  usbprint - ok
22:52:19.0390 2588  [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:52:19.0390 2588  usbstor - ok
22:52:19.0421 2588  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
22:52:19.0421 2588  VgaSave - ok
22:52:19.0421 2588  ViaIde - ok
22:52:19.0484 2588  [ 48007916B1D0DAB3E6C0D701DE7C4AFB ] vna_ap          C:\WINDOWS\system32\DRIVERS\vnaap.sys
22:52:19.0562 2588  vna_ap - ok
22:52:19.0609 2588  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
22:52:19.0609 2588  VolSnap - ok
22:52:19.0640 2588  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
22:52:19.0656 2588  VSS - ok
22:52:19.0671 2588  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
22:52:19.0687 2588  W32Time - ok
22:52:19.0718 2588  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:52:19.0718 2588  Wanarp - ok
22:52:19.0734 2588  WDICA - ok
22:52:19.0796 2588  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
22:52:19.0796 2588  wdmaud - ok
22:52:19.0812 2588  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:52:19.0828 2588  WebClient - ok
22:52:19.0875 2588  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:52:19.0890 2588  winmgmt - ok
22:52:19.0921 2588  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
22:52:19.0937 2588  WmdmPmSN - ok
22:52:19.0968 2588  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
22:52:19.0968 2588  Wmi - ok
22:52:20.0000 2588  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:52:20.0000 2588  WmiApSrv - ok
22:52:20.0062 2588  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
22:52:20.0093 2588  WMPNetworkSvc - ok
22:52:20.0125 2588  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:52:20.0125 2588  WpdUsb - ok
22:52:20.0187 2588  [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
22:52:20.0296 2588  WPFFontCache_v0400 - ok
22:52:20.0328 2588  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
22:52:20.0343 2588  wscsvc - ok
22:52:20.0359 2588  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
22:52:20.0375 2588  wuauserv - ok
22:52:20.0500 2588  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:52:20.0500 2588  WudfPf - ok
22:52:20.0546 2588  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:52:20.0562 2588  WudfRd - ok
22:52:20.0578 2588  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
22:52:20.0578 2588  WudfSvc - ok
22:52:20.0609 2588  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
22:52:20.0625 2588  WZCSVC - ok
22:52:20.0671 2588  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
22:52:20.0687 2588  xmlprov - ok
22:52:20.0687 2588  ================ Scan global ===============================
22:52:20.0718 2588  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:52:20.0750 2588  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:52:20.0828 2588  [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
22:52:20.0859 2588  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:52:20.0859 2588  [Global] - ok
22:52:20.0859 2588  ================ Scan MBR ==================================
22:52:20.0875 2588  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
22:52:21.0187 2588  \Device\Harddisk0\DR0 - ok
22:52:21.0187 2588  ================ Scan VBR ==================================
22:52:21.0203 2588  [ 6F80CC9F0084073018F5F63DF0CEB28B ] \Device\Harddisk0\DR0\Partition1
22:52:21.0203 2588  \Device\Harddisk0\DR0\Partition1 - ok
22:52:21.0203 2588  [ 5A39891B4D2C0B847A54EB108A852A4E ] \Device\Harddisk0\DR0\Partition2
22:52:21.0203 2588  \Device\Harddisk0\DR0\Partition2 - ok
22:52:21.0203 2588  ============================================================
22:52:21.0203 2588  Scan finished
22:52:21.0203 2588  ============================================================
22:52:21.0218 3632  Detected object count: 0
22:52:21.0218 3632  Actual detected object count: 0
23:26:49.0281 0452  Deinitialize success

 

