Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Hard drive running too much trouble shooting for review by gringo_pr


  • This topic is locked This topic is locked
41 replies to this topic

#1 yoyoam

yoyoam

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 19 September 2013 - 10:29 PM

My hard drive often runs for a long time before executing simple operation like pulling up win explorer windows and in general the computer is often slow without the cpu being overutilized.

 

This has been going on for years and eventually seems to infect any new pc I bring in the house. From time to time I have tried with some other malware/cleanup/tuneup etc and never have acheved a lasting resolution of the problem. 

 

 

Thank you for taking a jab at it.

 

Cheers

 

Here are the DSS reports:

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.25.2
Run by Sofia Meyen at 20:14:16 on 2013-09-19
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1535.569 [GMT -7:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
============== Running Processes ================
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast5\avastUI.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
C:\Program Files\Sierra Wireless Inc\Watcher\WaHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
C:\Program Files\HP\HPBDSService\HPBDSService.exe
C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\Program Files\Secunia\PSI\PSIA.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\dmadmin.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Secunia\PSI\sua.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Secunia\PSI\SUA\190c67d5023dc3dfa6f41a8bbcffbfe430ab1e31\ShockwavePlayer_12.0.3.133_SPS.exe
C:\WINDOWS\Temp\oucgxv36-2v0d-hco3-kgyk-n149k8zoaabo\sw_lic_full_installer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\WINDOWS\System32\svchost.exe -k LocalService
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k HPZ12
C:\WINDOWS\System32\svchost.exe -k imgsvc
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uSearch Bar = hxxp://www.google.com/ie
uSearch Page = hxxp://www.google.com
mStart Page = hxxp://www.microsoft.com
mDefault_Page_URL = hxxp://www.microsoft.com
uProxyOverride = hxxp://localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
EB: {32683183-48a0-441b-a342-7c2a440a9478} - <orphaned>
uRun: [Google Update] "c:\documents and settings\sofia meyen\local settings\application data\google\update\GoogleUpdate.exe" /c
uRun: [ISUSPM] "c:\program files\common files\installshield\updateservice\ISUSPM.exe" -scheduler
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [ControlCenter2.0] c:\program files\brother\controlcenter2\brctrcen.exe /autorun
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [ROC_roc_ssl_v12] "c:\program files\avg secure search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
mRun: [ROC_ROC_JULY_P1] "c:\program files\avg secure search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
mRun: [zBrowser Launcher] c:\program files\logitech\itouch\iTouch.exe
mRun: [Broadcom Wireless Manager UI] c:\windows\system32\WLTRAY.exe
mRun: [TRUUpdater] "c:\program files\sierra wireless inc\webupdater\TRUUpdater.exe" /bkground
mRun: [AirCardEnabler] <no file>
dRunOnce: [RunNarrator] Narrator.exe
StartupFolder: c:\docume~1\sofiam~1\startm~1\programs\startup\dropbox.lnk - c:\documents and settings\sofia meyen\application data\dropbox\bin\Dropbox.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows desktop search\WindowsSearch.exe
mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
DPF: DirectAnimation Java Classes - file://c:\windows\java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab
DPF: {33564D57-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/D/0/D/D0DD87DA-994F-4334-8B55-AF2E4D98ED0C/wmv9dmo.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1357877316937
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0039-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_39-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{6F4E585E-D4C4-4CFC-BF8F-28CFF23354C8} : DHCPNameServer = 192.168.0.1
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager - {56F9679E-7826-4C84-81F3-532071A8BCC5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\sofia meyen\application data\mozilla\firefox\profiles\2dw7xzqh.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=SOLTDF&q=
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.live.com/results.aspx?FORM=SOLTDF&q=
FF - plugin: c:\documents and settings\sofia meyen\application data\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\documents and settings\sofia meyen\application data\mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: c:\documents and settings\sofia meyen\application data\mozilla\plugins\npo1d.dll
FF - plugin: c:\documents and settings\sofia meyen\local settings\application data\citrix\plugins\94\npappdetector.dll
FF - plugin: c:\documents and settings\sofia meyen\local settings\application data\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\emusic download manager\plugin\npemusic.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\npwmsdrm.dll
FF - ExtSQL: 2013-09-19 14:57; wrc@avast.com; c:\program files\alwil software\avast5\webrep\FF
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2013-9-19 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2013-9-19 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-2-10 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2008-5-23 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-5-23 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2013-9-19 66336]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-11-10 46808]
R2 HP DS Service;HP DS Service;c:\program files\hp\hpbdsservice\HPBDSService.exe [2011-10-17 13824]
R2 HP LaserJet Service;HP LaserJet Service;c:\program files\hp\hplaserjetservice\HPLaserJetService.exe [2012-5-2 164864]
R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-9-19 418376]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-9-19 701512]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2013-7-3 1228504]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2013-7-3 660184]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-9-19 22856]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [2013-7-3 16024]
S2 gupdate1c9cb8549081488;Google Update Service (gupdate1c9cb8549081488);c:\program files\google\update\GoogleUpdate.exe [2009-5-2 133104]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-2-28 161384]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [2009-1-20 16512]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\progra~1\pc-doc~1\diagno~1\pcdrdrv.sys --> c:\progra~1\pc-doc~1\diagno~1\PCDRDRV.sys [?]
S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2002-9-3 14336]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\wpffontcache_v0400.exe --> c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [?]
.
=============== Created Last 30 ================
.
2013-09-20 02:37:58 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2013-09-20 01:06:31 -------- d-----w- c:\documents and settings\sofia meyen\local settings\application data\Secunia PSI
2013-09-20 01:06:10 -------- d-----w- c:\program files\Secunia
2013-09-20 00:33:31 -------- d-----w- C:\AdwCleaner
2013-09-19 22:41:14 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-19 22:41:14 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-19 21:58:02 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-09-19 21:58:02 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-09-19 21:58:02 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-09-19 21:01:54 -------- d-----w- c:\documents and settings\all users\application data\naWVXnXp
2013-09-19 20:59:14 -------- d-----w- c:\documents and settings\sofia meyen\application data\SlimCleaner
2013-09-19 20:57:20 52736 ----a-w- c:\documents and settings\sofia meyen\local settings\application data\vixjxwgt.exe
2013-09-05 14:04:02 209272 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
2013-09-05 14:04:02 209272 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
.
==================== Find3M  ====================
.
2013-09-13 22:21:35 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 22:21:34 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-30 07:48:12 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:47:40 41664 ----a-w- c:\windows\avastSS.scr
2013-07-03 08:32:42 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys
2004-08-10 06:30:22 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.
============= FINISH: 20:15:50.03 ===============
 

 

 

 

 

 

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 1/9/2007 10:21:15 PM
System Uptime: 9/19/2013 7:39:12 PM (1 hours ago)
.
Motherboard: Intel Corporation               |  | D850EMV2                      
Processor:               Intel® Pentium® 4 CPU 3.06GHz | J2E1 | 3049/133mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 190 GiB total, 44.169 GiB free.
D: is CDROM ()
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Broadcom 802.11g Network Adapter
Device ID: PCI\VEN_14E4&DEV_4320&SUBSYS_00131737&REV_02\4&11CD5334&0&50F0
Manufacturer: Broadcom
Name: Broadcom 802.11g Network Adapter
PNP Device ID: PCI\VEN_14E4&DEV_4320&SUBSYS_00131737&REV_02\4&11CD5334&0&50F0
Service: BCM43XX
.
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Intel® PRO/1000 MT Desktop Adapter
Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_002E8086&REV_02\4&11CD5334&0&60F0
Manufacturer: Intel
Name: Intel® PRO/1000 MT Desktop Adapter
PNP Device ID: PCI\VEN_8086&DEV_100E&SUBSYS_002E8086&REV_02\4&11CD5334&0&60F0
Service: E1000
.
Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}
Description: Microsoft PS/2 Mouse
Device ID: ACPI\PNP0F03\4&3A2C8C4B&0
Manufacturer: Microsoft
Name: Microsoft PS/2 Mouse
PNP Device ID: ACPI\PNP0F03\4&3A2C8C4B&0
Service: i8042prt
.
Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Easy Internet Keyboard
Device ID: ACPI\PNP0303\4&3A2C8C4B&0
Manufacturer: Logitech
Name: Easy Internet Keyboard
PNP Device ID: ACPI\PNP0303\4&3A2C8C4B&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP1042: 6/18/2013 8:08:53 PM - System Checkpoint
RP1043: 6/19/2013 8:25:34 PM - System Checkpoint
RP1044: 6/20/2013 9:17:41 PM - System Checkpoint
RP1045: 6/21/2013 9:28:39 PM - System Checkpoint
RP1046: 6/22/2013 11:35:20 PM - System Checkpoint
RP1047: 6/24/2013 3:25:25 PM - System Checkpoint
RP1048: 6/25/2013 3:49:18 PM - System Checkpoint
RP1049: 6/26/2013 5:33:13 PM - System Checkpoint
RP1050: 6/27/2013 6:09:12 PM - System Checkpoint
RP1051: 6/28/2013 2:45:34 PM - Installed PDF Split And Merge Basic
RP1052: 6/29/2013 3:32:13 PM - System Checkpoint
RP1053: 6/30/2013 4:33:17 PM - System Checkpoint
RP1054: 7/2/2013 12:56:16 AM - System Checkpoint
RP1055: 7/3/2013 1:32:12 AM - System Checkpoint
RP1056: 7/4/2013 2:44:13 AM - System Checkpoint
RP1057: 7/5/2013 3:56:14 AM - System Checkpoint
RP1058: 7/6/2013 4:08:13 AM - System Checkpoint
RP1059: 7/7/2013 4:56:14 AM - System Checkpoint
RP1060: 7/8/2013 6:29:22 AM - System Checkpoint
RP1061: 7/9/2013 9:04:25 AM - System Checkpoint
RP1062: 7/10/2013 8:49:05 PM - System Checkpoint
RP1063: 7/12/2013 7:07:52 AM - System Checkpoint
RP1064: 7/13/2013 7:13:08 AM - System Checkpoint
RP1065: 7/14/2013 1:07:50 PM - System Checkpoint
RP1066: 7/15/2013 8:50:01 PM - System Checkpoint
RP1067: 7/17/2013 12:53:53 PM - System Checkpoint
RP1068: 7/19/2013 3:14:22 AM - System Checkpoint
RP1069: 7/20/2013 3:40:06 AM - System Checkpoint
RP1070: 7/21/2013 4:04:06 AM - System Checkpoint
RP1071: 7/22/2013 6:30:32 AM - System Checkpoint
RP1072: 7/23/2013 6:38:34 AM - System Checkpoint
RP1073: 7/24/2013 7:14:19 AM - System Checkpoint
RP1074: 7/25/2013 8:23:59 AM - System Checkpoint
RP1075: 7/26/2013 2:01:15 PM - System Checkpoint
RP1076: 7/26/2013 9:37:37 PM - Installed Java 7 Update 25
RP1077: 7/28/2013 3:30:38 PM - System Checkpoint
RP1078: 7/29/2013 11:46:10 PM - System Checkpoint
RP1079: 7/31/2013 1:17:17 AM - System Checkpoint
RP1080: 8/1/2013 1:58:28 AM - System Checkpoint
RP1081: 8/2/2013 5:02:27 AM - System Checkpoint
RP1082: 8/3/2013 1:16:40 PM - System Checkpoint
RP1083: 8/4/2013 4:24:27 PM - System Checkpoint
RP1084: 8/5/2013 10:38:02 PM - System Checkpoint
RP1085: 8/7/2013 3:36:53 AM - System Checkpoint
RP1086: 8/8/2013 5:25:54 AM - System Checkpoint
RP1087: 8/9/2013 2:48:42 PM - System Checkpoint
RP1088: 8/10/2013 3:17:22 PM - System Checkpoint
RP1089: 8/11/2013 4:13:54 PM - System Checkpoint
RP1090: 8/12/2013 5:11:01 PM - System Checkpoint
RP1091: 8/13/2013 5:46:59 PM - System Checkpoint
RP1092: 8/14/2013 8:45:20 PM - System Checkpoint
RP1093: 8/15/2013 10:53:02 PM - System Checkpoint
RP1094: 8/16/2013 10:58:32 PM - System Checkpoint
RP1095: 8/18/2013 12:35:00 AM - System Checkpoint
RP1096: 8/19/2013 12:45:03 AM - System Checkpoint
RP1097: 8/20/2013 2:22:05 AM - System Checkpoint
RP1098: 8/21/2013 8:00:04 AM - System Checkpoint
RP1099: 8/22/2013 8:37:04 AM - System Checkpoint
RP1100: 8/23/2013 8:45:04 AM - System Checkpoint
RP1101: 8/24/2013 10:31:43 AM - System Checkpoint
RP1102: 8/25/2013 11:24:04 AM - System Checkpoint
RP1103: 8/26/2013 11:58:06 AM - System Checkpoint
RP1104: 8/27/2013 3:45:06 PM - System Checkpoint
RP1105: 8/28/2013 6:57:17 PM - System Checkpoint
RP1106: 8/29/2013 9:45:23 PM - System Checkpoint
RP1107: 8/30/2013 10:45:10 PM - System Checkpoint
RP1108: 9/1/2013 12:46:14 AM - System Checkpoint
RP1109: 9/2/2013 1:23:08 AM - System Checkpoint
RP1110: 9/3/2013 1:43:26 AM - System Checkpoint
RP1111: 9/4/2013 12:41:25 PM - System Checkpoint
RP1112: 9/5/2013 12:54:24 PM - System Checkpoint
RP1113: 9/7/2013 2:29:32 AM - System Checkpoint
RP1114: 9/8/2013 1:21:42 PM - System Checkpoint
RP1115: 9/9/2013 3:48:54 PM - Software Distribution Service 3.0
RP1116: 9/10/2013 3:54:20 PM - System Checkpoint
RP1117: 9/16/2013 12:26:57 PM - System Checkpoint
RP1118: 9/18/2013 6:02:22 PM - System Checkpoint
.
==== Installed Programs ======================
.
32 Bit HP CIO Components Installer
Acrobat.com
Adobe Acrobat 5.0
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.04)
Adobe Shockwave Player 12.0
Advanced Ultimate Property Analyzer
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI - Software Uninstall Utility
ATI Display Driver
AuctionSieve
Audacity 1.2.6
avast! Free Antivirus
Britannica Ready Reference
Broadcom 802.11 Network Adapter
Brother MFL-Pro Suite
CCleaner
Color LaserJet 2600n
Compatibility Pack for the 2007 Office system
Digital Photo Navigator 1.5
Do More 6.0
Dropbox
eMusic Download Manager 4.1.2
FontMSI
Gateway Desktop Manager
Gateway Drivers and Applications Recovery
Gateway Power Management
Google Chrome
Google Earth
Google Talk Plugin
Google Updater
GoToMeeting 5.7.0.1172
HelpSpot
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB915800-v4)
Hotfix for Windows XP (KB954550-v5)
Hotfix for Windows XP (KB961118)
HP LaserJet 200 color M251
HP Product FWUpdater
HP Unified IO
hpbDSService
hpbM251DSService
hppLaserJetService
hppM251LaserJetService
hpStatusAlerts
hpStatusAlertsM251
Image Resizer Powertoy for Windows XP
ImageJ 1.41o
Intel Application Accelerator
Intel® PRO Network Adapters and Drivers
Intel® PROSet II
Intel® SMBus
iTunes
Java 7 Update 25
Java Auto Updater
Java™ 6 Update 39
Legal
Logitech iTouch Software
Magical Jelly Bean KeyFinder
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft Base Smart Card Cryptographic Service Provider Package
Microsoft Encarta Encyclopedia Standard 2004
Microsoft Money 2004
Microsoft Money 2004 System Pack
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher 2007
Microsoft Office Publisher 2007 Trial
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word Viewer 2003
Microsoft Office XP Professional
Microsoft Picture It! Photo Premium 9
Microsoft Silverlight
Microsoft Software Update for Web Folders  (English) 12
Microsoft Streets and Trips 2004
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Word 2002
Microsoft Works
Microsoft Works 2004 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
Minitab 15 English
Mozilla Firefox 24.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Netflix Movie Viewer
OpenOffice.org Installer 1.0
Payroll Income Documents Generator 3.0
PDF Split And Merge Basic
QuickTime
RealPlayer
Secunia PSI (3.0.0.7011)
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Search 4 - KB963093
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2530548)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544521)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2586448)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618444)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761465)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Showcase 5
Sierra Wireless Watcher
Skype™ 6.3
SlimCleaner
SlimDrivers
Spelling Dictionaries Support For Adobe Reader 9
swMSM
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Windows Internet Explorer 8 (KB2598845)
Update for Windows Internet Explorer 8 (KB2632503)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2492386)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB971029)
VoipCheapCom
WebFldrs XP
Windows Genuine Advantage Notifications (KB905474)
Windows Internet Explorer 8
Windows Management Framework Core
Windows Media Format 11 runtime
Windows Media Player 11
.
==== Event Viewer Messages From Past Week ========
.
9/19/2013 8:14:25 PM, error: Service Control Manager [7016]  - The BrSplService service has reported an invalid current state 0.
9/19/2013 5:45:50 PM, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.
9/19/2013 5:45:50 PM, error: Service Control Manager [7000]  - The Application Layer Gateway Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
9/19/2013 5:44:58 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  i8042prt
9/19/2013 4:32:14 PM, error: Service Control Manager [7034]  - The HP LaserJet Service service terminated unexpectedly.  It has done this 1 time(s).
9/19/2013 4:02:41 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  atapi i8042prt IntelIde
9/19/2013 3:32:57 PM, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswSnx aswSP aswTdi Fips i8042prt intelppm
9/19/2013 3:32:24 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
9/19/2013 3:31:56 PM, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
.
==== End Of File ===========================
 

 



BC AdBot (Login to Remove)

 


#2 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:53 AM

Posted 19 September 2013 - 10:57 PM


Hello yoyoam

I would like to welcome you to the Malware Removal section of the forum.

Around here they call me Gringo and I will be glad to help you with your malware problems.


Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!

  • Please do not run any tools unless instructed to do so.
    • We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.
  • Please do not attach logs or use code boxes, just copy and paste the text.
    • Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.
  • Please read every post completely before doing anything.
    • Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.
  • Please provide feedback about your experience as we go.
    • A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.
NOTE: At the top of your post, click on the "Follow This Topic" Button, make sure that the "Receive notification" box is checked and that it is set to "Instantly" - This will send you an e-mail as soon as I reply to your topic, allowing us to resolve the issue faster.

NOTE: Backup any files that cannot be replaced. Removing malware can be unpredictable and this step can save a lot of heartaches if things don't go as planed. You can put them on a CD/DVD, external drive or a pen drive, anywhere except on the computer.

NOTE: It is good practice to copy and paste the instructions into notepad and print them in case it is necessary for you to go offline during the cleanup process. To open notepad, navigate to Start Menu > All Programs > Accessories > Notepad. Please remember to copy the entire post so you do not miss any instructions.


These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#3 yoyoam

yoyoam
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 20 September 2013 - 12:18 AM

I ran Adwcleaner earlier today but I did some things in between so I ran it again before running JRT. I am including both reports. 

 

No changes in performance so far.

 

 

 

# AdwCleaner v3.004 - Report created 19/09/2013 at 17:37:05
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Sofia Meyen - SOFIA-AEXAL2Y6T
# Running from : C:\Documents and Settings\Sofia Meyen\Desktop\Malware fighting stuff\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\All Users\Application Data\WeCareReminder
Folder Deleted : C:\Documents and Settings\Sofia Meyen\Local Settings\Application Data\OpenCandy
Folder Deleted : C:\Documents and Settings\Sofia Meyen\Application Data\DriverCure
File Deleted : C:\DOCUME~1\SOFIAM~1\LOCALS~1\Temp\Uninstall.exe
File Deleted : C:\Documents and Settings\Sofia Meyen\Application Data\Mozilla\Firefox\Profiles\2dw7xzqh.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F11ACBB-393F-4C86-A214-FF3D0D155CC3}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\wecarereminder
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Documents and Settings\Sofia Meyen\Application Data\Mozilla\Firefox\Profiles\2dw7xzqh.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

-\\ Google Chrome v

[ File : C:\Documents and Settings\Sofia Meyen\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3176 octets] - [19/09/2013 17:33:48]
AdwCleaner[S0].txt - [3031 octets] - [19/09/2013 17:37:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3091 octets] ##########

 

 

 

 

# AdwCleaner v3.004 - Report created 19/09/2013 at 21:29:47
# Updated 15/09/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Sofia Meyen - SOFIA-AEXAL2Y6T
# Running from : C:\Documents and Settings\Sofia Meyen\Desktop\Malware fighting stuff\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Documents and Settings\Sofia Meyen\Application Data\Mozilla\Firefox\Profiles\2dw7xzqh.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Sofia Meyen\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [3176 octets] - [19/09/2013 17:33:48]
AdwCleaner[R1].txt - [1249 octets] - [19/09/2013 21:27:11]
AdwCleaner[S0].txt - [3171 octets] - [19/09/2013 17:37:05]
AdwCleaner[S1].txt - [1172 octets] - [19/09/2013 21:29:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1232 octets] ##########

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.1 (09.15.2013:1)
OS: Microsoft Windows XP x86
Ran by Sofia Meyen on Thu 09/19/2013 at 21:48:53.15
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1

