Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Java popups and slow computer


  • This topic is locked This topic is locked
20 replies to this topic

#1 broskeeper

broskeeper

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 07 June 2013 - 12:44 AM

I got a few JAVA popups and now the computer is so slow that it takes all day to check e mail or anything eles. Please Help!

 

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.6.2
Run by Rudy at 2:02:12 on 2013-06-07
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1022.200 [GMT -4:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled*
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MICROS~4\Office12\OUTLOOK.EXE
C:\Program Files\Common Files\AOL\1170309358\ee\aolsoftware.exe
C:\Program Files\AOL Desktop 9.6\waol.exe
C:\Program Files\AOL Desktop 9.6\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Program Files\AVAST Software\Avast\setup\avast.setup
C:\Program Files\AOL Desktop 9.6\AOLBrowser\aolbrowser.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\WINDOWS\system32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uProxyOverride = 127.0.0.1
BHO: {02478D38-C3F9-4EFB-9B51-7695ECA05670} - <orphaned>
BHO: DriveLetterAccess: {5CA3D70E-1895-11CF-8E15-001234567890} - c:\windows\system32\dla\tfswshx.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.8313.1002\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
EB: {4528BBE0-4E08-11D5-AD55-00010333D0AD} - <orphaned>
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [AOL Fast Start] "c:\program files\aol desktop 9.6\AOL.EXE" -b
mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
uPolicies-Explorer: NoDriveAutoRun = dword:67108735
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
IE: E&xport to Microsoft Excel - c:\progra~1\micros~4\office12\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{590FB665-AA1D-43B1-BDF9-EFF2E14A5BB9} : DHCPNameServer = 192.168.2.1
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\27.0.1453.110\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\rudy\application data\mozilla\firefox\profiles\0qojcu8t.default\
FF - plugin: c:\documents and settings\rudy\application data\move networks\plugins\npqmp071500000347.dll
FF - plugin: c:\documents and settings\rudy\application data\move networks\plugins\npqmp071503000010.dll
FF - plugin: c:\progra~1\yahoo!\common\npyaxmpb.dll
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
============= SERVICES / DRIVERS ===============
.
S? aswFsBlk;aswFsBlk
S? aswKbd;aswKbd
S? aswMonFlt;aswMonFlt
S? aswRvrt;aswRvrt
S? aswSnx;aswSnx
S? aswSP;aswSP
S? aswVmm;aswVmm
S? avast! Antivirus;avast! Antivirus
.
=============== Created Last 30 ================
.
2013-05-10 07:57:26 187456 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2013-05-19 16:33:15 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-19 16:33:14 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 08:59:10 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59:10 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59:10 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59:09 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59:09 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-09 08:58:37 41664 ----a-w- c:\windows\avastSS.scr
2013-04-16 22:17:15 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17:14 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17:14 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28:55 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31:19 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 18:50:32 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2004-08-04 10:00:00 94784 --sh--w- c:\windows\twain.dll
2008-04-14 00:12:07 50688 --sh--w- c:\windows\twain_32.dll
2011-02-08 13:33:55 978944 --sha-w- c:\windows\system32\mfc42.dll
2008-04-14 00:12:01 57344 --sh--w- c:\windows\system32\msvcirt.dll
2008-04-14 00:12:01 413696 --sha-w- c:\windows\system32\msvcp60.dll
2013-01-26 03:55:44 552448 --sha-w- c:\windows\system32\oleaut32.dll
2008-04-14 00:12:32 11776 --sh--w- c:\windows\system32\regsvr32.exe
.
============= FINISH:  2:14:47.46 ===============
 


Edited by broskeeper, 07 June 2013 - 04:15 PM.


BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 AM

Posted 09 June 2013 - 05:53 PM


Hello broskeeper

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Delete.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 broskeeper

broskeeper
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 09 June 2013 - 07:21 PM

# AdwCleaner v2.303 - Logfile created 06/09/2013 at 19:55:56
# Updated 08/06/2013 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Rudy - RLDELL
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Rudy\Desktop\AdwCleaner.exe
# Option [Delete]

***** [Services] *****

***** [Files / Folders] *****

***** [Registry] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v6.0.2 (en-US)

File : C:\Documents and Settings\Rudy\Application Data\Mozilla\Firefox\Profiles\0qojcu8t.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v27.0.1453.110

File : C:\Documents and Settings\Rudy\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [2489 octets] - [09/06/2013 19:53:22]
AdwCleaner[S1].txt - [4128 octets] - [19/08/2012 19:07:11]
AdwCleaner[S2].txt - [2293 octets] - [09/06/2013 19:55:56]

########## EOF - C:\AdwCleaner[S2].txt - [2353 octets] ##########



#4 broskeeper

broskeeper
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 09 June 2013 - 08:02 PM

SVChost.exe   system is @99% use of processer slowing down the computer.

Avast is popping up with (mal. URL blocked)

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Microsoft Windows XP x86
Ran by Rudy on Sun 06/09/2013 at 20:24:28.68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{150AA0C5-99EE-4F1D-A702-86E2F9FA05A1}

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Rudy\Application Data\mozilla\firefox\profiles\0qojcu8t.default\extensions\bzkazvjrfc@bzkazvjrfc.org.xpi [Tracur]