 

aswMBR:

aswMBR version 0.9.9.1707 Copyright© 2011 AVAST Software
Run date: 2013-02-21 23:03:41
-----------------------------
23:03:41.296    OS Version: Windows 5.1.2600 Service Pack 3
23:03:41.296    Number of processors: 2 586 0x409
23:03:41.296    ComputerName: NELSON  UserName: Kay
23:03:42.031    Initialize success
23:05:11.125    AVAST engine defs: 13022103
23:07:16.000    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3
23:07:16.000    Disk 0 Vendor: WDC_WD10EARS-00Y5B1 80.00A80 Size: 953869MB BusType: 3
23:07:16.015    Disk 0 MBR read successfully
23:07:16.015    Disk 0 MBR scan
23:07:16.125    Disk 0 Windows XP default MBR code
23:07:16.125    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       150013 MB offset 63
23:07:16.125    Disk 0 Partition - 00     0F Extended LBA            803854 MB offset 307227060
23:07:16.156    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       803853 MB offset 307227123
23:07:16.171    Disk 0 scanning sectors +1953520065
23:07:16.250    Disk 0 scanning C:\WINDOWS\system32\drivers
23:07:28.625    Service scanning
23:08:01.000    Modules scanning
23:08:05.109    Module: C:\WINDOWS\System32\DLA\DLADResN.SYS  **SUSPICIOUS**
23:08:05.656    Disk 0 trace - called modules:
23:08:05.671    ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
23:08:05.671    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a4f7ab8]
23:08:05.671    3 CLASSPNP.SYS[ba0e8fd7] -> nt!IofCallDriver -> \Device\00000062[0x8a517f18]
23:08:05.671    5 ACPI.sys[b9f7f620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a4e1940]
23:08:06.812    AVAST engine scan C:\WINDOWS
23:08:11.937    AVAST engine scan C:\WINDOWS\system32
23:12:58.234    AVAST engine scan C:\WINDOWS\system32\drivers
23:13:18.812    AVAST engine scan C:\Documents and Settings\Kay
23:28:15.953    AVAST engine scan C:\Documents and Settings\All Users
23:30:34.203    Scan finished successfully
23:32:26.359    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Kay\Desktop\combo fix suggestions\MBR.dat"
23:32:26.375    The log file has been saved successfully to "C:\Documents and Settings\Kay\Desktop\combo fix suggestions\aswMBR results.txt"

 

Ok I must admit I have no idea what a blackole... is  so I am walking on faith. :unsure.png



#8 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 22 February 2013 - 12:04 PM

YES!!!! I was able to get Adobe Reader XI downloaded this morning smile.png



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:56 AM

Posted 22 February 2013 - 02:03 PM

Hello, this file in the aswMBR log is legitrimate but may be infected..

23:08:05.109 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**

 

 To be safe...I think we should get a deeper look. Please follow this Preparation Guide and post in a new topic.
Let me know if all went well.


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 22 February 2013 - 02:29 PM

Ok I am Stumped!!!I clicked on the  , " Preparation Guide" When I got there, I reaad , " Before you perform these steps,

"it is suggested that I  first check to see if there is a self-help guide for infection here:

    Virus, Spyware, and Malware Removal Self-Help Guides after scrolling threw it, I have really no idea what one to choose ........ Can you give me a hint? I did preceed to the rest of the list to back up and read about the slow computer and all but I am thinking I should clear or rremove before backing it ....... sorry i need more in put. Thanks



#11 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 22 February 2013 - 03:15 PM

ok So I jumped to #6 and these are the results:

 