 

~~~ Files

 

~~~ Folders

 

~~~ FireFox

Successfully deleted the following from C:\Documents and Settings\Sofia Meyen\Application Data\mozilla\firefox\profiles\2dw7xzqh.default\prefs.js

user_pref("browser.search.defaulturl", "hxxp://search.live.com/results.aspx?FORM=SOLTDF&q=");
user_pref("keyword.URL", "hxxp://search.live.com/results.aspx?FORM=SOLTDF&q=");

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 09/19/2013 at 22:00:01.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#4 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:53 AM

Posted 20 September 2013 - 08:17 AM


Hello yoyoam

I Would like you to do the following.

Please print out or make a copy in notepad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.

Run Combofix:

You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)

Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<

Combofix may need to reboot your computer more than once to do its job this is normal.

You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.1. Close any open browsers or any other programs that are open.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Double click on combofix.exe & follow the prompts.
When finished, it will produce a report for you.

Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

"information and logs"
  • In your next post I need the following
  • Log from Combofix
  • let me know of any problems you may have had
  • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#5 yoyoam

yoyoam
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 20 September 2013 - 03:31 PM

Hi

I ran combofix. It had me install Recovery Console otherwise it went without a hitch as far as I can tell. 

 

So far the hard drive behavoir appears unchanged. In other ways the computer seems to run somewhat smoother (youtube videos play better). 

 

 

ComboFix 13-09-19.01 - Sofia Meyen 09/20/2013   9:52.1.2 - x86
Microsoft Windows XP Professional  5.1.2600.3.1252.1.1033.18.1535.935 [GMT -7:00]
Running from: c:\documents and settings\Sofia Meyen\Desktop\Malware fighting stuff\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Sofia Meyen\g2mdlhlpx.exe
c:\documents and settings\Sofia Meyen\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences
c:\documents and settings\Sofia Meyen\Local Settings\Application Data\vixjxwgt.exe
c:\documents and settings\Sofia Meyen\WINDOWS
c:\windows\system32\Cache
c:\windows\system32\Cache\1d5dbc4a08f3bd7e.fb
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\2c53092c95605355.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\412e2a94245fc33c.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
c:\windows\system32\dllcache\wmpvis.dll
c:\windows\system32\PowerToyReadme.htm
c:\windows\system32\regobj.dll
c:\windows\system32\test.dll
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((((   Files Created from 2013-08-20 to 2013-09-20  )))))))))))))))))))))))))))))))
.
.
2013-09-20 04:48 . 2013-09-20 04:48 -------- d-----w- c:\windows\ERUNT
2013-09-20 03:00 . 2013-09-20 03:00 -------- d-----w- c:\program files\Common Files\Skype
2013-09-20 02:37 . 2013-09-20 02:37 2560 ----a-w- c:\windows\_MSRSTRT.EXE
2013-09-20 01:06 . 2013-09-20 01:06 -------- d-----w- c:\documents and settings\Sofia Meyen\Local Settings\Application Data\Secunia PSI
2013-09-20 01:06 . 2013-09-20 01:06 -------- d-----w- c:\program files\Secunia
2013-09-20 00:33 . 2013-09-20 04:30 -------- d-----w- C:\AdwCleaner
2013-09-19 22:41 . 2013-09-19 22:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-09-19 22:41 . 2013-04-04 21:50 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2013-09-19 21:58 . 2013-08-30 07:48 177864 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-09-19 21:58 . 2013-08-30 07:48 49376 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-09-19 21:58 . 2013-08-30 07:48 66336 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-09-19 21:01 . 2013-09-19 22:03 -------- d-----w- c:\documents and settings\All Users\Application Data\naWVXnXp
2013-09-19 20:59 . 2013-09-19 20:59 -------- d-----w- c:\documents and settings\Sofia Meyen\Application Data\SlimCleaner
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files\Internet Explorer\PLUGINS\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-13 22:21 . 2012-09-19 23:54 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2013-09-13 22:21 . 2011-05-18 20:43 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2013-08-30 07:48 . 2008-05-23 19:46 369584 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2007-01-10 19:19 56080 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2012-02-10 19:52 770344 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2007-01-10 19:19 49760 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2013-08-30 07:48 . 2008-05-23 19:46 29816 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:47 . 2010-11-10 20:57 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2007-01-10 19:19 229648 ----a-w- c:\windows\system32\aswBoot.exe
2013-07-03 08:32 . 2013-07-03 08:32 16024 ----a-w- c:\windows\system32\drivers\psi_mf_x86.sys
2004-08-10 06:30 . 2007-04-03 22:03 40960 ----a-w- c:\program files\Uninstall_CDS.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 121968 ----a-w- c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Sofia Meyen\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Sofia Meyen\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Sofia Meyen\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-06-05 17:17 130736 ----a-w- c:\documents and settings\Sofia Meyen\Application Data\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ControlCenter2.0"="c:\program files\Brother\ControlCenter2\brctrcen.exe" [2005-07-23 933888]
"APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-31 59280]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-08 421776]
"zBrowser Launcher"="c:\program files\Logitech\iTouch\iTouch.exe" [2004-03-18 892928]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2000-01-01 1282048]
"TRUUpdater"="c:\program files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" [2009-03-09 554264]
"WatcherHelper"="c:\program files\Sierra Wireless Inc\Watcher\WaHelper.exe" [2009-04-20 53248]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"StatusAlerts"="c:\program files\HP\StatusAlerts\bin\HPStatusAlerts.exe" [2012-07-18 313248]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2006-10-27 434528]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2008-04-14 53760]
.
c:\documents and settings\Sofia Meyen\Start Menu\Programs\Startup\
Dropbox.lnk - c:\documents and settings\Sofia Meyen\Application Data\Dropbox\bin\Dropbox.exe /systemstartup [2013-6-5 27370808]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup\
Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2013-7-3 563416]
Windows Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe  /startup [2008-5-26 123904]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2009-05-25 304128]
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"Google Update"="c:\documents and settings\Sofia Meyen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PROMon.exe"=PROMon.exe
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Documents and Settings\\Sofia Meyen\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"=
"c:\\Documents and Settings\\Sofia Meyen\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.dll"=
"c:\\Documents and Settings\\Sofia Meyen\\Local Settings\\Application Data\\Google\\Google Talk Plugin\\googletalkplugin.exe"=
"c:\\Program Files\\VoipCheapCom\\VoipCheapCom.exe"=
"c:\\Program Files\\Common Files\\Apple\\Apple Application Support\\WebKit2WebProcess.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Sierra Wireless Inc\\Watcher\\TRUUpdater.exe"= c:\\Program Files\\Sierra Wireless Inc\\WebUpdater\\TRUUpdater.exe
"c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"=
"c:\\Program Files\\Sierra Wireless Inc\\Watcher\\SwiApiMux.exe"=
"c:\\Program Files\\HP\\csiInstaller\\6682B5C4-530A-4FB8-ACAC-80DB5CCC68DD\\Installer\\hpbcsiInstaller.exe"=
"c:\\Documents and Settings\\Sofia Meyen\\Application Data\\Dropbox\\bin\\Dropbox.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"5985:TCP"= 5985:TCP:*:Disabled:Windows Remote Management
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
.
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [9/19/2013 2:58 PM 49376]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [9/19/2013 2:58 PM 177864]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2/10/2012 12:52 PM 770344]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [5/23/2008 12:46 PM 369584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [5/23/2008 12:46 PM 29816]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [9/19/2013 2:58 PM 66336]
R2 HP DS Service;HP DS Service;c:\program files\HP\HPBDSService\HPBDSService.exe [10/17/2011 3:51 PM 13824]
R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [7/3/2013 1:32 AM 1228504]
R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [7/3/2013 1:32 AM 660184]
R3 Pcouffin;Low level access layer for CD devices;c:\windows\system32\drivers\Pcouffin.sys [6/14/2007 5:09 PM 47360]
R3 PSI;PSI;c:\windows\system32\drivers\psi_mf_x86.sys [7/3/2013 1:32 AM 16024]
S2 gupdate1c9cb8549081488;Google Update Service (gupdate1c9cb8549081488);c:\program files\Google\Update\GoogleUpdate.exe [5/2/2009 5:22 PM 133104]
S2 HP LaserJet Service;HP LaserJet Service;c:\program files\HP\HPLaserJetService\HPLaserJetService.exe [5/2/2012 9:02 PM 164864]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [9/19/2013 3:41 PM 418376]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [9/19/2013 3:41 PM 701512]
S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2/28/2013 6:45 PM 161384]
S3 ASPI;Advanced SCSI Programming Interface Driver;c:\windows\system32\drivers\ASPI32.SYS [1/20/2009 9:43 PM 16512]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [9/19/2013 3:41 PM 22856]
S3 PCDRDRV;Pcdr Helper Driver;\??\c:\progra~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys --> c:\progra~1\PC-DOC~1\DIAGNO~1\PCDRDRV.sys [?]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ    Pml Driver HPZ12 Net Driver HPZ12
.
Contents of the 'Scheduled Tasks' folder
.
2013-09-20 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\Alwil Software\Avast5\AvastEmUpdate.exe [2013-09-19 07:47]
.
2013-09-19 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-24 16:32]
.
2013-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 00:22]
.
2013-09-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-03 00:22]
.
2013-09-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-308236825-839522115-1003Core1cc8c20eaa0e2da.job
- c:\documents and settings\Sofia Meyen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-13 22:10]
.
2013-09-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-436374069-308236825-839522115-1003UA.job
- c:\documents and settings\Sofia Meyen\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-03-13 22:10]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.microsoft.com
uInternet Settings,ProxyOverride = hxxp://localhost
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.0.1
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
FF - ProfilePath - c:\documents and settings\Sofia Meyen\Application Data\Mozilla\Firefox\Profiles\2dw7xzqh.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2013-09-19 14:57; wrc@avast.com; c:\program files\Alwil Software\Avast5\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-ROC_roc_ssl_v12 - c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe
HKLM-Run-ROC_ROC_JULY_P1 - c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe
HKLM-Run-AirCardEnabler - (no file)
MSConfigStartUp-CTFMON - (no file)
AddRemove-Adobe Flash Player ActiveX - c:\windows\system32\Macromed\Flash\FlashUtil32_11_8_800_174_ActiveX.exe
AddRemove-Adobe Flash Player Plugin - c:\windows\system32\Macromed\Flash\FlashUtil32_11_8_800_168_Plugin.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2013-09-20 10:04
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_11_8_800_174_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(1112)
c:\windows\system32\Ati2evxx.dll
c:\windows\System32\BCMLogon.dll
.
Completion time: 2013-09-20  10:07:36
ComboFix-quarantined-files.txt  2013-09-20 17:07
.
Pre-Run: 46,716,239,872 bytes free
Post-Run: 49,386,610,688 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn
.
- - End Of File - - 334EEC516B4CF5CAFE4ED08B31E4580F
8F558EB6672622401DA993E1E865C861
 



#6 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:53 AM

Posted 20 September 2013 - 03:44 PM


Hello GBayliss

I would like you to try and run these next.

TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Put a checkmark beside loaded modules.
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • more than one report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". The one that I need is the larger one. Please copy and paste the contents of that file here.

    Note** this report can be very long - so if the website gives you an error saying it is to long you may attache it

    If the forum still complains about it being to long send me everything that is at the end of the report after where it says

    ==================
    Scan finished
    ==================
and I will see if I want to see the whole report

--RogueKiller--

Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit
  • Quit all programs that you may have started.
  • Please disconnect any external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • the scan will make two reports the one I would like to see is called RKreport[2].txt on your Desktop
  • Exit/Close RogueKiller+
send me the reports made from TDSSKiller and Roguekiller and also let me know how the computer is doing at this time.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#7 yoyoam

yoyoam
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 20 September 2013 - 06:45 PM

Ran both programs. No changes in computer performance observed.

I hope you will find something useful in the report.

 

thank you.

 

 

 

16:00:00.0796 0x07dc  TDSS rootkit removing tool 2.9.2.0 Aug 15 2013 16:44:29
16:00:01.0703 0x07dc  ============================================================
16:00:01.0703 0x07dc  Current date / time: 2013/09/20 16:00:01.0703
16:00:01.0703 0x07dc  SystemInfo:
16:00:01.0703 0x07dc 
16:00:01.0703 0x07dc  OS Version: 5.1.2600 ServicePack: 3.0
16:00:01.0718 0x07dc  Product type: Workstation
16:00:01.0718 0x07dc  ComputerName: SOFIA-AEXAL2Y6T
16:00:01.0718 0x07dc  UserName: Sofia Meyen
16:00:01.0718 0x07dc  Windows directory: C:\WINDOWS
16:00:01.0718 0x07dc  System windows directory: C:\WINDOWS
16:00:01.0718 0x07dc  Processor architecture: Intel x86
16:00:01.0718 0x07dc  Number of processors: 2
16:00:01.0718 0x07dc  Page size: 0x1000
16:00:01.0718 0x07dc  Boot type: Normal boot
16:00:01.0718 0x07dc  ============================================================
16:00:01.0718 0x07dc  BG loaded
16:00:02.0843 0x07dc  Drive \Device\Harddisk0\DR0 - Size: 0x2F7B100000 (189.92 Gb), SectorSize: 0x200, Cylinders: 0x60D8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:00:03.0078 0x07dc  ============================================================
16:00:03.0078 0x07dc  \Device\Harddisk0\DR0:
16:00:03.0078 0x07dc  MBR partitions:
16:00:03.0093 0x07dc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x17BD13D8
16:00:03.0093 0x07dc  ============================================================
16:00:03.0421 0x07dc  C: <-> \Device\Harddisk0\DR0\Partition1
16:00:03.0421 0x07dc  ============================================================
16:00:03.0421 0x07dc  Initialize success
16:00:03.0421 0x07dc  ============================================================
16:03:54.0859 0x0848  ============================================================
16:03:54.0859 0x0848  Scan started
16:03:54.0859 0x0848  Mode: Manual; SigCheck; TDLFS;
16:03:54.0859 0x0848  ============================================================
16:03:55.0078 0x0848  ================ Scan system memory ========================
16:03:55.0078 0x0848  System memory - ok
16:03:55.0078 0x0848  ================ Scan services =============================
16:03:55.0234 0x0848  Abiosdsk - ok
16:03:55.0250 0x0848  abp480n5 - ok
16:03:55.0312 0x0848  [ 8FD99680A539792A30E97944FDAECF17 ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
16:03:56.0703 0x0848  ACPI - ok
16:03:56.0734 0x0848  [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
16:03:56.0937 0x0848  ACPIEC - ok
16:03:56.0984 0x0848  AdobeFlashPlayerUpdateSvc - ok
16:03:56.0984 0x0848  adpu160m - ok
16:03:57.0015 0x0848  [ 8BED39E3C35D6A489438B8141717A557 ] aec             C:\WINDOWS\system32\drivers\aec.sys
16:03:57.0218 0x0848  aec - ok
16:03:57.0265 0x0848  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
16:03:57.0296 0x0848  AFD - ok
16:03:57.0343 0x0848  [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
16:03:57.0609 0x0848  agp440 - ok
16:03:57.0625 0x0848  Aha154x - ok
16:03:57.0625 0x0848  aic78u2 - ok
16:03:57.0640 0x0848  aic78xx - ok
16:03:57.0671 0x0848  [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
16:03:57.0953 0x0848  Alerter - ok
16:03:57.0984 0x0848  [ 8C515081584A38AA007909CD02020B3D ] ALG             C:\WINDOWS\System32\alg.exe
16:03:58.0140 0x0848  ALG - ok
16:03:58.0140 0x0848  AliIde - ok
16:03:58.0156 0x0848  amsint - ok
16:03:58.0265 0x0848  [ F401929EE0CC92BFE7F15161CA535383 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:03:58.0312 0x0848  Apple Mobile Device - ok
16:03:58.0359 0x0848  [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
16:03:58.0531 0x0848  AppMgmt - ok
16:03:58.0546 0x0848  asc - ok
16:03:58.0562 0x0848  asc3350p - ok
16:03:58.0562 0x0848  asc3550 - ok
16:03:58.0625 0x0848  [ 54AB078660E536DA72B21A27F56B035B ] ASPI            C:\WINDOWS\System32\DRIVERS\ASPI32.sys
16:03:58.0656 0x0848  ASPI ( UnsignedFile.Multi.Generic ) - warning
16:03:58.0656 0x0848  ASPI - detected UnsignedFile.Multi.Generic (1)
16:03:58.0750 0x0848  [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:03:58.0796 0x0848  aspnet_state - ok
16:03:58.0843 0x0848  [ B9FE438B3CAD82B2014710349A2022F7 ] aswFsBlk        C:\WINDOWS\system32\drivers\aswFsBlk.sys
16:03:59.0031 0x0848  aswFsBlk - ok
16:03:59.0078 0x0848  [ AE5549DD21F6DE06406031EF1D51ACC3 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:03:59.0093 0x0848  aswMonFlt - ok
16:03:59.0125 0x0848  [ D084D0A7A66619FC29776CBBB9D5FA55 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr.sys
16:03:59.0140 0x0848  aswRdr - ok
16:03:59.0187 0x0848  [ FA72FA503F580C3C628DD8C7D7622E37 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
16:03:59.0218 0x0848  aswRvrt - ok
16:03:59.0296 0x0848  [ 4D53349D848C6BADB3D4ACBE98C27676 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
16:03:59.0328 0x0848  aswSnx - ok
16:03:59.0375 0x0848  [ 813024DFD54A41B3AFAE2B1E2796CB80 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
16:03:59.0406 0x0848  aswSP - ok
16:03:59.0437 0x0848  [ 5E18413310134130D7772F0668698CB7 ] aswTdi          C:\WINDOWS\system32\drivers\aswTdi.sys
16:03:59.0468 0x0848  aswTdi - ok
16:03:59.0515 0x0848  [ A5F637D61719D37A5B4868C385E363C0 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
16:03:59.0562 0x0848  aswVmm - ok
16:03:59.0593 0x0848  [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:03:59.0875 0x0848  AsyncMac - ok
16:03:59.0906 0x0848  [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
16:04:00.0203 0x0848  atapi - ok
16:04:00.0218 0x0848  Atdisk - ok
16:04:00.0281 0x0848  [ BBA22521D24625C7A7B8D57FB20A812E ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
16:04:00.0406 0x0848  Ati HotKey Poller - ok
16:04:00.0484 0x0848  [ 07AC9A98EA70B5A6655A5797174BD282 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
16:04:00.0640 0x0848  ati2mtag - ok
16:04:00.0687 0x0848  [ 9916C1225104BA14794209CFA8012159 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
16:04:00.0984 0x0848  Atmarpc - ok
16:04:01.0031 0x0848  [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
16:04:01.0234 0x0848  AudioSrv - ok
16:04:01.0265 0x0848  [ D9F724AA26C010A217C97606B160ED68 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
16:04:01.0453 0x0848  audstub - ok
16:04:01.0515 0x0848  [ 9330941C8F6DF417F6DBBE998DB6687E ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:04:01.0562 0x0848  avast! Antivirus - ok
16:04:01.0640 0x0848  [ B89BCF0A25AEB3B47030AC83287F894A ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl5.sys
16:04:01.0750 0x0848  BCM43XX - ok
16:04:01.0781 0x0848  [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:04:02.0156 0x0848  Beep - ok
16:04:02.0218 0x0848  [ 574738F61FCA2935F5265DC4E5691314 ] BITS            C:\WINDOWS\system32\qmgr.dll
16:04:02.0718 0x0848  BITS - ok
16:04:02.0765 0x0848  [ D3FACB34FFF5DB91ADB70987838F8BA7 ] Brother XP spl Service C:\WINDOWS\system32\brsvc01a.exe
16:04:02.0828 0x0848  Brother XP spl Service - ok
16:04:02.0875 0x0848  [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser         C:\WINDOWS\System32\browser.dll
16:04:02.0937 0x0848  Browser - ok
16:04:02.0984 0x0848  [ 92A964547B96D697E5E9ED43B4297F5A ] BrScnUsb        C:\WINDOWS\system32\Drivers\BrScnUsb.sys
16:04:03.0031 0x0848  BrScnUsb - ok
16:04:03.0078 0x0848  [ C121E10C64318182A6478ACAE1855EE0 ] BrSerIf         C:\WINDOWS\system32\Drivers\BrSerIf.sys
16:04:03.0140 0x0848  BrSerIf - ok
16:04:03.0203 0x0848  [ 7AC85CDC03BEFD78908B3B6A73D201D0 ] BrUsbSer        C:\WINDOWS\system32\Drivers\BrUsbSer.sys
16:04:03.0234 0x0848  BrUsbSer - ok
16:04:03.0343 0x0848  catchme - ok
16:04:03.0390 0x0848  [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
16:04:03.0609 0x0848  cbidf2k - ok
16:04:03.0640 0x0848  [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
16:04:03.0828 0x0848  CCDECODE - ok
16:04:03.0828 0x0848  cd20xrnt - ok
16:04:03.0875 0x0848  [ C1B486A7658353D33A10CC15211A873B ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
16:04:04.0093 0x0848  Cdaudio - ok
16:04:04.0125 0x0848  [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
16:04:04.0421 0x0848  Cdfs - ok
16:04:04.0453 0x0848  [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
16:04:04.0750 0x0848  Cdrom - ok
16:04:04.0765 0x0848  Changer - ok