 

~~~ Chrome

Dumping contents of C:\Documents and Settings\Rudy\Local Settings\Application Data\Google\Chrome\User Data\Default\Default
C:\Documents and Settings\Rudy\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadidigbdddigbdjgddadggcdegfdgdc
C:\Documents and Settings\Rudy\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadidigbdddigbdjgddadggcdegfdgdc\ContentScript.js
C:\Documents and Settings\Rudy\Local Settings\Application Data\Google\Chrome\User Data\Default\Default\aadidigbdddigbdjgddadggcdegfdgdc\manifest.json

Successfully deleted: [Folder] C:\Documents and Settings\Rudy\Local Settings\Application Data\Google\Chrome\User Data\Default\Default [Default Extension 1.0]

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 06/09/2013 at 20:44:39.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 AM

Posted 09 June 2013 - 08:14 PM


Hello broskeeper

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 broskeeper

broskeeper
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 10 June 2013 - 04:45 AM

RogueKiller V8.5.4 [Mar 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Rudy [Admin rights]
Mode : Remove -- Date : 06/10/2013 05:38:14
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJPOL] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJPOL] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1       localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: ST380013AS +++++
--- User ---
[MBR] 1cf8678e7a5ab0a0321b72a4e03f56e6
[BSP] 61d8e094308571d464905bab57c47663 : Windows XP MBR Code
Partition table:
0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 54 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 112455 | Size: 72825 Mo
2 - [XXXXXX] UNKNOWN (0xdb) [VISIBLE] Offset (sectors): 149259915 | Size: 3404 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[2]_D_06102013_02d0538.txt >>
RKreport[1]_S_06102013_02d0537.txt ; RKreport[2]_D_06102013_02d0538.txt



#7 broskeeper

broskeeper
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 10 June 2013 - 04:54 AM

22:07:47.0546 0204  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:07:47.0625 0204  ============================================================
22:07:47.0625 0204  Current date / time: 2013/06/09 22:07:47.0625
22:07:47.0625 0204  SystemInfo:
22:07:47.0625 0204 
22:07:47.0625 0204  OS Version: 5.1.2600 ServicePack: 3.0
22:07:47.0625 0204  Product type: Workstation
22:07:47.0625 0204  ComputerName: RLDELL
22:07:47.0625 0204  UserName: Rudy
22:07:47.0625 0204  Windows directory: C:\WINDOWS
22:07:47.0625 0204  System windows directory: C:\WINDOWS
22:07:47.0625 0204  Processor architecture: Intel x86
22:07:47.0625 0204  Number of processors: 2
22:07:47.0625 0204  Page size: 0x1000
22:07:47.0625 0204  Boot type: Normal boot
22:07:47.0625 0204  ============================================================
22:07:51.0187 0204  BG loaded
22:07:52.0140 0204  Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:07:52.0171 0204  ============================================================
22:07:52.0171 0204  \Device\Harddisk0\DR0:
22:07:52.0187 0204  MBR partitions:
22:07:52.0187 0204  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x8E3CF44
22:07:52.0187 0204  ============================================================
22:07:52.0750 0204  C: <-> \Device\Harddisk0\DR0\Partition1
22:07:52.0750 0204  ============================================================
22:07:52.0750 0204  Initialize success
22:07:52.0750 0204  ============================================================
22:08:11.0812 2216  ============================================================
22:08:11.0812 2216  Scan started
22:08:11.0812 2216  Mode: Manual; SigCheck; TDLFS;
22:08:11.0812 2216  ============================================================
22:08:18.0828 2216  ================ Scan system memory ========================
22:08:18.0828 2216  System memory - ok
22:08:18.0828 2216  ================ Scan services =============================
22:08:23.0296 2216  Abiosdsk - ok
22:08:23.0359 2216  [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
22:09:20.0234 2216  abp480n5 - ok
22:09:20.0531 2216  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
22:09:22.0437 2216  ACPI - ok
22:09:23.0359 2216  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
22:09:23.0984 2216  ACPIEC - ok
22:09:24.0375 2216  [ 9A11864873DA202C996558B2106B0BBC ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
22:09:24.0796 2216  adpu160m - ok
22:09:24.0875 2216  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
22:09:25.0640 2216  aec - ok
22:09:25.0781 2216  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
22:09:26.0218 2216  AFD - ok
22:09:26.0281 2216  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
22:09:26.0656 2216  agp440 - ok
22:09:26.0703 2216  [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
22:09:27.0140 2216  agpCPQ - ok
22:09:27.0250 2216  [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
22:09:27.0671 2216  Aha154x - ok
22:09:27.0859 2216  [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
22:09:28.0453 2216  aic78u2 - ok
22:09:28.0484 2216  [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
22:09:29.0078 2216  aic78xx - ok
22:09:29.0265 2216  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
22:09:30.0703 2216  Alerter - ok
22:09:30.0765 2216  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
22:09:32.0140 2216  ALG - ok
22:09:32.0234 2216  [ 1140AB9938809700B46BB88E46D72A96 ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
22:09:33.0515 2216  AliIde - ok
22:09:33.0562 2216  [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
22:09:35.0093 2216  alim1541 - ok
22:09:35.0156 2216  [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
22:09:35.0750 2216  amdagp - ok
22:09:35.0796 2216  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
22:09:36.0828 2216  amsint - ok
22:09:37.0593 2216  [ 85180CF88C5EBAD73B452A43A004CA51 ] AOL ACS         C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
22:09:38.0062 2216  AOL ACS - ok
22:09:38.0140 2216  [ 62D318E9A0C8FC9B780008E724283707 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
22:09:38.0625 2216  asc - ok
22:09:38.0671 2216  [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
22:09:38.0984 2216  asc3350p - ok
22:09:39.0062 2216  [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
22:09:39.0687 2216  asc3550 - ok
22:09:39.0765 2216  [ D880831279ED91F9A4190A2DB9539EA9 ] ASCTRM          C:\WINDOWS\system32\drivers\ASCTRM.sys
22:09:40.0281 2216  ASCTRM ( UnsignedFile.Multi.Generic ) - warning
22:09:40.0281 2216  ASCTRM - detected UnsignedFile.Multi.Generic (1)
22:09:41.0250 2216  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
22:09:42.0140 2216  aspnet_state - ok
22:09:42.0546 2216  [ 4AF5F360BA1E8794D32B366E45A64A0A ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:09:42.0765 2216  aswFsBlk - ok
22:09:42.0843 2216  [ 3FCA5C1A8F33CF9857220CC3A3076A3E ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys
22:09:43.0234 2216  aswKbd - ok
22:09:43.0281 2216  [ 1F7094D4268D46F718C51286DC189791 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
22:09:43.0593 2216  aswMonFlt - ok
22:09:43.0812 2216  [ 7B43265F92257A21CBFD88E7A651044C ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
22:09:44.0234 2216  aswRdr - ok
22:09:44.0375 2216  [ B680134BA1813B78B47FDD1DFF223CA5 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
22:09:44.0609 2216  aswRvrt - ok
22:09:44.0906 2216  [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
22:09:45.0156 2216  aswSnx - ok
22:09:45.0343 2216  [ 99102F60F344BEBAF4F6114514FD28D3 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
22:09:45.0609 2216  aswSP - ok
22:09:45.0843 2216  [ 1F71F170D90E42EFDE9633D81D5E12DC ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
22:09:46.0046 2216  aswTdi - ok
22:09:46.0171 2216  [ 16B8E3CD50A460EC32CA680C8210A0A9 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
22:09:46.0546 2216  aswVmm - ok
22:09:46.0609 2216  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
22:09:47.0156 2216  AsyncMac - ok
22:09:47.0250 2216  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
22:09:47.0687 2216  atapi - ok
22:09:47.0687 2216  Atdisk - ok
22:09:47.0812 2216  [ ABC57A6F6070BAF9786C318F59F29F0B ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
22:09:48.0062 2216  Ati HotKey Poller - ok
22:09:48.0921 2216  [ 03621F7F968FF63713943405DEB777F9 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
22:09:49.0421 2216  ati2mtag - ok
22:09:49.0593 2216  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
22:09:49.0953 2216  Atmarpc - ok
22:09:50.0015 2216  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
22:09:50.0359 2216  AudioSrv - ok
22:09:50.0437 2216  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
22:09:50.0984 2216  audstub - ok
22:09:51.0375 2216  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:09:51.0562 2216  avast! Antivirus - ok
22:09:51.0687 2216  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:09:51.0984 2216  Beep - ok
22:09:52.0156 2216  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
22:09:52.0625 2216  BITS - ok
22:09:52.0718 2216  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
22:09:52.0906 2216  Browser - ok
22:09:52.0984 2216  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
22:09:53.0453 2216  cbidf - ok
22:09:53.0515 2216  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
22:09:54.0015 2216  cbidf2k - ok
22:09:54.0093 2216  [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
22:09:54.0531 2216  cd20xrnt - ok
22:09:54.0640 2216  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
22:09:55.0203 2216  Cdaudio - ok
22:09:55.0265 2216  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
22:09:55.0750 2216  Cdfs - ok
22:09:55.0828 2216  [ 351735695E9EAD93DE6AF85D8BEB1CA8 ] cdrbsdrv        C:\WINDOWS\system32\drivers\cdrbsdrv.sys
22:09:56.0140 2216  cdrbsdrv ( UnsignedFile.Multi.Generic ) - warning
22:09:56.0140 2216  cdrbsdrv - detected UnsignedFile.Multi.Generic (1)
22:09:56.0203 2216  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
22:09:56.0656 2216  Cdrom - ok
22:09:56.0703 2216  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
22:09:57.0140 2216  CiSvc - ok
22:09:57.0265 2216  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
22:09:57.0546 2216  ClipSrv - ok
22:09:57.0625 2216  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:09:58.0281 2216  clr_optimization_v2.0.50727_32 - ok
22:09:58.0328 2216  [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
22:09:58.0562 2216  CmdIde - ok
22:09:58.0562 2216  COMSysApp - ok
22:09:58.0593 2216  [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
22:09:58.0875 2216  Cpqarray - ok
22:09:58.0921 2216  [ 3C8B6609712F4FF78E521F6DCFC4032B ] Creative Service for CDROM Access C:\WINDOWS\system32\CTsvcCDA.EXE
22:09:58.0953 2216  Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - warning
22:09:58.0953 2216  Creative Service for CDROM Access - detected UnsignedFile.Multi.Generic (1)
22:09:59.0000 2216  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
22:09:59.0187 2216  CryptSvc - ok
22:09:59.0234 2216  [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
22:09:59.0453 2216  dac2w2k - ok
22:09:59.0468 2216  [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
22:09:59.0656 2216  dac960nt - ok
22:09:59.0796 2216  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:09:59.0968 2216  DcomLaunch - ok
22:10:00.0046 2216  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
22:10:00.0250 2216  Dhcp - ok
22:10:00.0343 2216  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
22:10:00.0625 2216  Disk - ok
22:10:00.0625 2216  dmadmin - ok
22:10:00.0968 2216  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
22:10:01.0640 2216  dmboot - ok
22:10:01.0671 2216  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
22:10:01.0859 2216  dmio - ok
22:10:01.0906 2216  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
22:10:02.0109 2216  dmload - ok
22:10:02.0156 2216  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
22:10:02.0343 2216  dmserver - ok
22:10:02.0406 2216  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
22:10:02.0593 2216  DMusic - ok
22:10:02.0640 2216  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:10:02.0718 2216  Dnscache - ok
22:10:02.0781 2216  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:10:03.0000 2216  Dot3svc - ok
22:10:03.0015 2216  [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
22:10:03.0203 2216  dpti2o - ok
22:10:03.0234 2216  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:10:03.0421 2216  drmkaud - ok
22:10:03.0453 2216  [ E814854E6B246CCF498874839AB64D77 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
22:10:03.0500 2216  drvmcdb ( UnsignedFile.Multi.Generic ) - warning
22:10:03.0500 2216  drvmcdb - detected UnsignedFile.Multi.Generic (1)
22:10:03.0515 2216  [ EE83A4EBAE70BC93CF14879D062F548B ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
22:10:03.0531 2216  drvnddm ( UnsignedFile.Multi.Generic ) - warning
22:10:03.0531 2216  drvnddm - detected UnsignedFile.Multi.Generic (1)
22:10:03.0687 2216  [ 2AC2372FFAD9ADC85672CC8E8AE14BE9 ] DSproct         C:\Program Files\Dell Support\GTAction\triggers\DSproct.sys
22:10:03.0734 2216  DSproct ( UnsignedFile.Multi.Generic ) - warning
22:10:03.0734 2216  DSproct - detected UnsignedFile.Multi.Generic (1)
22:10:03.0812 2216  [ 95974E66D3DE4951D29E28E8BC0B644C ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
22:10:03.0859 2216  E100B - ok
22:10:03.0906 2216  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:10:04.0125 2216  EapHost - ok
22:10:04.0156 2216  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
22:10:04.0343 2216  ERSvc - ok
22:10:04.0375 2216  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
22:10:04.0500 2216  Eventlog - ok
22:10:04.0562 2216  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\system32\es.dll
22:10:04.0609 2216  EventSystem - ok
22:10:04.0625 2216  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
22:10:04.0843 2216  Fastfat - ok
22:10:04.0921 2216  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
22:10:04.0968 2216  FastUserSwitchingCompatibility - ok
22:10:05.0000 2216  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
22:10:05.0234 2216  Fax - ok
22:10:05.0250 2216  [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax             C:\WINDOWS\system32\fxssvc.exe
22:10:05.0437 2216  Fax - ok
22:10:05.0484 2216  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
22:10:05.0687 2216  Fdc - ok
22:10:05.0703 2216  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
22:10:05.0906 2216  Fips - ok
22:10:05.0937 2216  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
22:10:06.0125 2216  Flpydisk - ok
22:10:06.0187 2216  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
22:10:06.0406 2216  FltMgr - ok
22:10:06.0453 2216  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
22:10:06.0484 2216  FontCache3.0.0.0 - ok
22:10:06.0531 2216  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:10:06.0703 2216  Fs_Rec - ok
22:10:06.0765 2216  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
22:10:06.0953 2216  Ftdisk - ok
22:10:06.0968 2216  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
22:10:07.0156 2216  Gpc - ok
22:10:07.0328 2216  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:10:07.0343 2216  gupdate - ok
22:10:07.0359 2216  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:10:07.0375 2216  gupdatem - ok
22:10:07.0468 2216  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
22:10:07.0609 2216  gusvc - ok
22:10:07.0656 2216  [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
22:10:07.0843 2216  HDAudBus - ok
22:10:07.0937 2216  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
22:10:08.0125 2216  helpsvc - ok
22:10:08.0156 2216  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
22:10:08.0343 2216  HidServ - ok
22:10:08.0390 2216  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
22:10:08.0562 2216  HidUsb - ok
22:10:08.0593 2216  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
22:10:08.0812 2216  hkmsvc - ok
22:10:08.0843 2216  [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
22:10:09.0015 2216  hpn - ok
22:10:09.0093 2216  [ 970178E8E003EB1481293830069624B9 ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys
22:10:09.0265 2216  HSFHWBS2 - ok
22:10:09.0546 2216  [ EBB354438A4C5A3327FB97306260714A ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys
22:10:09.0812 2216  HSF_DP - ok
22:10:09.0937 2216  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
22:10:09.0984 2216  HTTP - ok
22:10:10.0031 2216  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
22:10:10.0234 2216  HTTPFilter - ok
22:10:10.0281 2216  [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
22:10:10.0500 2216  i2omgmt - ok
22:10:10.0515 2216  [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
22:10:10.0703 2216  i2omp - ok
22:10:10.0734 2216  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
22:10:11.0000 2216  i8042prt - ok
22:10:11.0187 2216  [ 5400C14134E7D6A0069C46FEBCB2DDDF ] IAANTMon        C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
22:10:11.0234 2216  IAANTMon ( UnsignedFile.Multi.Generic ) - warning
22:10:11.0234 2216  IAANTMon - detected UnsignedFile.Multi.Generic (1)
22:10:11.0312 2216  [ 8EF427C54497C5F8A7A645990E4278C7 ] iastor          C:\WINDOWS\system32\drivers\iastor.sys
22:10:11.0343 2216  iastor - ok
22:10:11.0640 2216  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:10:12.0171 2216  idsvc - ok
22:10:12.0187 2216  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
22:10:12.0390 2216  Imapi - ok
22:10:12.0484 2216  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
22:10:12.0734 2216  ImapiService - ok
22:10:12.0750 2216  [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
22:10:12.0953 2216  ini910u - ok
22:10:12.0968 2216  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
22:10:13.0156 2216  IntelIde - ok
22:10:13.0187 2216  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
22:10:13.0421 2216  intelppm - ok
22:10:13.0437 2216  [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
22:10:13.0625 2216  Ip6Fw - ok
22:10:13.0687 2216  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:10:13.0906 2216  IpFilterDriver - ok
22:10:13.0921 2216  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
22:10:14.0125 2216  IpInIp - ok
22:10:14.0171 2216  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
22:10:14.0343 2216  IpNat - ok
22:10:14.0375 2216  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
22:10:14.0546 2216  IPSec - ok
22:10:14.0593 2216  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
22:10:14.0796 2216  IRENUM - ok
22:10:14.0812 2216  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
22:10:15.0000 2216  isapnp - ok
22:10:15.0312 2216  [ 9A337AE3DB478034A7839E753BBFF1AB ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
22:10:15.0343 2216  JavaQuickStarterService - ok
22:10:15.0375 2216  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
22:10:15.0640 2216  Kbdclass - ok
22:10:15.0656 2216  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
22:10:15.0828 2216  kbdhid - ok
22:10:15.0921 2216  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
22:10:16.0109 2216  kmixer - ok
22:10:16.0203 2216  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
22:10:16.0328 2216  KSecDD - ok
22:10:16.0406 2216  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
22:10:16.0453 2216  lanmanserver - ok
22:10:16.0531 2216  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
22:10:16.0578 2216  lanmanworkstation - ok
22:10:16.0609 2216  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
22:10:16.0796 2216  LmHosts - ok
22:10:16.0812 2216  [ 195741AEE20369980796B557358CD774 ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
22:10:16.0984 2216  mdmxsdk - ok
22:10:17.0046 2216  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
22:10:17.0265 2216  Messenger - ok
22:10:17.0328 2216  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
22:10:17.0531 2216  mnmdd - ok