DDS.txt results

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702
Run by Kay at 14:07:11 on 2013-02-22
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1918.908 [GMT -6:00]
.
AV: McAfee VirusScan Enterprise *Enabled/Updated* {918A2B0B-2C60-4016-A4AB-E868DEABF7F0}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Real\RealPlayer\update\realsched.exe
C:\Program Files\Garmin\Lifetime Updater\GarminLifetime.exe
C:\Program Files\CheckPoint\Endpoint Connect\TrGUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\McAfee\VirusScan Enterprise\mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\vstskmgr.exe
C:\Program Files\CheckPoint\Endpoint Connect\TracSrvWrapper.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://xfinity.comcast.net/?cid=insDate10062012
BHO: SnagIt Toolbar Loader: {00C6482D-C502-44C8-8409-FCE54AD9C208} - c:\program files\techsmith\snagit 8\SnagItBHO.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL
TB: SnagIt: {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - c:\program files\techsmith\snagit 8\SnagItIEAddin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [BIBLauncher] k:\19 march 2011\my documents\business-in-a-box files\business-in-a-box\BIBLauncher.exe
uRun: [LightScribe Control Panel] c:\program files\common files\lightscribe\LightScribeControlPanel.exe -hidden
mRun: [ShStatEXE] "c:\program files\mcafee\virusscan enterprise\SHSTAT.EXE" /STANDALONE
mRun: [McAfeeUpdaterUI] "c:\program files\mcafee\common framework\UdaterUI.exe" /StartedFromRunKey
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\ISUSPM.exe -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [HPDJ Taskbar Utility] c:\windows\system32\spool\drivers\w32x86\3\hpztsb09.exe
mRun: [HPHUPD05] c:\program files\hewlett-packard\\{5372b9a6-6e51-4f90-9b40-e0a3b8475c4e}\hphupd05.exe
mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
mRun: [HP Software Update] "c:\program files\hewlett-packard\hp software update\HPWuSchd2.exe"
mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [USSShReg] c:\progra~1\uleads~1\uleadp~1\ssaver\Ussshreg.exe /r
mRun: [Garmin Lifetime Updater] c:\program files\garmin\lifetime updater\GarminLifetime.exe /StartMinimized
mRun: [Check Point Endpoint Security] "c:\program files\checkpoint\endpoint connect\TrGUI.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {38E51477-DDB4-4aed-9D61-D0C193E10749} - {38E51477-DDB4-4aed-9D61-D0C193E10749} - c:\program files\allmusicconverter\YouTubeRipper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4077F776-5405-4CDF-BBCF-70628E12919D} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kay\application data\mozilla\firefox\profiles\o027ue2j.default-1349302905546\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\documents and settings\kay\local settings\application data\unity\webplayer\loader\npUnity3D32.dll
FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\real\realplayer\netscape6\nprpplugin.dll
FF - plugin: c:\program files\tracker software\pdf viewer\npPDFXCviewNPPlugin.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_6_602_168.dll
.
============= SERVICES / DRIVERS ===============
.