16:04:04.0796 0x0848  [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc           C:\WINDOWS\system32\cisvc.exe
16:04:05.0093 0x0848  CiSvc - ok
16:04:05.0109 0x0848  [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
16:04:05.0437 0x0848  ClipSrv - ok
16:04:05.0468 0x0848  [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 c:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:04:05.0562 0x0848  clr_optimization_v2.0.50727_32 - ok
16:04:05.0578 0x0848  CmdIde - ok
16:04:05.0593 0x0848  COMSysApp - ok
16:04:05.0609 0x0848  Cpqarray - ok
16:04:05.0640 0x0848  [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
16:04:05.0859 0x0848  CryptSvc - ok
16:04:05.0906 0x0848  [ 71007BD2E1E26927FE3E4EB00C0BEEDF ] ctljystk        C:\WINDOWS\system32\DRIVERS\ctljystk.sys
16:04:06.0093 0x0848  ctljystk - ok
16:04:06.0109 0x0848  dac2w2k - ok
16:04:06.0109 0x0848  dac960nt - ok
16:04:06.0171 0x0848  [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:04:06.0218 0x0848  DcomLaunch - ok
16:04:06.0265 0x0848  [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
16:04:06.0515 0x0848  Dhcp - ok
16:04:06.0546 0x0848  [ 044452051F3E02E7963599FC8F4F3E25 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
16:04:06.0890 0x0848  Disk - ok
16:04:06.0906 0x0848  dmadmin - ok
16:04:06.0968 0x0848  [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
16:04:07.0328 0x0848  dmboot - ok
16:04:07.0343 0x0848  [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
16:04:07.0687 0x0848  dmio - ok
16:04:07.0703 0x0848  [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
16:04:07.0968 0x0848  dmload - ok
16:04:08.0015 0x0848  [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver        C:\WINDOWS\System32\dmserver.dll
16:04:08.0218 0x0848  dmserver - ok
16:04:08.0234 0x0848  [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
16:04:08.0437 0x0848  DMusic - ok
16:04:08.0484 0x0848  [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:04:08.0500 0x0848  Dnscache - ok
16:04:08.0546 0x0848  [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:04:08.0781 0x0848  Dot3svc - ok
16:04:08.0859 0x0848  [ 3E4B043F8BC6BE1D4820CC6C9C500306 ] Dot4            C:\WINDOWS\system32\DRIVERS\Dot4.sys
16:04:09.0203 0x0848  Dot4 - ok
16:04:09.0234 0x0848  [ 77CE63A8A34AE23D9FE4C7896D1DEBE7 ] Dot4Print       C:\WINDOWS\system32\DRIVERS\Dot4Prt.sys
16:04:09.0531 0x0848  Dot4Print - ok
16:04:09.0546 0x0848  dpti2o - ok
16:04:09.0578 0x0848  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:04:09.0890 0x0848  drmkaud - ok
16:04:10.0000 0x0848  [ C42009E37E377AE55968768E521E05C3 ] E1000           C:\WINDOWS\system32\DRIVERS\e1000325.sys
16:04:10.0031 0x0848  E1000 - ok
16:04:10.0078 0x0848  [ 98B46B331404A951CABAD8B4877E1276 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
16:04:10.0156 0x0848  E100B - ok
16:04:10.0203 0x0848  [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost         C:\WINDOWS\System32\eapsvc.dll
16:04:10.0437 0x0848  EapHost - ok
16:04:10.0468 0x0848  [ 80307925F525F1ED3323D6275185438A ] emu10k          C:\WINDOWS\system32\drivers\emu10k1f.sys
16:04:10.0546 0x0848  emu10k - ok
16:04:10.0578 0x0848  [ AADC81E967C25DD7C90E150FEC6EAB74 ] emu10k1         C:\WINDOWS\system32\drivers\ctlface.sys
16:04:10.0593 0x0848  emu10k1 - ok
16:04:10.0609 0x0848  [ BC93B4A066477954555966D77FEC9ECB ] ERSvc           C:\WINDOWS\System32\ersvc.dll
16:04:10.0828 0x0848  ERSvc - ok
16:04:10.0875 0x0848  [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog        C:\WINDOWS\system32\services.exe
16:04:10.0937 0x0848  Eventlog - ok
16:04:10.0968 0x0848  [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem     C:\WINDOWS\System32\es.dll
16:04:11.0046 0x0848  EventSystem - ok
16:04:11.0109 0x0848  [ 38D332A6D56AF32635675F132548343E ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
16:04:11.0421 0x0848  Fastfat - ok
16:04:11.0468 0x0848  [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
16:04:11.0546 0x0848  FastUserSwitchingCompatibility - ok
16:04:11.0578 0x0848  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
16:04:11.0859 0x0848  Fdc - ok
16:04:11.0890 0x0848  [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
16:04:12.0187 0x0848  Fips - ok
16:04:12.0203 0x0848  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
16:04:12.0484 0x0848  Flpydisk - ok
16:04:12.0515 0x0848  [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:04:12.0703 0x0848  FltMgr - ok
16:04:12.0781 0x0848  [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
16:04:12.0796 0x0848  FontCache3.0.0.0 - ok
16:04:12.0828 0x0848  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:04:13.0000 0x0848  Fs_Rec - ok
16:04:13.0015 0x0848  [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
16:04:13.0218 0x0848  Ftdisk - ok
16:04:13.0265 0x0848  [ 065639773D8B03F33577F6CDAEA21063 ] gameenum        C:\WINDOWS\system32\DRIVERS\gameenum.sys
16:04:13.0531 0x0848  gameenum - ok
16:04:13.0578 0x0848  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM     C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
16:04:13.0625 0x0848  GEARAspiWDM - ok
16:04:13.0671 0x0848  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
16:04:13.0953 0x0848  Gpc - ok
16:04:14.0031 0x0848  [ 626A24ED1228580B9518C01930936DF9 ] gupdate1c9cb8549081488 C:\Program Files\Google\Update\GoogleUpdate.exe
16:04:14.0078 0x0848  gupdate1c9cb8549081488 - ok
16:04:14.0093 0x0848  [ 626A24ED1228580B9518C01930936DF9 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
16:04:14.0125 0x0848  gupdatem - ok
16:04:14.0171 0x0848  [ 408DDD80EEDE47175F6844817B90213E ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:04:14.0234 0x0848  gusvc - ok
16:04:14.0281 0x0848  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:04:14.0562 0x0848  helpsvc - ok
16:04:14.0609 0x0848  [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ         C:\WINDOWS\System32\hidserv.dll
16:04:14.0843 0x0848  HidServ - ok
16:04:14.0859 0x0848  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
16:04:15.0046 0x0848  HidUsb - ok
16:04:15.0109 0x0848  [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
16:04:15.0312 0x0848  hkmsvc - ok
16:04:15.0390 0x0848  [ 86724A200BF1F08A03FB563660FCD928 ] HP DS Service   C:\Program Files\HP\HPBDSService\HPBDSService.exe
16:04:15.0421 0x0848  HP DS Service ( UnsignedFile.Multi.Generic ) - warning
16:04:15.0421 0x0848  HP DS Service - detected UnsignedFile.Multi.Generic (1)
16:04:15.0468 0x0848  [ 9C42E435F629CD8512BECFA082762425 ] HP LaserJet Service C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
16:04:15.0484 0x0848  HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
16:04:15.0484 0x0848  HP LaserJet Service - detected UnsignedFile.Multi.Generic (1)
16:04:15.0500 0x0848  hpn - ok
16:04:15.0546 0x0848  [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
16:04:15.0609 0x0848  HTTP - ok
16:04:15.0640 0x0848  [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
16:04:15.0953 0x0848  HTTPFilter - ok
16:04:15.0968 0x0848  i2omgmt - ok
16:04:15.0984 0x0848  i2omp - ok
16:04:16.0031 0x0848  [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
16:04:16.0343 0x0848  i8042prt - ok
16:04:16.0359 0x0848  [ 791F0829DE88DD0CA77192F0DFAD03B6 ] IdeBusDr        C:\WINDOWS\system32\DRIVERS\IdeBusDr.sys
16:04:16.0406 0x0848  IdeBusDr - ok
16:04:16.0437 0x0848  [ 7D2B8BE9E89628663C1FB571F7C34062 ] IdeChnDr        C:\WINDOWS\system32\DRIVERS\IdeChnDr.sys
16:04:16.0484 0x0848  IdeChnDr - ok
16:04:16.0562 0x0848  [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc           c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:04:16.0656 0x0848  idsvc - ok
16:04:16.0687 0x0848  [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
16:04:16.0921 0x0848  Imapi - ok
16:04:16.0968 0x0848  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService    C:\WINDOWS\system32\imapi.exe
16:04:17.0140 0x0848  ImapiService - ok
16:04:17.0156 0x0848  ini910u - ok
16:04:17.0171 0x0848  [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
16:04:17.0359 0x0848  IntelIde - ok
16:04:17.0406 0x0848  [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
16:04:17.0656 0x0848  intelppm - ok
16:04:17.0687 0x0848  [ 3BB22519A194418D5FEC05D800A19AD0 ] ip6fw           C:\WINDOWS\system32\drivers\ip6fw.sys
16:04:17.0984 0x0848  ip6fw - ok
16:04:18.0015 0x0848  [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:04:18.0328 0x0848  IpFilterDriver - ok
16:04:18.0328 0x0848  [ B87AB476DCF76E72010632B5550955F5 ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
16:04:18.0625 0x0848  IpInIp - ok
16:04:18.0671 0x0848  [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
16:04:18.0953 0x0848  IpNat - ok
16:04:19.0015 0x0848  [ E6BE7A41A28D8F2DB174957454D32448 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:04:19.0078 0x0848  iPod Service - ok
16:04:19.0109 0x0848  [ 23C74D75E36E7158768DD63D92789A91 ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
16:04:19.0312 0x0848  IPSec - ok
16:04:19.0312 0x0848  [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
16:04:19.0421 0x0848  IRENUM - ok
16:04:19.0453 0x0848  [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
16:04:19.0671 0x0848  isapnp - ok
16:04:19.0718 0x0848  [ 8F1BA487B35F0C8F637E05113AA815F8 ] itchfltr        C:\WINDOWS\system32\DRIVERS\itchfltr.sys
16:04:19.0750 0x0848  itchfltr - ok
16:04:19.0828 0x0848  [ 4F4D4AA1E0849FECC0CF5AACD59030B5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
16:04:19.0875 0x0848  JavaQuickStarterService - ok
16:04:19.0906 0x0848  [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
16:04:20.0218 0x0848  Kbdclass - ok
16:04:20.0234 0x0848  [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
16:04:20.0515 0x0848  kbdhid - ok
16:04:20.0546 0x0848  [ 692BCF44383D056AED41B045A323D378 ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
16:04:20.0890 0x0848  kmixer - ok
16:04:20.0906 0x0848  [ B467646C54CC746128904E1654C750C1 ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
16:04:20.0984 0x0848  KSecDD - ok
16:04:21.0046 0x0848  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
16:04:21.0125 0x0848  lanmanserver - ok
16:04:21.0187 0x0848  [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
16:04:21.0250 0x0848  lanmanworkstation - ok
16:04:21.0265 0x0848  lbrtfdc - ok
16:04:21.0312 0x0848  [ A7DB739AE99A796D91580147E919CC59 ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
16:04:21.0562 0x0848  LmHosts - ok
16:04:21.0593 0x0848  [ 4470E3C1E0C3378E4CAB137893C12C3A ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
16:04:21.0625 0x0848  MBAMProtector - ok
16:04:21.0671 0x0848  [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:04:21.0703 0x0848  MBAMScheduler - ok
16:04:21.0734 0x0848  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:04:21.0781 0x0848  MBAMService - ok
16:04:21.0796 0x0848  [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
16:04:21.0984 0x0848  Messenger - ok
16:04:22.0031 0x0848  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
16:04:22.0328 0x0848  mnmdd - ok
16:04:22.0375 0x0848  [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc         C:\WINDOWS\System32\mnmsrvc.exe
16:04:22.0671 0x0848  mnmsrvc - ok
16:04:22.0703 0x0848  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
16:04:23.0046 0x0848  Modem - ok
16:04:23.0046 0x0848  [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
16:04:23.0328 0x0848  Mouclass - ok
16:04:23.0390 0x0848  [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
16:04:23.0671 0x0848  mouhid - ok
16:04:23.0687 0x0848  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
16:04:23.0875 0x0848  MountMgr - ok
16:04:23.0953 0x0848  [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:04:23.0984 0x0848  MozillaMaintenance - ok
16:04:23.0984 0x0848  mraid35x - ok
16:04:24.0031 0x0848  [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
16:04:24.0218 0x0848  MRxDAV - ok
16:04:24.0281 0x0848  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:04:24.0312 0x0848  MRxSmb - ok
16:04:24.0343 0x0848  [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:04:24.0671 0x0848  MSDTC - ok
16:04:24.0703 0x0848  [ C941EA2454BA8350021D774DAF0F1027 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:04:25.0000 0x0848  Msfs - ok
16:04:25.0015 0x0848  MSIServer - ok
16:04:25.0046 0x0848  [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:04:25.0343 0x0848  MSKSSRV - ok
16:04:25.0375 0x0848  [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:04:25.0703 0x0848  MSPCLOCK - ok
16:04:25.0718 0x0848  [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:04:25.0968 0x0848  MSPQM - ok
16:04:26.0031 0x0848  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
16:04:26.0187 0x0848  mssmbios - ok
16:04:26.0234 0x0848  [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
16:04:26.0437 0x0848  MSTEE - ok
16:04:26.0453 0x0848  [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
16:04:26.0484 0x0848  Mup - ok
16:04:26.0515 0x0848  [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
16:04:26.0765 0x0848  NABTSFEC - ok
16:04:26.0843 0x0848  [ 0102140028FAD045756796E1C685D695 ] napagent        C:\WINDOWS\System32\qagentrt.dll
16:04:27.0187 0x0848  napagent - ok
16:04:27.0234 0x0848  [ 1DF7F42665C94B825322FAE71721130D ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
16:04:27.0531 0x0848  NDIS - ok
16:04:27.0546 0x0848  [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
16:04:27.0843 0x0848  NdisIP - ok
16:04:27.0875 0x0848  [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:04:27.0921 0x0848  NdisTapi - ok
16:04:27.0953 0x0848  [ F927A4434C5028758A842943EF1A3849 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:04:28.0218 0x0848  Ndisuio - ok
16:04:28.0234 0x0848  [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:04:28.0421 0x0848  NdisWan - ok
16:04:28.0453 0x0848  [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:04:28.0484 0x0848  NDProxy - ok
16:04:28.0515 0x0848  [ F7C14F5077BF2BC476C348B88A7F74E2 ] Net Driver HPZ12 C:\WINDOWS\System32\HPZinw12.dll
16:04:28.0531 0x0848  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:04:28.0531 0x0848  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:04:28.0546 0x0848  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:04:28.0750 0x0848  NetBIOS - ok
16:04:28.0765 0x0848  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:04:29.0031 0x0848  NetBT - ok
16:04:29.0093 0x0848  [ B857BA82860D7FF85AE29B095645563B ] NetDDE          C:\WINDOWS\system32\netdde.exe
16:04:29.0406 0x0848  NetDDE - ok
16:04:29.0421 0x0848  [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
16:04:29.0718 0x0848  NetDDEdsdm - ok
16:04:29.0750 0x0848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:04:30.0046 0x0848  Netlogon - ok
16:04:30.0078 0x0848  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman          C:\WINDOWS\System32\netman.dll
16:04:30.0375 0x0848  Netman - ok
16:04:30.0468 0x0848  [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:04:30.0484 0x0848  NetTcpPortSharing - ok
16:04:30.0531 0x0848  [ 943337D786A56729263071623BBB9DE5 ] Nla             C:\WINDOWS\System32\mswsock.dll
16:04:30.0578 0x0848  Nla - ok
16:04:30.0609 0x0848  [ 419F4D80FE7E34E2626C84B3C6035955 ] NMSCFG          C:\WINDOWS\system32\drivers\NMSCFG.SYS
16:04:30.0609 0x0848  NMSCFG ( UnsignedFile.Multi.Generic ) - warning
16:04:30.0609 0x0848  NMSCFG - detected UnsignedFile.Multi.Generic (1)
16:04:30.0671 0x0848  [ EEEA4A259891D43FEC7C25E45973740D ] NMSSvc          C:\WINDOWS\System32\NMSSvc.exe
16:04:30.0750 0x0848  NMSSvc ( UnsignedFile.Multi.Generic ) - warning
16:04:30.0750 0x0848  NMSSvc - detected UnsignedFile.Multi.Generic (1)
16:04:30.0796 0x0848  [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:04:30.0984 0x0848  Npfs - ok
16:04:31.0031 0x0848  [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:04:31.0328 0x0848  Ntfs - ok
16:04:31.0375 0x0848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp         C:\WINDOWS\System32\lsass.exe
16:04:31.0656 0x0848  NtLmSsp - ok
16:04:31.0718 0x0848  [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
16:04:32.0062 0x0848  NtmsSvc - ok
16:04:32.0078 0x0848  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:04:32.0359 0x0848  Null - ok
16:04:32.0406 0x0848  [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
16:04:32.0687 0x0848  NwlnkFlt - ok
16:04:32.0703 0x0848  [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
16:04:32.0906 0x0848  NwlnkFwd - ok
16:04:33.0046 0x0848  [ 84DE1DD996B48B05ACE31AD015FA108A ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:04:33.0078 0x0848  odserv - ok
16:04:33.0125 0x0848  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:04:33.0156 0x0848  ose - ok
16:04:33.0203 0x0848  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
16:04:33.0406 0x0848  Parport - ok
16:04:33.0421 0x0848  [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
16:04:33.0703 0x0848  PartMgr - ok
16:04:33.0750 0x0848  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
16:04:34.0046 0x0848  ParVdm - ok
16:04:34.0046 0x0848  PCDRDRV - ok
16:04:34.0062 0x0848  PcdrNt - ok
16:04:34.0093 0x0848  [ A219903CCF74233761D92BEF471A07B1 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
16:04:34.0390 0x0848  PCI - ok
16:04:34.0406 0x0848  PCIDump - ok
16:04:34.0421 0x0848  PCIIde - ok
16:04:34.0453 0x0848  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
16:04:34.0765 0x0848  Pcmcia - ok
16:04:34.0812 0x0848  [ CD2425FD848E5FA09C9A213DA56817A9 ] Pcouffin        C:\WINDOWS\system32\Drivers\Pcouffin.sys
16:04:34.0828 0x0848  Pcouffin ( UnsignedFile.Multi.Generic ) - warning
16:04:34.0828 0x0848  Pcouffin - detected UnsignedFile.Multi.Generic (1)
16:04:34.0828 0x0848  PDCOMP - ok
16:04:34.0859 0x0848  PDFRAME - ok
16:04:34.0859 0x0848  PDRELI - ok
16:04:34.0875 0x0848  PDRFRAME - ok
16:04:34.0890 0x0848  perc2 - ok
16:04:34.0906 0x0848  perc2hib - ok
16:04:34.0937 0x0848  [ 444F122E68DB44C0589227781F3C8B3F ] pfc             C:\WINDOWS\system32\drivers\pfc.sys
16:04:34.0953 0x0848  pfc ( UnsignedFile.Multi.Generic ) - warning
16:04:34.0953 0x0848  pfc - detected UnsignedFile.Multi.Generic (1)
16:04:35.0000 0x0848  [ 308552B9BF129E5235D070E4307D275C ] PictureTaker    C:\WINDOWS\System32\PCTKRNT.SYS
16:04:35.0046 0x0848  PictureTaker ( UnsignedFile.Multi.Generic ) - warning
16:04:35.0046 0x0848  PictureTaker - detected UnsignedFile.Multi.Generic (1)
16:04:35.0062 0x0848  [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay        C:\WINDOWS\system32\services.exe
16:04:35.0125 0x0848  PlugPlay - ok
16:04:35.0156 0x0848  [ E638656001C52A1FAA34F92E6D3A086B ] Pml Driver HPZ12 C:\WINDOWS\System32\HPZipm12.dll
16:04:35.0187 0x0848  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:04:35.0187 0x0848  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:04:35.0203 0x0848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
16:04:35.0359 0x0848  PolicyAgent - ok
16:04:35.0406 0x0848  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:04:35.0593 0x0848  PptpMiniport - ok
16:04:35.0625 0x0848  [ 25BAE9B9DA579EED76B8F6F98DEA7C83 ] PrismXL         C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
16:04:35.0640 0x0848  PrismXL ( UnsignedFile.Multi.Generic ) - warning
16:04:35.0640 0x0848  PrismXL - detected UnsignedFile.Multi.Generic (1)
16:04:35.0656 0x0848  [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor       C:\WINDOWS\system32\DRIVERS\processr.sys
16:04:35.0890 0x0848  Processor - ok
16:04:35.0906 0x0848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
16:04:36.0187 0x0848  ProtectedStorage - ok
16:04:36.0203 0x0848  [ 09298EC810B07E5D582CB3A3F9255424 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
16:04:36.0468 0x0848  PSched - ok
16:04:36.0515 0x0848  [ 68B57D7C11277EA89F78255480376B4D ] PSI             C:\WINDOWS\system32\DRIVERS\psi_mf_x86.sys
16:04:36.0562 0x0848  PSI - ok
16:04:36.0562 0x0848  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
16:04:36.0859 0x0848  Ptilink - ok
16:04:36.0859 0x0848  ql1080 - ok
16:04:36.0875 0x0848  Ql10wnt - ok
16:04:36.0890 0x0848  ql12160 - ok
16:04:36.0906 0x0848  ql1240 - ok
16:04:36.0921 0x0848  ql1280 - ok
16:04:36.0953 0x0848  [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:04:37.0218 0x0848  RasAcd - ok
16:04:37.0250 0x0848  [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:04:37.0500 0x0848  RasAuto - ok
16:04:37.0531 0x0848  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:04:37.0687 0x0848  Rasl2tp - ok
16:04:37.0734 0x0848  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:04:37.0921 0x0848  RasMan - ok
16:04:37.0937 0x0848  [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:04:38.0156 0x0848  RasPppoe - ok
16:04:38.0171 0x0848  [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
16:04:38.0437 0x0848  Raspti - ok
16:04:38.0468 0x0848  [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:04:38.0750 0x0848  Rdbss - ok
16:04:38.0750 0x0848  [ 4912D5B403614CE99C28420F75353332 ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
16:04:39.0031 0x0848  RDPCDD - ok
16:04:39.0078 0x0848  [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
16:04:39.0375 0x0848  rdpdr - ok
16:04:39.0421 0x0848  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
16:04:39.0500 0x0848  RDPWD - ok
16:04:39.0515 0x0848  [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
16:04:39.0750 0x0848  RDSessMgr - ok
16:04:39.0781 0x0848  [ F828DD7E1419B6653894A8F97A0094C5 ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
16:04:39.0953 0x0848  redbook - ok
16:04:39.0984 0x0848  [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:04:40.0156 0x0848  RemoteAccess - ok
16:04:40.0203 0x0848  [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:04:40.0437 0x0848  RemoteRegistry - ok
16:04:40.0453 0x0848  [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator      C:\WINDOWS\System32\locator.exe
16:04:40.0765 0x0848  RpcLocator - ok
16:04:40.0796 0x0848  [ 6B27A5C03DFB94B4245739065431322C ] RpcSs           C:\WINDOWS\System32\rpcss.dll
16:04:40.0875 0x0848  RpcSs - ok
16:04:40.0906 0x0848  [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP            C:\WINDOWS\System32\rsvp.exe
16:04:41.0187 0x0848  RSVP - ok
16:04:41.0218 0x0848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs           C:\WINDOWS\system32\lsass.exe