22:10:17.0562 2216  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
22:10:17.0781 2216  mnmsrvc - ok
22:10:17.0828 2216  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
22:10:18.0000 2216  Modem - ok
22:10:18.0015 2216  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
22:10:18.0203 2216  Mouclass - ok
22:10:18.0265 2216  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
22:10:18.0484 2216  mouhid - ok
22:10:18.0515 2216  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
22:10:18.0875 2216  MountMgr - ok
22:10:18.0921 2216  [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
22:10:19.0156 2216  mraid35x - ok
22:10:19.0203 2216  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
22:10:19.0421 2216  MRxDAV - ok
22:10:19.0562 2216  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:10:19.0703 2216  MRxSmb - ok
22:10:19.0750 2216  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
22:10:20.0187 2216  MSDTC - ok
22:10:20.0203 2216  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:10:20.0421 2216  Msfs - ok
22:10:20.0421 2216  MSIServer - ok
22:10:20.0453 2216  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:10:20.0687 2216  MSKSSRV - ok
22:10:20.0765 2216  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:10:21.0250 2216  MSPCLOCK - ok
22:10:21.0265 2216  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
22:10:21.0500 2216  MSPQM - ok
22:10:21.0546 2216  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
22:10:21.0750 2216  mssmbios - ok
22:10:21.0796 2216  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
22:10:21.0843 2216  Mup - ok
22:10:21.0921 2216  [ 9121D8FFFF773C66BBF4955E4F7AAC23 ] NAL             C:\WINDOWS\system32\Drivers\iqvw32.sys
22:10:21.0984 2216  NAL ( UnsignedFile.Multi.Generic ) - warning
22:10:21.0984 2216  NAL - detected UnsignedFile.Multi.Generic (1)
22:10:22.0203 2216  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
22:10:22.0984 2216  napagent - ok
22:10:23.0031 2216  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
22:10:23.0218 2216  NDIS - ok
22:10:23.0265 2216  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:10:23.0343 2216  NdisTapi - ok
22:10:23.0359 2216  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:10:23.0562 2216  Ndisuio - ok
22:10:23.0593 2216  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:10:23.0781 2216  NdisWan - ok
22:10:23.0843 2216  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
22:10:23.0890 2216  NDProxy - ok
22:10:23.0906 2216  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
22:10:24.0093 2216  NetBIOS - ok
22:10:24.0140 2216  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:10:24.0328 2216  NetBT - ok
22:10:24.0375 2216  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
22:10:24.0593 2216  NetDDE - ok
22:10:24.0609 2216  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
22:10:24.0781 2216  NetDDEdsdm - ok
22:10:24.0828 2216  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:10:25.0000 2216  Netlogon - ok
22:10:25.0046 2216  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
22:10:25.0234 2216  Netman - ok
22:10:25.0312 2216  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
22:10:25.0328 2216  NetTcpPortSharing - ok
22:10:25.0390 2216  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
22:10:25.0421 2216  Nla - ok
22:10:25.0515 2216  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess       C:\Program Files\CDBurnerXP\NMSAccessU.exe
22:10:25.0531 2216  NMSAccess - ok
22:10:25.0562 2216  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:10:25.0734 2216  Npfs - ok
22:10:25.0781 2216  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
22:10:26.0000 2216  Ntfs - ok
22:10:26.0046 2216  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
22:10:26.0203 2216  NtLmSsp - ok
22:10:26.0250 2216  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
22:10:26.0437 2216  NtmsSvc - ok
22:10:26.0468 2216  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:10:26.0656 2216  Null - ok
22:10:26.0734 2216  [ 2B298519EDBFCF451D43E0F1E8F1006D ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
22:10:27.0015 2216  nv - ok
22:10:27.0078 2216  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
22:10:27.0390 2216  NwlnkFlt - ok
22:10:27.0406 2216  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
22:10:27.0578 2216  NwlnkFwd - ok
22:10:27.0640 2216  [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:10:27.0687 2216  odserv - ok
22:10:27.0734 2216  [ 53D5F1278D9EDB21689BBBCECC09108D ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
22:10:27.0750 2216  omci ( UnsignedFile.Multi.Generic ) - warning
22:10:27.0750 2216  omci - detected UnsignedFile.Multi.Generic (1)
22:10:27.0796 2216  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:10:27.0812 2216  ose - ok
22:10:27.0843 2216  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
22:10:28.0015 2216  Parport - ok
22:10:28.0062 2216  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
22:10:28.0234 2216  PartMgr - ok
22:10:28.0250 2216  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
22:10:28.0421 2216  ParVdm - ok
22:10:28.0421 2216  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
22:10:28.0593 2216  PCI - ok
22:10:28.0609 2216  PCIDump - ok
22:10:28.0609 2216  [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
22:10:28.0781 2216  PCIIde - ok
22:10:28.0812 2216  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
22:10:28.0984 2216  Pcmcia - ok
22:10:28.0984 2216  [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
22:10:29.0156 2216  perc2 - ok
22:10:29.0171 2216  [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
22:10:29.0328 2216  perc2hib - ok
22:10:29.0359 2216  [ C8A2D6FF660AC601B7BB9A9B16A5C25E ] PfModNT         C:\WINDOWS\system32\drivers\PfModNT.sys
22:10:29.0390 2216  PfModNT ( UnsignedFile.Multi.Generic ) - warning
22:10:29.0390 2216  PfModNT - detected UnsignedFile.Multi.Generic (1)
22:10:29.0421 2216  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
22:10:29.0531 2216  PlugPlay - ok
22:10:29.0546 2216  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
22:10:29.0703 2216  PolicyAgent - ok
22:10:29.0750 2216  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
22:10:29.0921 2216  PptpMiniport - ok
22:10:29.0921 2216  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
22:10:30.0093 2216  ProtectedStorage - ok
22:10:30.0125 2216  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
22:10:30.0296 2216  PSched - ok
22:10:30.0343 2216  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
22:10:30.0500 2216  Ptilink - ok
22:10:30.0546 2216  [ 86724469CD077901706854974CD13C3E ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
22:10:30.0562 2216  PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
22:10:30.0562 2216  PxHelp20 - detected UnsignedFile.Multi.Generic (1)
22:10:30.0609 2216  [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
22:10:30.0781 2216  ql1080 - ok
22:10:30.0781 2216  [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
22:10:30.0968 2216  Ql10wnt - ok
22:10:30.0968 2216  [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
22:10:31.0140 2216  ql12160 - ok
22:10:31.0140 2216  [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
22:10:31.0296 2216  ql1240 - ok
22:10:31.0312 2216  [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
22:10:31.0484 2216  ql1280 - ok
22:10:31.0515 2216  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:10:31.0671 2216  RasAcd - ok
22:10:31.0718 2216  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:10:31.0906 2216  RasAuto - ok
22:10:31.0921 2216  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
22:10:32.0093 2216  Rasl2tp - ok
22:10:32.0140 2216  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:10:32.0312 2216  RasMan - ok
22:10:32.0328 2216  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:10:32.0484 2216  RasPppoe - ok
22:10:32.0531 2216  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
22:10:32.0703 2216  Raspti - ok
22:10:32.0734 2216  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:10:32.0890 2216  Rdbss - ok
22:10:32.0906 2216  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
22:10:33.0093 2216  RDPCDD - ok
22:10:33.0140 2216  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
22:10:33.0531 2216  rdpdr - ok
22:10:33.0578 2216  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
22:10:33.0859 2216  RDPWD - ok
22:10:33.0921 2216  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
22:10:34.0140 2216  RDSessMgr - ok
22:10:34.0171 2216  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
22:10:34.0343 2216  redbook - ok
22:10:34.0375 2216  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:10:34.0546 2216  RemoteAccess - ok
22:10:34.0562 2216  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:10:34.0734 2216  RpcLocator - ok
22:10:34.0765 2216  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
22:10:34.0859 2216  RpcSs - ok
22:10:34.0890 2216  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\system32\rsvp.exe
22:10:35.0062 2216  RSVP - ok
22:10:35.0093 2216  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
22:10:35.0265 2216  SamSs - ok
22:10:35.0281 2216  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
22:10:35.0453 2216  SCardSvr - ok
22:10:35.0500 2216  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:10:35.0671 2216  Schedule - ok
22:10:35.0703 2216  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
22:10:35.0890 2216  Secdrv - ok
22:10:35.0906 2216  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
22:10:36.0078 2216  seclogon - ok
22:10:36.0093 2216  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
22:10:36.0281 2216  SENS - ok
22:10:36.0312 2216  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
22:10:36.0468 2216  serenum - ok
22:10:36.0515 2216  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
22:10:36.0734 2216  Serial - ok
22:10:36.0765 2216  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
22:10:36.0937 2216  Sfloppy - ok
22:10:36.0984 2216  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:10:37.0187 2216  SharedAccess - ok
22:10:37.0218 2216  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:10:37.0281 2216  ShellHWDetection - ok
22:10:37.0281 2216  Simbad - ok
22:10:37.0328 2216  [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
22:10:37.0500 2216  sisagp - ok
22:10:37.0562 2216  [ A1ECEEAA5C5E74B2499EB51D38185B84 ] SONYPVU1        C:\WINDOWS\system32\DRIVERS\SONYPVU1.SYS
22:10:37.0734 2216  SONYPVU1 - ok
22:10:37.0750 2216  [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
22:10:37.0859 2216  Sparrow - ok
22:10:37.0890 2216  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
22:10:38.0078 2216  splitter - ok
22:10:38.0109 2216  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
22:10:38.0140 2216  Spooler - ok
22:10:38.0171 2216  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
22:10:38.0359 2216  sr - ok
22:10:38.0390 2216  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
22:10:38.0578 2216  srservice - ok
22:10:38.0609 2216  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:10:38.0703 2216  Srv - ok
22:10:38.0718 2216  [ D7968049BE0ADBB6A57CEE3960320911 ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
22:10:38.0734 2216  sscdbhk5 ( UnsignedFile.Multi.Generic ) - warning
22:10:38.0734 2216  sscdbhk5 - detected UnsignedFile.Multi.Generic (1)
22:10:38.0765 2216  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:10:38.0937 2216  SSDPSRV - ok
22:10:38.0953 2216  [ C3FFD65ABFB6441E7606CF74F1155273 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
22:10:38.0984 2216  ssrtln ( UnsignedFile.Multi.Generic ) - warning
22:10:38.0984 2216  ssrtln - detected UnsignedFile.Multi.Generic (1)
22:10:39.0000 2216  [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen        C:\WINDOWS\system32\drivers\StarOpen.sys
22:10:39.0015 2216  StarOpen ( UnsignedFile.Multi.Generic ) - warning
22:10:39.0015 2216  StarOpen - detected UnsignedFile.Multi.Generic (1)
22:10:39.0062 2216  [ 352B663A81402BE7CD7BD4EA27C9998C ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
22:10:39.0109 2216  STHDA - ok
22:10:39.0140 2216  [ A9573045BAA16EAB9B1085205B82F1ED ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
22:10:39.0312 2216  StillCam - ok
22:10:39.0359 2216  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
22:10:39.0531 2216  stisvc - ok
22:10:39.0562 2216  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
22:10:39.0750 2216  swenum - ok
22:10:39.0796 2216  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
22:10:39.0968 2216  swmidi - ok
22:10:39.0984 2216  SwPrv - ok
22:10:40.0000 2216  [ 1FF3217614018630D0A6758630FC698C ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
22:10:40.0171 2216  symc810 - ok
22:10:40.0203 2216  [ 070E001D95CF725186EF8B20335F933C ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
22:10:40.0375 2216  symc8xx - ok
22:10:40.0390 2216  [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
22:10:40.0546 2216  sym_hi - ok
22:10:40.0578 2216  [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
22:10:40.0750 2216  sym_u3 - ok
22:10:40.0765 2216  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
22:10:40.0937 2216  sysaudio - ok
22:10:40.0968 2216  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
22:10:41.0140 2216  SysmonLog - ok
22:10:41.0187 2216  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:10:41.0359 2216  TapiSrv - ok
22:10:41.0406 2216  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:10:41.0437 2216  Tcpip - ok
22:10:41.0484 2216  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
22:10:41.0671 2216  TDPIPE - ok
22:10:41.0703 2216  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
22:10:41.0890 2216  TDTCP - ok
22:10:41.0906 2216  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
22:10:42.0093 2216  TermDD - ok
22:10:42.0125 2216  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
22:10:42.0312 2216  TermService - ok
22:10:42.0375 2216  [ 30698355067D07DA5F9EB81132C9FDD6 ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
22:10:42.0390 2216  tfsnboio ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0390 2216  tfsnboio - detected UnsignedFile.Multi.Generic (1)
22:10:42.0406 2216  [ FB9D825BB4A2ABDF24600F7505050E2B ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
22:10:42.0421 2216  tfsncofs ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0421 2216  tfsncofs - detected UnsignedFile.Multi.Generic (1)
22:10:42.0437 2216  [ CAFD8CCA11AA1E8B6D2EA1BA8F70EC33 ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
22:10:42.0453 2216  tfsndrct ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0453 2216  tfsndrct - detected UnsignedFile.Multi.Generic (1)
22:10:42.0468 2216  [ 8DB1E78FBF7C426D8EC3D8F1A33D6485 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
22:10:42.0484 2216  tfsndres ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0484 2216  tfsndres - detected UnsignedFile.Multi.Generic (1)
22:10:42.0484 2216  [ B92F67A71CC8176F331B8AA8D9F555AD ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
22:10:42.0515 2216  tfsnifs ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0515 2216  tfsnifs - detected UnsignedFile.Multi.Generic (1)
22:10:42.0531 2216  [ 85985FAA9A71E2358FCC2EDEFC2A3C5C ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
22:10:42.0546 2216  tfsnopio ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0546 2216  tfsnopio - detected UnsignedFile.Multi.Generic (1)
22:10:42.0562 2216  [ BBA22094F0F7C210567EFDAF11F64495 ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
22:10:42.0593 2216  tfsnpool ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0593 2216  tfsnpool - detected UnsignedFile.Multi.Generic (1)
22:10:42.0609 2216  [ 81340BEF80B9811E98CE64611E67E3FF ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
22:10:42.0625 2216  tfsnudf ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0625 2216  tfsnudf - detected UnsignedFile.Multi.Generic (1)
22:10:42.0640 2216  [ C035FD116224CCC8325F384776B6A8BB ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
22:10:42.0656 2216  tfsnudfa ( UnsignedFile.Multi.Generic ) - warning
22:10:42.0656 2216  tfsnudfa - detected UnsignedFile.Multi.Generic (1)
22:10:42.0671 2216  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
22:10:42.0703 2216  Themes - ok
22:10:42.0750 2216  [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
22:10:42.0921 2216  TosIde - ok
22:10:42.0953 2216  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
22:10:43.0140 2216  TrkWks - ok
22:10:43.0140 2216  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
22:10:43.0312 2216  Udfs - ok
22:10:43.0312 2216  [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
22:10:43.0406 2216  ultra - ok
22:10:43.0468 2216  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
22:10:43.0656 2216  Update - ok
22:10:43.0703 2216  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:10:43.0875 2216  upnphost - ok
22:10:43.0890 2216  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
22:10:44.0062 2216  UPS - ok
22:10:44.0156 2216  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
22:10:44.0312 2216  usbccgp - ok
22:10:44.0343 2216  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
22:10:44.0515 2216  usbehci - ok
22:10:44.0531 2216  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
22:10:44.0703 2216  usbhub - ok
22:10:44.0750 2216  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:10:44.0937 2216  usbscan - ok
22:10:44.0968 2216  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
22:10:45.0140 2216  USBSTOR - ok
22:10:45.0156 2216  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
22:10:45.0312 2216  usbuhci - ok
22:10:45.0359 2216  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
22:10:45.0546 2216  VgaSave - ok
22:10:45.0578 2216  [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
22:10:45.0750 2216  viaagp - ok
22:10:45.0781 2216  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
22:10:45.0937 2216  ViaIde - ok
22:10:45.0984 2216  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
22:10:46.0171 2216  VolSnap - ok
22:10:46.0203 2216  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
22:10:46.0390 2216  VSS - ok
22:10:46.0421 2216  [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time         C:\WINDOWS\system32\w32time.dll
22:10:46.0609 2216  w32time - ok
22:10:46.0656 2216  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
22:10:46.0812 2216  Wanarp - ok
22:10:46.0843 2216  [ 0A716C08CB13C3A8F4F51E882DBF7416 ] wanatw          C:\WINDOWS\system32\DRIVERS\wanatw4.sys
22:10:46.0890 2216  wanatw - ok
22:10:46.0921 2216  [ EB9A99AB5D17B1727034FF191E6448D7 ] WANMiniportService C:\WINDOWS\wanmpsvc.exe
22:10:47.0015 2216  WANMiniportService ( UnsignedFile.Multi.Generic ) - warning
22:10:47.0015 2216  WANMiniportService - detected UnsignedFile.Multi.Generic (1)
22:10:47.0046 2216  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
22:10:47.0203 2216  wdmaud - ok
22:10:47.0234 2216  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:10:47.0421 2216  WebClient - ok
22:10:47.0453 2216  [ 1225EBEA76AAC3C84DF6C54FE5E5D8BE ] winachsf        C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys
22:10:47.0640 2216  winachsf - ok
22:10:47.0734 2216  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:10:47.0890 2216  winmgmt - ok
22:10:47.0984 2216  [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:10:48.0031 2216  wlidsvc - ok
22:10:48.0093 2216  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
22:10:48.0140 2216  WmdmPmSN - ok
22:10:48.0156 2216  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
22:10:48.0343 2216  WmiApSrv - ok
22:10:48.0437 2216  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
22:10:48.0500 2216  WMPNetworkSvc - ok
22:10:48.0531 2216  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
22:10:48.0562 2216  WpdUsb - ok
22:10:48.0593 2216  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
22:10:48.0750 2216  WS2IFSL - ok
22:10:48.0796 2216  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
22:10:48.0984 2216  wscsvc - ok
22:10:49.0015 2216  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