R1 mferkdk;VSCore mferkdk;c:\program files\mcafee\virusscan enterprise\mferkdk.sys [2009-1-27 31848]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files\common files\intuit\update service v4\IntuitUpdateService.exe [2012-8-23 13672]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-2-19 398184]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-2-19 682344]
R2 McAfeeFramework;McAfee Framework Service;c:\program files\mcafee\common framework\FrameworkService.exe [2012-2-10 103744]
R2 McShield;McAfee McShield;c:\program files\mcafee\virusscan enterprise\mcshield.exe [2009-1-27 144704]
R2 McTaskManager;McAfee Task Manager;c:\program files\mcafee\virusscan enterprise\vstskmgr.exe [2009-1-27 54608]
R2 TracSrvWrapper;Check Point Mobile;c:\program files\checkpoint\endpoint connect\TracSrvWrapper.exe [2011-9-14 4512952]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-2-19 21104]
R3 mfeavfk;McAfee Inc.;c:\windows\system32\drivers\mfeavfk.sys [2012-2-10 73512]
R3 mfebopk;McAfee Inc.;c:\windows\system32\drivers\mfebopk.sys [2012-2-10 34408]
R3 mfehidk;McAfee Inc.;c:\windows\system32\drivers\mfehidk.sys [2012-2-10 178024]
R3 MusCAudio;MusCAudio;c:\windows\system32\drivers\MusCAudio.sys [2012-10-6 23608]
R3 vna_ap;Check Point Virtual Network Adapter - Apollo;c:\windows\system32\drivers\vnaap.sys [2011-2-7 129304]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-2-19 13192]
S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-2-19 8456]
S3 GSService;GSService;c:\windows\system32\GSService.exe [2012-10-6 252928]
S3 SMServer;SMServer;c:\windows\system32\snmvtsvc.exe [2012-10-6 260608]
.
=============== Created Last 30 ================
.
2013-02-21 18:46:47    --------    d-----w-    c:\program files\ESET
2013-02-20 02:57:33    --------    d-----w-    c:\documents and settings\kay\application data\Malwarebytes
2013-02-20 02:57:12    --------    d-----w-    c:\documents and settings\all users\application data\Malwarebytes
2013-02-20 02:57:09    21104    ----a-w-    c:\windows\system32\drivers\mbam.sys
2013-02-20 02:57:09    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
.
==================== Find3M  ====================
.
2013-02-19 12:59:15    71024    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2013-02-19 12:59:15    691568    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2013-02-15 00:41:24    89680    ----a-w-    c:\documents and settings\kay\MSSSerif120.fon
2013-01-26 03:55:44    552448    ----a-w-    c:\windows\system32\oleaut32.dll
2013-01-07 01:19:45    2148864    ----a-w-    c:\windows\system32\ntoskrnl.exe
2013-01-07 00:37:01    2027520    ----a-w-    c:\windows\system32\ntkrnlpa.exe
2013-01-04 01:20:00    1867264    ----a-w-    c:\windows\system32\win32k.sys
2013-01-02 06:49:10    148992    ----a-w-    c:\windows\system32\mpg2splt.ax
2013-01-02 06:49:10    1292288    ----a-w-    c:\windows\system32\quartz.dll
2012-12-26 20:16:29    916480    ----a-w-    c:\windows\system32\wininet.dll
2012-12-26 20:16:28    43520    ----a-w-    c:\windows\system32\licmgr10.dll
2012-12-26 20:16:28    1469440    ------w-    c:\windows\system32\inetcpl.cpl
2012-12-24 06:40:59    385024    ----a-w-    c:\windows\system32\html.iec
2012-12-16 12:23:59    290560    ----a-w-    c:\windows\system32\atmfd.dll
.
============= FINISH: 14:08:06.71 ===============