16:04:41.0515 0x0848  SamSs - ok
16:04:41.0546 0x0848  [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
16:04:41.0859 0x0848  SCardSvr - ok
16:04:41.0906 0x0848  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:04:42.0093 0x0848  Schedule - ok
16:04:42.0140 0x0848  [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
16:04:42.0234 0x0848  Secdrv - ok
16:04:42.0250 0x0848  [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon        C:\WINDOWS\System32\seclogon.dll
16:04:42.0437 0x0848  seclogon - ok
16:04:42.0578 0x0848  [ 05E383849FA1FBBBC160612B0080618C ] Secunia PSI Agent C:\Program Files\Secunia\PSI\PSIA.exe
16:04:42.0671 0x0848  Secunia PSI Agent - ok
16:04:42.0750 0x0848  [ F8173F1454F21C451439CB47EF75830A ] Secunia Update Agent C:\Program Files\Secunia\PSI\sua.exe
16:04:42.0812 0x0848  Secunia Update Agent - ok
16:04:42.0843 0x0848  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS            C:\WINDOWS\system32\sens.dll
16:04:43.0156 0x0848  SENS - ok
16:04:43.0171 0x0848  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
16:04:43.0437 0x0848  serenum - ok
16:04:43.0453 0x0848  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
16:04:43.0750 0x0848  Serial - ok
16:04:43.0781 0x0848  [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
16:04:44.0078 0x0848  Sfloppy - ok
16:04:44.0093 0x0848  [ 28B740A66CB88BE3D0CD93D5664D7D88 ] sfman           C:\WINDOWS\system32\drivers\sfman.sys
16:04:44.0140 0x0848  sfman - ok
16:04:44.0187 0x0848  [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:04:44.0406 0x0848  SharedAccess - ok
16:04:44.0453 0x0848  [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:04:44.0500 0x0848  ShellHWDetection - ok
16:04:44.0515 0x0848  Simbad - ok
16:04:44.0578 0x0848  [ 7C15061CD0372487903B07B9BB03AFAD ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
16:04:44.0593 0x0848  SkypeUpdate - ok
16:04:44.0640 0x0848  [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
16:04:44.0843 0x0848  SLIP - ok
16:04:44.0890 0x0848  [ D819163F6CB2B88B1ED182AFBA3B9EB2 ] smbusp          C:\WINDOWS\system32\DRIVERS\intelsmb.sys
16:04:44.0953 0x0848  smbusp - ok
16:04:44.0984 0x0848  Sparrow - ok
16:04:45.0031 0x0848  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
16:04:45.0328 0x0848  splitter - ok
16:04:45.0375 0x0848  [ 60784F891563FB1B767F70117FC2428F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
16:04:45.0468 0x0848  Spooler - ok
16:04:45.0500 0x0848  [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
16:04:45.0671 0x0848  sr - ok
16:04:45.0718 0x0848  [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice       C:\WINDOWS\system32\srsvc.dll
16:04:45.0890 0x0848  srservice - ok
16:04:45.0921 0x0848  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:04:46.0015 0x0848  Srv - ok
16:04:46.0046 0x0848  [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:04:46.0234 0x0848  SSDPSRV - ok
16:04:46.0265 0x0848  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
16:04:46.0515 0x0848  stisvc - ok
16:04:46.0531 0x0848  [ 77813007BA6265C4B6098187E6ED79D2 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
16:04:46.0703 0x0848  streamip - ok
16:04:46.0750 0x0848  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
16:04:46.0937 0x0848  swenum - ok
16:04:47.0000 0x0848  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
16:04:47.0265 0x0848  swmidi - ok
16:04:47.0281 0x0848  SwPrv - ok
16:04:47.0312 0x0848  SWUMX20 - ok
16:04:47.0406 0x0848  symc810 - ok
16:04:47.0421 0x0848  symc8xx - ok
16:04:47.0437 0x0848  sym_hi - ok
16:04:47.0437 0x0848  sym_u3 - ok
16:04:47.0484 0x0848  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
16:04:47.0750 0x0848  sysaudio - ok
16:04:47.0781 0x0848  [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
16:04:48.0093 0x0848  SysmonLog - ok
16:04:48.0140 0x0848  [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:04:48.0453 0x0848  TapiSrv - ok
16:04:48.0500 0x0848  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:04:48.0562 0x0848  Tcpip - ok
16:04:48.0593 0x0848  [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
16:04:48.0781 0x0848  TDPIPE - ok
16:04:48.0796 0x0848  [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
16:04:48.0953 0x0848  TDTCP - ok
16:04:49.0015 0x0848  [ 88155247177638048422893737429D9E ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
16:04:49.0187 0x0848  TermDD - ok
16:04:49.0218 0x0848  [ FF3477C03BE7201C294C35F684B3479F ] TermService     C:\WINDOWS\System32\termsrv.dll
16:04:49.0468 0x0848  TermService - ok
16:04:49.0500 0x0848  [ 99BC0B50F511924348BE19C7C7313BBF ] Themes          C:\WINDOWS\System32\shsvcs.dll
16:04:49.0562 0x0848  Themes - ok
16:04:49.0640 0x0848  [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr         C:\WINDOWS\System32\tlntsvr.exe
16:04:49.0828 0x0848  TlntSvr - ok
16:04:49.0828 0x0848  TosIde - ok
16:04:49.0859 0x0848  [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks          C:\WINDOWS\system32\trkwks.dll
16:04:50.0156 0x0848  TrkWks - ok
16:04:50.0234 0x0848  [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
16:04:50.0500 0x0848  Udfs - ok
16:04:50.0531 0x0848  ultra - ok
16:04:50.0578 0x0848  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
16:04:50.0875 0x0848  Update - ok
16:04:50.0906 0x0848  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:04:51.0031 0x0848  upnphost - ok
16:04:51.0062 0x0848  [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS             C:\WINDOWS\System32\ups.exe
16:04:51.0234 0x0848  UPS - ok
16:04:51.0250 0x0848  [ EAFE1E00739AFE6C51487A050E772E17 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
16:04:51.0281 0x0848  USBAAPL - ok
16:04:51.0328 0x0848  [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
16:04:51.0515 0x0848  usbccgp - ok
16:04:51.0562 0x0848  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
16:04:51.0812 0x0848  usbehci - ok
16:04:51.0828 0x0848  [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
16:04:52.0125 0x0848  usbhub - ok
16:04:52.0140 0x0848  [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci         C:\WINDOWS\system32\DRIVERS\usbohci.sys
16:04:52.0406 0x0848  usbohci - ok
16:04:52.0437 0x0848  [ A717C8721046828520C9EDF31288FC00 ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
16:04:52.0718 0x0848  usbprint - ok
16:04:52.0765 0x0848  [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
16:04:53.0031 0x0848  usbscan - ok
16:04:53.0046 0x0848  [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
16:04:53.0281 0x0848  USBSTOR - ok
16:04:53.0328 0x0848  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
16:04:53.0500 0x0848  usbuhci - ok
16:04:53.0531 0x0848  [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo        C:\WINDOWS\system32\Drivers\usbvideo.sys
16:04:53.0687 0x0848  usbvideo - ok
16:04:53.0703 0x0848  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
16:04:53.0890 0x0848  VgaSave - ok
16:04:53.0906 0x0848  ViaIde - ok
16:04:53.0921 0x0848  [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
16:04:54.0250 0x0848  VolSnap - ok
16:04:54.0296 0x0848  [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS             C:\WINDOWS\System32\vssvc.exe
16:04:54.0500 0x0848  VSS - ok
16:04:54.0546 0x0848  [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time         C:\WINDOWS\system32\w32time.dll
16:04:54.0859 0x0848  W32Time - ok
16:04:54.0890 0x0848  [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:04:55.0171 0x0848  Wanarp - ok
16:04:55.0187 0x0848  WDICA - ok
16:04:55.0218 0x0848  [ 6768ACF64B18196494413695F0C3A00F ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
16:04:55.0484 0x0848  wdmaud - ok
16:04:55.0515 0x0848  [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:04:55.0750 0x0848  WebClient - ok
16:04:55.0843 0x0848  [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:04:56.0015 0x0848  winmgmt - ok
16:04:56.0093 0x0848  [ 18F347402DA544A780949B8FDF83351B ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:04:56.0234 0x0848  WinRM - ok
16:04:56.0250 0x0848  wltrysvc - ok
16:04:56.0296 0x0848  [ 581176F60885AEF8F78C6E38DCC3CDF9 ] WMDM PMSP Service C:\WINDOWS\System32\MsPMSPSv.exe
16:04:56.0312 0x0848  WMDM PMSP Service ( UnsignedFile.Multi.Generic ) - warning
16:04:56.0312 0x0848  WMDM PMSP Service - detected UnsignedFile.Multi.Generic (1)
16:04:56.0343 0x0848  [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
16:04:56.0390 0x0848  WmdmPmSN - ok
16:04:56.0437 0x0848  [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi             C:\WINDOWS\System32\advapi32.dll
16:04:56.0531 0x0848  Wmi - ok
16:04:56.0578 0x0848  [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv        C:\WINDOWS\System32\wbem\wmiapsrv.exe
16:04:56.0890 0x0848  WmiApSrv - ok
16:04:56.0953 0x0848  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
16:04:57.0062 0x0848  WMPNetworkSvc - ok
16:04:57.0093 0x0848  [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb          C:\WINDOWS\system32\DRIVERS\wpdusb.sys
16:04:57.0140 0x0848  WpdUsb - ok
16:04:57.0171 0x0848  WPFFontCache_v0400 - ok
16:04:57.0218 0x0848  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
16:04:57.0484 0x0848  WS2IFSL - ok
16:04:57.0531 0x0848  [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
16:04:57.0828 0x0848  wscsvc - ok
16:04:57.0828 0x0848  WSearch - ok
16:04:57.0875 0x0848  [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
16:04:58.0046 0x0848  WSTCODEC - ok
16:04:58.0078 0x0848  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
16:04:58.0265 0x0848  wuauserv - ok
16:04:58.0296 0x0848  [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
16:04:58.0343 0x0848  WudfPf - ok
16:04:58.0359 0x0848  [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
16:04:58.0421 0x0848  WudfRd - ok
16:04:58.0468 0x0848  [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
16:04:58.0531 0x0848  WudfSvc - ok
16:04:58.0593 0x0848  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
16:04:58.0906 0x0848  WZCSVC - ok
16:04:58.0968 0x0848  [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
16:04:59.0265 0x0848  xmlprov - ok
16:04:59.0296 0x0848  ================ Scan global ===============================
16:04:59.0328 0x0848  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:04:59.0375 0x0848  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
16:04:59.0421 0x0848  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
16:04:59.0468 0x0848  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:04:59.0500 0x0848  [Global] - ok
16:04:59.0500 0x0848  ================ Scan MBR ==================================
16:04:59.0515 0x0848  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
16:04:59.0750 0x0848  \Device\Harddisk0\DR0 - ok
16:04:59.0750 0x0848  ================ Scan VBR ==================================
16:04:59.0750 0x0848  [ D6E88533B64012538F04EB710BF40CC8 ] \Device\Harddisk0\DR0\Partition1
16:04:59.0750 0x0848  \Device\Harddisk0\DR0\Partition1 - ok
16:04:59.0750 0x0848  ================ Scan active images ========================
16:04:59.0765 0x0848  [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
16:04:59.0765 0x0848  C:\WINDOWS\system32\drivers\intelppm.sys - ok
16:04:59.0781 0x0848  [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
16:04:59.0781 0x0848  C:\WINDOWS\system32\drivers\videoprt.sys - ok
16:04:59.0781 0x0848  [ 07AC9A98EA70B5A6655A5797174BD282 ] C:\WINDOWS\system32\drivers\ati2mtag.sys
16:04:59.0781 0x0848  C:\WINDOWS\system32\drivers\ati2mtag.sys - ok
16:04:59.0796 0x0848  [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
16:04:59.0796 0x0848  C:\WINDOWS\system32\drivers\usbport.sys - ok
16:04:59.0812 0x0848  [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys
16:04:59.0812 0x0848  C:\WINDOWS\system32\drivers\usbohci.sys - ok
16:04:59.0812 0x0848  [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
16:04:59.0812 0x0848  C:\WINDOWS\system32\drivers\usbehci.sys - ok
16:04:59.0828 0x0848  [ 98B46B331404A951CABAD8B4877E1276 ] C:\WINDOWS\system32\drivers\e100b325.sys
16:04:59.0828 0x0848  C:\WINDOWS\system32\drivers\e100b325.sys - ok
16:04:59.0843 0x0848  [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
16:04:59.0843 0x0848  C:\WINDOWS\system32\drivers\ks.sys - ok
16:04:59.0859 0x0848  [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
16:04:59.0859 0x0848  C:\WINDOWS\system32\drivers\drmk.sys - ok
16:04:59.0859 0x0848  [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
16:04:59.0859 0x0848  C:\WINDOWS\system32\drivers\portcls.sys - ok
16:04:59.0875 0x0848  [ 80307925F525F1ED3323D6275185438A ] C:\WINDOWS\system32\drivers\emu10k1f.sys
16:04:59.0875 0x0848  C:\WINDOWS\system32\drivers\emu10k1f.sys - ok
16:04:59.0890 0x0848  [ 28B740A66CB88BE3D0CD93D5664D7D88 ] C:\WINDOWS\system32\drivers\sfman.sys
16:04:59.0890 0x0848  C:\WINDOWS\system32\drivers\sfman.sys - ok
16:04:59.0890 0x0848  [ AADC81E967C25DD7C90E150FEC6EAB74 ] C:\WINDOWS\system32\drivers\ctlface.sys
16:04:59.0890 0x0848  C:\WINDOWS\system32\drivers\ctlface.sys - ok
16:04:59.0906 0x0848  [ 065639773D8B03F33577F6CDAEA21063 ] C:\WINDOWS\system32\drivers\gameenum.sys
16:04:59.0906 0x0848  C:\WINDOWS\system32\drivers\gameenum.sys - ok
16:04:59.0921 0x0848  [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
16:04:59.0921 0x0848  C:\WINDOWS\system32\drivers\i8042prt.sys - ok
16:04:59.0921 0x0848  [ 8F1BA487B35F0C8F637E05113AA815F8 ] C:\WINDOWS\system32\drivers\itchfltr.sys
16:04:59.0921 0x0848  C:\WINDOWS\system32\drivers\itchfltr.sys - ok
16:04:59.0937 0x0848  [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
16:04:59.0937 0x0848  C:\WINDOWS\system32\drivers\kbdclass.sys - ok
16:04:59.0953 0x0848  [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
16:04:59.0953 0x0848  C:\WINDOWS\system32\drivers\mouclass.sys - ok
16:04:59.0968 0x0848  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
16:04:59.0968 0x0848  C:\WINDOWS\system32\drivers\fdc.sys - ok
16:04:59.0968 0x0848  [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
16:04:59.0968 0x0848  C:\WINDOWS\system32\drivers\serenum.sys - ok
16:04:59.0984 0x0848  [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
16:04:59.0984 0x0848  C:\WINDOWS\system32\drivers\serial.sys - ok
16:05:00.0000 0x0848  [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
16:05:00.0000 0x0848  C:\WINDOWS\system32\drivers\imapi.sys - ok
16:05:00.0000 0x0848  [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
16:05:00.0000 0x0848  C:\WINDOWS\system32\drivers\parport.sys - ok
16:05:00.0015 0x0848  [ 444F122E68DB44C0589227781F3C8B3F ] C:\WINDOWS\system32\drivers\pfc.sys
16:05:00.0015 0x0848  C:\WINDOWS\system32\drivers\pfc.sys - ok
16:05:00.0031 0x0848  [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
16:05:00.0031 0x0848  C:\WINDOWS\system32\drivers\cdrom.sys - ok
16:05:00.0031 0x0848  [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
16:05:00.0031 0x0848  C:\WINDOWS\system32\drivers\redbook.sys - ok
16:05:00.0046 0x0848  [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
16:05:00.0046 0x0848  C:\WINDOWS\system32\drivers\audstub.sys - ok
16:05:00.0062 0x0848  [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
16:05:00.0062 0x0848  C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
16:05:00.0078 0x0848  [ D819163F6CB2B88B1ED182AFBA3B9EB2 ] C:\WINDOWS\system32\drivers\intelsmb.sys
16:05:00.0078 0x0848  C:\WINDOWS\system32\drivers\intelsmb.sys - ok
16:05:00.0078 0x0848  [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
16:05:00.0078 0x0848  C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
16:05:00.0093 0x0848  [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
16:05:00.0093 0x0848  C:\WINDOWS\system32\drivers\usbuhci.sys - ok
16:05:00.0109 0x0848  [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
16:05:00.0109 0x0848  C:\WINDOWS\system32\drivers\ndistapi.sys - ok
16:05:00.0109 0x0848  [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
16:05:00.0109 0x0848  C:\WINDOWS\system32\drivers\ndiswan.sys - ok
16:05:00.0125 0x0848  [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
16:05:00.0125 0x0848  C:\WINDOWS\system32\drivers\raspppoe.sys - ok
16:05:00.0140 0x0848  [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
16:05:00.0140 0x0848  C:\WINDOWS\system32\drivers\tdi.sys - ok
16:05:00.0156 0x0848  [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
16:05:00.0156 0x0848  C:\WINDOWS\system32\drivers\psched.sys - ok
16:05:00.0156 0x0848  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
16:05:00.0156 0x0848  C:\WINDOWS\system32\drivers\raspptp.sys - ok
16:05:00.0171 0x0848  [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
16:05:00.0171 0x0848  C:\WINDOWS\system32\drivers\msgpc.sys - ok
16:05:00.0171 0x0848  [ CD2425FD848E5FA09C9A213DA56817A9 ] C:\WINDOWS\system32\drivers\Pcouffin.sys
16:05:00.0171 0x0848  C:\WINDOWS\system32\drivers\Pcouffin.sys - ok
16:05:00.0187 0x0848  [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
16:05:00.0187 0x0848  C:\WINDOWS\system32\drivers\ptilink.sys - ok
16:05:00.0187 0x0848  [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
16:05:00.0187 0x0848  C:\WINDOWS\system32\drivers\raspti.sys - ok
16:05:00.0203 0x0848  [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
16:05:00.0203 0x0848  C:\WINDOWS\system32\drivers\rdpdr.sys - ok
16:05:00.0218 0x0848  [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
16:05:00.0218 0x0848  C:\WINDOWS\system32\drivers\termdd.sys - ok
16:05:00.0234 0x0848  [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
16:05:00.0234 0x0848  C:\WINDOWS\system32\drivers\swenum.sys - ok
16:05:00.0234 0x0848  [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
16:05:00.0234 0x0848  C:\WINDOWS\system32\drivers\update.sys - ok
16:05:00.0250 0x0848  [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
16:05:00.0250 0x0848  C:\WINDOWS\system32\drivers\mssmbios.sys - ok
16:05:00.0250 0x0848  [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
16:05:00.0250 0x0848  C:\WINDOWS\system32\drivers\ndproxy.sys - ok
16:05:00.0265 0x0848  [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
16:05:00.0265 0x0848  C:\WINDOWS\system32\drivers\usbd.sys - ok
16:05:00.0265 0x0848  [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
16:05:00.0265 0x0848  C:\WINDOWS\system32\drivers\usbhub.sys - ok
16:05:00.0281 0x0848  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
16:05:00.0281 0x0848  C:\WINDOWS\system32\drivers\flpydisk.sys - ok
16:05:00.0296 0x0848  [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
16:05:00.0296 0x0848  C:\WINDOWS\system32\drivers\cdaudio.sys - ok
16:05:00.0312 0x0848  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
16:05:00.0312 0x0848  C:\WINDOWS\system32\drivers\fs_rec.sys - ok
16:05:00.0312 0x0848  [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
16:05:00.0312 0x0848  C:\WINDOWS\system32\drivers\sfloppy.sys - ok
16:05:00.0328 0x0848  [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
16:05:00.0328 0x0848  C:\WINDOWS\system32\drivers\null.sys - ok
16:05:00.0328 0x0848  [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
16:05:00.0328 0x0848  C:\WINDOWS\system32\drivers\beep.sys - ok
16:05:00.0343 0x0848  [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
16:05:00.0343 0x0848  C:\WINDOWS\system32\drivers\hidparse.sys - ok
16:05:00.0343 0x0848  [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
16:05:00.0343 0x0848  C:\WINDOWS\system32\drivers\kbdhid.sys - ok
16:05:00.0359 0x0848  [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
16:05:00.0359 0x0848  C:\WINDOWS\system32\drivers\mnmdd.sys - ok
16:05:00.0359 0x0848  [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
16:05:00.0359 0x0848  C:\WINDOWS\system32\drivers\vga.sys - ok
16:05:00.0375 0x0848  [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
16:05:00.0375 0x0848  C:\WINDOWS\system32\drivers\msfs.sys - ok
16:05:00.0375 0x0848  [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
16:05:00.0375 0x0848  C:\WINDOWS\system32\drivers\npfs.sys - ok
16:05:00.0390 0x0848  [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
16:05:00.0390 0x0848  C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
16:05:00.0390 0x0848  [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
16:05:00.0390 0x0848  C:\WINDOWS\system32\drivers\ipsec.sys - ok
16:05:00.0406 0x0848  [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
16:05:00.0406 0x0848  C:\WINDOWS\system32\drivers\rasacd.sys - ok
16:05:00.0406 0x0848  [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
16:05:00.0406 0x0848  C:\WINDOWS\system32\drivers\tcpip.sys - ok
16:05:00.0421 0x0848  [ 5E18413310134130D7772F0668698CB7 ] C:\WINDOWS\system32\drivers\aswTdi.sys
16:05:00.0421 0x0848  C:\WINDOWS\system32\drivers\aswTdi.sys - ok
16:05:00.0421 0x0848  [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
16:05:00.0421 0x0848  C:\WINDOWS\system32\drivers\ipnat.sys - ok
16:05:00.0437 0x0848  [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
16:05:00.0437 0x0848  C:\WINDOWS\system32\drivers\netbt.sys - ok
16:05:00.0437 0x0848  [ D084D0A7A66619FC29776CBBB9D5FA55 ] C:\WINDOWS\system32\drivers\aswRdr.sys
16:05:00.0437 0x0848  C:\WINDOWS\system32\drivers\aswRdr.sys - ok
16:05:00.0453 0x0848  [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
16:05:00.0453 0x0848  C:\WINDOWS\system32\drivers\wanarp.sys - ok
16:05:00.0453 0x0848  [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:05:00.0453 0x0848  C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
16:05:00.0468 0x0848  [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
16:05:00.0468 0x0848  C:\WINDOWS\system32\drivers\afd.sys - ok
16:05:00.0468 0x0848  [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
16:05:00.0468 0x0848  C:\WINDOWS\system32\drivers\netbios.sys - ok
16:05:00.0484 0x0848  [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys
16:05:00.0484 0x0848  C:\WINDOWS\system32\drivers\processr.sys - ok
16:05:00.0484 0x0848  [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
16:05:00.0484 0x0848  C:\WINDOWS\system32\drivers\rdbss.sys - ok
16:05:00.0500 0x0848  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
16:05:00.0500 0x0848  C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
16:05:00.0500 0x0848  [ 813024DFD54A41B3AFAE2B1E2796CB80 ] C:\WINDOWS\system32\drivers\aswSP.sys
16:05:00.0500 0x0848  C:\WINDOWS\system32\drivers\aswSP.sys - ok