22:10:49.0187 2216  wuauserv - ok
22:10:49.0234 2216  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
22:10:49.0265 2216  WudfPf - ok
22:10:49.0296 2216  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
22:10:49.0312 2216  WudfRd - ok
22:10:49.0359 2216  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
22:10:49.0390 2216  WudfSvc - ok
22:10:49.0453 2216  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
22:10:49.0640 2216  WZCSVC - ok
22:10:49.0671 2216  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
22:10:49.0859 2216  xmlprov - ok
22:10:49.0859 2216  ================ Scan global ===============================
22:10:49.0890 2216  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:10:49.0937 2216  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
22:10:49.0968 2216  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
22:10:50.0000 2216  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:10:50.0000 2216  [Global] - ok
22:10:50.0000 2216  ================ Scan MBR ==================================
22:10:50.0031 2216  [ 5C8046ADAE974ED1122E12F0224C9329 ] \Device\Harddisk0\DR0
22:10:50.0031 2216  Suspicious mbr (Forged): \Device\Harddisk0\DR0
22:10:50.0062 2216  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - infected
22:10:50.0062 2216  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Harbinger.a (0)
22:10:50.0156 2216  ================ Scan VBR ==================================
22:10:50.0156 2216  [ C3B379B0CB5196670EDDE190DBCBF885 ] \Device\Harddisk0\DR0\Partition1
22:10:50.0156 2216  \Device\Harddisk0\DR0\Partition1 - ok
22:10:50.0156 2216  ================ Scan active images ========================
22:10:50.0156 2216  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
22:10:50.0156 2216  C:\WINDOWS\system32\drivers\intelppm.sys - ok
22:10:50.0171 2216  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
22:10:50.0171 2216  C:\WINDOWS\system32\drivers\videoprt.sys - ok
22:10:50.0171 2216  [ 03621F7F968FF63713943405DEB777F9 ] C:\WINDOWS\system32\drivers\ati2mtag.sys
22:10:50.0171 2216  C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
22:10:50.0171 2216  [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
22:10:50.0171 2216  C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
22:10:50.0187 2216  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
22:10:50.0187 2216  C:\WINDOWS\system32\drivers\usbport.sys - ok
22:10:50.0187 2216  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
22:10:50.0187 2216  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
22:10:50.0187 2216  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
22:10:50.0187 2216  C:\WINDOWS\system32\drivers\usbehci.sys - ok
22:10:50.0203 2216  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
22:10:50.0203 2216  C:\WINDOWS\system32\drivers\ks.sys - ok
22:10:50.0203 2216  [ 970178E8E003EB1481293830069624B9 ] C:\WINDOWS\system32\drivers\HSFBS2S2.sys
22:10:50.0203 2216  C:\WINDOWS\system32\drivers\HSFBS2S2.sys - ok
22:10:50.0203 2216  [ EBB354438A4C5A3327FB97306260714A ] C:\WINDOWS\system32\drivers\HSFDPSP2.sys
22:10:50.0203 2216  C:\WINDOWS\system32\drivers\HSFDPSP2.sys - ok
22:10:50.0218 2216  [ 1225EBEA76AAC3C84DF6C54FE5E5D8BE ] C:\WINDOWS\system32\drivers\HSFCXTS2.sys
22:10:50.0218 2216  C:\WINDOWS\system32\drivers\HSFCXTS2.sys - ok
22:10:50.0218 2216  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
22:10:50.0218 2216  C:\WINDOWS\system32\drivers\modem.sys - ok
22:10:50.0218 2216  [ 351735695E9EAD93DE6AF85D8BEB1CA8 ] C:\WINDOWS\system32\drivers\CDRBSDRV.SYS
22:10:50.0218 2216  C:\WINDOWS\system32\drivers\CDRBSDRV.SYS - ok
22:10:50.0234 2216  [ 95974E66D3DE4951D29E28E8BC0B644C ] C:\WINDOWS\system32\drivers\e100b325.sys
22:10:50.0234 2216  C:\WINDOWS\system32\drivers\e100b325.sys - ok
22:10:50.0234 2216  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
22:10:50.0234 2216  C:\WINDOWS\system32\drivers\imapi.sys - ok
22:10:50.0234 2216  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
22:10:50.0234 2216  C:\WINDOWS\system32\drivers\audstub.sys - ok
22:10:50.0250 2216  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
22:10:50.0250 2216  C:\WINDOWS\system32\drivers\cdrom.sys - ok
22:10:50.0250 2216  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
22:10:50.0250 2216  C:\WINDOWS\system32\drivers\redbook.sys - ok
22:10:50.0250 2216  [ D7968049BE0ADBB6A57CEE3960320911 ] C:\WINDOWS\system32\drivers\sscdbhk5.sys
22:10:50.0250 2216  C:\WINDOWS\system32\drivers\sscdbhk5.sys - ok
22:10:50.0265 2216  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
22:10:50.0265 2216  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
22:10:50.0265 2216  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
22:10:50.0265 2216  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
22:10:50.0265 2216  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
22:10:50.0265 2216  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
22:10:50.0281 2216  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
22:10:50.0281 2216  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
22:10:50.0281 2216  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
22:10:50.0281 2216  C:\WINDOWS\system32\drivers\tdi.sys - ok
22:10:50.0281 2216  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
22:10:50.0281 2216  C:\WINDOWS\system32\drivers\raspptp.sys - ok
22:10:50.0281 2216  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
22:10:50.0281 2216  C:\WINDOWS\system32\drivers\msgpc.sys - ok
22:10:50.0296 2216  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
22:10:50.0296 2216  C:\WINDOWS\system32\drivers\psched.sys - ok
22:10:50.0296 2216  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
22:10:50.0296 2216  C:\WINDOWS\system32\drivers\ptilink.sys - ok
22:10:50.0312 2216  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
22:10:50.0312 2216  C:\WINDOWS\system32\drivers\raspti.sys - ok
22:10:50.0312 2216  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
22:10:50.0312 2216  C:\WINDOWS\system32\drivers\termdd.sys - ok
22:10:50.0312 2216  [ 0A716C08CB13C3A8F4F51E882DBF7416 ] C:\WINDOWS\system32\drivers\wanatw4.sys
22:10:50.0312 2216  C:\WINDOWS\system32\drivers\wanatw4.sys - ok
22:10:50.0312 2216  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
22:10:50.0312 2216  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
22:10:50.0328 2216  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
22:10:50.0328 2216  C:\WINDOWS\system32\drivers\mouclass.sys - ok
22:10:50.0328 2216  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
22:10:50.0328 2216  C:\WINDOWS\system32\drivers\swenum.sys - ok
22:10:50.0328 2216  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
22:10:50.0328 2216  C:\WINDOWS\system32\drivers\update.sys - ok
22:10:50.0343 2216  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
22:10:50.0343 2216  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
22:10:50.0343 2216  [ 53D5F1278D9EDB21689BBBCECC09108D ] C:\WINDOWS\system32\drivers\omci.sys
22:10:50.0343 2216  C:\WINDOWS\system32\drivers\omci.sys - ok
22:10:50.0343 2216  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
22:10:50.0343 2216  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
22:10:50.0359 2216  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
22:10:50.0359 2216  C:\WINDOWS\system32\drivers\drmk.sys - ok
22:10:50.0359 2216  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
22:10:50.0359 2216  C:\WINDOWS\system32\drivers\portcls.sys - ok
22:10:50.0359 2216  [ 352B663A81402BE7CD7BD4EA27C9998C ] C:\WINDOWS\system32\drivers\sthda.sys
22:10:50.0359 2216  C:\WINDOWS\system32\drivers\sthda.sys - ok
22:10:50.0375 2216  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
22:10:50.0375 2216  C:\WINDOWS\system32\drivers\usbd.sys - ok
22:10:50.0375 2216  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
22:10:50.0375 2216  C:\WINDOWS\system32\drivers\usbhub.sys - ok
22:10:50.0375 2216  [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
22:10:50.0375 2216  C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
22:10:50.0390 2216  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
22:10:50.0390 2216  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
22:10:50.0390 2216  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
22:10:50.0390 2216  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
22:10:50.0390 2216  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
22:10:50.0390 2216  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
22:10:50.0406 2216  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
22:10:50.0406 2216  C:\WINDOWS\system32\drivers\beep.sys - ok
22:10:50.0406 2216  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
22:10:50.0406 2216  C:\WINDOWS\system32\drivers\null.sys - ok
22:10:50.0406 2216  [ C3FFD65ABFB6441E7606CF74F1155273 ] C:\WINDOWS\system32\drivers\ssrtln.sys
22:10:50.0406 2216  C:\WINDOWS\system32\drivers\ssrtln.sys - ok
22:10:50.0421 2216  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
22:10:50.0421 2216  C:\WINDOWS\system32\drivers\hidparse.sys - ok
22:10:50.0421 2216  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
22:10:50.0421 2216  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
22:10:50.0421 2216  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
22:10:50.0421 2216  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
22:10:50.0437 2216  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
22:10:50.0437 2216  C:\WINDOWS\system32\drivers\vga.sys - ok
22:10:50.0437 2216  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
22:10:50.0437 2216  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
22:10:50.0437 2216  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
22:10:50.0437 2216  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
22:10:50.0453 2216  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
22:10:50.0453 2216  C:\WINDOWS\system32\drivers\msfs.sys - ok
22:10:50.0453 2216  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
22:10:50.0453 2216  C:\WINDOWS\system32\drivers\npfs.sys - ok
22:10:50.0453 2216  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
22:10:50.0453 2216  C:\WINDOWS\system32\drivers\rasacd.sys - ok
22:10:50.0468 2216  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
22:10:50.0468 2216  C:\WINDOWS\system32\drivers\ipsec.sys - ok
22:10:50.0468 2216  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
22:10:50.0468 2216  C:\WINDOWS\system32\drivers\tcpip.sys - ok
22:10:50.0468 2216  [ 1F71F170D90E42EFDE9633D81D5E12DC ] C:\WINDOWS\system32\drivers\aswTdi.sys
22:10:50.0468 2216  C:\WINDOWS\system32\drivers\aswTdi.sys - ok
22:10:50.0484 2216  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
22:10:50.0484 2216  C:\WINDOWS\system32\drivers\ipnat.sys - ok
22:10:50.0484 2216  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
22:10:50.0484 2216  C:\WINDOWS\system32\drivers\wanarp.sys - ok
22:10:50.0484 2216  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
22:10:50.0484 2216  C:\WINDOWS\system32\drivers\netbt.sys - ok
22:10:50.0500 2216  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
22:10:50.0500 2216  C:\WINDOWS\system32\drivers\afd.sys - ok
22:10:50.0500 2216  [ 7B43265F92257A21CBFD88E7A651044C ] C:\WINDOWS\system32\drivers\aswRdr.sys
22:10:50.0500 2216  C:\WINDOWS\system32\drivers\aswRdr.sys - ok
22:10:50.0500 2216  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:10:50.0500 2216  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
22:10:50.0515 2216  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
22:10:50.0515 2216  C:\WINDOWS\system32\drivers\netbios.sys - ok
22:10:50.0515 2216  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
22:10:50.0515 2216  C:\WINDOWS\system32\drivers\serial.sys - ok
22:10:50.0515 2216  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
22:10:50.0515 2216  C:\WINDOWS\system32\drivers\rdbss.sys - ok
22:10:50.0531 2216  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
22:10:50.0531 2216  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
22:10:50.0531 2216  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
22:10:50.0531 2216  C:\WINDOWS\system32\drivers\fips.sys - ok
22:10:50.0531 2216  [ 99102F60F344BEBAF4F6114514FD28D3 ] C:\WINDOWS\system32\drivers\aswSP.sys
22:10:50.0531 2216  C:\WINDOWS\system32\drivers\aswSP.sys - ok
22:10:50.0546 2216  [ 6CAB0A5991C5C0FC63F5E66593E71D7E ] C:\WINDOWS\system32\drivers\aswSnx.sys
22:10:50.0546 2216  C:\WINDOWS\system32\drivers\aswSnx.sys - ok
22:10:50.0546 2216  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
22:10:50.0546 2216  C:\WINDOWS\system32\drivers\hidclass.sys - ok
22:10:50.0546 2216  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
22:10:50.0546 2216  C:\WINDOWS\system32\drivers\hidusb.sys - ok
22:10:50.0546 2216  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
22:10:50.0562 2216  C:\WINDOWS\system32\smss.exe - ok
22:10:50.0562 2216  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
22:10:50.0562 2216  C:\WINDOWS\system32\ntdll.dll - ok
22:10:50.0562 2216  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
22:10:50.0562 2216  C:\WINDOWS\system32\autochk.exe - ok
22:10:50.0562 2216  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
22:10:50.0562 2216  C:\WINDOWS\system32\sfcfiles.dll - ok
22:10:50.0578 2216  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
22:10:50.0578 2216  C:\WINDOWS\system32\drivers\mouhid.sys - ok
22:10:50.0578 2216  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
22:10:50.0578 2216  C:\WINDOWS\system32\drivers\cdfs.sys - ok
22:10:50.0578 2216  [ 8EF427C54497C5F8A7A645990E4278C7 ] C:\WINDOWS\system32\drivers\iaStor.sys
22:10:50.0578 2216  C:\WINDOWS\system32\drivers\iaStor.sys - ok
22:10:50.0593 2216  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
22:10:50.0593 2216  C:\WINDOWS\system32\drivers\dxapi.sys - ok
22:10:50.0593 2216  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
22:10:50.0593 2216  C:\WINDOWS\system32\watchdog.sys - ok
22:10:50.0609 2216  [ FC8A1F72A8097910A11D5184BC3F887B ] C:\WINDOWS\system32\win32k.sys
22:10:50.0609 2216  C:\WINDOWS\system32\win32k.sys - ok
22:10:50.0609 2216  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
22:10:50.0609 2216  C:\WINDOWS\system32\csrsrv.dll - ok
22:10:50.0609 2216  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
22:10:50.0609 2216  C:\WINDOWS\system32\csrss.exe - ok
22:10:50.0609 2216  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
22:10:50.0609 2216  C:\WINDOWS\system32\basesrv.dll - ok
22:10:50.0625 2216  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
22:10:50.0625 2216  C:\WINDOWS\system32\gdi32.dll - ok
22:10:50.0625 2216  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
22:10:50.0625 2216  C:\WINDOWS\system32\winsrv.dll - ok
22:10:50.0625 2216  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
22:10:50.0625 2216  C:\WINDOWS\system32\kernel32.dll - ok
22:10:50.0640 2216  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
22:10:50.0640 2216  C:\WINDOWS\system32\user32.dll - ok
22:10:50.0640 2216  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
22:10:50.0640 2216  C:\WINDOWS\system32\drivers\dxg.sys - ok
22:10:50.0640 2216  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
22:10:50.0640 2216  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
22:10:50.0656 2216  [ A7E201F5A1409CD89BDB27EE9B5907FA ] C:\WINDOWS\system32\ati2dvag.dll
22:10:50.0656 2216  C:\WINDOWS\system32\ati2dvag.dll - ok
22:10:50.0656 2216  [ 504BACBCD9C4ED27E796122453562872 ] C:\WINDOWS\system32\ati2cqag.dll
22:10:50.0656 2216  C:\WINDOWS\system32\ati2cqag.dll - ok
22:10:50.0656 2216  [ CC5D2580102F34662CA476245E499387 ] C:\WINDOWS\system32\atikvmag.dll
22:10:50.0656 2216  C:\WINDOWS\system32\atikvmag.dll - ok
22:10:50.0671 2216  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
22:10:50.0671 2216  C:\WINDOWS\system32\vga.dll - ok
22:10:50.0671 2216  [ 53E39CC0F088505E6DAFB5633CBB82A3 ] C:\WINDOWS\system32\ati3duag.dll
22:10:50.0671 2216  C:\WINDOWS\system32\ati3duag.dll - ok
22:10:50.0671 2216  [ 2C9C215D2EEDF59082285CFB5B59DCB7 ] C:\WINDOWS\system32\ativvaxx.dll
22:10:50.0671 2216  C:\WINDOWS\system32\ativvaxx.dll - ok
22:10:50.0687 2216  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
22:10:50.0687 2216  C:\WINDOWS\system32\winlogon.exe - ok
22:10:50.0687 2216  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
22:10:50.0687 2216  C:\WINDOWS\system32\advapi32.dll - ok
22:10:50.0687 2216  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
22:10:50.0687 2216  C:\WINDOWS\system32\rpcrt4.dll - ok
22:10:50.0703 2216  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
22:10:50.0703 2216  C:\WINDOWS\system32\secur32.dll - ok
22:10:50.0703 2216  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
22:10:50.0703 2216  C:\WINDOWS\system32\authz.dll - ok
22:10:50.0703 2216  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
22:10:50.0703 2216  C:\WINDOWS\system32\msvcrt.dll - ok
22:10:50.0718 2216  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
22:10:50.0718 2216  C:\WINDOWS\system32\crypt32.dll - ok
22:10:50.0718 2216  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
22:10:50.0718 2216  C:\WINDOWS\system32\msasn1.dll - ok
22:10:50.0718 2216  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
22:10:50.0718 2216  C:\WINDOWS\system32\nddeapi.dll - ok
22:10:50.0734 2216  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
22:10:50.0734 2216  C:\WINDOWS\system32\netapi32.dll - ok
22:10:50.0734 2216  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
22:10:50.0734 2216  C:\WINDOWS\system32\profmap.dll - ok
22:10:50.0734 2216  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
22:10:50.0734 2216  C:\WINDOWS\system32\userenv.dll - ok
22:10:50.0750 2216  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
22:10:50.0750 2216  C:\WINDOWS\system32\psapi.dll - ok
22:10:50.0750 2216  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
22:10:50.0750 2216  C:\WINDOWS\system32\regapi.dll - ok
22:10:50.0750 2216  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
22:10:50.0750 2216  C:\WINDOWS\system32\setupapi.dll - ok
22:10:50.0765 2216  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
22:10:50.0765 2216  C:\WINDOWS\system32\version.dll - ok
22:10:50.0765 2216  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
22:10:50.0765 2216  C:\WINDOWS\system32\winsta.dll - ok
22:10:50.0765 2216  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
22:10:50.0765 2216  C:\WINDOWS\system32\wintrust.dll - ok
22:10:50.0781 2216  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
22:10:50.0781 2216  C:\WINDOWS\system32\imagehlp.dll - ok
22:10:50.0781 2216  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
22:10:50.0781 2216  C:\WINDOWS\system32\ws2help.dll - ok
22:10:50.0781 2216  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
22:10:50.0781 2216  C:\WINDOWS\system32\ws2_32.dll - ok
22:10:50.0781 2216  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
22:10:50.0781 2216  C:\WINDOWS\system32\imm32.dll - ok
22:10:50.0796 2216  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
22:10:50.0796 2216  C:\WINDOWS\system32\ole32.dll - ok
22:10:50.0796 2216  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
22:10:50.0796 2216  C:\WINDOWS\system32\oleaut32.dll - ok
22:10:50.0796 2216  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
22:10:50.0796 2216  C:\WINDOWS\system32\shlwapi.dll - ok
22:10:50.0812 2216  [ 674540915241F737300B604EE811A139 ] C:\WINDOWS\system32\urlmon.dll
22:10:50.0812 2216  C:\WINDOWS\system32\urlmon.dll - ok
22:10:50.0812 2216  [ DCA5BC4913C1DE2668625D7680DF6F18 ] C:\WINDOWS\system32\iertutil.dll
22:10:50.0812 2216  C:\WINDOWS\system32\iertutil.dll - ok
22:10:50.0812 2216  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
22:10:50.0812 2216  C:\WINDOWS\system32\sxs.dll - ok
22:10:50.0828 2216  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
22:10:50.0828 2216  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
22:10:50.0828 2216  [ 5C4AAC5A91422C95522ECC6C26FB93C8 ] C:\WINDOWS\system32\wininet.dll
22:10:50.0828 2216  C:\WINDOWS\system32\wininet.dll - ok