 

AND .
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 2/10/2012 8:54:41 PM
System Uptime: 2/22/2013 1:14:41 PM (1 hours ago)
.
Motherboard: MSI |  | 0A48
Processor:               Intel® Pentium® 4 CPU 3.00GHz | Socket 775 | 3000/200mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 146 GiB total, 98.113 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is Removable
J: is FIXED (NTFS) - 785 GiB total, 697.972 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\3&61AAA01&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\3&61AAA01&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP334: 11/24/2012 4:29:32 PM - System Checkpoint
RP335: 11/25/2012 5:31:25 PM - System Checkpoint
RP336: 11/26/2012 6:28:57 PM - System Checkpoint
RP337: 11/27/2012 7:28:59 PM - System Checkpoint
RP338: 11/28/2012 8:28:57 PM - System Checkpoint
RP339: 11/29/2012 9:28:57 PM - System Checkpoint
RP340: 11/30/2012 10:28:57 PM - System Checkpoint
RP341: 12/1/2012 11:28:40 PM - System Checkpoint
RP342: 12/2/2012 11:38:49 PM - System Checkpoint
RP343: 12/4/2012 12:09:28 PM - System Checkpoint
RP344: 12/5/2012 1:37:24 PM - System Checkpoint
RP345: 12/6/2012 2:04:19 PM - System Checkpoint
RP346: 12/7/2012 2:37:48 PM - System Checkpoint
RP347: 12/8/2012 10:15:02 PM - System Checkpoint
RP348: 12/10/2012 8:32:18 AM - System Checkpoint
RP349: 12/11/2012 8:51:18 AM - System Checkpoint
RP350: 12/12/2012 9:00:48 AM - Software Distribution Service 3.0
RP351: 12/13/2012 10:09:41 AM - System Checkpoint
RP352: 12/14/2012 10:11:26 AM - System Checkpoint
RP353: 12/15/2012 11:11:27 AM - System Checkpoint
RP354: 12/16/2012 11:38:13 AM - System Checkpoint
RP355: 12/17/2012 12:51:21 PM - System Checkpoint
RP356: 12/18/2012 1:57:18 PM - System Checkpoint
RP357: 12/19/2012 6:06:18 PM - System Checkpoint
RP358: 12/20/2012 6:14:19 PM - System Checkpoint
RP359: 12/21/2012 9:00:17 AM - Software Distribution Service 3.0
RP360: 12/22/2012 9:08:32 AM - System Checkpoint
RP361: 12/23/2012 10:18:20 AM - System Checkpoint
RP362: 12/24/2012 10:46:58 AM - System Checkpoint
RP363: 12/25/2012 11:13:06 AM - System Checkpoint
RP364: 12/26/2012 11:13:31 AM - System Checkpoint
RP365: 12/27/2012 11:54:13 AM - System Checkpoint
RP366: 12/28/2012 2:40:42 PM - System Checkpoint
RP367: 12/29/2012 3:54:51 PM - System Checkpoint
RP368: 12/30/2012 3:56:25 PM - System Checkpoint
RP369: 12/31/2012 4:01:15 PM - System Checkpoint
RP370: 1/1/2013 4:13:12 PM - System Checkpoint
RP371: 1/2/2013 5:21:36 PM - System Checkpoint
RP372: 1/3/2013 6:42:23 PM - System Checkpoint
RP373: 1/4/2013 9:00:19 AM - Software Distribution Service 3.0
RP374: 1/5/2013 9:17:14 AM - System Checkpoint
RP375: 1/6/2013 11:22:07 AM - System Checkpoint
RP376: 1/7/2013 12:09:32 PM - System Checkpoint
RP377: 1/8/2013 12:23:23 PM - System Checkpoint
RP378: 1/9/2013 9:00:21 AM - Software Distribution Service 3.0
RP379: 1/10/2013 11:22:03 AM - System Checkpoint
RP380: 1/11/2013 11:54:32 AM - System Checkpoint
RP381: 1/12/2013 1:05:00 PM - System Checkpoint
RP382: 1/13/2013 2:16:46 PM - System Checkpoint
RP383: 1/14/2013 3:07:33 PM - System Checkpoint
RP384: 1/15/2013 9:00:17 AM - Software Distribution Service 3.0
RP385: 1/16/2013 9:55:41 AM - System Checkpoint
RP386: 1/17/2013 11:18:59 AM - System Checkpoint
RP387: 1/18/2013 11:24:13 AM - System Checkpoint
RP388: 1/19/2013 11:29:52 AM - System Checkpoint
RP389: 1/20/2013 12:05:14 PM - System Checkpoint
RP390: 1/21/2013 1:38:46 PM - System Checkpoint
RP391: 1/22/2013 6:30:54 PM - System Checkpoint
RP392: 1/23/2013 7:03:38 PM - System Checkpoint
RP393: 1/24/2013 7:09:31 PM - System Checkpoint
RP394: 1/25/2013 7:10:37 PM - System Checkpoint
RP395: 1/26/2013 7:32:23 PM - System Checkpoint
RP396: 1/27/2013 9:55:04 PM - System Checkpoint
RP397: 1/28/2013 10:19:33 PM - System Checkpoint
RP398: 1/30/2013 10:07:35 AM - Installed TurboTax 2012 wrapper
RP399: 1/31/2013 1:43:36 PM - System Checkpoint
RP400: 2/1/2013 4:42:17 AM - Removed Microsoft Silverlight
RP401: 2/2/2013 5:22:00 AM - System Checkpoint