16:05:00.0515 0x0848  [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
16:05:00.0515 0x0848  C:\WINDOWS\system32\drivers\fips.sys - ok
16:05:00.0515 0x0848  [ 4D53349D848C6BADB3D4ACBE98C27676 ] C:\WINDOWS\system32\drivers\aswSnx.sys
16:05:00.0515 0x0848  C:\WINDOWS\system32\drivers\aswSnx.sys - ok
16:05:00.0531 0x0848  [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
16:05:00.0531 0x0848  C:\WINDOWS\system32\drivers\usbccgp.sys - ok
16:05:00.0531 0x0848  [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
16:05:00.0531 0x0848  C:\WINDOWS\system32\smss.exe - ok
16:05:00.0531 0x0848  [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
16:05:00.0531 0x0848  C:\WINDOWS\system32\ntdll.dll - ok
16:05:00.0546 0x0848  [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
16:05:00.0546 0x0848  C:\WINDOWS\system32\autochk.exe - ok
16:05:00.0546 0x0848  [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
16:05:00.0546 0x0848  C:\WINDOWS\system32\sfcfiles.dll - ok
16:05:00.0562 0x0848  [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
16:05:00.0562 0x0848  C:\WINDOWS\system32\drivers\cdfs.sys - ok
16:05:00.0562 0x0848  [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
16:05:00.0562 0x0848  C:\WINDOWS\system32\drivers\hidclass.sys - ok
16:05:00.0578 0x0848  [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
16:05:00.0578 0x0848  C:\WINDOWS\system32\drivers\hidusb.sys - ok
16:05:00.0578 0x0848  [ 92A964547B96D697E5E9ED43B4297F5A ] C:\WINDOWS\system32\drivers\BrScnUsb.sys
16:05:00.0578 0x0848  C:\WINDOWS\system32\drivers\BrScnUsb.sys - ok
16:05:00.0593 0x0848  [ C121E10C64318182A6478ACAE1855EE0 ] C:\WINDOWS\system32\drivers\BrSerIf.sys
16:05:00.0593 0x0848  C:\WINDOWS\system32\drivers\BrSerIf.sys - ok
16:05:00.0593 0x0848  [ 7AC85CDC03BEFD78908B3B6A73D201D0 ] C:\WINDOWS\system32\drivers\BrUsbSer.sys
16:05:00.0593 0x0848  C:\WINDOWS\system32\drivers\BrUsbSer.sys - ok
16:05:00.0609 0x0848  [ A717C8721046828520C9EDF31288FC00 ] C:\WINDOWS\system32\drivers\usbprint.sys
16:05:00.0609 0x0848  C:\WINDOWS\system32\drivers\usbprint.sys - ok
16:05:00.0609 0x0848  [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
16:05:00.0609 0x0848  C:\WINDOWS\system32\drivers\usbstor.sys - ok
16:05:00.0625 0x0848  [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
16:05:00.0625 0x0848  C:\WINDOWS\system32\drivers\mouhid.sys - ok
16:05:00.0625 0x0848  [ 7D2B8BE9E89628663C1FB571F7C34062 ] C:\WINDOWS\system32\drivers\IdeChnDr.sys
16:05:00.0625 0x0848  C:\WINDOWS\system32\drivers\IdeChnDr.sys - ok
16:05:00.0640 0x0848  [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
16:05:00.0640 0x0848  C:\WINDOWS\system32\drivers\dxapi.sys - ok
16:05:00.0640 0x0848  [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
16:05:00.0640 0x0848  C:\WINDOWS\system32\watchdog.sys - ok
16:05:00.0656 0x0848  [ FC8A1F72A8097910A11D5184BC3F887B ] C:\WINDOWS\system32\win32k.sys
16:05:00.0656 0x0848  C:\WINDOWS\system32\win32k.sys - ok
16:05:00.0656 0x0848  [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
16:05:00.0656 0x0848  C:\WINDOWS\system32\csrss.exe - ok
16:05:00.0671 0x0848  [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
16:05:00.0671 0x0848  C:\WINDOWS\system32\basesrv.dll - ok
16:05:00.0671 0x0848  [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
16:05:00.0671 0x0848  C:\WINDOWS\system32\csrsrv.dll - ok
16:05:00.0687 0x0848  [ 69AE2B2E6968C316536E5B10B9702E63 ] C:\WINDOWS\system32\winsrv.dll
16:05:00.0687 0x0848  C:\WINDOWS\system32\winsrv.dll - ok
16:05:00.0687 0x0848  [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
16:05:00.0687 0x0848  C:\WINDOWS\system32\gdi32.dll - ok
16:05:00.0703 0x0848  [ 6FE42512AB1B89F32A7407F261B1D2D0 ] C:\WINDOWS\system32\kernel32.dll
16:05:00.0703 0x0848  C:\WINDOWS\system32\kernel32.dll - ok
16:05:00.0703 0x0848  [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
16:05:00.0703 0x0848  C:\WINDOWS\system32\user32.dll - ok
16:05:00.0718 0x0848  [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
16:05:00.0718 0x0848  C:\WINDOWS\system32\drivers\dxg.sys - ok
16:05:00.0718 0x0848  [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
16:05:00.0718 0x0848  C:\WINDOWS\system32\drivers\dxgthk.sys - ok
16:05:00.0734 0x0848  [ 9940D839382E301F0B366A0E93F958E9 ] C:\WINDOWS\system32\ati2cqag.dll
16:05:00.0734 0x0848  C:\WINDOWS\system32\ati2cqag.dll - ok
16:05:00.0734 0x0848  [ 73FEDF21F13B78110253EF741BF6B2BD ] C:\WINDOWS\system32\ati2dvag.dll
16:05:00.0734 0x0848  C:\WINDOWS\system32\ati2dvag.dll - ok
16:05:00.0750 0x0848  [ 3A861092FE68C2171BD288A239C2D429 ] C:\WINDOWS\system32\atikvmag.dll
16:05:00.0750 0x0848  C:\WINDOWS\system32\atikvmag.dll - ok
16:05:00.0750 0x0848  [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
16:05:00.0750 0x0848  C:\WINDOWS\system32\vga.dll - ok
16:05:00.0765 0x0848  [ EAAEAE1F514BD8AD704C9FF6A8E74B91 ] C:\WINDOWS\system32\ati3duag.dll
16:05:00.0765 0x0848  C:\WINDOWS\system32\ati3duag.dll - ok
16:05:00.0765 0x0848  [ 0A76ADB97C49B49538CC0181B3293D53 ] C:\WINDOWS\system32\ativvaxx.dll
16:05:00.0765 0x0848  C:\WINDOWS\system32\ativvaxx.dll - ok
16:05:00.0781 0x0848  [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
16:05:00.0781 0x0848  C:\WINDOWS\system32\winlogon.exe - ok
16:05:00.0781 0x0848  [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
16:05:00.0781 0x0848  C:\WINDOWS\system32\advapi32.dll - ok
16:05:00.0796 0x0848  [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
16:05:00.0796 0x0848  C:\WINDOWS\system32\rpcrt4.dll - ok
16:05:00.0796 0x0848  [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
16:05:00.0796 0x0848  C:\WINDOWS\system32\authz.dll - ok
16:05:00.0812 0x0848  [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
16:05:00.0812 0x0848  C:\WINDOWS\system32\secur32.dll - ok
16:05:00.0812 0x0848  [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
16:05:00.0812 0x0848  C:\WINDOWS\system32\msvcrt.dll - ok
16:05:00.0828 0x0848  [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
16:05:00.0828 0x0848  C:\WINDOWS\system32\crypt32.dll - ok
16:05:00.0828 0x0848  [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
16:05:00.0828 0x0848  C:\WINDOWS\system32\msasn1.dll - ok
16:05:00.0843 0x0848  [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
16:05:00.0843 0x0848  C:\WINDOWS\system32\nddeapi.dll - ok
16:05:00.0843 0x0848  [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
16:05:00.0843 0x0848  C:\WINDOWS\system32\netapi32.dll - ok
16:05:00.0843 0x0848  [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
16:05:00.0859 0x0848  C:\WINDOWS\system32\profmap.dll - ok
16:05:00.0859 0x0848  [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
16:05:00.0859 0x0848  C:\WINDOWS\system32\userenv.dll - ok
16:05:00.0875 0x0848  [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
16:05:00.0875 0x0848  C:\WINDOWS\system32\psapi.dll - ok
16:05:00.0890 0x0848  [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
16:05:00.0890 0x0848  C:\WINDOWS\system32\regapi.dll - ok
16:05:00.0890 0x0848  [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
16:05:00.0890 0x0848  C:\WINDOWS\system32\setupapi.dll - ok
16:05:00.0906 0x0848  [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
16:05:00.0906 0x0848  C:\WINDOWS\system32\version.dll - ok
16:05:00.0906 0x0848  [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
16:05:00.0906 0x0848  C:\WINDOWS\system32\winsta.dll - ok
16:05:00.0921 0x0848  [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
16:05:00.0921 0x0848  C:\WINDOWS\system32\wintrust.dll - ok
16:05:00.0921 0x0848  [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
16:05:00.0921 0x0848  C:\WINDOWS\system32\imagehlp.dll - ok
16:05:00.0937 0x0848  [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
16:05:00.0937 0x0848  C:\WINDOWS\system32\ws2_32.dll - ok
16:05:00.0937 0x0848  [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
16:05:00.0937 0x0848  C:\WINDOWS\system32\imm32.dll - ok
16:05:00.0953 0x0848  [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
16:05:00.0953 0x0848  C:\WINDOWS\system32\ws2help.dll - ok
16:05:00.0968 0x0848  [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
16:05:00.0968 0x0848  C:\WINDOWS\system32\kbdus.dll - ok
16:05:00.0984 0x0848  [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
16:05:00.0984 0x0848  C:\WINDOWS\system32\msgina.dll - ok
16:05:01.0000 0x0848  [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
16:05:01.0000 0x0848  C:\WINDOWS\system32\comctl32.dll - ok
16:05:01.0000 0x0848  [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
16:05:01.0015 0x0848  C:\WINDOWS\system32\odbc32.dll - ok
16:05:01.0015 0x0848  [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
16:05:01.0015 0x0848  C:\WINDOWS\system32\comdlg32.dll - ok
16:05:01.0031 0x0848  [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
16:05:01.0031 0x0848  C:\WINDOWS\system32\shell32.dll - ok
16:05:01.0046 0x0848  [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
16:05:01.0046 0x0848  C:\WINDOWS\system32\shlwapi.dll - ok
16:05:01.0046 0x0848  [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
16:05:01.0046 0x0848  C:\WINDOWS\system32\sxs.dll - ok
16:05:01.0062 0x0848  [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
16:05:01.0062 0x0848  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
16:05:01.0078 0x0848  [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
16:05:01.0078 0x0848  C:\WINDOWS\system32\odbcint.dll - ok
16:05:01.0078 0x0848  [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
16:05:01.0078 0x0848  C:\WINDOWS\system32\shsvcs.dll - ok
16:05:01.0093 0x0848  [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
16:05:01.0093 0x0848  C:\WINDOWS\system32\sfc.dll - ok
16:05:01.0109 0x0848  [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
16:05:01.0109 0x0848  C:\WINDOWS\system32\sfc_os.dll - ok
16:05:01.0125 0x0848  [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
16:05:01.0125 0x0848  C:\WINDOWS\system32\ole32.dll - ok
16:05:01.0125 0x0848  [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
16:05:01.0125 0x0848  C:\WINDOWS\system32\apphelp.dll - ok
16:05:01.0140 0x0848  [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
16:05:01.0140 0x0848  C:\WINDOWS\system32\lsass.exe - ok
16:05:01.0156 0x0848  [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
16:05:01.0156 0x0848  C:\WINDOWS\system32\services.exe - ok
16:05:01.0156 0x0848  [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
16:05:01.0156 0x0848  C:\WINDOWS\system32\lsasrv.dll - ok
16:05:01.0171 0x0848  [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
16:05:01.0171 0x0848  C:\WINDOWS\system32\ncobjapi.dll - ok
16:05:01.0187 0x0848  [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
16:05:01.0187 0x0848  C:\WINDOWS\system32\msvcp60.dll - ok
16:05:01.0187 0x0848  [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
16:05:01.0187 0x0848  C:\WINDOWS\system32\scesrv.dll - ok
16:05:01.0203 0x0848  [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
16:05:01.0203 0x0848  C:\WINDOWS\system32\mpr.dll - ok
16:05:01.0218 0x0848  [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
16:05:01.0218 0x0848  C:\WINDOWS\system32\ntdsapi.dll - ok
16:05:01.0218 0x0848  [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
16:05:01.0218 0x0848  C:\WINDOWS\system32\umpnpmgr.dll - ok
16:05:01.0234 0x0848  [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
16:05:01.0234 0x0848  C:\WINDOWS\system32\dnsapi.dll - ok
16:05:01.0250 0x0848  [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
16:05:01.0250 0x0848  C:\WINDOWS\system32\shimeng.dll - ok
16:05:01.0250 0x0848  [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
16:05:01.0250 0x0848  C:\WINDOWS\AppPatch\acadproc.dll - ok
16:05:01.0265 0x0848  [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
16:05:01.0265 0x0848  C:\WINDOWS\system32\wldap32.dll - ok
16:05:01.0281 0x0848  [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
16:05:01.0281 0x0848  C:\WINDOWS\system32\samlib.dll - ok
16:05:01.0296 0x0848  [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
16:05:01.0296 0x0848  C:\WINDOWS\system32\samsrv.dll - ok
16:05:01.0296 0x0848  [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
16:05:01.0296 0x0848  C:\WINDOWS\system32\cryptdll.dll - ok
16:05:01.0312 0x0848  [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
16:05:01.0312 0x0848  C:\WINDOWS\AppPatch\acgenral.dll - ok
16:05:01.0328 0x0848  [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
16:05:01.0328 0x0848  C:\WINDOWS\system32\winmm.dll - ok
16:05:01.0328 0x0848  [ EFF03460E542EEA6B0ABDEC6BF19C897 ] C:\WINDOWS\system32\oleaut32.dll
16:05:01.0328 0x0848  C:\WINDOWS\system32\oleaut32.dll - ok
16:05:01.0343 0x0848  [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
16:05:01.0343 0x0848  C:\WINDOWS\system32\msacm32.dll - ok
16:05:01.0359 0x0848  [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
16:05:01.0359 0x0848  C:\WINDOWS\system32\uxtheme.dll - ok
16:05:01.0375 0x0848  [ C84E86E47980387645DACBDEB295E36A ] C:\WINDOWS\system32\ctwdm32.dll
16:05:01.0375 0x0848  C:\WINDOWS\system32\ctwdm32.dll - ok
16:05:01.0375 0x0848  [ D874723E025C465990B5F105715361F7 ] C:\WINDOWS\system32\devldr32.exe
16:05:01.0375 0x0848  C:\WINDOWS\system32\devldr32.exe - ok
16:05:01.0390 0x0848  [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
16:05:01.0390 0x0848  C:\WINDOWS\system32\msapsspc.dll - ok
16:05:01.0406 0x0848  [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
16:05:01.0406 0x0848  C:\WINDOWS\system32\msvcrt40.dll - ok
16:05:01.0421 0x0848  [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
16:05:01.0421 0x0848  C:\WINDOWS\system32\schannel.dll - ok
16:05:01.0421 0x0848  [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
16:05:01.0421 0x0848  C:\WINDOWS\system32\digest.dll - ok
16:05:01.0437 0x0848  [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
16:05:01.0437 0x0848  C:\WINDOWS\system32\msctfime.ime - ok
16:05:01.0437 0x0848  [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
16:05:01.0437 0x0848  C:\WINDOWS\system32\msnsspc.dll - ok
16:05:01.0453 0x0848  [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
16:05:01.0453 0x0848  C:\WINDOWS\system32\msprivs.dll - ok
16:05:01.0468 0x0848  [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
16:05:01.0468 0x0848  C:\WINDOWS\system32\kerberos.dll - ok
16:05:01.0484 0x0848  [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
16:05:01.0484 0x0848  C:\WINDOWS\system32\msv1_0.dll - ok
16:05:01.0484 0x0848  [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
16:05:01.0484 0x0848  C:\WINDOWS\system32\iphlpapi.dll - ok
16:05:01.0500 0x0848  [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
16:05:01.0500 0x0848  C:\WINDOWS\system32\netlogon.dll - ok
16:05:01.0515 0x0848  [ C11D10A3C164AC222BC9AAB3650A88B3 ] C:\WINDOWS\system32\atmfd.dll
16:05:01.0515 0x0848  C:\WINDOWS\system32\atmfd.dll - ok
16:05:01.0531 0x0848  [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
16:05:01.0531 0x0848  C:\WINDOWS\system32\w32time.dll - ok
16:05:01.0546 0x0848  [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
16:05:01.0546 0x0848  C:\WINDOWS\system32\rsaenh.dll - ok
16:05:01.0546 0x0848  [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
16:05:01.0546 0x0848  C:\WINDOWS\system32\wdigest.dll - ok
16:05:01.0562 0x0848  [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
16:05:01.0562 0x0848  C:\WINDOWS\system32\winscard.dll - ok
16:05:01.0578 0x0848  [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
16:05:01.0578 0x0848  C:\WINDOWS\system32\wtsapi32.dll - ok
16:05:01.0593 0x0848  [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
16:05:01.0593 0x0848  C:\WINDOWS\system32\scecli.dll - ok
16:05:01.0593 0x0848  [ AE5549DD21F6DE06406031EF1D51ACC3 ] C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:05:01.0593 0x0848  C:\WINDOWS\system32\drivers\aswMonFlt.sys - ok
16:05:01.0609 0x0848  [ 4470E3C1E0C3378E4CAB137893C12C3A ] C:\WINDOWS\system32\drivers\mbam.sys
16:05:01.0609 0x0848  C:\WINDOWS\system32\drivers\mbam.sys - ok
16:05:01.0625 0x0848  [ BBA22521D24625C7A7B8D57FB20A812E ] C:\WINDOWS\system32\ati2evxx.exe
16:05:01.0625 0x0848  C:\WINDOWS\system32\ati2evxx.exe - ok
16:05:01.0640 0x0848  [ B9FE438B3CAD82B2014710349A2022F7 ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
16:05:01.0640 0x0848  C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
16:05:01.0656 0x0848  [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
16:05:01.0656 0x0848  C:\WINDOWS\system32\svchost.exe - ok
16:05:01.0656 0x0848  [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
16:05:01.0656 0x0848  C:\WINDOWS\system32\ntmarta.dll - ok
16:05:01.0671 0x0848  [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
16:05:01.0671 0x0848  C:\WINDOWS\system32\rpcss.dll - ok
16:05:01.0687 0x0848  [ 24DCA3ABCC5E6C37330CA8659D0F763D ] C:\WINDOWS\system32\ati2edxx.dll
16:05:01.0687 0x0848  C:\WINDOWS\system32\ati2edxx.dll - ok
16:05:01.0687 0x0848  [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
16:05:01.0687 0x0848  C:\WINDOWS\system32\xpsp2res.dll - ok
16:05:01.0703 0x0848  [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
16:05:01.0703 0x0848  C:\WINDOWS\system32\eventlog.dll - ok
16:05:01.0718 0x0848  [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
16:05:01.0718 0x0848  C:\WINDOWS\system32\mswsock.dll - ok
16:05:01.0734 0x0848  [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
16:05:01.0734 0x0848  C:\WINDOWS\system32\hnetcfg.dll - ok
16:05:01.0750 0x0848  [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
16:05:01.0750 0x0848  C:\WINDOWS\system32\wshtcpip.dll - ok
16:05:01.0765 0x0848  [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
16:05:01.0765 0x0848  C:\WINDOWS\system32\rasadhlp.dll - ok
16:05:01.0781 0x0848  [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
16:05:01.0781 0x0848  C:\WINDOWS\system32\winrnr.dll - ok
16:05:01.0796 0x0848  [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
16:05:01.0796 0x0848  C:\WINDOWS\system32\WudfSvc.dll - ok
16:05:01.0828 0x0848  [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
16:05:01.0828 0x0848  C:\WINDOWS\system32\WudfPlatform.dll - ok
16:05:01.0843 0x0848  [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
16:05:01.0843 0x0848  C:\WINDOWS\system32\drivers\ndisuio.sys - ok
16:05:01.0859 0x0848  [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
16:05:01.0859 0x0848  C:\WINDOWS\system32\dhcpcsvc.dll - ok
16:05:01.0890 0x0848  [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
16:05:01.0890 0x0848  C:\WINDOWS\system32\dnsrslvr.dll - ok
16:05:01.0906 0x0848  [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
16:05:01.0906 0x0848  C:\WINDOWS\system32\logonui.exe - ok
16:05:01.0921 0x0848  [ 62733C611488FAB76DEB1E66C96A443F ] C:\WINDOWS\system32\ati2evxx.dll
16:05:01.0921 0x0848  C:\WINDOWS\system32\ati2evxx.dll - ok
16:05:01.0921 0x0848  [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
16:05:01.0921 0x0848  C:\WINDOWS\system32\cscdll.dll - ok
16:05:01.0937 0x0848  [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
16:05:01.0937 0x0848  C:\WINDOWS\system32\lmhsvc.dll - ok
16:05:01.0953 0x0848  [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
16:05:01.0953 0x0848  C:\WINDOWS\system32\wzcsvc.dll - ok
16:05:01.0968 0x0848  [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
16:05:01.0968 0x0848  C:\WINDOWS\system32\dimsntfy.dll - ok
16:05:01.0968 0x0848  [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
16:05:01.0968 0x0848  C:\WINDOWS\system32\wlnotify.dll - ok
16:05:01.0984 0x0848  [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
16:05:01.0984 0x0848  C:\WINDOWS\system32\winspool.drv - ok
16:05:02.0000 0x0848  [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
16:05:02.0000 0x0848  C:\WINDOWS\system32\duser.dll - ok
16:05:02.0015 0x0848  [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
16:05:02.0015 0x0848  C:\WINDOWS\system32\WgaLogon.dll - ok
16:05:02.0015 0x0848  [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
16:05:02.0015 0x0848  C:\WINDOWS\system32\rtutils.dll - ok
16:05:02.0031 0x0848  [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
16:05:02.0031 0x0848  C:\WINDOWS\system32\wmi.dll - ok
16:05:02.0046 0x0848  [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
16:05:02.0046 0x0848  C:\WINDOWS\system32\eapolqec.dll - ok
16:05:02.0062 0x0848  [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
16:05:02.0062 0x0848  C:\WINDOWS\system32\atl.dll - ok
16:05:02.0078 0x0848  [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
16:05:02.0078 0x0848  C:\WINDOWS\system32\qutil.dll - ok
16:05:02.0078 0x0848  [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
16:05:02.0078 0x0848  C:\WINDOWS\system32\dot3api.dll - ok
16:05:02.0093 0x0848  [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
16:05:02.0093 0x0848  C:\WINDOWS\system32\msimg32.dll - ok
16:05:02.0109 0x0848  [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
16:05:02.0109 0x0848  C:\WINDOWS\system32\oleacc.dll - ok
16:05:02.0125 0x0848  [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
16:05:02.0125 0x0848  C:\WINDOWS\system32\esent.dll - ok
16:05:02.0140 0x0848  [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
16:05:02.0140 0x0848  C:\WINDOWS\system32\clbcatq.dll - ok
16:05:02.0140 0x0848  [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
16:05:02.0140 0x0848  C:\WINDOWS\system32\comres.dll - ok
16:05:02.0171 0x0848  [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
16:05:02.0171 0x0848  C:\WINDOWS\system32\msxml3.dll - ok
16:05:02.0187 0x0848  [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
16:05:02.0187 0x0848  C:\WINDOWS\system32\shgina.dll - ok
16:05:02.0203 0x0848  [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
16:05:02.0203 0x0848  C:\WINDOWS\system32\rastls.dll - ok
16:05:02.0218 0x0848  [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
16:05:02.0218 0x0848  C:\WINDOWS\system32\cryptui.dll - ok
16:05:02.0234 0x0848  [ C8A544F91000DF0D1C26EC4FF3F4CCD5 ] C:\WINDOWS\system32\BCMLogon.dll
16:05:02.0234 0x0848  C:\WINDOWS\system32\BCMLogon.dll - ok
16:05:02.0250 0x0848  [ 5C4AAC5A91422C95522ECC6C26FB93C8 ] C:\WINDOWS\system32\wininet.dll
16:05:02.0250 0x0848  C:\WINDOWS\system32\wininet.dll - ok