22:10:50.0828 2216  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
22:10:50.0828 2216  C:\WINDOWS\system32\normaliz.dll - ok
22:10:50.0843 2216  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
22:10:50.0843 2216  C:\WINDOWS\system32\kbdus.dll - ok
22:10:50.0843 2216  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
22:10:50.0843 2216  C:\WINDOWS\system32\msgina.dll - ok
22:10:50.0843 2216  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
22:10:50.0843 2216  C:\WINDOWS\system32\comctl32.dll - ok
22:10:50.0859 2216  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
22:10:50.0859 2216  C:\WINDOWS\system32\odbc32.dll - ok
22:10:50.0859 2216  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
22:10:50.0859 2216  C:\WINDOWS\system32\comdlg32.dll - ok
22:10:50.0859 2216  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
22:10:50.0859 2216  C:\WINDOWS\system32\shell32.dll - ok
22:10:50.0875 2216  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
22:10:50.0875 2216  C:\WINDOWS\system32\odbcint.dll - ok
22:10:50.0875 2216  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
22:10:50.0875 2216  C:\WINDOWS\system32\shsvcs.dll - ok
22:10:50.0875 2216  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
22:10:50.0875 2216  C:\WINDOWS\system32\sfc.dll - ok
22:10:50.0890 2216  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
22:10:50.0890 2216  C:\WINDOWS\system32\sfc_os.dll - ok
22:10:50.0890 2216  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
22:10:50.0890 2216  C:\WINDOWS\system32\apphelp.dll - ok
22:10:50.0890 2216  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
22:10:50.0890 2216  C:\WINDOWS\system32\services.exe - ok
22:10:50.0906 2216  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
22:10:50.0906 2216  C:\WINDOWS\system32\lsass.exe - ok
22:10:50.0906 2216  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
22:10:50.0906 2216  C:\WINDOWS\system32\ncobjapi.dll - ok
22:10:50.0906 2216  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
22:10:50.0906 2216  C:\WINDOWS\system32\msvcp60.dll - ok
22:10:50.0921 2216  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
22:10:50.0921 2216  C:\WINDOWS\system32\lsasrv.dll - ok
22:10:50.0921 2216  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
22:10:50.0921 2216  C:\WINDOWS\system32\scesrv.dll - ok
22:10:50.0921 2216  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
22:10:50.0921 2216  C:\WINDOWS\system32\umpnpmgr.dll - ok
22:10:50.0937 2216  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
22:10:50.0937 2216  C:\WINDOWS\system32\mpr.dll - ok
22:10:50.0937 2216  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
22:10:50.0937 2216  C:\WINDOWS\system32\ntdsapi.dll - ok
22:10:50.0937 2216  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
22:10:50.0937 2216  C:\WINDOWS\system32\shimeng.dll - ok
22:10:50.0953 2216  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
22:10:50.0953 2216  C:\WINDOWS\AppPatch\acadproc.dll - ok
22:10:50.0953 2216  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
22:10:50.0953 2216  C:\WINDOWS\system32\dnsapi.dll - ok
22:10:50.0953 2216  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
22:10:50.0953 2216  C:\WINDOWS\system32\wldap32.dll - ok
22:10:50.0953 2216  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
22:10:50.0953 2216  C:\WINDOWS\system32\samlib.dll - ok
22:10:50.0968 2216  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
22:10:50.0968 2216  C:\WINDOWS\system32\samsrv.dll - ok
22:10:50.0968 2216  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
22:10:50.0968 2216  C:\WINDOWS\system32\cryptdll.dll - ok
22:10:50.0968 2216  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
22:10:50.0968 2216  C:\WINDOWS\AppPatch\acgenral.dll - ok
22:10:50.0984 2216  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
22:10:50.0984 2216  C:\WINDOWS\system32\winmm.dll - ok
22:10:50.0984 2216  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
22:10:50.0984 2216  C:\WINDOWS\system32\msacm32.dll - ok
22:10:50.0984 2216  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
22:10:50.0984 2216  C:\WINDOWS\system32\uxtheme.dll - ok
22:10:51.0000 2216  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
22:10:51.0000 2216  C:\WINDOWS\system32\msapsspc.dll - ok
22:10:51.0000 2216  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
22:10:51.0000 2216  C:\WINDOWS\system32\msvcrt40.dll - ok
22:10:51.0000 2216  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
22:10:51.0000 2216  C:\WINDOWS\system32\schannel.dll - ok
22:10:51.0015 2216  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
22:10:51.0015 2216  C:\WINDOWS\system32\digest.dll - ok
22:10:51.0015 2216  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
22:10:51.0015 2216  C:\WINDOWS\system32\msnsspc.dll - ok
22:10:51.0015 2216  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
22:10:51.0015 2216  C:\WINDOWS\system32\msctfime.ime - ok
22:10:51.0031 2216  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
22:10:51.0031 2216  C:\WINDOWS\system32\msprivs.dll - ok
22:10:51.0031 2216  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
22:10:51.0031 2216  C:\WINDOWS\system32\kerberos.dll - ok
22:10:51.0031 2216  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
22:10:51.0031 2216  C:\WINDOWS\system32\atmfd.dll - ok
22:10:51.0046 2216  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
22:10:51.0046 2216  C:\WINDOWS\system32\msv1_0.dll - ok
22:10:51.0046 2216  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
22:10:51.0046 2216  C:\WINDOWS\system32\iphlpapi.dll - ok
22:10:51.0046 2216  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
22:10:51.0046 2216  C:\WINDOWS\system32\netlogon.dll - ok
22:10:51.0062 2216  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
22:10:51.0062 2216  C:\WINDOWS\system32\w32time.dll - ok
22:10:51.0062 2216  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
22:10:51.0062 2216  C:\WINDOWS\system32\wdigest.dll - ok
22:10:51.0062 2216  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
22:10:51.0062 2216  C:\WINDOWS\system32\rsaenh.dll - ok
22:10:51.0078 2216  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
22:10:51.0078 2216  C:\WINDOWS\system32\winscard.dll - ok
22:10:51.0078 2216  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
22:10:51.0078 2216  C:\WINDOWS\system32\wtsapi32.dll - ok
22:10:51.0078 2216  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
22:10:51.0078 2216  C:\WINDOWS\system32\scecli.dll - ok
22:10:51.0093 2216  [ 4AF5F360BA1E8794D32B366E45A64A0A ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
22:10:51.0093 2216  C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
22:10:51.0093 2216  [ 1F7094D4268D46F718C51286DC189791 ] C:\WINDOWS\system32\drivers\aswMonFlt.sys
22:10:51.0093 2216  C:\WINDOWS\system32\drivers\aswMonFlt.sys - ok
22:10:51.0093 2216  [ EE83A4EBAE70BC93CF14879D062F548B ] C:\WINDOWS\system32\drivers\drvnddm.sys
22:10:51.0093 2216  C:\WINDOWS\system32\drivers\drvnddm.sys - ok
22:10:51.0109 2216  [ 8DB1E78FBF7C426D8EC3D8F1A33D6485 ] C:\WINDOWS\system32\dla\tfsndres.sys
22:10:51.0109 2216  C:\WINDOWS\system32\dla\tfsndres.sys - ok
22:10:51.0109 2216  [ B92F67A71CC8176F331B8AA8D9F555AD ] C:\WINDOWS\system32\dla\tfsnifs.sys
22:10:51.0109 2216  C:\WINDOWS\system32\dla\tfsnifs.sys - ok
22:10:51.0109 2216  [ 85985FAA9A71E2358FCC2EDEFC2A3C5C ] C:\WINDOWS\system32\dla\tfsnopio.sys
22:10:51.0109 2216  C:\WINDOWS\system32\dla\tfsnopio.sys - ok
22:10:51.0125 2216  [ BBA22094F0F7C210567EFDAF11F64495 ] C:\WINDOWS\system32\dla\tfsnpool.sys
22:10:51.0125 2216  C:\WINDOWS\system32\dla\tfsnpool.sys - ok
22:10:51.0125 2216  [ 30698355067D07DA5F9EB81132C9FDD6 ] C:\WINDOWS\system32\dla\tfsnboio.sys
22:10:51.0125 2216  C:\WINDOWS\system32\dla\tfsnboio.sys - ok
22:10:51.0125 2216  [ FB9D825BB4A2ABDF24600F7505050E2B ] C:\WINDOWS\system32\dla\tfsncofs.sys
22:10:51.0125 2216  C:\WINDOWS\system32\dla\tfsncofs.sys - ok
22:10:51.0140 2216  [ CAFD8CCA11AA1E8B6D2EA1BA8F70EC33 ] C:\WINDOWS\system32\dla\tfsndrct.sys
22:10:51.0140 2216  C:\WINDOWS\system32\dla\tfsndrct.sys - ok
22:10:51.0140 2216  [ 81340BEF80B9811E98CE64611E67E3FF ] C:\WINDOWS\system32\dla\tfsnudf.sys
22:10:51.0140 2216  C:\WINDOWS\system32\dla\tfsnudf.sys - ok
22:10:51.0140 2216  [ C035FD116224CCC8325F384776B6A8BB ] C:\WINDOWS\system32\dla\tfsnudfa.sys
22:10:51.0140 2216  C:\WINDOWS\system32\dla\tfsnudfa.sys - ok
22:10:51.0156 2216  [ ABC57A6F6070BAF9786C318F59F29F0B ] C:\WINDOWS\system32\ati2evxx.exe
22:10:51.0156 2216  C:\WINDOWS\system32\ati2evxx.exe - ok
22:10:51.0156 2216  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
22:10:51.0156 2216  C:\WINDOWS\system32\svchost.exe - ok
22:10:51.0156 2216  [ 8BCD3A1AFF14FEAFE8466AAEC7FC900C ] C:\WINDOWS\system32\ati2edxx.dll
22:10:51.0156 2216  C:\WINDOWS\system32\ati2edxx.dll - ok
22:10:51.0171 2216  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
22:10:51.0171 2216  C:\WINDOWS\system32\ntmarta.dll - ok
22:10:51.0171 2216  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
22:10:51.0171 2216  C:\WINDOWS\system32\rpcss.dll - ok
22:10:51.0171 2216  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
22:10:51.0171 2216  C:\WINDOWS\system32\xpsp2res.dll - ok
22:10:51.0171 2216  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
22:10:51.0171 2216  C:\WINDOWS\system32\eventlog.dll - ok
22:10:51.0187 2216  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
22:10:51.0187 2216  C:\WINDOWS\system32\logonui.exe - ok
22:10:51.0187 2216  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
22:10:51.0187 2216  C:\WINDOWS\system32\duser.dll - ok
22:10:51.0187 2216  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
22:10:51.0187 2216  C:\WINDOWS\system32\msimg32.dll - ok
22:10:51.0203 2216  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
22:10:51.0203 2216  C:\WINDOWS\system32\oleacc.dll - ok
22:10:51.0203 2216  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
22:10:51.0203 2216  C:\WINDOWS\system32\mswsock.dll - ok
22:10:51.0203 2216  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
22:10:51.0203 2216  C:\WINDOWS\system32\hnetcfg.dll - ok
22:10:51.0218 2216  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
22:10:51.0218 2216  C:\WINDOWS\system32\clbcatq.dll - ok
22:10:51.0218 2216  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
22:10:51.0218 2216  C:\WINDOWS\system32\wshtcpip.dll - ok
22:10:51.0218 2216  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
22:10:51.0218 2216  C:\WINDOWS\system32\comres.dll - ok
22:10:51.0234 2216  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
22:10:51.0234 2216  C:\WINDOWS\system32\winrnr.dll - ok
22:10:51.0234 2216  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
22:10:51.0234 2216  C:\WINDOWS\system32\rasadhlp.dll - ok
22:10:51.0234 2216  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
22:10:51.0234 2216  C:\WINDOWS\system32\shgina.dll - ok
22:10:51.0250 2216  [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
22:10:51.0250 2216  C:\WINDOWS\system32\dsound.dll - ok
22:10:51.0250 2216  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
22:10:51.0250 2216  C:\WINDOWS\system32\cscdll.dll - ok
22:10:51.0250 2216  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
22:10:51.0250 2216  C:\WINDOWS\system32\dimsntfy.dll - ok
22:10:51.0265 2216  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
22:10:51.0265 2216  C:\WINDOWS\system32\wlnotify.dll - ok
22:10:51.0265 2216  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
22:10:51.0265 2216  C:\WINDOWS\system32\winspool.drv - ok
22:10:51.0265 2216  [ 147429092C26D18AF550790AC102F32A ] C:\WINDOWS\system32\WgaLogon.dll
22:10:51.0265 2216  C:\WINDOWS\system32\WgaLogon.dll - ok
22:10:51.0281 2216  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
22:10:51.0281 2216  C:\WINDOWS\system32\WudfSvc.dll - ok
22:10:51.0281 2216  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
22:10:51.0281 2216  C:\WINDOWS\system32\rasapi32.dll - ok
22:10:51.0281 2216  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
22:10:51.0281 2216  C:\WINDOWS\system32\WudfPlatform.dll - ok
22:10:51.0296 2216  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
22:10:51.0296 2216  C:\WINDOWS\system32\rasman.dll - ok
22:10:51.0296 2216  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
22:10:51.0296 2216  C:\WINDOWS\system32\msxml3.dll - ok
22:10:51.0296 2216  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
22:10:51.0296 2216  C:\WINDOWS\system32\tapi32.dll - ok
22:10:51.0312 2216  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
22:10:51.0312 2216  C:\WINDOWS\system32\rtutils.dll - ok
22:10:51.0312 2216  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
22:10:51.0312 2216  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
22:10:51.0312 2216  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
22:10:51.0312 2216  C:\WINDOWS\system32\rasmans.dll - ok
22:10:51.0312 2216  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
22:10:51.0312 2216  C:\WINDOWS\system32\sens.dll - ok
22:10:51.0328 2216  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
22:10:51.0328 2216  C:\WINDOWS\system32\winipsec.dll - ok
22:10:51.0328 2216  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
22:10:51.0328 2216  C:\WINDOWS\system32\netcfgx.dll - ok
22:10:51.0328 2216  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
22:10:51.0328 2216  C:\WINDOWS\system32\clusapi.dll - ok
22:10:51.0343 2216  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
22:10:51.0343 2216  C:\WINDOWS\system32\dnsrslvr.dll - ok
22:10:51.0343 2216  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
22:10:51.0343 2216  C:\WINDOWS\system32\dhcpcsvc.dll - ok
22:10:51.0343 2216  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
22:10:51.0343 2216  C:\WINDOWS\system32\lmhsvc.dll - ok
22:10:51.0359 2216  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
22:10:51.0359 2216  C:\WINDOWS\system32\wzcsvc.dll - ok
22:10:51.0359 2216  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
22:10:51.0359 2216  C:\WINDOWS\system32\atl.dll - ok
22:10:51.0359 2216  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
22:10:51.0359 2216  C:\WINDOWS\system32\eapolqec.dll - ok
22:10:51.0375 2216  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
22:10:51.0375 2216  C:\WINDOWS\system32\wmi.dll - ok
22:10:51.0375 2216  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
22:10:51.0375 2216  C:\WINDOWS\system32\dot3api.dll - ok
22:10:51.0375 2216  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
22:10:51.0375 2216  C:\WINDOWS\system32\qutil.dll - ok
22:10:51.0390 2216  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
22:10:51.0390 2216  C:\WINDOWS\system32\esent.dll - ok
22:10:51.0390 2216  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
22:10:51.0390 2216  C:\WINDOWS\system32\cscui.dll - ok
22:10:51.0390 2216  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
22:10:51.0390 2216  C:\WINDOWS\system32\rastls.dll - ok
22:10:51.0406 2216  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
22:10:51.0406 2216  C:\WINDOWS\system32\cryptui.dll - ok
22:10:51.0406 2216  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
22:10:51.0406 2216  C:\WINDOWS\system32\powrprof.dll - ok
22:10:51.0406 2216  [ 3E2F3E2F4A82B7FAE23BAB864FB0F837 ] C:\WINDOWS\system32\dpcdll.dll
22:10:51.0406 2216  C:\WINDOWS\system32\dpcdll.dll - ok
22:10:51.0421 2216  [ 28D6701C710AD7BA3CB95E75F8F1A9AA ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:10:51.0421 2216  C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
22:10:51.0421 2216  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
22:10:51.0421 2216  C:\WINDOWS\system32\mprapi.dll - ok
22:10:51.0421 2216  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
22:10:51.0421 2216  C:\WINDOWS\system32\activeds.dll - ok
22:10:51.0437 2216  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
22:10:51.0437 2216  C:\WINDOWS\system32\adsldpc.dll - ok
22:10:51.0437 2216  [ 54AE15322C30814FC23FC26907A563B3 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
22:10:51.0437 2216  C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
22:10:51.0437 2216  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
22:10:51.0437 2216  C:\WINDOWS\system32\riched20.dll - ok
22:10:51.0453 2216  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
22:10:51.0453 2216  C:\WINDOWS\system32\userinit.exe - ok
22:10:51.0453 2216  [ 40F2889475EDC401F98FD7938F0BBF66 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
22:10:51.0453 2216  C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
22:10:51.0453 2216  [ 1F9319EA6D87522C70271A55AC3BE365 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
22:10:51.0453 2216  C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
22:10:51.0468 2216  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
22:10:51.0468 2216  C:\WINDOWS\system32\raschap.dll - ok
22:10:51.0468 2216  [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
22:10:51.0468 2216  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
22:10:51.0468 2216  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
22:10:51.0468 2216  C:\WINDOWS\system32\netman.dll - ok
22:10:51.0484 2216  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
22:10:51.0484 2216  C:\WINDOWS\system32\netshell.dll - ok
22:10:51.0484 2216  [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
22:10:51.0484 2216  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
22:10:51.0484 2216  [ 0C70F8F5CC8359AC633724BECF6ABAF3 ] C:\Program Files\AVAST Software\Avast\ashBase.dll
22:10:51.0484 2216  C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
22:10:51.0500 2216  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
22:10:51.0500 2216  C:\WINDOWS\system32\credui.dll - ok
22:10:51.0500 2216  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
22:10:51.0500 2216  C:\WINDOWS\system32\dot3dlg.dll - ok
22:10:51.0500 2216  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
22:10:51.0500 2216  C:\WINDOWS\system32\onex.dll - ok
22:10:51.0515 2216  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
22:10:51.0515 2216  C:\WINDOWS\system32\eappcfg.dll - ok
22:10:51.0515 2216  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
22:10:51.0515 2216  C:\WINDOWS\system32\wsock32.dll - ok
22:10:51.0515 2216  [ F79B2469046122E24450FB66AE580C83 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
22:10:51.0515 2216  C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
22:10:51.0531 2216  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
22:10:51.0531 2216  C:\WINDOWS\system32\eappprxy.dll - ok
22:10:51.0531 2216  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
22:10:51.0531 2216  C:\WINDOWS\system32\wzcsapi.dll - ok
22:10:51.0531 2216  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
22:10:51.0531 2216  C:\WINDOWS\explorer.exe - ok
22:10:51.0546 2216  [ C86121BF74BB07FC99DB9DB0ED1B49FF ] C:\Program Files\AVAST Software\Avast\avBugReport.exe
22:10:51.0546 2216  C:\Program Files\AVAST Software\Avast\avBugReport.exe - ok
22:10:51.0546 2216  [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
22:10:51.0546 2216  C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
22:10:51.0546 2216  [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
22:10:51.0546 2216  C:\WINDOWS\system32\browseui.dll - ok
22:10:51.0562 2216  [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
22:10:51.0562 2216  C:\WINDOWS\system32\shdocvw.dll - ok
22:10:51.0562 2216  [ 920B4D089E02FB4A3F8ADA8B4BEF9B26 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
22:10:51.0562 2216  C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
22:10:51.0562 2216  [ DA8B8A95780F406EBB213C1C5D4C0D90 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
22:10:51.0562 2216  C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
22:10:51.0578 2216  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
22:10:51.0578 2216  C:\WINDOWS\system32\winhttp.dll - ok
22:10:51.0578 2216  [ D873AF6112E377CDBCBF3055B86C30A9 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
22:10:51.0578 2216  C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