RP402: 2/3/2013 6:25:38 AM - System Checkpoint
RP403: 2/4/2013 9:31:09 AM - System Checkpoint
RP404: 2/5/2013 9:00:48 AM - Installed TurboTax 2012 wmoiper
RP405: 2/5/2013 9:01:08 AM - Installed TurboTax 2012 wmsiper
RP406: 2/6/2013 9:26:19 AM - System Checkpoint
RP407: 2/7/2013 9:53:11 AM - System Checkpoint
RP408: 2/8/2013 9:56:32 AM - System Checkpoint
RP409: 2/9/2013 10:05:10 AM - System Checkpoint
RP410: 2/10/2013 10:50:33 AM - System Checkpoint
RP411: 2/11/2013 11:12:17 AM - System Checkpoint
RP412: 2/12/2013 6:17:28 PM - System Checkpoint
RP413: 2/13/2013 6:35:31 PM - System Checkpoint
RP414: 2/13/2013 7:02:53 PM - Software Distribution Service 3.0
RP415: 2/14/2013 8:31:48 PM - System Checkpoint
RP416: 2/15/2013 9:05:10 PM - System Checkpoint
RP417: 2/16/2013 9:10:42 AM - Removed Check Point Endpoint Connect
RP418: 2/16/2013 9:11:06 AM - Installed Check Point VPN.
RP419: 2/17/2013 10:06:58 AM - System Checkpoint
RP420: 2/18/2013 11:05:05 AM - System Checkpoint
RP421: 2/19/2013 4:18:49 PM - System Checkpoint
RP422: 2/20/2013 4:51:19 PM - System Checkpoint
RP423: 2/21/2013 5:10:44 PM - System Checkpoint
.
==== Installed Programs ======================
.
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.02)
AllMusicConverter 4.3.8
AllMusicConverter Media Suite 4.3.8
AnswerWorks 5.0 English Runtime
ATI - Software Uninstall Utility
ATI Display Driver
Audacity 1.2.6
AudibleManager
AVS Media Player 4.1.9.95
AVS Update Manager 1.0
AVS4YOU Software Navigator 1.4
CCleaner
Check Point VPN
CleanUp!
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DriveImage XML (Private Edition)
EASEUS Partition Master 9.1.0 Home Edition
ESET Online Scanner v3
Garmin Lifetime Updater
GoToMeeting 5.2.0.952
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB981793)
HP Software Update
LightScribe System Software  1.14.25.1
Malwarebytes Anti-Malware version 1.70.0.1100
McAfee VirusScan Enterprise
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 14
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox 19.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
overland
PDF-Viewer
PDFCreator
Photosmart 140,240,7200,7600,7700,7900 Series
PS7700
PSShortcutsP
PSUsage
QFolder
Quicken 2011
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Roxio Audio Module
Roxio CinePlayer
Roxio Copy Module
Roxio Data Module
Roxio DLA
Roxio Express Labeler
Roxio MyDVD Plus
Roxio Update Manager
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589337) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player (KB979402)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923789)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Skype™ 5.10
SnagIt 8
Spybot - Search & Destroy
SureThing CD Labeler Deluxe Update
TurboTax 2009
TurboTax 2009 WinPerFedFormset
TurboTax 2009 WinPerReleaseEngine
TurboTax 2009 WinPerTaxSupport
TurboTax 2009 wrapper
TurboTax 2010
TurboTax 2010 WinPerFedFormset
TurboTax 2010 WinPerReleaseEngine
TurboTax 2010 WinPerTaxSupport
TurboTax 2010 wmsiper
TurboTax 2010 wrapper
TurboTax 2011
TurboTax 2011 WinPerFedFormset
TurboTax 2011 WinPerReleaseEngine
TurboTax 2011 WinPerTaxSupport
TurboTax 2011 wmoiper
TurboTax 2011 wmsiper
TurboTax 2011 wrapper
TurboTax 2012
TurboTax 2012 WinPerFedFormset
TurboTax 2012 WinPerReleaseEngine
TurboTax 2012 WinPerTaxSupport
TurboTax 2012 wmoiper
TurboTax 2012 wmsiper
TurboTax 2012 wrapper
Ulead PhotoImpact 4.0
Unity Web Player
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Update for Windows XP (KB2345886)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Walgreens PictureMover
WebFldrs XP
Windows Internet Explorer 8
Windows Media Format 11 runtime
Windows Media Player 11
Windows XP Service Pack 3
.
==== Event Viewer Messages From Past Week ========
.
2/22/2013 8:45:03 AM, error: Service Control Manager [7022]  - The Intuit Update Service v4 service hung on starting.
2/20/2013 6:43:58 AM, error: Service Control Manager [7034]  - The McAfee McShield service terminated unexpectedly.  It has