16:05:02.0265 0x0848  [ 0C2294BEED3D7C37090A1F36EAF6A57E ] C:\WINDOWS\system32\WLTRYSVC.EXE
16:05:02.0265 0x0848  C:\WINDOWS\system32\WLTRYSVC.EXE - ok
16:05:02.0281 0x0848  [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\MSVCR71.DLL
16:05:02.0281 0x0848  C:\WINDOWS\system32\MSVCR71.DLL - ok
16:05:02.0296 0x0848  [ F35A584E947A5B401FEB0FE01DB4A0D7 ] C:\WINDOWS\system32\MFC71.DLL
16:05:02.0296 0x0848  C:\WINDOWS\system32\MFC71.DLL - ok
16:05:02.0312 0x0848  [ 0977C99C1B435397681FB195F99159E6 ] C:\WINDOWS\system32\BCMWLTRY.EXE
16:05:02.0312 0x0848  C:\WINDOWS\system32\BCMWLTRY.EXE - ok
16:05:02.0328 0x0848  [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\MSVCP71.DLL
16:05:02.0328 0x0848  C:\WINDOWS\system32\MSVCP71.DLL - ok
16:05:02.0343 0x0848  [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
16:05:02.0343 0x0848  C:\WINDOWS\system32\normaliz.dll - ok
16:05:02.0359 0x0848  [ 674540915241F737300B604EE811A139 ] C:\WINDOWS\system32\urlmon.dll
16:05:02.0359 0x0848  C:\WINDOWS\system32\urlmon.dll - ok
16:05:02.0359 0x0848  [ BAF751E7061FF626AA60F56D1D5D1FDC ] C:\WINDOWS\system32\MFC71ENU.DLL
16:05:02.0359 0x0848  C:\WINDOWS\system32\MFC71ENU.DLL - ok
16:05:02.0375 0x0848  [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
16:05:02.0375 0x0848  C:\WINDOWS\system32\mpnotify.exe - ok
16:05:02.0390 0x0848  [ DCA5BC4913C1DE2668625D7680DF6F18 ] C:\WINDOWS\system32\iertutil.dll
16:05:02.0390 0x0848  C:\WINDOWS\system32\iertutil.dll - ok
16:05:02.0406 0x0848  [ 9330941C8F6DF417F6DBBE998DB6687E ] C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
16:05:02.0406 0x0848  C:\Program Files\Alwil Software\Avast5\AvastSvc.exe - ok
16:05:02.0406 0x0848  [ 5FAD01B108F54DB1C05016C720E90FDE ] C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll
16:05:02.0406 0x0848  C:\Program Files\Alwil Software\Avast5\aswCmnBS.dll - ok
16:05:02.0421 0x0848  [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
16:05:02.0421 0x0848  C:\WINDOWS\system32\cfgmgr32.dll - ok
16:05:02.0421 0x0848  [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
16:05:02.0421 0x0848  C:\WINDOWS\system32\mprapi.dll - ok
16:05:02.0437 0x0848  [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
16:05:02.0437 0x0848  C:\WINDOWS\system32\powrprof.dll - ok
16:05:02.0453 0x0848  [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
16:05:02.0453 0x0848  C:\WINDOWS\system32\activeds.dll - ok
16:05:02.0453 0x0848  [ 1E0EECF9D7DFA5E2E92076E14492A77B ] C:\WINDOWS\system32\bcm1xsup.dll
16:05:02.0453 0x0848  C:\WINDOWS\system32\bcm1xsup.dll - ok
16:05:02.0484 0x0848  [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
16:05:02.0484 0x0848  C:\WINDOWS\system32\adsldpc.dll - ok
16:05:02.0484 0x0848  [ 261D270EF00742DD5E46173B9EC84CB9 ] C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll
16:05:02.0484 0x0848  C:\Program Files\Alwil Software\Avast5\aswCmnOS.dll - ok
16:05:02.0500 0x0848  [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
16:05:02.0500 0x0848  C:\WINDOWS\system32\rasapi32.dll - ok
16:05:02.0500 0x0848  [ 4733714C16E139B458469C9CFFE27ED8 ] C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll
16:05:02.0500 0x0848  C:\Program Files\Alwil Software\Avast5\aswCmnIS.dll - ok
16:05:02.0515 0x0848  [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
16:05:02.0515 0x0848  C:\WINDOWS\system32\rasman.dll - ok
16:05:02.0531 0x0848  [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
16:05:02.0531 0x0848  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
16:05:02.0546 0x0848  [ 4DF537A09034434EA9481B88AB1D3C25 ] C:\WINDOWS\system32\bcmwlpkt.dll
16:05:02.0546 0x0848  C:\WINDOWS\system32\bcmwlpkt.dll - ok
16:05:02.0546 0x0848  [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
16:05:02.0546 0x0848  C:\WINDOWS\system32\tapi32.dll - ok
16:05:02.0562 0x0848  [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
16:05:02.0562 0x0848  C:\WINDOWS\system32\wsock32.dll - ok
16:05:02.0578 0x0848  [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
16:05:02.0578 0x0848  C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
16:05:02.0593 0x0848  [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
16:05:02.0593 0x0848  C:\WINDOWS\system32\riched20.dll - ok
16:05:02.0609 0x0848  [ 22121AF21CCCAA6385141F0B06661F59 ] C:\Program Files\Alwil Software\Avast5\ashBase.dll
16:05:02.0609 0x0848  C:\Program Files\Alwil Software\Avast5\ashBase.dll - ok
16:05:02.0625 0x0848  [ 8F2097E8B174F38178570C611464935F ] C:\WINDOWS\system32\ATL71.DLL
16:05:02.0625 0x0848  C:\WINDOWS\system32\ATL71.DLL - ok
16:05:02.0656 0x0848  [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
16:05:02.0656 0x0848  C:\WINDOWS\system32\cscui.dll - ok
16:05:02.0656 0x0848  [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
16:05:02.0656 0x0848  C:\WINDOWS\system32\raschap.dll - ok
16:05:02.0671 0x0848  [ CE3C25F99BCE4C87649FFC9AB2CE1ECE ] C:\WINDOWS\system32\wltrynt.dll
16:05:02.0671 0x0848  C:\WINDOWS\system32\wltrynt.dll - ok
16:05:02.0687 0x0848  [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
16:05:02.0687 0x0848  C:\WINDOWS\system32\es.dll - ok
16:05:02.0687 0x0848  [ E01FF181E37BF93E438137ACF5E4454E ] C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll
16:05:02.0687 0x0848  C:\Program Files\Alwil Software\Avast5\aswEngLdr.dll - ok
16:05:02.0703 0x0848  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
16:05:02.0703 0x0848  C:\WINDOWS\system32\netman.dll - ok
16:05:02.0718 0x0848  [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
16:05:02.0718 0x0848  C:\WINDOWS\system32\dpcdll.dll - ok
16:05:02.0734 0x0848  [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
16:05:02.0734 0x0848  C:\WINDOWS\system32\netshell.dll - ok
16:05:02.0750 0x0848  [ C550FE9E5925726933E7DE5116870BA1 ] C:\Program Files\Alwil Software\Avast5\avBugReport.exe
16:05:02.0750 0x0848  C:\Program Files\Alwil Software\Avast5\avBugReport.exe - ok
16:05:02.0765 0x0848  [ 5C5E3AFD499E5146FEF1DA5EF8A23205 ] C:\Program Files\Alwil Software\Avast5\dbghelp.dll
16:05:02.0765 0x0848  C:\Program Files\Alwil Software\Avast5\dbghelp.dll - ok
16:05:02.0781 0x0848  [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
16:05:02.0781 0x0848  C:\WINDOWS\system32\userinit.exe - ok
16:05:02.0781 0x0848  [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
16:05:02.0781 0x0848  C:\WINDOWS\system32\WgaTray.exe - ok
16:05:02.0796 0x0848  [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
16:05:02.0796 0x0848  C:\WINDOWS\system32\wbem\wbemprox.dll - ok
16:05:02.0812 0x0848  [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
16:05:02.0812 0x0848  C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
16:05:02.0828 0x0848  [ DACB86233E512A3A3B7F0C88CEAA4562 ] C:\WINDOWS\system32\devcon32.dll
16:05:02.0828 0x0848  C:\WINDOWS\system32\devcon32.dll - ok
16:05:02.0828 0x0848  [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
16:05:02.0828 0x0848  C:\WINDOWS\explorer.exe - ok
16:05:02.0843 0x0848  [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
16:05:02.0843 0x0848  C:\WINDOWS\system32\winhttp.dll - ok
16:05:02.0859 0x0848  [ 861829E6B6F42C1F0CF081253988EB7B ] C:\WINDOWS\system32\sfman32.dll
16:05:02.0859 0x0848  C:\WINDOWS\system32\sfman32.dll - ok
16:05:02.0875 0x0848  [ 7E09F8D109B840B141A57BFA5282460C ] C:\Program Files\Alwil Software\Avast5\aswProperty.dll
16:05:02.0875 0x0848  C:\Program Files\Alwil Software\Avast5\aswProperty.dll - ok
16:05:02.0875 0x0848  [ DD7DB11302D0B2566F100A50D5F63A0F ] C:\Program Files\Alwil Software\Avast5\1033\Base.dll
16:05:02.0875 0x0848  C:\Program Files\Alwil Software\Avast5\1033\Base.dll - ok
16:05:02.0890 0x0848  [ F111BBA6FFD81EC660AAF31A7C288F4E ] C:\Program Files\Alwil Software\Avast5\AavmRpch.dll
16:05:02.0890 0x0848  C:\Program Files\Alwil Software\Avast5\AavmRpch.dll - ok
16:05:02.0906 0x0848  [ 7E8C27E4CC138F0B977A7D0D3B9DC910 ] C:\Program Files\Alwil Software\Avast5\ashServ.dll
16:05:02.0906 0x0848  C:\Program Files\Alwil Software\Avast5\ashServ.dll - ok
16:05:02.0921 0x0848  [ B0199D77A2FB22C5B4A80C04E08695BB ] C:\Program Files\Alwil Software\Avast5\aswAux.dll
16:05:02.0921 0x0848  C:\Program Files\Alwil Software\Avast5\aswAux.dll - ok
16:05:02.0921 0x0848  [ 3FB23A33267123AD64CCA4A284E85624 ] C:\WINDOWS\system32\browseui.dll
16:05:02.0921 0x0848  C:\WINDOWS\system32\browseui.dll - ok
16:05:02.0937 0x0848  [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
16:05:02.0937 0x0848  C:\WINDOWS\system32\credui.dll - ok
16:05:02.0937 0x0848  [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
16:05:02.0937 0x0848  C:\WINDOWS\system32\cryptnet.dll - ok
16:05:02.0953 0x0848  [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
16:05:02.0953 0x0848  C:\WINDOWS\system32\dot3dlg.dll - ok
16:05:02.0968 0x0848  [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
16:05:02.0968 0x0848  C:\WINDOWS\system32\onex.dll - ok
16:05:02.0968 0x0848  [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
16:05:02.0968 0x0848  C:\WINDOWS\system32\sensapi.dll - ok
16:05:02.0984 0x0848  [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
16:05:02.0984 0x0848  C:\WINDOWS\system32\LegitCheckControl.dll - ok
16:05:03.0000 0x0848  [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
16:05:03.0000 0x0848  C:\WINDOWS\system32\eappcfg.dll - ok
16:05:03.0015 0x0848  [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
16:05:03.0015 0x0848  C:\WINDOWS\system32\eappprxy.dll - ok
16:05:03.0015 0x0848  [ F07B8BC018EA37E382A73D9BB6A7D396 ] C:\Program Files\Alwil Software\Avast5\ashTask.dll
16:05:03.0015 0x0848  C:\Program Files\Alwil Software\Avast5\ashTask.dll - ok
16:05:03.0031 0x0848  [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
16:05:03.0031 0x0848  C:\WINDOWS\system32\wzcsapi.dll - ok
16:05:03.0046 0x0848  [ 26108B21B08B0BD1E7FD71ACD09A5228 ] C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll
16:05:03.0046 0x0848  C:\Program Files\Alwil Software\Avast5\ashTaskEx.dll - ok
16:05:03.0046 0x0848  [ F440084752EA601FAE72C751EA122C61 ] C:\Program Files\Alwil Software\Avast5\aswLog.dll
16:05:03.0046 0x0848  C:\Program Files\Alwil Software\Avast5\aswLog.dll - ok
16:05:03.0062 0x0848  [ 2877FA0BE5B45E8A6A5A54C77B9B4DB9 ] C:\WINDOWS\system32\shdocvw.dll
16:05:03.0062 0x0848  C:\WINDOWS\system32\shdocvw.dll - ok
16:05:03.0078 0x0848  [ DACF869B3D8E369BA94424371B908991 ] C:\Program Files\Alwil Software\Avast5\aswSqLt.dll
16:05:03.0078 0x0848  C:\Program Files\Alwil Software\Avast5\aswSqLt.dll - ok
16:05:03.0093 0x0848  [ BB3B2116E7535BC560B29076DC104772 ] C:\Program Files\Alwil Software\Avast5\Aavm4h.dll
16:05:03.0093 0x0848  C:\Program Files\Alwil Software\Avast5\Aavm4h.dll - ok
16:05:03.0093 0x0848  [ 3A03EE0D73AAC62BA0C32D063423195F ] C:\Program Files\Alwil Software\Avast5\avastIP.dll
16:05:03.0093 0x0848  C:\Program Files\Alwil Software\Avast5\avastIP.dll - ok
16:05:03.0109 0x0848  [ 2DCBA1AB6390542DE6D26DB3BF640568 ] C:\Program Files\Alwil Software\Avast5\aswIdle.dll
16:05:03.0109 0x0848  C:\Program Files\Alwil Software\Avast5\aswIdle.dll - ok
16:05:03.0125 0x0848  [ A00F4D4FC989097983A04D9D101F5C98 ] C:\Program Files\Alwil Software\Avast5\aswDld.dll
16:05:03.0125 0x0848  C:\Program Files\Alwil Software\Avast5\aswDld.dll - ok
16:05:03.0125 0x0848  [ D2FFE5069A4DEF46B754E18F313B5B24 ] C:\Program Files\Alwil Software\Avast5\aswStrm.dll
16:05:03.0125 0x0848  C:\Program Files\Alwil Software\Avast5\aswStrm.dll - ok
16:05:03.0140 0x0848  [ 5B2C482DD947DFBB82855CA4D2E173B2 ] C:\Program Files\Alwil Software\Avast5\ashShell.dll
16:05:03.0140 0x0848  C:\Program Files\Alwil Software\Avast5\ashShell.dll - ok
16:05:03.0156 0x0848  [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
16:05:03.0156 0x0848  C:\WINDOWS\system32\msi.dll - ok
16:05:03.0156 0x0848  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
16:05:03.0156 0x0848  C:\WINDOWS\system32\schedsvc.dll - ok
16:05:03.0171 0x0848  [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
16:05:03.0171 0x0848  C:\WINDOWS\system32\msidle.dll - ok
16:05:03.0187 0x0848  [ D3FACB34FFF5DB91ADB70987838F8BA7 ] C:\WINDOWS\system32\brsvc01a.exe
16:05:03.0187 0x0848  C:\WINDOWS\system32\brsvc01a.exe - ok
16:05:03.0187 0x0848  [ 9E646CD378D4D0C996BAF9BCB18237C7 ] C:\WINDOWS\system32\brss01a.exe
16:05:03.0187 0x0848  C:\WINDOWS\system32\brss01a.exe - ok
16:05:03.0203 0x0848  [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
16:05:03.0203 0x0848  C:\WINDOWS\system32\spoolsv.exe - ok
16:05:03.0218 0x0848  [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
16:05:03.0218 0x0848  C:\WINDOWS\system32\audiosrv.dll - ok
16:05:03.0218 0x0848  [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
16:05:03.0218 0x0848  C:\WINDOWS\system32\wkssvc.dll - ok
16:05:03.0234 0x0848  [ EDDF00E114C9B7C36FC64ABA977FE09E ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswEngin.dll
16:05:03.0234 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswEngin.dll - ok
16:05:03.0250 0x0848  [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
16:05:03.0250 0x0848  C:\WINDOWS\system32\wdmaud.drv - ok
16:05:03.0265 0x0848  [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
16:05:03.0265 0x0848  C:\WINDOWS\system32\drivers\wdmaud.sys - ok
16:05:03.0265 0x0848  [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
16:05:03.0265 0x0848  C:\WINDOWS\system32\drivers\sysaudio.sys - ok
16:05:03.0281 0x0848  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
16:05:03.0281 0x0848  C:\WINDOWS\system32\drivers\splitter.sys - ok
16:05:03.0296 0x0848  [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
16:05:03.0296 0x0848  C:\WINDOWS\system32\drivers\aec.sys - ok
16:05:03.0296 0x0848  [ 626A24ED1228580B9518C01930936DF9 ] C:\Program Files\Google\Update\GoogleUpdate.exe
16:05:03.0296 0x0848  C:\Program Files\Google\Update\GoogleUpdate.exe - ok
16:05:03.0312 0x0848  [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
16:05:03.0312 0x0848  C:\WINDOWS\system32\drivers\swmidi.sys - ok
16:05:03.0328 0x0848  [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
16:05:03.0328 0x0848  C:\WINDOWS\system32\drivers\dmusic.sys - ok
16:05:03.0343 0x0848  [ 82C362A81EE4E441CD85260C8E9E708A ] C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe
16:05:03.0343 0x0848  C:\Program Files\Alwil Software\Avast5\AvastEmUpdate.exe - ok
16:05:03.0343 0x0848  [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
16:05:03.0343 0x0848  C:\WINDOWS\system32\drivers\kmixer.sys - ok
16:05:03.0359 0x0848  [ FF60B8C5BBE73B0790B3332783B6FD81 ] C:\Program Files\Google\Update\1.3.21.153\goopdate.dll
16:05:03.0359 0x0848  C:\Program Files\Google\Update\1.3.21.153\goopdate.dll - ok
16:05:03.0375 0x0848  [ FAAEB453CC754388518A2BFD2A6E0386 ] C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\DropboxExt.19.dll
16:05:03.0375 0x0848  C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\DropboxExt.19.dll - ok
16:05:03.0375 0x0848  [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
16:05:03.0375 0x0848  C:\WINDOWS\system32\dbghelp.dll - ok
16:05:03.0390 0x0848  [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
16:05:03.0390 0x0848  C:\WINDOWS\system32\drivers\drmkaud.sys - ok
16:05:03.0406 0x0848  [ DB18011365FF055EA364910CE3604A07 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswCmnIS.dll
16:05:03.0406 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswCmnIS.dll - ok
16:05:03.0406 0x0848  [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
16:05:03.0421 0x0848  C:\WINDOWS\system32\msacm32.drv - ok
16:05:03.0421 0x0848  [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
16:05:03.0421 0x0848  C:\WINDOWS\system32\desk.cpl - ok
16:05:03.0437 0x0848  [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
16:05:03.0437 0x0848  C:\WINDOWS\system32\midimap.dll - ok
16:05:03.0453 0x0848  [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
16:05:03.0453 0x0848  C:\WINDOWS\system32\themeui.dll - ok
16:05:03.0468 0x0848  [ AC17D7C168896F2EE187BEBF146DB749 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswCmnOS.dll
16:05:03.0468 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswCmnOS.dll - ok
16:05:03.0468 0x0848  [ 8726802EA4FBFFA3FD54FD2449BF51D4 ] C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe
16:05:03.0468 0x0848  C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe - ok
16:05:03.0484 0x0848  [ 85D734D8A9B3C333F63DE170A580F182 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswCmnBS.dll
16:05:03.0484 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswCmnBS.dll - ok
16:05:03.0500 0x0848  [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
16:05:03.0500 0x0848  C:\WINDOWS\system32\mstask.dll - ok
16:05:03.0515 0x0848  [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
16:05:03.0515 0x0848  C:\WINDOWS\system32\actxprxy.dll - ok
16:05:03.0531 0x0848  [ 994AD0D8550B8B26990A6E3AA0791502 ] C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll
16:05:03.0531 0x0848  C:\Program Files\Windows Desktop Search\MsnlNamespaceMgr.dll - ok
16:05:03.0531 0x0848  [ E6DA0DD68C037B2EBD58E1F9EBEA6B18 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswScan.dll
16:05:03.0531 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswScan.dll - ok
16:05:03.0546 0x0848  [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
16:05:03.0546 0x0848  C:\WINDOWS\system32\cmd.exe - ok
16:05:03.0562 0x0848  [ 2880583DF6DE126CC32B8491314A0DA3 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswRep.dll
16:05:03.0562 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswRep.dll - ok
16:05:03.0578 0x0848  [ 2399F8068E969D9C25A05B6F779A790A ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswFiDb.dll
16:05:03.0578 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswFiDb.dll - ok
16:05:03.0578 0x0848  [ 2223775FDCB2EF7D4EC159AF3C764941 ] C:\WINDOWS\system32\ieframe.dll
16:05:03.0578 0x0848  C:\WINDOWS\system32\ieframe.dll - ok
16:05:03.0593 0x0848  [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
16:05:03.0593 0x0848  C:\WINDOWS\system32\drivers\parvdm.sys - ok
16:05:03.0609 0x0848  [ F401929EE0CC92BFE7F15161CA535383 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:05:03.0609 0x0848  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
16:05:03.0625 0x0848  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll
16:05:03.0625 0x0848  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok
16:05:03.0625 0x0848  [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll
16:05:03.0625 0x0848  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok
16:05:03.0640 0x0848  [ D7016846DBD0D73E6FBF5E68E0EA370E ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
16:05:03.0640 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
16:05:03.0656 0x0848  [ 53A6FFB9FFF5C3E64B64E9B68C31D4E5 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
16:05:03.0656 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
16:05:03.0671 0x0848  [ D3259D0DFC6A69AF54240A59A86F07BD ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
16:05:03.0671 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
16:05:03.0671 0x0848  [ 93AAFCE5EB0BA6C77E53B892E9440BC4 ] C:\DOCUME~1\SOFIAM~1\LOCALS~1\temp\C21F63BD-78CD-46A0-97EA-7C3DD6F890EC.exe
16:05:03.0671 0x0848  C:\DOCUME~1\SOFIAM~1\LOCALS~1\temp\C21F63BD-78CD-46A0-97EA-7C3DD6F890EC.exe - ok
16:05:03.0687 0x0848  [ 62169BDD927A67C360A35F4526429B01 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
16:05:03.0687 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
16:05:03.0703 0x0848  [ 32D78DCABFB942275E01363D5232C77D ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
16:05:03.0703 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
16:05:03.0703 0x0848  [ 3BDE52411DF2FE4252C9289F51CB0F7E ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
16:05:03.0703 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
16:05:03.0718 0x0848  [ 9ABB7CDAC0914579C86990048771B1B4 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
16:05:03.0718 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
16:05:03.0734 0x0848  [ 0E3D30F8CDD82E7E64938459CA90D9F0 ] C:\PROGRA~1\WINDOW~2\wmpband.dll
16:05:03.0734 0x0848  C:\PROGRA~1\WINDOW~2\wmpband.dll - ok
16:05:03.0734 0x0848  [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
16:05:03.0734 0x0848  C:\WINDOWS\system32\ntshrui.dll - ok
16:05:03.0750 0x0848  [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
16:05:03.0750 0x0848  C:\WINDOWS\system32\linkinfo.dll - ok
16:05:03.0765 0x0848  [ D47913F993A0E3A0C9F1E88FD02E98C6 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
16:05:03.0765 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
16:05:03.0781 0x0848  [ EF2BC662BB4D927702ACE107C0275439 ] C:\Program Files\Brother\ControlCenter2\brctrcen.exe
16:05:03.0781 0x0848  C:\Program Files\Brother\ControlCenter2\brctrcen.exe - ok
16:05:03.0781 0x0848  [ B45F2C4076ACFD9714037B7C69D90167 ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:05:03.0781 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
16:05:03.0796 0x0848  [ 34086F1DBB4065047EA3671CB70505CC ] C:\Program Files\iTunes\iTunesHelper.exe
16:05:03.0796 0x0848  C:\Program Files\iTunes\iTunesHelper.exe - ok
16:05:03.0812 0x0848  [ 9AEE9BCB32D82BCC36474EB921F3BB49 ] C:\Program Files\Logitech\iTouch\iTouch.exe
16:05:03.0812 0x0848  C:\Program Files\Logitech\iTouch\iTouch.exe - ok
16:05:03.0828 0x0848  [ EC0E1362E01241DD39CB1883C2C8CCE4 ] C:\WINDOWS\system32\WLTRAY.EXE
16:05:03.0828 0x0848  C:\WINDOWS\system32\WLTRAY.EXE - ok
16:05:03.0828 0x0848  [ CB7A085371ACC2EFB3528BA6075EC008 ] C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
16:05:03.0828 0x0848  C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe - ok
16:05:03.0843 0x0848  [ 9F8F0AE4B40519D603989CE0AA1C62AA ] C:\Program Files\Sierra Wireless Inc\Watcher\WaHelper.exe
16:05:03.0843 0x0848  C:\Program Files\Sierra Wireless Inc\Watcher\WaHelper.exe - ok
16:05:03.0859 0x0848  [ 48BE298F7FD1BEF4D8FBACB04D8D95C4 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:05:03.0859 0x0848  C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
16:05:03.0859 0x0848  [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
16:05:03.0859 0x0848  C:\WINDOWS\system32\spoolss.dll - ok
16:05:03.0875 0x0848  [ 9C99AF6C0C4892A83066FFA04265F95C ] C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe
16:05:03.0875 0x0848  C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe - ok