22:10:51.0578 2216  [ D068312FEC645A9D7C1398808734B142 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
22:10:51.0578 2216  C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
22:10:51.0593 2216  [ 64BF5CD9B9D7BD391CBC9EDE847A2902 ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
22:10:51.0593 2216  C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
22:10:51.0593 2216  [ 69B9DD83535C421F229227B0B303082A ] C:\Program Files\AVAST Software\Avast\ashTask.dll
22:10:51.0593 2216  C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
22:10:51.0593 2216  [ 91F1D56F6DC6B2AEC45369765787B64D ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
22:10:51.0593 2216  C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
22:10:51.0609 2216  [ 1919B2A6BB69BD206A4F0C20FBA5E4B6 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
22:10:51.0609 2216  C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
22:10:51.0609 2216  [ B3B4DDCD7263993FA3C42573066A16BE ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
22:10:51.0609 2216  C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
22:10:51.0609 2216  [ CD89FA96371429B0BEE893B156DB8932 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
22:10:51.0609 2216  C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
22:10:51.0625 2216  [ 7D289D7E6253BC998F51CAADB54C5192 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
22:10:51.0625 2216  C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
22:10:51.0625 2216  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
22:10:51.0625 2216  C:\WINDOWS\system32\msi.dll - ok
22:10:51.0625 2216  [ E43B269964099D96DDDAAED0E57F109E ] C:\Program Files\AVAST Software\Avast\avastIP.dll
22:10:51.0625 2216  C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
22:10:51.0625 2216  [ 79B5BAEC23456D3F7EC10FC8374DA2CC ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
22:10:51.0625 2216  C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
22:10:51.0640 2216  [ BB2BE07A396B5B22AC56787FACF8D86F ] C:\Program Files\AVAST Software\Avast\aswDld.dll
22:10:51.0640 2216  C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
22:10:51.0640 2216  [ 52D0FE133CBE687ED4E83FBDA70EBC9C ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
22:10:51.0640 2216  C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
22:10:51.0640 2216  [ 82EBD5D2D47DB1B72205B71C1D6E31AC ] C:\Program Files\Google\Drive\googledrivesync32.dll
22:10:51.0640 2216  C:\Program Files\Google\Drive\googledrivesync32.dll - ok
22:10:51.0656 2216  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
22:10:51.0656 2216  C:\WINDOWS\system32\schedsvc.dll - ok
22:10:51.0656 2216  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Program Files\Google\Drive\Microsoft.VC90.CRT\msvcp90.dll
22:10:51.0656 2216  C:\Program Files\Google\Drive\Microsoft.VC90.CRT\msvcp90.dll - ok
22:10:51.0656 2216  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
22:10:51.0656 2216  C:\WINDOWS\system32\msidle.dll - ok
22:10:51.0671 2216  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Program Files\Google\Drive\Microsoft.VC90.CRT\msvcr90.dll
22:10:51.0671 2216  C:\Program Files\Google\Drive\Microsoft.VC90.CRT\msvcr90.dll - ok
22:10:51.0671 2216  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
22:10:51.0671 2216  C:\WINDOWS\system32\spoolsv.exe - ok
22:10:51.0671 2216  [ 9B09C037B4A993A89C3B642A2C182F2D ] C:\Program Files\AVAST Software\Avast\defs\13060901\aswEngin.dll
22:10:51.0671 2216  C:\Program Files\AVAST Software\Avast\defs\13060901\aswEngin.dll - ok
22:10:51.0687 2216  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
22:10:51.0687 2216  C:\WINDOWS\system32\audiosrv.dll - ok
22:10:51.0687 2216  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
22:10:51.0687 2216  C:\WINDOWS\system32\desk.cpl - ok
22:10:51.0687 2216  [ A65F3FE4C49711EEA6705242AE9636CC ] C:\Program Files\AVAST Software\Avast\defs\13060901\aswCmnIS.dll
22:10:51.0687 2216  C:\Program Files\AVAST Software\Avast\defs\13060901\aswCmnIS.dll - ok
22:10:51.0703 2216  [ 40D0BB31817312CD0169C47BDDFA65C2 ] C:\Program Files\AVAST Software\Avast\defs\13060901\aswCmnOS.dll
22:10:51.0703 2216  C:\Program Files\AVAST Software\Avast\defs\13060901\aswCmnOS.dll - ok
22:10:51.0703 2216  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
22:10:51.0703 2216  C:\WINDOWS\system32\themeui.dll - ok
22:10:51.0703 2216  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
22:10:51.0703 2216  C:\WINDOWS\system32\wkssvc.dll - ok
22:10:51.0718 2216  [ 3DC6EA849640691E822BCFCE2BC999A2 ] C:\Program Files\AVAST Software\Avast\defs\13060901\aswCmnBS.dll
22:10:51.0718 2216  C:\Program Files\AVAST Software\Avast\defs\13060901\aswCmnBS.dll - ok
22:10:51.0718 2216  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
22:10:51.0718 2216  C:\WINDOWS\system32\drivers\mrxdav.sys - ok
22:10:51.0718 2216  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
22:10:51.0718 2216  C:\WINDOWS\system32\actxprxy.dll - ok
22:10:51.0734 2216  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
22:10:51.0734 2216  C:\WINDOWS\system32\wdmaud.drv - ok
22:10:51.0734 2216  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
22:10:51.0734 2216  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
22:10:51.0734 2216  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
22:10:51.0734 2216  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
22:10:51.0750 2216  [ 0F167FBAF67B8472B128FC0C621B6FE1 ] C:\Program Files\AVAST Software\Avast\defs\13060901\aswScan.dll
22:10:51.0750 2216  C:\Program Files\AVAST Software\Avast\defs\13060901\aswScan.dll - ok
22:10:51.0750 2216  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
22:10:51.0750 2216  C:\WINDOWS\system32\drivers\splitter.sys - ok
22:10:51.0750 2216  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
22:10:51.0750 2216  C:\WINDOWS\system32\drivers\aec.sys - ok
22:10:51.0765 2216  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
22:10:51.0765 2216  C:\WINDOWS\system32\drivers\swmidi.sys - ok
22:10:51.0765 2216  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
22:10:51.0765 2216  C:\WINDOWS\system32\cmd.exe - ok
22:10:51.0765 2216  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
22:10:51.0765 2216  C:\WINDOWS\system32\drivers\dmusic.sys - ok
22:10:51.0781 2216  [ 32ED62D8C410117E09B0B7CA44FC4456 ] C:\Program Files\AVAST Software\Avast\defs\13060901\aswRep.dll
22:10:51.0781 2216  C:\Program Files\AVAST Software\Avast\defs\13060901\aswRep.dll - ok
22:10:51.0781 2216  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
22:10:51.0781 2216  C:\WINDOWS\system32\drivers\kmixer.sys - ok
22:10:51.0781 2216  [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
22:10:51.0781 2216  C:\WINDOWS\system32\webclnt.dll - ok
22:10:51.0796 2216  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
22:10:51.0796 2216  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
22:10:51.0796 2216  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
22:10:51.0796 2216  C:\WINDOWS\system32\msacm32.drv - ok
22:10:51.0796 2216  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
22:10:51.0796 2216  C:\WINDOWS\system32\midimap.dll - ok
22:10:51.0812 2216  [ 5CE2C1433B9B634591F0A1C4C1203A0B ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
22:10:51.0812 2216  C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
22:10:51.0812 2216  [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\AVAST Software\Avast\defs\13060901\aswFiDb.dll
22:10:51.0812 2216  C:\Program Files\AVAST Software\Avast\defs\13060901\aswFiDb.dll - ok
22:10:51.0812 2216  [ 2223775FDCB2EF7D4EC159AF3C764941 ] C:\WINDOWS\system32\ieframe.dll
22:10:51.0812 2216  C:\WINDOWS\system32\ieframe.dll - ok
22:10:51.0828 2216  [ E57B778208C783D8DEBAB320C16A1B82 ] C:\WINDOWS\system32\drivers\StarOpen.sys
22:10:51.0828 2216  C:\WINDOWS\system32\drivers\StarOpen.sys - ok
22:10:51.0828 2216  [ 85180CF88C5EBAD73B452A43A004CA51 ] C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
22:10:51.0828 2216  C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe - ok
22:10:51.0828 2216  [ 6ABF5881BD50F472FBBDA2D9C3B8B255 ] C:\Program Files\AVAST Software\Avast\defs\13060901\algo.dll
22:10:51.0828 2216  C:\Program Files\AVAST Software\Avast\defs\13060901\algo.dll - ok
22:10:51.0843 2216  [ 6DBD8C6D28EEB5BC16C730FF07AE5979 ] C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.dll
22:10:51.0843 2216  C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.dll - ok
22:10:51.0843 2216  [ 7332AED6A02FE37C4356C40628E175CE ] C:\PROGRA~1\COMMON~1\AOL\ACS\Xpat.dll
22:10:51.0843 2216  C:\PROGRA~1\COMMON~1\AOL\ACS\Xpat.dll - ok
22:10:51.0843 2216  [ C6B2AD321E6C12E12898D1CAE587D0D5 ] C:\PROGRA~1\COMMON~1\AOL\ACS\shfolder.dll
22:10:51.0843 2216  C:\PROGRA~1\COMMON~1\AOL\ACS\shfolder.dll - ok
22:10:51.0859 2216  [ D880831279ED91F9A4190A2DB9539EA9 ] C:\WINDOWS\system32\drivers\asctrm.sys
22:10:51.0859 2216  C:\WINDOWS\system32\drivers\asctrm.sys - ok
22:10:51.0859 2216  [ 3C8B6609712F4FF78E521F6DCFC4032B ] C:\WINDOWS\system32\CTSVCCDA.EXE
22:10:51.0859 2216  C:\WINDOWS\system32\CTSVCCDA.EXE - ok
22:10:51.0859 2216  [ 0B5EDD2871209EA886A9B48A36828D65 ] C:\Program Files\Common Files\AOL\ACS\ACSMDiag.dll
22:10:51.0859 2216  C:\Program Files\Common Files\AOL\ACS\ACSMDiag.dll - ok
22:10:51.0859 2216  [ 178A34E5554DCE485E1262DDF027960C ] C:\DOCUME~1\Rudy\LOCALS~1\temp\F3BAE0B7-F1D1-473C-81EF-35283AE01A33.exe
22:10:51.0859 2216  C:\DOCUME~1\Rudy\LOCALS~1\temp\F3BAE0B7-F1D1-473C-81EF-35283AE01A33.exe - ok
22:10:51.0875 2216  [ E01945331345F678AFAE3ECD5369D61A ] C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll
22:10:51.0875 2216  C:\Program Files\Common Files\AOL\AOLDiag\tbdiag.dll - ok
22:10:51.0875 2216  [ 3924B7B6258D8F35D9BEE1F61D453553 ] C:\Program Files\Common Files\AOL\ACS\ACSCmn.dll
22:10:51.0875 2216  C:\Program Files\Common Files\AOL\ACS\ACSCmn.dll - ok
22:10:51.0875 2216  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
22:10:51.0875 2216  C:\WINDOWS\system32\spoolss.dll - ok
22:10:51.0890 2216  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
22:10:51.0890 2216  C:\WINDOWS\system32\fltlib.dll - ok
22:10:51.0890 2216  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
22:10:51.0890 2216  C:\WINDOWS\system32\localspl.dll - ok
22:10:51.0890 2216  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
22:10:51.0890 2216  C:\WINDOWS\system32\linkinfo.dll - ok
22:10:51.0906 2216  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
22:10:51.0906 2216  C:\WINDOWS\system32\cryptsvc.dll - ok
22:10:51.0906 2216  [ C1DD6288ABA16EECBA39C3299C4040FE ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
22:10:51.0906 2216  C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
22:10:51.0906 2216  [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe
22:10:51.0906 2216  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
22:10:51.0921 2216  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
22:10:51.0921 2216  C:\WINDOWS\system32\certcli.dll - ok
22:10:51.0921 2216  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
22:10:51.0921 2216  C:\WINDOWS\system32\ntshrui.dll - ok
22:10:51.0921 2216  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
22:10:51.0921 2216  C:\WINDOWS\system32\cnbjmon.dll - ok
22:10:51.0937 2216  [ CC6292CA575E851E5B74BF8883AB967A ] C:\WINDOWS\system32\fxsmon.dll
22:10:51.0937 2216  C:\WINDOWS\system32\fxsmon.dll - ok
22:10:51.0937 2216  [ E385B9E07B08C3F686B45D52C9F5A9B9 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
22:10:51.0937 2216  C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
22:10:51.0937 2216  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
22:10:51.0937 2216  C:\WINDOWS\system32\es.dll - ok
22:10:51.0953 2216  [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
22:10:51.0953 2216  C:\WINDOWS\system32\fxsevent.dll - ok
22:10:51.0953 2216  [ E28034BDEDD48E44C889FF40C462005D ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
22:10:51.0953 2216  C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
22:10:51.0953 2216  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
22:10:51.0953 2216  C:\WINDOWS\system32\pjlmon.dll - ok
22:10:51.0968 2216  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
22:10:51.0968 2216  C:\WINDOWS\system32\tcpmon.dll - ok
22:10:51.0968 2216  [ B20C06BDE50900C33CEE861E5B288ABF ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
22:10:51.0968 2216  C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
22:10:51.0968 2216  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
22:10:51.0968 2216  C:\WINDOWS\system32\ersvc.dll - ok
22:10:51.0984 2216  [ DAC5B3F300E08EFA9782F6DD0E4A9FDA ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
22:10:51.0984 2216  C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
22:10:51.0984 2216  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
22:10:51.0984 2216  C:\WINDOWS\system32\usbmon.dll - ok
22:10:51.0984 2216  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
22:10:51.0984 2216  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
22:10:52.0000 2216  [ 5B07E1B2414CE6A7F8942493F194B697 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
22:10:52.0000 2216  C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
22:10:52.0000 2216  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
22:10:52.0000 2216  C:\WINDOWS\system32\win32spl.dll - ok
22:10:52.0000 2216  [ F9AA8285BE0CCB3BDD77549DFC817423 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
22:10:52.0000 2216  C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
22:10:52.0015 2216  [ 758D99511FD82B6C55E70494039E9F1A ] C:\Program Files\Google\Update\1.3.21.145\goopdate.dll
22:10:52.0015 2216  C:\Program Files\Google\Update\1.3.21.145\goopdate.dll - ok
22:10:52.0015 2216  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
22:10:52.0015 2216  C:\WINDOWS\system32\netrap.dll - ok
22:10:52.0015 2216  [ 90622E62EABD12FFEACEF083E765707C ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
22:10:52.0015 2216  C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
22:10:52.0031 2216  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
22:10:52.0031 2216  C:\WINDOWS\system32\inetpp.dll - ok
22:10:52.0031 2216  [ B7F721185071CF20CAB25CC2869BE0C2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
22:10:52.0031 2216  C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
22:10:52.0031 2216  [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll
22:10:52.0031 2216  C:\WINDOWS\system32\wlanapi.dll - ok
22:10:52.0031 2216  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
22:10:52.0031 2216  C:\WINDOWS\system32\webcheck.dll - ok
22:10:52.0046 2216  [ 3F11B20D12D89365D7721BDC860CE5F0 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
22:10:52.0046 2216  C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
22:10:52.0046 2216  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
22:10:52.0046 2216  C:\WINDOWS\system32\mlang.dll - ok
22:10:52.0046 2216  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
22:10:52.0046 2216  C:\WINDOWS\system32\dbghelp.dll - ok
22:10:52.0062 2216  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
22:10:52.0062 2216  C:\WINDOWS\system32\stobject.dll - ok
22:10:52.0062 2216  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
22:10:52.0062 2216  C:\WINDOWS\system32\batmeter.dll - ok
22:10:52.0062 2216  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
22:10:52.0062 2216  C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
22:10:52.0078 2216  [ 5400C14134E7D6A0069C46FEBCB2DDDF ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
22:10:52.0078 2216  C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe - ok
22:10:52.0078 2216  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
22:10:52.0078 2216  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
22:10:52.0078 2216  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
22:10:52.0078 2216  C:\WINDOWS\system32\hidserv.dll - ok
22:10:52.0093 2216  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
22:10:52.0093 2216  C:\WINDOWS\system32\hid.dll - ok
22:10:52.0093 2216  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
22:10:52.0093 2216  C:\WINDOWS\system32\sensapi.dll - ok
22:10:52.0093 2216  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
22:10:52.0093 2216  C:\WINDOWS\system32\mydocs.dll - ok
22:10:52.0109 2216  [ 73430E79D6DF4DE9055E2A7742B881D3 ] C:\Program Files\QuickTime\QTTask.exe
22:10:52.0109 2216  C:\Program Files\QuickTime\QTTask.exe - ok
22:10:52.0109 2216  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
22:10:52.0109 2216  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
22:10:52.0109 2216  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:10:52.0109 2216  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
22:10:52.0125 2216  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
22:10:52.0125 2216  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
22:10:52.0125 2216  [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\54317915.sys
22:10:52.0125 2216  C:\WINDOWS\system32\drivers\54317915.sys - ok
22:10:52.0125 2216  [ F92B3868E3801653AF196C76078829FA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
22:10:52.0125 2216  C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
22:10:52.0140 2216  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
22:10:52.0140 2216  C:\WINDOWS\system32\ctfmon.exe - ok
22:10:52.0140 2216  [ 5D61BE7DB55B026A5D61A3EED09D0EAD ] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
22:10:52.0140 2216  C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe - ok
22:10:52.0140 2216  [ E061BB3ACA8DAF11E60D15E05DE9F6ED ] C:\Program Files\AOL Desktop 9.6\aol.exe
22:10:52.0140 2216  C:\Program Files\AOL Desktop 9.6\aol.exe - ok
22:10:52.0156 2216  [ 9A337AE3DB478034A7839E753BBFF1AB ] C:\Program Files\Java\jre7\bin\jqs.exe
22:10:52.0156 2216  C:\Program Files\Java\jre7\bin\jqs.exe - ok
22:10:52.0156 2216  [ 76B35CB0F3A4E69D6DFF27F542B9F856 ] C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe
22:10:52.0156 2216  C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe - ok
22:10:52.0156 2216  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
22:10:52.0156 2216  C:\WINDOWS\system32\mstask.dll - ok
22:10:52.0171 2216  [ 423069307FB726E51E2A66F1C3F738FE ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
22:10:52.0171 2216  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - ok
22:10:52.0171 2216  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
22:10:52.0171 2216  C:\WINDOWS\system32\drprov.dll - ok
22:10:52.0171 2216  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
22:10:52.0171 2216  C:\WINDOWS\system32\ntlanman.dll - ok
22:10:52.0187 2216  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
22:10:52.0187 2216  C:\WINDOWS\system32\netui0.dll - ok
22:10:52.0187 2216  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
22:10:52.0187 2216  C:\WINDOWS\system32\netui1.dll - ok
22:10:52.0187 2216  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
22:10:52.0187 2216  C:\WINDOWS\system32\msctf.dll - ok
22:10:52.0203 2216  [ A33452A42BDF214E7FC40CB470515605 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
22:10:52.0203 2216  C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
22:10:52.0203 2216  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
22:10:52.0203 2216  C:\WINDOWS\system32\msutb.dll - ok
22:10:52.0203 2216  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
22:10:52.0203 2216  C:\WINDOWS\system32\davclnt.dll - ok
22:10:52.0218 2216  [ 76E7410B3A308F6960D3CE06DC7874AD ] C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll
22:10:52.0218 2216  C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll - ok
22:10:52.0218 2216  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
22:10:52.0218 2216  C:\WINDOWS\ime\sptip.dll - ok
22:10:52.0218 2216  [ EBD41321BADC04ABD4802112BFFB646A ] C:\Program Files\AOL Desktop 9.6\waol.exe
22:10:52.0218 2216  C:\Program Files\AOL Desktop 9.6\waol.exe - ok
22:10:52.0234 2216  [ 269552E0E5BD5BFE0DA7AD42FAC34C37 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
22:10:52.0234 2216  C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
22:10:52.0234 2216  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