done this 1 time(s).
2/20/2013 6:43:57 AM, error: Service Control Manager [7011]  - Timeout (30000 milliseconds) waiting for a transaction

response from the MBAMService service.
2/20/2013 12:47:54 PM, error: Service Control Manager [7034]  - The McAfee McShield service terminated unexpectedly.  It has

done this 2 time(s).
2/19/2013 2:06:35 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service wuauserv with arguments

"" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
2/19/2013 10:40:05 PM, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while

processing the file '' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume.
2/19/2013 1:55:28 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to

load:  Fips intelppm mfetdik
2/19/2013 1:54:32 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with

arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/19/2013 1:40:11 PM, error: ati2mtag [44044]  - I2c return failed
.
==== End Of File ===========================

I think this last one was to be a zip file......... I don't know how to make one but it copied and paste so i hope this works for you.



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,906 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:56 AM

Posted 22 February 2013 - 08:00 PM

That's OK now we nee you to repost the DDS log as per step 7,thanks..


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 22 February 2013 - 10:09 PM

Ok  I am confused,

I am not sure what I am suppose to post....... Are you asking me to post this? 23:08:05.109 Module: C:\WINDOWS\System32\DLA\DLADResN.SYS **SUSPICIOUS**?

I see a topic title and then they body of the mail........... and should I  mention in the body I think it is ok but not sure? and add the DDS txt file as a attchment?



#14 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 24 February 2013 - 06:36 PM

Boopme here are the results to what I did at the Jottis
page:

Here are the results, DLADResN.SYS Status:

Scan finished. 0 out of 20 scanners reported malware.

Scan taken on:   Sun 24 Feb 2013 00:52:57 (CET) Permalink   

Noviciate reply:
The file appears to be a component of Roxio DLA (Drive Letter Access) and as such the detection is a false positive. All the Jotti's scans come back clean, so i'd consider the file safe.

 Thank you Mr Boopme for all your help...
Just wondering if you might suggest anything I might add to my computer regiment? from what I mentioned above and how oftern would you suggest I do it......... Right Now I do it on average of 2x a month........

How often is it recommended to back up and should I do a I think it is called a, " system restore" and mark this as a new restore point noting this was this last known good restore point? Thanks again........ I'll try and be more careful......



#15 cocojen3

cocojen3
  • Topic Starter

  • Members
  • 22 posts
  • OFFLINE
  •  
  • Local time:03:56 AM

Posted 25 February 2013 - 10:29 AM

I have just removed a JS/Exploit-blacole.eu trojans and was cleared of all critters only to have this error pop up. (hxxps://d1ros97qkrwjf5.cloudfront.net/42/eum/rum.js) I am not sure if it is a false postive or what is triggering it. So any advise would be greatly appreciated.  It does ask me if  want to continue running this scipt. I chose no b/c I dont know what it is to begin with.

 

Edit: For reference

Also see http://www.bleepingcomputer.com/forums/t/486426/cwindowssystem32dladladresnsys-suspicious/

I also edited the web link

Roger


Edited by rotor123, 25 February 2013 - 10:52 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users