16:05:03.0890 0x0848  [ C99248B969A799B771F484CD68BCB96E ] C:\WINDOWS\system32\mscoree.dll
16:05:03.0890 0x0848  C:\WINDOWS\system32\mscoree.dll - ok
16:05:03.0906 0x0848  [ CCC2E312486AE6B80970211DA472268B ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
16:05:03.0906 0x0848  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll - ok
16:05:03.0906 0x0848  [ B1CA4AA760FF0DDFA1C38E95D19CFEFB ] C:\Program Files\iTunes\iTunesHelper.dll
16:05:03.0906 0x0848  C:\Program Files\iTunes\iTunesHelper.dll - ok
16:05:03.0921 0x0848  [ 43D083268A0919F3527A2837390BAF63 ] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
16:05:03.0921 0x0848  C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe - ok
16:05:03.0921 0x0848  [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
16:05:03.0921 0x0848  C:\WINDOWS\system32\pdh.dll - ok
16:05:03.0937 0x0848  [ 9C9D11D244A299BD2F033FC563CB936F ] C:\Program Files\Brother\ControlCenter2\LTDIS12n.dll
16:05:03.0937 0x0848  C:\Program Files\Brother\ControlCenter2\LTDIS12n.dll - ok
16:05:03.0953 0x0848  [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
16:05:03.0953 0x0848  C:\WINDOWS\system32\localspl.dll - ok
16:05:03.0953 0x0848  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
16:05:03.0953 0x0848  C:\WINDOWS\system32\ctfmon.exe - ok
16:05:03.0968 0x0848  [ 43A0A24CD12B110DC93462D6B035C961 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll
16:05:03.0968 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\icudt46.dll - ok
16:05:03.0984 0x0848  [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
16:05:03.0984 0x0848  C:\WINDOWS\system32\msctf.dll - ok
16:05:04.0000 0x0848  [ ED4410259011A492BFF4396BAE2E0973 ] C:\Program Files\Logitech\iTouch\itchhk.dll
16:05:04.0000 0x0848  C:\Program Files\Logitech\iTouch\itchhk.dll - ok
16:05:04.0000 0x0848  [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
16:05:04.0000 0x0848  C:\WINDOWS\system32\msisip.dll - ok
16:05:04.0015 0x0848  [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
16:05:04.0015 0x0848  C:\WINDOWS\system32\wshext.dll - ok
16:05:04.0031 0x0848  [ 5B25715843282D0D42CB9A98B78686E1 ] C:\Program Files\Brother\ControlCenter2\LTKRN12N.DLL
16:05:04.0031 0x0848  C:\Program Files\Brother\ControlCenter2\LTKRN12N.DLL - ok
16:05:04.0046 0x0848  [ 7943A80F1A6FD37969AACD411B511F91 ] C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll
16:05:04.0046 0x0848  C:\WINDOWS\system32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
16:05:04.0046 0x0848  [ 95E2BA17E78BEA02B19396662D1B889B ] C:\Program Files\Logitech\iTouch\iTouchrc.dll
16:05:04.0046 0x0848  C:\Program Files\Logitech\iTouch\iTouchrc.dll - ok
16:05:04.0062 0x0848  [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
16:05:04.0062 0x0848  C:\WINDOWS\system32\msutb.dll - ok
16:05:04.0078 0x0848  [ FE9141073B7F9597A99E4203C7706BE2 ] C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL
16:05:04.0078 0x0848  C:\PROGRA~1\MICROS~2\Office10\MCPS.DLL - ok
16:05:04.0078 0x0848  [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
16:05:04.0078 0x0848  C:\WINDOWS\system32\odbcbcp.dll - ok
16:05:04.0093 0x0848  [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
16:05:04.0093 0x0848  C:\WINDOWS\system32\cnbjmon.dll - ok
16:05:04.0109 0x0848  [ 3CBACB5DC37CC1EBDB8B4D379F96C849 ] C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiStrRes.dll
16:05:04.0109 0x0848  C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiStrRes.dll - ok
16:05:04.0125 0x0848  [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
16:05:04.0125 0x0848  C:\WINDOWS\system32\riched32.dll - ok
16:05:04.0125 0x0848  [ 3F9E06B366118B7BE0D6FE7BFE27EC88 ] C:\WINDOWS\system32\ZLHP2600.DLL
16:05:04.0125 0x0848  C:\WINDOWS\system32\ZLHP2600.DLL - ok
16:05:04.0140 0x0848  [ 469184CB3E8D8432F4830BB73940810D ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
16:05:04.0140 0x0848  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
16:05:04.0140 0x0848  [ 1160C00D30B0BEE83F84C8F2EE1D9B0E ] C:\WINDOWS\system32\HPTcpMon.dll
16:05:04.0140 0x0848  C:\WINDOWS\system32\HPTcpMon.dll - ok
16:05:04.0156 0x0848  [ 3EFF6CE9789A65EE53C1D1599DD066FA ] C:\Program Files\Secunia\PSI\psi_tray.exe
16:05:04.0156 0x0848  C:\Program Files\Secunia\PSI\psi_tray.exe - ok
16:05:04.0171 0x0848  [ DC39B687004E4B8CB6999B15B32A2A10 ] C:\Program Files\Brother\ControlCenter2\LTFIL12N.DLL
16:05:04.0171 0x0848  C:\Program Files\Brother\ControlCenter2\LTFIL12N.DLL - ok
16:05:04.0171 0x0848  [ B5C9F63C01FCFEC3F64EC6A0940A1825 ] C:\Program Files\Windows Desktop Search\WindowsSearch.exe
16:05:04.0171 0x0848  C:\Program Files\Windows Desktop Search\WindowsSearch.exe - ok
16:05:04.0187 0x0848  [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
16:05:04.0187 0x0848  C:\WINDOWS\ime\sptip.dll - ok
16:05:04.0203 0x0848  [ 32945996A75D379CD2C64EE9D0295DAD ] C:\WINDOWS\system32\HPTcpMUI.dll
16:05:04.0203 0x0848  C:\WINDOWS\system32\HPTcpMUI.dll - ok
16:05:04.0203 0x0848  [ 1E5B9201721D9B687546A982323C030E ] C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
16:05:04.0203 0x0848  C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe - ok
16:05:04.0218 0x0848  [ EB46B8E56C1B6C73C4251EED5F0E6DD6 ] C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\Dropbox.exe
16:05:04.0218 0x0848  C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\Dropbox.exe - ok
16:05:04.0218 0x0848  [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
16:05:04.0218 0x0848  C:\WINDOWS\system32\hid.dll - ok
16:05:04.0234 0x0848  [ 6555FACA456EDE157E8BAC1DC4B6DE50 ] C:\Program Files\Brother\ControlCenter2\brccfile.dll
16:05:04.0234 0x0848  C:\Program Files\Brother\ControlCenter2\brccfile.dll - ok
16:05:04.0234 0x0848  [ 3584A093E8778C9E5F80CED99F0B7F35 ] C:\WINDOWS\system32\hpzjrd01.dll
16:05:04.0234 0x0848  C:\WINDOWS\system32\hpzjrd01.dll - ok
16:05:04.0250 0x0848  [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
16:05:04.0250 0x0848  C:\WINDOWS\system32\webcheck.dll - ok
16:05:04.0265 0x0848  [ BA8FDF82D0B1316D5EAF60F5A0498DE1 ] C:\WINDOWS\system32\UncDMS.dll
16:05:04.0265 0x0848  C:\WINDOWS\system32\UncDMS.dll - ok
16:05:04.0265 0x0848  [ 3A15ADB2A7CEDD13A163F6E6D90F752B ] C:\Program Files\Brother\ControlCenter2\brctcusa.dll
16:05:04.0265 0x0848  C:\Program Files\Brother\ControlCenter2\brctcusa.dll - ok
16:05:04.0281 0x0848  [ 9090454E6772F7CFBCE240BF4DC5F7E8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
16:05:04.0281 0x0848  C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll - ok
16:05:04.0296 0x0848  [ A49D931EFD7473A18FA061D824AB7A98 ] C:\WINDOWS\system32\HPTcpMib.dll
16:05:04.0296 0x0848  C:\WINDOWS\system32\HPTcpMib.dll - ok
16:05:04.0296 0x0848  [ 09EE901403663771E0772799829B557C ] C:\Program Files\Sierra Wireless Inc\Watcher\SwiCardDetect.dll
16:05:04.0296 0x0848  C:\Program Files\Sierra Wireless Inc\Watcher\SwiCardDetect.dll - ok
16:05:04.0312 0x0848  [ 58B8702C20DE211D1FCB248D2FDD71D1 ] C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe
16:05:04.0312 0x0848  C:\Program Files\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
16:05:04.0312 0x0848  [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
16:05:04.0312 0x0848  C:\WINDOWS\system32\mlang.dll - ok
16:05:04.0328 0x0848  [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
16:05:04.0328 0x0848  C:\WINDOWS\system32\mgmtapi.dll - ok
16:05:04.0328 0x0848  [ D59A7119054D70FC745A1BF9C06DCC65 ] C:\WINDOWS\system32\oeph.dll
16:05:04.0328 0x0848  C:\WINDOWS\system32\oeph.dll - ok
16:05:04.0343 0x0848  [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
16:05:04.0343 0x0848  C:\WINDOWS\system32\snmpapi.dll - ok
16:05:04.0343 0x0848  [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
16:05:04.0343 0x0848  C:\WINDOWS\system32\wsnmp32.dll - ok
16:05:04.0359 0x0848  [ 1264F787E46DC572FA274CA09B446E01 ] C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
16:05:04.0359 0x0848  C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL - ok
16:05:04.0359 0x0848  [ 9F28EA00BC669B73AA10FC5588FE70FA ] C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL
16:05:04.0359 0x0848  C:\Program Files\Common Files\Logitech\Scrolling\LGMSGHK.DLL - ok
16:05:04.0359 0x0848  [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\WINDOWS\system32\msvcp100.dll
16:05:04.0375 0x0848  C:\WINDOWS\system32\msvcp100.dll - ok
16:05:04.0375 0x0848  [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
16:05:04.0375 0x0848  C:\WINDOWS\system32\pjlmon.dll - ok
16:05:04.0375 0x0848  [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
16:05:04.0375 0x0848  C:\WINDOWS\system32\tcpmon.dll - ok
16:05:04.0390 0x0848  [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
16:05:04.0390 0x0848  C:\WINDOWS\system32\usbmon.dll - ok
16:05:04.0390 0x0848  [ 88F40ED6AFE965281CF952F0235AC55F ] C:\Program Files\Logitech\iTouch\KbdHook.dll
16:05:04.0390 0x0848  C:\Program Files\Logitech\iTouch\KbdHook.dll - ok
16:05:04.0406 0x0848  [ D5C949AF42DC0A7E3D26CF63D43604BD ] C:\WINDOWS\system32\spool\prtprocs\w32x86\brmfpp1.dll
16:05:04.0406 0x0848  C:\WINDOWS\system32\spool\prtprocs\w32x86\brmfpp1.dll - ok
16:05:04.0406 0x0848  [ 6E914EEDD145C5ACCE56F4D5F3D606FC ] C:\WINDOWS\system32\mssph.dll
16:05:04.0406 0x0848  C:\WINDOWS\system32\mssph.dll - ok
16:05:04.0421 0x0848  [ BE48DC35BE4700DDB74AAC35FBF519BA ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpcpp117.DLL
16:05:04.0421 0x0848  C:\WINDOWS\system32\spool\prtprocs\w32x86\hpcpp117.DLL - ok
16:05:04.0421 0x0848  [ BF38660A9125935658CFA3E53FDC7D65 ] C:\WINDOWS\system32\msvcr100.dll
16:05:04.0421 0x0848  C:\WINDOWS\system32\msvcr100.dll - ok
16:05:04.0437 0x0848  [ BA02F01BE7ED88E8974C798ACB3075F5 ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
16:05:04.0437 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
16:05:04.0437 0x0848  [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
16:05:04.0437 0x0848  C:\WINDOWS\system32\stobject.dll - ok
16:05:04.0453 0x0848  [ 3B7D8EAE5E44CBDA4CD772720594F116 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
16:05:04.0453 0x0848  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
16:05:04.0453 0x0848  [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
16:05:04.0453 0x0848  C:\WINDOWS\system32\batmeter.dll - ok
16:05:04.0468 0x0848  [ 0CBD1906F74BEB539FCEF6493095B933 ] C:\WINDOWS\system32\tquery.dll
16:05:04.0468 0x0848  C:\WINDOWS\system32\tquery.dll - ok
16:05:04.0468 0x0848  [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
16:05:04.0468 0x0848  C:\WINDOWS\system32\WPDShServiceObj.dll - ok
16:05:04.0484 0x0848  [ 4E7459ED9405CB0500E0ACBE37416B4C ] C:\Program Files\Sierra Wireless Inc\WebUpdater\WebUpdtAPI.dll
16:05:04.0484 0x0848  C:\Program Files\Sierra Wireless Inc\WebUpdater\WebUpdtAPI.dll - ok
16:05:04.0484 0x0848  [ BBCE4DEB3501B71E7EB1D8AF3A35B975 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL
16:05:04.0484 0x0848  C:\WINDOWS\system32\spool\prtprocs\w32x86\IMFPRINT.DLL - ok
16:05:04.0500 0x0848  [ A0DF3F3AA3DC40FE160AAEFBB5187FD9 ] C:\WINDOWS\system32\IMF32.DLL
16:05:04.0500 0x0848  C:\WINDOWS\system32\IMF32.DLL - ok
16:05:04.0500 0x0848  [ 27B026CC7EE3B42745C3362603FBFC52 ] C:\WINDOWS\system32\ZTAG32.DLL
16:05:04.0500 0x0848  C:\WINDOWS\system32\ZTAG32.DLL - ok
16:05:04.0515 0x0848  [ 067239789BD7591F5EAA24DAB63D261A ] C:\WINDOWS\system32\ZSPOOL.DLL
16:05:04.0515 0x0848  C:\WINDOWS\system32\ZSPOOL.DLL - ok
16:05:04.0515 0x0848  [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
16:05:04.0515 0x0848  C:\WINDOWS\system32\mydocs.dll - ok
16:05:04.0531 0x0848  [ 0E5E4957549056E2BF2C49F4F6B601AD ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
16:05:04.0531 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe - ok
16:05:04.0531 0x0848  [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
16:05:04.0531 0x0848  C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
16:05:04.0546 0x0848  [ B0BF87F9E247BB0621BCE59EB8CD113F ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
16:05:04.0546 0x0848  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
16:05:04.0546 0x0848  [ CDD90FA1AF84F483C37CA60FB56DE5D2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\zIMFPRNT.DLL
16:05:04.0546 0x0848  C:\WINDOWS\system32\spool\prtprocs\w32x86\zIMFPRNT.DLL - ok
16:05:04.0562 0x0848  [ 1102DAC8E4930DB59E8E03580F3BF1A9 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll
16:05:04.0562 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\webengine.dll - ok
16:05:04.0562 0x0848  [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
16:05:04.0562 0x0848  C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
16:05:04.0578 0x0848  [ 15EC2A67A25D02E24C2B53FE296BC2BE ] C:\Program Files\Sierra Wireless Inc\WebUpdater\Plugins\pi_watcher\PI_Watcher.dll
16:05:04.0578 0x0848  C:\Program Files\Sierra Wireless Inc\WebUpdater\Plugins\pi_watcher\PI_Watcher.dll - ok
16:05:04.0578 0x0848  [ 0CC7DA54F5FED71160C3FC13E9F972FC ] C:\WINDOWS\system32\zIMF.DLL
16:05:04.0578 0x0848  C:\WINDOWS\system32\zIMF.DLL - ok
16:05:04.0578 0x0848  [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
16:05:04.0593 0x0848  C:\WINDOWS\system32\security.dll - ok
16:05:04.0593 0x0848  [ 7CA836648E40709797D9F3BFF56679EE ] C:\WINDOWS\system32\ZTAG.DLL
16:05:04.0593 0x0848  C:\WINDOWS\system32\ZTAG.DLL - ok
16:05:04.0593 0x0848  [ CAC39F268EA4257E8CCA9CF96DA7FFBC ] C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiCardDetect.dll
16:05:04.0593 0x0848  C:\Program Files\Sierra Wireless Inc\WebUpdater\SwiCardDetect.dll - ok
16:05:04.0609 0x0848  [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
16:05:04.0609 0x0848  C:\WINDOWS\system32\PortableDeviceApi.dll - ok
16:05:04.0609 0x0848  [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
16:05:04.0609 0x0848  C:\WINDOWS\system32\win32spl.dll - ok
16:05:04.0625 0x0848  [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
16:05:04.0625 0x0848  C:\WINDOWS\system32\netrap.dll - ok
16:05:04.0625 0x0848  [ 58B61578D5704E9FC8B8A9861A85069D ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
16:05:04.0625 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
16:05:04.0640 0x0848  [ 89D74683C859B7982056D15938BACA3E ] C:\WINDOWS\system32\propsys.dll
16:05:04.0640 0x0848  C:\WINDOWS\system32\propsys.dll - ok
16:05:04.0640 0x0848  [ 3CAEAE7608F1BD7BA873A3B02895B106 ] C:\WINDOWS\system32\sti.dll
16:05:04.0640 0x0848  C:\WINDOWS\system32\sti.dll - ok
16:05:04.0656 0x0848  [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
16:05:04.0656 0x0848  C:\WINDOWS\system32\inetpp.dll - ok
16:05:04.0656 0x0848  [ E0CD5872CA4552056C4C705361A6BB5A ] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
16:05:04.0656 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
16:05:04.0671 0x0848  [ E81BBE78A8EF85ACD490B3E64EF63A7C ] C:\WINDOWS\system32\mapi32.dll
16:05:04.0671 0x0848  C:\WINDOWS\system32\mapi32.dll - ok
16:05:04.0671 0x0848  [ 21BFA433415377C6C9E428202BDFA9F9 ] C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\wxmsw28uh_vc.dll
16:05:04.0671 0x0848  C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\wxmsw28uh_vc.dll - ok
16:05:04.0687 0x0848  [ 3FFD4D117CDD21C3C039FDB9649BC07B ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll
16:05:04.0687 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\6d667f19d687361886990f3ca0f49816\mscorlib.ni.dll - ok
16:05:04.0687 0x0848  [ 3285EF83E49EB029695252162868290A ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
16:05:04.0687 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
16:05:04.0703 0x0848  [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
16:05:04.0703 0x0848  C:\WINDOWS\system32\rundll32.exe - ok
16:05:04.0703 0x0848  [ 56183FB6413B7C5CB42B8AC1541A4EE8 ] C:\Program Files\Windows Desktop Search\en-US\WindowsSearchRes.dll.mui
16:05:04.0703 0x0848  C:\Program Files\Windows Desktop Search\en-US\WindowsSearchRes.dll.mui - ok
16:05:04.0718 0x0848  [ E7FE89F69C3CC65CAD3D1ADC5D6A9F41 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
16:05:04.0718 0x0848  C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
16:05:04.0718 0x0848  [ CBFD0FB0A9491ED3F1BAB4C64A04D2F1 ] C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll
16:05:04.0718 0x0848  C:\Program Files\Windows Desktop Search\WindowsSearchRes.dll - ok
16:05:04.0734 0x0848  [ 0654195051D1024C005E7BE135A6FEE7 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
16:05:04.0734 0x0848  C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
16:05:04.0734 0x0848  [ F23A5D407B753F2E5E2BB6A95AB6D12B ] C:\Program Files\Windows Desktop Search\WdsMktTools.dll
16:05:04.0734 0x0848  C:\Program Files\Windows Desktop Search\WdsMktTools.dll - ok
16:05:04.0750 0x0848  [ 3C76F53CDA47D8C7BE65B69B863FB95C ] C:\Program Files\Brother\ControlCenter2\brcctwn.dll
16:05:04.0750 0x0848  C:\Program Files\Brother\ControlCenter2\brcctwn.dll - ok
16:05:04.0750 0x0848  [ AF54247F97CCF3539DE7505C09972FF9 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
16:05:04.0750 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
16:05:04.0765 0x0848  [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
16:05:04.0765 0x0848  C:\WINDOWS\system32\cryptsvc.dll - ok
16:05:04.0765 0x0848  [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
16:05:04.0765 0x0848  C:\WINDOWS\system32\certcli.dll - ok
16:05:04.0781 0x0848  [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
16:05:04.0781 0x0848  C:\WINDOWS\system32\dmserver.dll - ok
16:05:04.0781 0x0848  [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
16:05:04.0781 0x0848  C:\WINDOWS\system32\ersvc.dll - ok
16:05:04.0796 0x0848  [ D5369247B6C11EAE2C0650D8303E23B4 ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
16:05:04.0796 0x0848  C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
16:05:04.0796 0x0848  [ 8A1CBAE63FC06EDAEDCCE1B23E9C9267 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
16:05:04.0796 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
16:05:04.0812 0x0848  [ 25F0095BA5A30A31CA538698D6FE234C ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
16:05:04.0812 0x0848  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
16:05:04.0812 0x0848  [ 408DDD80EEDE47175F6844817B90213E ] C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
16:05:04.0812 0x0848  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - ok
16:05:04.0828 0x0848  [ 1EC869E29A46926B5C15231E8F271CB6 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\algo.dll
16:05:04.0828 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\algo.dll - ok
16:05:04.0828 0x0848  [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
16:05:04.0828 0x0848  C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
16:05:04.0843 0x0848  [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
16:05:04.0843 0x0848  C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
16:05:04.0859 0x0848  [ 86724A200BF1F08A03FB563660FCD928 ] C:\Program Files\HP\HPBDSService\HPBDSService.exe
16:05:04.0859 0x0848  C:\Program Files\HP\HPBDSService\HPBDSService.exe - ok
16:05:04.0875 0x0848  [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
16:05:04.0875 0x0848  C:\WINDOWS\system32\hidserv.dll - ok
16:05:04.0875 0x0848  [ F282D4EDD85D53E20D902CC92190C5F5 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll
16:05:04.0875 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsec.dll - ok
16:05:04.0890 0x0848  [ 8AB8338474131C1ECFA230A1AEE7BCFB ] C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll
16:05:04.0890 0x0848  C:\Program Files\Alwil Software\Avast5\Setup\setiface.dll - ok
16:05:04.0890 0x0848  [ 65CC0DE3DB7C6AE92BB96E0A06459B10 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll
16:05:04.0890 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\80978a322d7dd39f0a71be1251ae395a\System.ni.dll - ok
16:05:04.0906 0x0848  [ 30B7CF178A3823436A7FD17F3ABD2066 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
16:05:04.0906 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
16:05:04.0921 0x0848  [ E7CD2C99846448922D45D31E9DE9A4B6 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll
16:05:04.0921 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\ea3366939280c1715f1c620e33ee3c8a\System.ServiceProcess.ni.dll - ok
16:05:04.0921 0x0848  [ 9C42E435F629CD8512BECFA082762425 ] C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
16:05:04.0921 0x0848  C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe - ok
16:05:04.0937 0x0848  [ 283C0214276244E69CCCCE3154B53662 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll
16:05:04.0937 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\3da96ee075bab9202626ae44c18d226c\System.Drawing.ni.dll - ok
16:05:04.0937 0x0848  [ 6F3F2B195E68EEA369365B06289BA197 ] C:\Program Files\HP\HPLaserJetService\HPTools.dll
16:05:04.0937 0x0848  C:\Program Files\HP\HPLaserJetService\HPTools.dll - ok
16:05:04.0953 0x0848  [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
16:05:04.0953 0x0848  C:\WINDOWS\system32\drivers\http.sys - ok
16:05:04.0968 0x0848  [ E201F488C4993C46DBFC46E86558295C ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll
16:05:04.0968 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\773a9786013451d3baaeff003dc4230f\System.Xml.ni.dll - ok
16:05:04.0984 0x0848  [ 0C32BC7B1D60F3A4DFC1BB818BDE35C7 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll
16:05:04.0984 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\63406259e94d5c0ff5b79401dfe113ce\System.Windows.Forms.ni.dll - ok
16:05:04.0984 0x0848  [ 4F4D4AA1E0849FECC0CF5AACD59030B5 ] C:\Program Files\Java\jre7\bin\jqs.exe
16:05:04.0984 0x0848  C:\Program Files\Java\jre7\bin\jqs.exe - ok
16:05:05.0000 0x0848  [ 6100A808600F44D999CEBDEF8841C7A3 ] C:\WINDOWS\system32\w3ssl.dll
16:05:05.0000 0x0848  C:\WINDOWS\system32\w3ssl.dll - ok
16:05:05.0015 0x0848  [ 4A93B65CFB514F2EA76B59568D5F39CE ] C:\WINDOWS\system32\strmfilt.dll
16:05:05.0015 0x0848  C:\WINDOWS\system32\strmfilt.dll - ok
16:05:05.0031 0x0848  [ B7C7FA3BEDE83AC5F1DE03B30D494CC1 ] C:\WINDOWS\system32\httpapi.dll
16:05:05.0031 0x0848  C:\WINDOWS\system32\httpapi.dll - ok
16:05:05.0031 0x0848  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
16:05:05.0031 0x0848  C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
16:05:05.0046 0x0848  [ 65085456FD9A74D7F1A999520C299ECB ] C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:05:05.0046 0x0848  C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe - ok