22:10:52.0234 2216  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
22:10:52.0234 2216  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
22:10:52.0234 2216  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
22:10:52.0250 2216  [ 2A632A95433E9719F37AE06BA00543AC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
22:10:52.0250 2216  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - ok
22:10:52.0250 2216  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
22:10:52.0250 2216  C:\WINDOWS\system32\pdh.dll - ok
22:10:52.0250 2216  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
22:10:52.0250 2216  C:\WINDOWS\system32\odbcbcp.dll - ok
22:10:52.0265 2216  [ 56DB34F4DC39CECBC871A895C6FCF1C3 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
22:10:52.0265 2216  C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
22:10:52.0265 2216  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
22:10:52.0265 2216  C:\WINDOWS\system32\srvsvc.dll - ok
22:10:52.0265 2216  [ 195741AEE20369980796B557358CD774 ] C:\WINDOWS\system32\drivers\mdmxsdk.sys
22:10:52.0265 2216  C:\WINDOWS\system32\drivers\mdmxsdk.sys - ok
22:10:52.0281 2216  [ B230E39CECA17D40EFC98300E5E5C4BE ] C:\Program Files\AOL Desktop 9.6\waol.dll
22:10:52.0281 2216  C:\Program Files\AOL Desktop 9.6\waol.dll - ok
22:10:52.0281 2216  [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] C:\Program Files\CDBurnerXP\NMSAccessU.exe
22:10:52.0281 2216  C:\Program Files\CDBurnerXP\NMSAccessU.exe - ok
22:10:52.0281 2216  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
22:10:52.0281 2216  C:\WINDOWS\system32\netmsg.dll - ok
22:10:52.0296 2216  [ CCFEBA839CA4BA31DE6EB1AEDF1B0CF3 ] C:\Program Files\AOL Desktop 9.6\supersub.dll
22:10:52.0296 2216  C:\Program Files\AOL Desktop 9.6\supersub.dll - ok
22:10:52.0296 2216  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
22:10:52.0296 2216  C:\WINDOWS\system32\drivers\srv.sys - ok
22:10:52.0296 2216  [ 54AD2D2BD8FB25B07C61EB750D015A8A ] C:\Program Files\AOL Desktop 9.6\xprt6.dll
22:10:52.0296 2216  C:\Program Files\AOL Desktop 9.6\xprt6.dll - ok
22:10:52.0312 2216  [ 28AFFB03DA67C31FF0BD50F54566B140 ] C:\Program Files\AOL Desktop 9.6\coolcore60.dll
22:10:52.0312 2216  C:\Program Files\AOL Desktop 9.6\coolcore60.dll - ok
22:10:52.0312 2216  [ C8A2D6FF660AC601B7BB9A9B16A5C25E ] C:\WINDOWS\system32\drivers\PfModNT.sys
22:10:52.0312 2216  C:\WINDOWS\system32\drivers\PfModNT.sys - ok
22:10:52.0312 2216  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
22:10:52.0312 2216  C:\WINDOWS\system32\ipsecsvc.dll - ok
22:10:52.0328 2216  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
22:10:52.0328 2216  C:\WINDOWS\system32\seclogon.dll - ok
22:10:52.0328 2216  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
22:10:52.0328 2216  C:\WINDOWS\system32\perfos.dll - ok
22:10:52.0328 2216  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
22:10:52.0328 2216  C:\WINDOWS\system32\srsvc.dll - ok
22:10:52.0343 2216  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
22:10:52.0343 2216  C:\WINDOWS\system32\perfdisk.dll - ok
22:10:52.0343 2216  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
22:10:52.0343 2216  C:\WINDOWS\system32\oakley.dll - ok
22:10:52.0343 2216  [ 44BD658E0E4D21C42023AD9EBEFFDB90 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
22:10:52.0343 2216  C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
22:10:52.0359 2216  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
22:10:52.0359 2216  C:\WINDOWS\system32\ipnathlp.dll - ok
22:10:52.0359 2216  [ CD275EC2B7484DDE306161270030199C ] C:\Program Files\AOL Desktop 9.6\zlib.dll
22:10:52.0359 2216  C:\Program Files\AOL Desktop 9.6\zlib.dll - ok
22:10:52.0359 2216  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
22:10:52.0359 2216  C:\WINDOWS\system32\pstorsvc.dll - ok
22:10:52.0359 2216  [ 8ED6DA45BAB5CFC809229F26D4D4A2CE ] C:\Program Files\AVAST Software\Avast\libeay32.dll
22:10:52.0359 2216  C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
22:10:52.0375 2216  [ E330E10526664C36611DEE72231C7935 ] C:\Program Files\AOL Desktop 9.6\comm.dll
22:10:52.0375 2216  C:\Program Files\AOL Desktop 9.6\comm.dll - ok
22:10:52.0375 2216  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
22:10:52.0375 2216  C:\WINDOWS\system32\psbase.dll - ok
22:10:52.0375 2216  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
22:10:52.0375 2216  C:\WINDOWS\system32\tapisrv.dll - ok
22:10:52.0390 2216  [ EB9A99AB5D17B1727034FF191E6448D7 ] C:\WINDOWS\wanmpsvc.exe
22:10:52.0390 2216  C:\WINDOWS\wanmpsvc.exe - ok
22:10:52.0390 2216  [ ECE73B43E89AC11BBA7C8F478FBCB328 ] C:\Program Files\AOL Desktop 9.6\manager.dll
22:10:52.0390 2216  C:\Program Files\AOL Desktop 9.6\manager.dll - ok
22:10:52.0390 2216  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
22:10:52.0390 2216  C:\WINDOWS\system32\wiaservc.dll - ok
22:10:52.0406 2216  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
22:10:52.0406 2216  C:\WINDOWS\system32\dssenh.dll - ok
22:10:52.0406 2216  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
22:10:52.0406 2216  C:\WINDOWS\system32\cfgmgr32.dll - ok
22:10:52.0406 2216  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
22:10:52.0406 2216  C:\WINDOWS\system32\mscms.dll - ok
22:10:52.0421 2216  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
22:10:52.0421 2216  C:\WINDOWS\system32\trkwks.dll - ok
22:10:52.0421 2216  [ 913BABE008A2EBC05381E3B6E310520A ] C:\Program Files\AOL Desktop 9.6\synccore.dll
22:10:52.0421 2216  C:\Program Files\AOL Desktop 9.6\synccore.dll - ok
22:10:52.0421 2216  [ 84F71B2CDE201A25D8EC031250D83AEC ] C:\Program Files\AOL Desktop 9.6\proxymgr.dll
22:10:52.0421 2216  C:\Program Files\AOL Desktop 9.6\proxymgr.dll - ok
22:10:52.0437 2216  [ FE98D3EE8E67151DFF19E1CD5F718927 ] C:\Program Files\AOL Desktop 9.6\abook.dll
22:10:52.0437 2216  C:\Program Files\AOL Desktop 9.6\abook.dll - ok
22:10:52.0437 2216  [ 5144AE67D60EC653F97DDF3FEED29E77 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:10:52.0437 2216  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
22:10:52.0437 2216  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
22:10:52.0437 2216  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
22:10:52.0453 2216  [ 42192F736EE197635182743821AA8FE0 ] C:\Program Files\AOL Desktop 9.6\appdata.dll
22:10:52.0453 2216  C:\Program Files\AOL Desktop 9.6\appdata.dll - ok
22:10:52.0453 2216  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
22:10:52.0453 2216  C:\WINDOWS\system32\vssapi.dll - ok
22:10:52.0453 2216  [ 1BDCA178666DE1EB9F209DF84BA45A59 ] C:\Program Files\AOL Desktop 9.6\acfBase.dll
22:10:52.0453 2216  C:\Program Files\AOL Desktop 9.6\acfBase.dll - ok
22:10:52.0468 2216  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
22:10:52.0468 2216  C:\WINDOWS\system32\comsvcs.dll - ok
22:10:52.0468 2216  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
22:10:52.0468 2216  C:\WINDOWS\system32\colbact.dll - ok
22:10:52.0468 2216  [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
22:10:52.0468 2216  C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
22:10:52.0484 2216  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
22:10:52.0484 2216  C:\WINDOWS\system32\mtxclu.dll - ok
22:10:52.0484 2216  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
22:10:52.0484 2216  C:\WINDOWS\system32\shfolder.dll - ok
22:10:52.0484 2216  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
22:10:52.0484 2216  C:\WINDOWS\system32\resutils.dll - ok
22:10:52.0500 2216  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
22:10:52.0500 2216  C:\WINDOWS\system32\wscsvc.dll - ok
22:10:52.0500 2216  [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
22:10:52.0500 2216  C:\WINDOWS\system32\fxssvc.exe - ok
22:10:52.0500 2216  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
22:10:52.0500 2216  C:\WINDOWS\system32\wuauserv.dll - ok
22:10:52.0500 2216  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
22:10:52.0515 2216  C:\WINDOWS\system32\wuaueng.dll - ok
22:10:52.0515 2216  [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
22:10:52.0515 2216  C:\WINDOWS\system32\fxstiff.dll - ok
22:10:52.0515 2216  [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
22:10:52.0515 2216  C:\WINDOWS\system32\fxsapi.dll - ok
22:10:52.0515 2216  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
22:10:52.0515 2216  C:\WINDOWS\system32\cabinet.dll - ok
22:10:52.0531 2216  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
22:10:52.0531 2216  C:\WINDOWS\system32\mspatcha.dll - ok
22:10:52.0531 2216  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
22:10:52.0531 2216  C:\WINDOWS\system32\browser.dll - ok
22:10:52.0531 2216  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
22:10:52.0531 2216  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
22:10:52.0546 2216  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
22:10:52.0546 2216  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
22:10:52.0546 2216  [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
22:10:52.0546 2216  C:\WINDOWS\system32\fxst30.dll - ok
22:10:52.0546 2216  [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
22:10:52.0546 2216  C:\WINDOWS\system32\fxsroute.dll - ok
22:10:52.0562 2216  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
22:10:52.0562 2216  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
22:10:52.0562 2216  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
22:10:52.0562 2216  C:\WINDOWS\system32\wbem\esscli.dll - ok
22:10:52.0562 2216  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
22:10:52.0562 2216  C:\WINDOWS\system32\wbem\fastprox.dll - ok
22:10:52.0578 2216  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
22:10:52.0578 2216  C:\WINDOWS\system32\unimdm.tsp - ok
22:10:52.0578 2216  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
22:10:52.0578 2216  C:\WINDOWS\system32\uniplat.dll - ok
22:10:52.0578 2216  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
22:10:52.0578 2216  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
22:10:52.0593 2216  [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
22:10:52.0593 2216  C:\WINDOWS\system32\unimdmat.dll - ok
22:10:52.0593 2216  [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
22:10:52.0593 2216  C:\WINDOWS\system32\modemui.dll - ok
22:10:52.0593 2216  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
22:10:52.0593 2216  C:\WINDOWS\system32\kmddsp.tsp - ok
22:10:52.0609 2216  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
22:10:52.0609 2216  C:\WINDOWS\system32\ndptsp.tsp - ok
22:10:52.0609 2216  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
22:10:52.0609 2216  C:\WINDOWS\system32\ipconf.tsp - ok
22:10:52.0609 2216  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
22:10:52.0609 2216  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
22:10:52.0625 2216  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
22:10:52.0625 2216  C:\WINDOWS\system32\h323.tsp - ok
22:10:52.0625 2216  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
22:10:52.0625 2216  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
22:10:52.0625 2216  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
22:10:52.0625 2216  C:\WINDOWS\system32\wups.dll - ok
22:10:52.0640 2216  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
22:10:52.0640 2216  C:\WINDOWS\system32\wups2.dll - ok
22:10:52.0640 2216  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
22:10:52.0640 2216  C:\WINDOWS\system32\hidphone.tsp - ok
22:10:52.0640 2216  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
22:10:52.0640 2216  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
22:10:52.0656 2216  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
22:10:52.0656 2216  C:\WINDOWS\system32\wbem\wbemess.dll - ok
22:10:52.0656 2216  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
22:10:52.0656 2216  C:\WINDOWS\system32\wuauclt.exe - ok
22:10:52.0656 2216  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
22:10:52.0656 2216  C:\WINDOWS\system32\wuapi.dll - ok
22:10:52.0671 2216  [ E91B5FA739CCF7F0CE3282B0FCFA5108 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
22:10:52.0671 2216  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
22:10:52.0671 2216  ============================================================
22:10:52.0671 2216  Scan finished
22:10:52.0671 2216  ============================================================
22:10:52.0781 2208  Detected object count: 25
22:10:52.0781 2208  Actual detected object count: 25
22:17:27.0750 2208  ASCTRM ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0750 2208  ASCTRM ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0750 2208  cdrbsdrv ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0750 2208  cdrbsdrv ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0750 2208  Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0750 2208  Creative Service for CDROM Access ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0750 2208  drvmcdb ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0750 2208  drvmcdb ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0750 2208  drvnddm ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0750 2208  drvnddm ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0750 2208  DSproct ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0750 2208  DSproct ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0750 2208  IAANTMon ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0750 2208  IAANTMon ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0765 2208  NAL ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0765 2208  NAL ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0765 2208  omci ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0765 2208  omci ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0765 2208  PfModNT ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0765 2208  PfModNT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0765 2208  PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0765 2208  PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0765 2208  sscdbhk5 ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0765 2208  sscdbhk5 ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0765 2208  ssrtln ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0765 2208  ssrtln ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0765 2208  StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0765 2208  StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0781 2208  tfsnboio ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0781 2208  tfsnboio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0781 2208  tfsncofs ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0781 2208  tfsncofs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0781 2208  tfsndrct ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0781 2208  tfsndrct ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0781 2208  tfsndres ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0781 2208  tfsndres ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0781 2208  tfsnifs ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0781 2208  tfsnifs ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0781 2208  tfsnopio ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0781 2208  tfsnopio ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0781 2208  tfsnpool ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0781 2208  tfsnpool ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0781 2208  tfsnudf ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0781 2208  tfsnudf ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0796 2208  tfsnudfa ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0796 2208  tfsnudfa ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:27.0796 2208  WANMiniportService ( UnsignedFile.Multi.Generic ) - skipped by user
22:17:27.0796 2208  WANMiniportService ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:17:28.0250 2208  \Device\Harddisk0\DR0\# - copied to quarantine
22:17:28.0250 2208  \Device\Harddisk0\DR0 - copied to quarantine
22:17:28.0343 2208  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - will be cured on reboot
22:17:28.0343 2208  \Device\Harddisk0\DR0 - ok
22:17:28.0343 2208  \Device\Harddisk0\DR0 ( Rootkit.Boot.Harbinger.a ) - User select action: Cure
22:17:35.0531 1700  Deinitialize success
 

No more popups at this time and processer looks to be running normal



#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 AM

Posted 10 June 2013 - 12:24 PM


Hello broskeeper

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 broskeeper

broskeeper
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 10 June 2013 - 04:14 PM

ComboFix 13-06-08.02 - Rudy 06/10/2013  16:40:30.4.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1022.626 [GMT -4:00]
Running from: c:\documents and settings\Rudy\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-10 to 2013-06-10  )))))))))))))))))))))))))))))))
.
.
2013-06-10 02:17 . 2013-06-10 02:17 -------- d-----w- C:\TDSSKiller_Quarantine
2013-06-10 00:24 . 2013-06-10 00:24 -------- d-----w- c:\windows\ERUNT
2013-06-10 00:23 . 2013-06-10 00:23 -------- d-----w- C:\JRT
2013-06-09 18:41 . 2013-06-09 18:41 664 ----a-w- c:\documents and settings\NetworkService\Local Settings\Application Data\d3d9caps.tmp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-19 16:33 . 2012-10-02 23:21 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-19 16:33 . 2012-10-02 23:21 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2013-03-30 20:22 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-30 20:22 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2011-09-23 16:12 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2011-09-23 16:12 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2011-09-23 16:12 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-03-30 20:22 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2012-02-25 01:16 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-09 08:59 . 2011-09-23 16:12 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2011-09-23 16:12 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2011-09-23 16:12 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-09-23 16:12 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-16 22:17 . 2004-08-10 17:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 17:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 17:51 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31 . 2004-08-10 17:51 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 18:50 . 2012-08-21 20:57 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-03 06:01 . 2011-09-23 16:14 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2004-08-04 10:00 94784 --sh--w- c:\windows\twain.dll
2008-04-14 00:12 50688 --sh--w- c:\windows\twain_32.dll
2011-02-08 13:33 978944 --sha-w- c:\windows\system32\mfc42.dll
2008-04-14 00:12 57344 --sh--w- c:\windows\system32\msvcirt.dll
2008-04-14 00:12 413696 --sha-w- c:\windows\system32\msvcp60.dll
2013-01-26 03:55 552448 --sha-w- c:\windows\system32\oleaut32.dll
2008-04-14 00:12 11776 --sh--w- c:\windows\system32\regsvr32.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-08-27 39408]
"AOL Fast Start"="c:\program files\AOL Desktop 9.6\AOL.EXE" [2011-01-13 42320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HPAiODevice(hp officejet 5100 series) - 1.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HPAiODevice(hp officejet 5100 series) - 1.lnk
backup=c:\windows\pss\HPAiODevice(hp officejet 5100 series) - 1.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Virtual Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Virtual Assistant.lnk
backup=c:\windows\pss\Virtual Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Rudy^Start Menu^Programs^Startup^10f8e5f16da.dat]
path=c:\documents and settings\Rudy\Start Menu\Programs\Startup\10f8e5f16da.dat
backup=c:\windows\pss\10f8e5f16da.datStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Rudy^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]
path=c:\documents and settings\Rudy\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
backup=c:\windows\pss\ERUNT AutoBackup.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
2011-01-13 11:19 42320 ----a-w- c:\program files\AOL Desktop 9.6\aol.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2010-07-13 20:40 70720 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2005-08-06 02:05 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2005-08-31 16:06 106496 ----a-w- c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2004-12-06 06:05 127035 ----a-w- c:\windows\system32\dla\tfswctrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 21:19 53248 ----a-w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2010-03-08 07:27 41800 ----a-w- c:\program files\Common Files\AOL\1170309358\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2005-04-25 13:50 139264 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2006-04-21 19:41 438359 ----a-w- c:\progra~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 16:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2005-03-23 05:20 339968 ----a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
2007-03-01 02:42 86016 ----a-w- c:\mouses~1.2\wh_exec.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2/24/2012 9:16 PM 21576]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/30/2013 4:22 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/30/2013 4:22 PM 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9/23/2011 12:12 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/23/2011 12:12 PM 368944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/23/2011 12:12 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3/30/2013 4:22 PM 66336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 19:21 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-10 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-02 08:58]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-07 23:19]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-07 23:19]
.
2013-06-10 c:\windows\Tasks\User_Feed_Synchronization-{4F909989-8658-4FCB-96F7-4E797B533E20}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = 127.0.0.1
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: aol.com\free
TCP: DhcpNameServer = 192.168.2.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Rudy\Application Data\Mozilla\Firefox\Profiles\0qojcu8t.default\
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-42574620.sys
SafeBoot-60281621.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-10 16:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
.
C:\avast! sandbox
.
scan completed successfully
hidden files: 1
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2448)
c:\windows\system32\WININET.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-06-10  16:54:22
ComboFix-quarantined-files.txt  2013-06-10 20:54
.
Pre-Run: 24,580,247,552 bytes free
Post-Run: 25,318,998,016 bytes free
.
WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(2)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(2)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect
.
- - End Of File - - DB5BD336243C4B0741D3C5C8175B16DC
09CE7397AF23D4C0B331B89D0297CC7E
 

Computer is running good. No popups and the speed is fine as well. No problems with combo fix.

 

 

Thank You So Much!



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 AM

Posted 10 June 2013 - 08:11 PM


Hello broskeeper

At this time I would like you to run this script for me and it is a good time to check out the computer to see if there is anything else that needs to be addressed.

:Run CFScript:

Please start by opening Notepad and copy/paste the text in the box into the window:

ClearJavaCache::


 
Save it to your desktop as CFScript.txt

Referring to the picture above, drag CFScript.txt into ComboFix.exe
CFScriptB-4.gif
This will let ComboFix run again.
Restart if you have to.
Save the produced logfile to your desktop.

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
    • report from Combofix
    • let me know of any problems you may have had
    • How is the computer doing now after running the script?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 broskeeper

broskeeper
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 11 June 2013 - 06:24 PM

ComboFix 13-06-08.02 - Rudy 06/11/2013  17:15:41.6.2 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.1022.516 [GMT -4:00]
Running from: c:\documents and settings\Rudy\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((   Files Created from 2013-05-11 to 2013-06-11  )))))))))))))))))))))))))))))))
.
.
2013-06-10 02:17 . 2013-06-10 02:17 -------- d-----w- C:\TDSSKiller_Quarantine
2013-06-10 00:24 . 2013-06-10 00:24 -------- d-----w- c:\windows\ERUNT
2013-06-10 00:23 . 2013-06-10 00:23 -------- d-----w- C:\JRT
2013-06-09 18:41 . 2013-06-09 18:41 664 ----a-w- c:\documents and settings\NetworkService\Local Settings\Application Data\d3d9caps.tmp
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-05-19 16:33 . 2012-10-02 23:21 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-05-19 16:33 . 2012-10-02 23:21 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-05-09 08:59 . 2013-03-30 20:22 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-05-09 08:59 . 2013-03-30 20:22 174664 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-05-09 08:59 . 2011-09-23 16:12 765736 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-05-09 08:59 . 2011-09-23 16:12 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-05-09 08:59 . 2011-09-23 16:12 368944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-05-09 08:59 . 2013-03-30 20:22 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-05-09 08:59 . 2012-02-25 01:16 21576 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-05-09 08:59 . 2011-09-23 16:12 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-05-09 08:59 . 2011-09-23 16:12 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-05-09 08:58 . 2011-09-23 16:12 41664 ----a-w- c:\windows\avastSS.scr
2013-05-09 08:58 . 2011-09-23 16:12 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-04-16 22:17 . 2004-08-10 17:51 920064 ----a-w- c:\windows\system32\wininet.dll
2013-04-16 22:17 . 2004-08-10 17:51 43520 ----a-w- c:\windows\system32\licmgr10.dll
2013-04-16 22:17 . 2004-08-10 17:51 1469440 ------w- c:\windows\system32\inetcpl.cpl
2013-04-12 23:28 . 2004-08-10 17:51 385024 ----a-w- c:\windows\system32\html.iec
2013-04-10 01:31 . 2004-08-10 17:51 1876352 ----a-w- c:\windows\system32\win32k.sys
2013-04-04 18:50 . 2012-08-21 20:57 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-09-03 06:01 . 2011-09-23 16:14 134104 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
2004-08-04 10:00 94784 --sh--w- c:\windows\twain.dll
2008-04-14 00:12 50688 --sh--w- c:\windows\twain_32.dll
2011-02-08 13:33 978944 --sha-w- c:\windows\system32\mfc42.dll
2008-04-14 00:12 57344 --sh--w- c:\windows\system32\msvcirt.dll
2008-04-14 00:12 413696 --sha-w- c:\windows\system32\msvcp60.dll
2013-01-26 03:55 552448 --sha-w- c:\windows\system32\oleaut32.dll
2008-04-14 00:12 11776 --sh--w- c:\windows\system32\regsvr32.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-05-09 08:58 121968 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-04-16 20:10 576976 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2012-08-27 39408]
"AOL Fast Start"="c:\program files\AOL Desktop 9.6\AOL.EXE" [2011-01-13 42320]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2013-05-09 4858968]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2011-07-05 421888]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=c:\windows\pss\America Online 9.0 Tray Icon.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HPAiODevice(hp officejet 5100 series) - 1.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HPAiODevice(hp officejet 5100 series) - 1.lnk
backup=c:\windows\pss\HPAiODevice(hp officejet 5100 series) - 1.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Virtual Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Virtual Assistant.lnk
backup=c:\windows\pss\Virtual Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Rudy^Start Menu^Programs^Startup^10f8e5f16da.dat]
path=c:\documents and settings\Rudy\Start Menu\Programs\Startup\10f8e5f16da.dat
backup=c:\windows\pss\10f8e5f16da.datStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Rudy^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]
path=c:\documents and settings\Rudy\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
backup=c:\windows\pss\ERUNT AutoBackup.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start]
2011-01-13 11:19 42320 ----a-w- c:\program files\AOL Desktop 9.6\aol.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOLDialer]
2010-07-13 20:40 70720 ----a-r- c:\program files\Common Files\AOL\ACS\AOLDial.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
2005-08-06 02:05 344064 ----a-w- c:\program files\ATI Technologies\ATI Control Panel\atiptaxx.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2005-08-31 16:06 106496 ----a-w- c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2004-12-06 06:05 127035 ----a-w- c:\windows\system32\dla\tfswctrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-02-23 21:19 53248 ----a-w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]
2010-03-08 07:27 41800 ----a-w- c:\program files\Common Files\AOL\1170309358\ee\aolsoftware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2005-04-25 13:50 139264 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
2006-04-21 19:41 438359 ----a-w- c:\progra~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 16:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-07-05 22:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2005-03-23 05:20 339968 ----a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WheelMouse]
2007-03-01 02:42 86016 ----a-w- c:\mouses~1.2\wh_exec.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
.
R0 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [2/24/2012 9:16 PM 21576]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [3/30/2013 4:22 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [3/30/2013 4:22 PM 174664]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [9/23/2011 12:12 PM 765736]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [9/23/2011 12:12 PM 368944]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9/23/2011 12:12 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [3/30/2013 4:22 PM 66336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-06-06 19:21 1165776 ----a-w- c:\program files\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-06-11 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-07-02 08:58]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-07 23:19]
.
2013-05-11 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-09-07 23:19]
.
2013-06-11 c:\windows\Tasks\User_Feed_Synchronization-{4F909989-8658-4FCB-96F7-4E797B533E20}.job
- c:\windows\system32\msfeedssync.exe [2006-10-17 09:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Settings,ProxyOverride = 127.0.0.1
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: aol.com\free
TCP: DhcpNameServer = 192.168.2.1
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Rudy\Application Data\Mozilla\Firefox\Profiles\0qojcu8t.default\
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-06-11 17:24
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_7_700_202_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'explorer.exe'(2188)
c:\windows\system32\WININET.dll
c:\program files\Google\Drive\googledrivesync32.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
Completion time: 2013-06-11  17:26:12
ComboFix-quarantined-files.txt  2013-06-11 21:26
ComboFix2.txt  2013-06-11 05:30
ComboFix3.txt  2013-06-10 20:54
.
Pre-Run: 24,963,923,968 bytes free
Post-Run: 25,024,524,288 bytes free
.
- - End Of File - - 05B241FA144E6CCE389C6B64C48BE24D
09CE7397AF23D4C0B331B89D0297CC7E
 

 

 

As far as I can tell everything looks to be good. Just one thing, When I plug up my camera, the computer won't recognize it as my camera, it says it's a memory device

 

 

 

Thanx



#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 AM

Posted 11 June 2013 - 08:57 PM


Hello broskeeper

I would like to see a report that combofix makes.

extra combofix report
  • push the "windows key" + "R" (between the "Ctrl" button and "Alt" Button)
  • please copy and past the following into the box
C:\Qoobox\Add-Remove Programs.txt
  • click ok
copy and paste the report into this topic for me to review

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 broskeeper

broskeeper
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 11 June 2013 - 09:08 PM

C:\Qoobox\Add-Remove Programs.txt7-Zip 9.22beta
Acrobat.com
Adobe Acrobat 5.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader X (10.1.7)
AOL Coach Version 1.0(Build:20040229.1 en)
AOL Uninstaller (Choose which Products to Remove)
ATI Control Panel
ATI Display Driver
AudibleManager
Auslogics Disk Defrag
avast! Pro Antivirus
CCleaner
CDBurnerXP
Corel Photo Album 6
Creative MediaSource
Critical Update for Windows Media Player 11 (KB959772)
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell ResourceCD
Dell Support 3.2.1
Dell System Restore
Digital Content Portal
DVD Shrink 3.2
EarthLink setup files
ERUNT 1.1j
Google Chrome
Google Drive
Google Toolbar for Internet Explorer
Google Update Helper
High Definition Audio Driver Package - KB835221
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB976098-v2)
Hotfix for Windows XP (KB979306)
Hotfix for Windows XP (KB981793)
ImageMixer VCD2
Intel Matrix Storage Manager
Intel® PRO Network Connections Software v9.2.4.11
Intel® PROSafe for Wired Connections
Internet Explorer Default Page
Java 7 Update 6
Java Auto Updater
Learn2 Player (Uninstall Only)
Macromedia Flash Player
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2572067)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Standard 2007
Microsoft Office Standard 2007 Trial
Microsoft Office Word MUI (English) 2007
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Software Update for Web Folders  (English) 12
Microsoft UI Engine
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mouse Suite v1.2
Move Media Player
Mozilla Firefox 6.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 6 Service Pack 2 (KB973686)
MuVo Driver
Nero Media Player
Nero OEM
NeroVision Express 2
NSIS KLDownloaderLite
NTREGOPT 1.1j
PowerDVD 5.5
Qualxserve Service Agreement
QuickBooks Simple Start Special Edition
QuickTime
RealFlight G3 R/C Simulator
RealPlayer Basic
Revo Uninstaller 1.94
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB898458)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Internet Explorer 7 (KB928090)
Security Update for Windows Internet Explorer 7 (KB929969)
Security Update for Windows Internet Explorer 7 (KB931768)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB950759)
Security Update for Windows Internet Explorer 7 (KB953838)
Security Update for Windows Internet Explorer 7 (KB956390)
Security Update for Windows Internet Explorer 7 (KB958215)
Security Update for Windows Internet Explorer 7 (KB960714)
Security Update for Windows Internet Explorer 7 (KB961260)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 7 (KB969897)
Security Update for Windows Internet Explorer 7 (KB972260)
Security Update for Windows Internet Explorer 7 (KB974455)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB971961)
Security Update for Windows Internet Explorer 8 (KB974455)
Security Update for Windows Internet Explorer 8 (KB976325)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956744)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB971961)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977165-v2)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978251)
Security Update for Windows XP (KB978262)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sonic DLA
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sony USB Driver
Spelling Dictionaries Support For Adobe Reader 9
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Outlook 2007 (KB2583910)
Update for Outlook 2007 Junk Email Filter (KB2553110)
Update for Windows Internet Explorer 7 (KB976749)
Update for Windows Internet Explorer 8 (KB975364)
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB976749)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Virtual Assistant
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Imaging Component
Windows Internet Explorer 7
Windows Live ID Sign-in Assistant
Windows Live OneCare safety scanner
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows PowerShell™ 1.0
Windows XP Service Pack 3
WordPerfect Office 12
 



#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:04:38 AM

Posted 11 June 2013 - 09:17 PM


Hello

These logs are looking allot better. But we still have some work to do.

Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

uninstall some programs

NOTE** Because of the cleanup process some of the programs I have listed may not be in add/remove anymore this is fine just move to the next item on the list.

You can remove these programs using add/remove or you can use the free uninstaller from Revo (Revo does allot better of a job)
  • Programs to remove

    • Adobe Reader X (10.1.7)
      Internet Explorer Default Page
      Java 7 Update 6


  • Please download and install Revo Uninstaller Free
  • Double click Revo Uninstaller to run it.
  • From the list of programs double click on The Program to remove
  • When prompted if you want to uninstall click Yes.
  • Be sure the Moderate option is selected then click Next.
  • The program will run, If prompted again click Yes
  • when the built-in uninstaller is finished click on Next.
  • Once the program has searched for leftovers click Next.
  • Check/tick the bolded items only on the list then click Delete
  • when prompted click on Yes and then on next.
  • put a check on any folders that are found and select delete
  • when prompted select yes then on next
  • Once done click Finish.
.



Update Adobe reader
  • Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

    You can download it from http://www.adobe.com/products/acrobat/readstep2.html
    After installing the latest Adobe Reader, uninstall all previous versions.
    If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
    • If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

      Note: When installing FoxitReader, be careful not to install anything to do with AskBar.

Install Java:

Please go here to install Java
  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close
Clean Out Temp Files
  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. (make sure under Windows tab all the boxes of Internet Explorer and Windows explorer are checked. Under System check Empty Recycle Bin and Temporary Files. Under Application tab all the boxes should be checked).
    • Click Run Cleaner.
    • Close CCleaner.
: Malwarebytes' Anti-Malware :


I see You have MBAM installed on the computer - that is great!! it is a very good program! I would like you to run a quick scan for me now
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 broskeeper

broskeeper
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:38 AM

Posted 13 June 2013 - 03:16 AM

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.06.13.02

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Rudy :: RLDELL [administrator]

6/13/2013 12:15:19 AM
mbam-log-2013-06-13 (00-15-19).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244349
Time elapsed: 6 minute(s), 16 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:01:35 AM, on 6/13/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\AOL Desktop 9.6\waol.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\AOL Desktop 9.6\shellmon.exe
C:\Program Files\Common Files\AOL\1170309358\ee\aolsoftware.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Rudy\Desktop\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL Desktop 9.6\AOL.EXE" -b
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

--
End of file - 6565 bytes

 

 

 

The computer seems to be running OK

No problems






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users