16:05:05.0062 0x0848  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
16:05:05.0062 0x0848  C:\WINDOWS\system32\srvsvc.dll - ok
16:05:05.0078 0x0848  [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
16:05:05.0078 0x0848  C:\WINDOWS\system32\netmsg.dll - ok
16:05:05.0078 0x0848  [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
16:05:05.0078 0x0848  C:\WINDOWS\system32\perfos.dll - ok
16:05:05.0093 0x0848  [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
16:05:05.0093 0x0848  C:\WINDOWS\system32\perfdisk.dll - ok
16:05:05.0109 0x0848  [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
16:05:05.0109 0x0848  C:\WINDOWS\system32\drivers\srv.sys - ok
16:05:05.0109 0x0848  [ EF39CCCC9AD927A25334AE0B41A8A343 ] C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll
16:05:05.0109 0x0848  C:\Program Files\Malwarebytes' Anti-Malware\mbam.dll - ok
16:05:05.0125 0x0848  [ 9275F02BEA644F43A459E316A932658F ] C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll
16:05:05.0125 0x0848  C:\Program Files\Malwarebytes' Anti-Malware\mbamnet.dll - ok
16:05:05.0140 0x0848  [ 767125B367AFA21AC588BBF48F0791B9 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll
16:05:05.0140 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\b82c00e2d24305ad6cb08556e3779b75\System.Configuration.ni.dll - ok
16:05:05.0156 0x0848  [ 219AF0F9A54EBEEB3E7E20025D801034 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll
16:05:05.0156 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
16:05:05.0156 0x0848  [ 51301ACC5E5FDA65CFA1968395E5D951 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe
16:05:05.0156 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
16:05:05.0171 0x0848  [ E0D7732F2D2E24B2DB3F67B6750295B8 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
16:05:05.0171 0x0848  C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe - ok
16:05:05.0171 0x0848  [ 9EFA9CBF9D32A1B7FDAF98B3CC5A81A8 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll
16:05:05.0171 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\47d87251e93256c635eb73403b8db33e\System.Core.ni.dll - ok
16:05:05.0187 0x0848  [ 036D586FC97515EE59AD1993159C926F ] C:\Program Files\HP\StatusAlerts\bin\HPTools.dll
16:05:05.0187 0x0848  C:\Program Files\HP\StatusAlerts\bin\HPTools.dll - ok
16:05:05.0203 0x0848  [ 74D688942D666AF69256244845B8CBE8 ] C:\Program Files\HP\StatusAlerts\bin\AppConstants.dll
16:05:05.0203 0x0848  C:\Program Files\HP\StatusAlerts\bin\AppConstants.dll - ok
16:05:05.0218 0x0848  [ 661C0EF4D7A479FC55305BD350921DA1 ] C:\Program Files\HP\StatusAlerts\bin\HPAppTools.dll
16:05:05.0218 0x0848  C:\Program Files\HP\StatusAlerts\bin\HPAppTools.dll - ok
16:05:05.0218 0x0848  [ E5B7636C7784DC4DA7D6FCE8D08E0AB7 ] C:\Program Files\HP\StatusAlerts\bin\HPToolkit.dll
16:05:05.0218 0x0848  C:\Program Files\HP\StatusAlerts\bin\HPToolkit.dll - ok
16:05:05.0234 0x0848  [ 80D8679BF84A9383BFF33E07D5D9FC35 ] C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll
16:05:05.0234 0x0848  C:\Program Files\Malwarebytes' Anti-Malware\mbamcore.dll - ok
16:05:05.0250 0x0848  [ 98B17BDA1D0BEA2FC8313DB218C0139F ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
16:05:05.0250 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
16:05:05.0250 0x0848  [ 30B5A2254561E21CCC7BA21F80165D0B ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll
16:05:05.0250 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
16:05:05.0265 0x0848  [ 44DE39CB56D1919346C09C92A4B57C69 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
16:05:05.0265 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
16:05:05.0281 0x0848  [ A83BB37C146ACB603BEDCCBAEF510952 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll
16:05:05.0281 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml.Linq\c338a470b14851ce5987bb0f0869c310\System.Xml.Linq.ni.dll - ok
16:05:05.0281 0x0848  [ 88E05F3B2031980A48D458EB78C67659 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
16:05:05.0281 0x0848  C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
16:05:05.0296 0x0848  [ E14536B3A7F10E5061F9542EB35A5FBB ] C:\Program Files\HP\HPBDSService\hpbsiswitch.dll
16:05:05.0296 0x0848  C:\Program Files\HP\HPBDSService\hpbsiswitch.dll - ok
16:05:05.0312 0x0848  [ F7C14F5077BF2BC476C348B88A7F74E2 ] C:\WINDOWS\system32\HPZinw12.dll
16:05:05.0312 0x0848  C:\WINDOWS\system32\HPZinw12.dll - ok
16:05:05.0312 0x0848  [ EEEA4A259891D43FEC7C25E45973740D ] C:\WINDOWS\system32\NMSSvc.Exe
16:05:05.0328 0x0848  C:\WINDOWS\system32\NMSSvc.Exe - ok
16:05:05.0328 0x0848  [ D1D5DAB39DCB4BE0359943738D87409B ] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
16:05:05.0328 0x0848  C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe - ok
16:05:05.0343 0x0848  [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
16:05:05.0343 0x0848  C:\WINDOWS\system32\shfolder.dll - ok
16:05:05.0359 0x0848  [ 2849F13593D2712CCB97FFBDD3C1232E ] C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
16:05:05.0359 0x0848  C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll - ok
16:05:05.0359 0x0848  [ 1755B5FC0D1FC5AEFC3B836EC421F9CC ] C:\Program Files\HP\HPLaserJetService\HPServiceCommunicator.dll
16:05:05.0359 0x0848  C:\Program Files\HP\HPLaserJetService\HPServiceCommunicator.dll - ok
16:05:05.0375 0x0848  [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
16:05:05.0375 0x0848  C:\WINDOWS\system32\ipsecsvc.dll - ok
16:05:05.0390 0x0848  [ 25BAE9B9DA579EED76B8F6F98DEA7C83 ] C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
16:05:05.0390 0x0848  C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS - ok
16:05:05.0406 0x0848  [ E638656001C52A1FAA34F92E6D3A086B ] C:\WINDOWS\system32\HPZipm12.dll
16:05:05.0406 0x0848  C:\WINDOWS\system32\HPZipm12.dll - ok
16:05:05.0406 0x0848  [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
16:05:05.0406 0x0848  C:\WINDOWS\system32\oakley.dll - ok
16:05:05.0421 0x0848  [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
16:05:05.0421 0x0848  C:\WINDOWS\system32\seclogon.dll - ok
16:05:05.0421 0x0848  [ 05E383849FA1FBBBC160612B0080618C ] C:\Program Files\Secunia\PSI\psia.exe
16:05:05.0421 0x0848  C:\Program Files\Secunia\PSI\psia.exe - ok
16:05:05.0437 0x0848  [ 001D2D7554457070FC760E2DFEDA29A8 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll
16:05:05.0437 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\a6b58624486714fa71e5e35186850ff0\System.Deployment.ni.dll - ok
16:05:05.0453 0x0848  [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
16:05:05.0453 0x0848  C:\WINDOWS\system32\winipsec.dll - ok
16:05:05.0453 0x0848  [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
16:05:05.0453 0x0848  C:\WINDOWS\system32\pstorsvc.dll - ok
16:05:05.0468 0x0848  [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
16:05:05.0468 0x0848  C:\WINDOWS\system32\psbase.dll - ok
16:05:05.0484 0x0848  [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
16:05:05.0484 0x0848  C:\WINDOWS\system32\dssenh.dll - ok
16:05:05.0500 0x0848  [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
16:05:05.0500 0x0848  C:\WINDOWS\system32\fltlib.dll - ok
16:05:05.0500 0x0848  [ F39583275D3BFD6E4D46041200C0D536 ] C:\Program Files\HP\HPLaserJetService\HPHTTPProxy.dll
16:05:05.0500 0x0848  C:\Program Files\HP\HPLaserJetService\HPHTTPProxy.dll - ok
16:05:05.0515 0x0848  [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
16:05:05.0515 0x0848  C:\WINDOWS\system32\drivers\fastfat.sys - ok
16:05:05.0531 0x0848  [ 2EEDDC646A649A1A642FA3DD4D6EC9F1 ] C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll
16:05:05.0531 0x0848  C:\Program Files\HP\HPLaserJetService\LEDMXMLObjects.dll - ok
16:05:05.0546 0x0848  [ F8173F1454F21C451439CB47EF75830A ] C:\Program Files\Secunia\PSI\sua.exe
16:05:05.0546 0x0848  C:\Program Files\Secunia\PSI\sua.exe - ok
16:05:05.0546 0x0848  [ 1E6C47B63CD2F812DE0F4A9F610FABB4 ] C:\WINDOWS\system32\jscript.dll
16:05:05.0546 0x0848  C:\WINDOWS\system32\jscript.dll - ok
16:05:05.0562 0x0848  [ 2BC8C429E7835E8CFE66A45249E45D38 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll
16:05:05.0562 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\3963ce03d445a8619abbf388d590134b\System.Web.ni.dll - ok
16:05:05.0578 0x0848  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
16:05:05.0578 0x0848  C:\WINDOWS\system32\sens.dll - ok
16:05:05.0578 0x0848  [ BF92B7926165FDA4BDD0B4441927CFD0 ] C:\Program Files\HP\StatusAlerts\bin\HPServiceCommunicator.dll
16:05:05.0578 0x0848  C:\Program Files\HP\StatusAlerts\bin\HPServiceCommunicator.dll - ok
16:05:05.0593 0x0848  [ 7C15061CD0372487903B07B9BB03AFAD ] C:\Program Files\Skype\Updater\Updater.exe
16:05:05.0593 0x0848  C:\Program Files\Skype\Updater\Updater.exe - ok
16:05:05.0609 0x0848  [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
16:05:05.0609 0x0848  C:\WINDOWS\system32\srsvc.dll - ok
16:05:05.0609 0x0848  [ 581176F60885AEF8F78C6E38DCC3CDF9 ] C:\WINDOWS\system32\MsPMSPSv.exe
16:05:05.0609 0x0848  C:\WINDOWS\system32\MsPMSPSv.exe - ok
16:05:05.0625 0x0848  [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
16:05:05.0625 0x0848  C:\WINDOWS\system32\trkwks.dll - ok
16:05:05.0640 0x0848  [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
16:05:05.0640 0x0848  C:\WINDOWS\system32\termsrv.dll - ok
16:05:05.0656 0x0848  [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
16:05:05.0656 0x0848  C:\WINDOWS\system32\wiaservc.dll - ok
16:05:05.0656 0x0848  [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
16:05:05.0656 0x0848  C:\WINDOWS\system32\icaapi.dll - ok
16:05:05.0687 0x0848  [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
16:05:05.0687 0x0848  C:\WINDOWS\system32\wbem\wmisvc.dll - ok
16:05:05.0687 0x0848  [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
16:05:05.0687 0x0848  C:\WINDOWS\system32\mscms.dll - ok
16:05:05.0687 0x0848  [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
16:05:05.0687 0x0848  C:\WINDOWS\system32\mstlsapi.dll - ok
16:05:05.0703 0x0848  [ E46050330BD42F33609117F861E32D3C ] C:\WINDOWS\system32\dmadmin.exe
16:05:05.0703 0x0848  C:\WINDOWS\system32\dmadmin.exe - ok
16:05:05.0718 0x0848  [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
16:05:05.0718 0x0848  C:\WINDOWS\system32\vssapi.dll - ok
16:05:05.0734 0x0848  [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
16:05:05.0734 0x0848  C:\WINDOWS\system32\clusapi.dll - ok
16:05:05.0750 0x0848  [ 3B548248A510EC24C8E46EA7D013E225 ] C:\WINDOWS\system32\dmutil.dll
16:05:05.0750 0x0848  C:\WINDOWS\system32\dmutil.dll - ok
16:05:05.0750 0x0848  [ 1F82BA9A2B2E6C8F62AD6EFB08D5DC2C ] C:\WINDOWS\system32\osuninst.dll
16:05:05.0750 0x0848  C:\WINDOWS\system32\osuninst.dll - ok
16:05:05.0765 0x0848  [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
16:05:05.0765 0x0848  C:\WINDOWS\system32\cabinet.dll - ok
16:05:05.0781 0x0848  [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
16:05:05.0781 0x0848  C:\WINDOWS\system32\wuauserv.dll - ok
16:05:05.0796 0x0848  [ 7778BDFA3F6F6FBA0E75B9594098F737 ] C:\WINDOWS\system32\searchindexer.exe
16:05:05.0796 0x0848  C:\WINDOWS\system32\searchindexer.exe - ok
16:05:05.0796 0x0848  [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
16:05:05.0796 0x0848  C:\WINDOWS\system32\browser.dll - ok
16:05:05.0812 0x0848  [ 2CFE3E7ABCDAE404508C20574F8AA9E7 ] C:\WINDOWS\system32\BrWia05a.dll
16:05:05.0812 0x0848  C:\WINDOWS\system32\BrWia05a.dll - ok
16:05:05.0828 0x0848  [ F8BA63FF5016E758AA05D20424FDDEF2 ] C:\WINDOWS\system32\BrUSi05a.dll
16:05:05.0828 0x0848  C:\WINDOWS\system32\BrUSi05a.dll - ok
16:05:05.0828 0x0848  [ C7C84DF7233F4834CD190F3DCCAF50CA ] C:\WINDOWS\system32\rdpwsx.dll
16:05:05.0828 0x0848  C:\WINDOWS\system32\rdpwsx.dll - ok
16:05:05.0843 0x0848  [ E9610E3E8EC4043767601F5F16C6D4EC ] C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\libcef.dll
16:05:05.0843 0x0848  C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\libcef.dll - ok
16:05:05.0859 0x0848  [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
16:05:05.0859 0x0848  C:\WINDOWS\system32\wuaueng.dll - ok
16:05:05.0859 0x0848  [ C56B6D0402371CF3700EB322EF3AAF61 ] C:\WINDOWS\system32\drivers\tdtcp.sys
16:05:05.0859 0x0848  C:\WINDOWS\system32\drivers\tdtcp.sys - ok
16:05:05.0875 0x0848  [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] C:\WINDOWS\system32\drivers\rdpwd.sys
16:05:05.0875 0x0848  C:\WINDOWS\system32\drivers\rdpwd.sys - ok
16:05:05.0890 0x0848  [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
16:05:05.0890 0x0848  C:\WINDOWS\system32\mspatcha.dll - ok
16:05:05.0890 0x0848  [ E65C5F612400B39D7AA83E7057D798C2 ] C:\WINDOWS\system32\mssrch.dll
16:05:05.0890 0x0848  C:\WINDOWS\system32\mssrch.dll - ok
16:05:05.0906 0x0848  [ F06DCAD6B2029B3C17E60AAA1C1BC31A ] C:\WINDOWS\system32\hpbuio32.dll
16:05:05.0906 0x0848  C:\WINDOWS\system32\hpbuio32.dll - ok
16:05:05.0921 0x0848  [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
16:05:05.0921 0x0848  C:\WINDOWS\system32\comsvcs.dll - ok
16:05:05.0921 0x0848  [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
16:05:05.0921 0x0848  C:\WINDOWS\system32\colbact.dll - ok
16:05:05.0937 0x0848  [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
16:05:05.0937 0x0848  C:\WINDOWS\system32\mtxclu.dll - ok
16:05:05.0953 0x0848  [ 5BF5AFF1249DE0F9827619FF11A85B3A ] C:\Program Files\Alwil Software\Avast5\AhResBhv.dll
16:05:05.0953 0x0848  C:\Program Files\Alwil Software\Avast5\AhResBhv.dll - ok
16:05:05.0953 0x0848  [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
16:05:05.0953 0x0848  C:\WINDOWS\system32\resutils.dll - ok
16:05:05.0968 0x0848  [ 6EA039F3089DDD2D167CEBFED8EEC737 ] C:\Program Files\Alwil Software\Avast5\AhResJs.dll
16:05:05.0968 0x0848  C:\Program Files\Alwil Software\Avast5\AhResJs.dll - ok
16:05:05.0984 0x0848  [ EE26905023EAD1C447FDD4AD3806A134 ] C:\Program Files\Alwil Software\Avast5\AhResMai.dll
16:05:05.0984 0x0848  C:\Program Files\Alwil Software\Avast5\AhResMai.dll - ok
16:05:05.0984 0x0848  [ FA1A4A3E5A3CDDB80AA927566BBF134E ] C:\Program Files\Alwil Software\Avast5\AhResMes.dll
16:05:05.0984 0x0848  C:\Program Files\Alwil Software\Avast5\AhResMes.dll - ok
16:05:06.0000 0x0848  [ FBEAA8A73F4931AAB9A56F7502F3E060 ] C:\Program Files\Alwil Software\Avast5\AhResNS.dll
16:05:06.0000 0x0848  C:\Program Files\Alwil Software\Avast5\AhResNS.dll - ok
16:05:06.0000 0x0848  [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
16:05:06.0000 0x0848  C:\WINDOWS\system32\wups.dll - ok
16:05:06.0015 0x0848  [ 53DC748F87763A92D4D4607C17F3084B ] C:\Program Files\Alwil Software\Avast5\AhResP2P.dll
16:05:06.0015 0x0848  C:\Program Files\Alwil Software\Avast5\AhResP2P.dll - ok
16:05:06.0031 0x0848  [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
16:05:06.0031 0x0848  C:\WINDOWS\system32\wups2.dll - ok
16:05:06.0046 0x0848  [ 9285DDCA0A51993F54E84F1C3B961C34 ] C:\Program Files\Alwil Software\Avast5\AhResStd.dll
16:05:06.0046 0x0848  C:\Program Files\Alwil Software\Avast5\AhResStd.dll - ok
16:05:06.0046 0x0848  [ 9B4C0681BB7C1C5FA9BE7E5061518C0B ] C:\Program Files\Alwil Software\Avast5\AhResWS.dll
16:05:06.0046 0x0848  C:\Program Files\Alwil Software\Avast5\AhResWS.dll - ok
16:05:06.0062 0x0848  [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
16:05:06.0062 0x0848  C:\WINDOWS\system32\ipnathlp.dll - ok
16:05:06.0078 0x0848  [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
16:05:06.0078 0x0848  C:\WINDOWS\system32\wscsvc.dll - ok
16:05:06.0078 0x0848  [ 43E4758953F454090CAD65C303796ED5 ] C:\WINDOWS\system32\query.dll
16:05:06.0078 0x0848  C:\WINDOWS\system32\query.dll - ok
16:05:06.0093 0x0848  [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll
16:05:06.0093 0x0848  C:\WINDOWS\system32\wlanapi.dll - ok
16:05:06.0109 0x0848  [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
16:05:06.0109 0x0848  C:\WINDOWS\system32\wbem\wbemcore.dll - ok
16:05:06.0125 0x0848  [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
16:05:06.0125 0x0848  C:\WINDOWS\system32\wbem\esscli.dll - ok
16:05:06.0125 0x0848  [ 80950A4A59CCD41D63FB3601CBCB1EA4 ] C:\Program Files\HP\StatusAlerts\bin\Alerts.dll
16:05:06.0125 0x0848  C:\Program Files\HP\StatusAlerts\bin\Alerts.dll - ok
16:05:06.0140 0x0848  [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
16:05:06.0140 0x0848  C:\WINDOWS\system32\wbem\fastprox.dll - ok
16:05:06.0156 0x0848  [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
16:05:06.0156 0x0848  C:\WINDOWS\system32\xmllite.dll - ok
16:05:06.0156 0x0848  [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
16:05:06.0156 0x0848  C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
16:05:06.0171 0x0848  [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
16:05:06.0171 0x0848  C:\WINDOWS\system32\rasdlg.dll - ok
16:05:06.0187 0x0848  [ FFB3115AA757ABEFBA7FBA90BAD5DD0A ] C:\WINDOWS\system32\en-us\tquery.dll.mui
16:05:06.0187 0x0848  C:\WINDOWS\system32\en-us\tquery.dll.mui - ok
16:05:06.0187 0x0848  [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
16:05:06.0187 0x0848  C:\WINDOWS\system32\wbem\wmiutils.dll - ok
16:05:06.0203 0x0848  [ 4F81B90F1B89D9425C535BC896765125 ] C:\Program Files\HP\StatusAlerts\bin\DMBaseObjects.dll
16:05:06.0203 0x0848  C:\Program Files\HP\StatusAlerts\bin\DMBaseObjects.dll - ok
16:05:06.0218 0x0848  [ 8F580BCC5296ECC9DC8A649D75BE6BA5 ] C:\WINDOWS\system32\msscb.dll
16:05:06.0218 0x0848  C:\WINDOWS\system32\msscb.dll - ok
16:05:06.0218 0x0848  [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
16:05:06.0218 0x0848  C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
16:05:06.0234 0x0848  [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
16:05:06.0234 0x0848  C:\WINDOWS\system32\wuauclt.exe - ok
16:05:06.0250 0x0848  [ 45F9D6B6379D15074F57C03839E17D87 ] C:\Program Files\HP\StatusAlerts\bin\LEDMMapperObjects.dll
16:05:06.0250 0x0848  C:\Program Files\HP\StatusAlerts\bin\LEDMMapperObjects.dll - ok
16:05:06.0250 0x0848  [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
16:05:06.0250 0x0848  C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
16:05:06.0265 0x0848  [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
16:05:06.0265 0x0848  C:\WINDOWS\system32\wbem\wbemess.dll - ok
16:05:06.0281 0x0848  [ 22DE65493BD220BDE2A3EAC334E17D08 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll
16:05:06.0281 0x0848  C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\bfd6e16d8c3589cd2bd3f8d46f0a5402\System.Runtime.Serialization.Formatters.Soap.ni.dll - ok
16:05:06.0281 0x0848  [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
16:05:06.0281 0x0848  C:\WINDOWS\system32\drprov.dll - ok
16:05:06.0296 0x0848  [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
16:05:06.0296 0x0848  C:\WINDOWS\system32\ntlanman.dll - ok
16:05:06.0312 0x0848  [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
16:05:06.0312 0x0848  C:\WINDOWS\system32\netui0.dll - ok
16:05:06.0328 0x0848  [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
16:05:06.0328 0x0848  C:\WINDOWS\system32\netui1.dll - ok
16:05:06.0328 0x0848  [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
16:05:06.0328 0x0848  C:\WINDOWS\system32\wuapi.dll - ok
16:05:06.0343 0x0848  [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
16:05:06.0343 0x0848  C:\WINDOWS\system32\davclnt.dll - ok
16:05:06.0359 0x0848  [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
16:05:06.0359 0x0848  C:\WINDOWS\system32\wscntfy.exe - ok
16:05:06.0359 0x0848  [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
16:05:06.0359 0x0848  C:\WINDOWS\system32\wbem\ncprov.dll - ok
16:05:06.0375 0x0848  [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
16:05:06.0375 0x0848  C:\WINDOWS\system32\usp10.dll - ok
16:05:06.0390 0x0848  [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
16:05:06.0390 0x0848  C:\WINDOWS\system32\perfproc.dll - ok
16:05:06.0406 0x0848  [ 5434E18B933E03F274D8DA59FDA4C676 ] C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\icudt.dll
16:05:06.0406 0x0848  C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\icudt.dll - ok
16:05:06.0406 0x0848  [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
16:05:06.0406 0x0848  C:\WINDOWS\system32\tapisrv.dll - ok
16:05:06.0421 0x0848  [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
16:05:06.0421 0x0848  C:\WINDOWS\system32\wbem\wbemcons.dll - ok
16:05:06.0437 0x0848  [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
16:05:06.0437 0x0848  C:\WINDOWS\system32\rasmans.dll - ok
16:05:06.0437 0x0848  [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
16:05:06.0437 0x0848  C:\WINDOWS\system32\imapi.exe - ok
16:05:06.0453 0x0848  [ 058710B720282CA82B909912D3EF28DB ] C:\WINDOWS\regedit.exe
16:05:06.0453 0x0848  C:\WINDOWS\regedit.exe - ok
16:05:06.0468 0x0848  [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
16:05:06.0468 0x0848  C:\WINDOWS\system32\netcfgx.dll - ok
16:05:06.0468 0x0848  [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
16:05:06.0484 0x0848  C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
16:05:06.0484 0x0848  [ E6BE7A41A28D8F2DB174957454D32448 ] C:\Program Files\iPod\bin\iPodService.exe
16:05:06.0484 0x0848  C:\Program Files\iPod\bin\iPodService.exe - ok
16:05:06.0500 0x0848  [ 8BEAF2B4BCDE405AF7EC46A9E03B2D65 ] C:\WINDOWS\system32\mssprxy.dll
16:05:06.0500 0x0848  C:\WINDOWS\system32\mssprxy.dll - ok
16:05:06.0515 0x0848  [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
16:05:06.0515 0x0848  C:\WINDOWS\system32\upnp.dll - ok
16:05:06.0515 0x0848  [ 96A0066AB9872D3575575A463C53FF6C ] C:\WINDOWS\system32\aclui.dll
16:05:06.0515 0x0848  C:\WINDOWS\system32\aclui.dll - ok
16:05:06.0531 0x0848  [ 37461F2C3F212CF508A20FDC729ABDE5 ] C:\WINDOWS\system32\clb.dll
16:05:06.0531 0x0848  C:\WINDOWS\system32\clb.dll - ok
16:05:06.0546 0x0848  [ 751068D5D0ECD64A4810379729A1F0BC ] C:\WINDOWS\system32\ulib.dll
16:05:06.0546 0x0848  C:\WINDOWS\system32\ulib.dll - ok
16:05:06.0562 0x0848  [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
16:05:06.0562 0x0848  C:\WINDOWS\system32\ssdpapi.dll - ok
16:05:06.0562 0x0848  [ C4894B3B448B647BEDC9E916D181BDBE ] C:\WINDOWS\system32\searchprotocolhost.exe
16:05:06.0562 0x0848  C:\WINDOWS\system32\searchprotocolhost.exe - ok
16:05:06.0578 0x0848  [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
16:05:06.0578 0x0848  C:\WINDOWS\system32\rastapi.dll - ok
16:05:06.0593 0x0848  [ CDBBFFD3ADAA56C4C8E0A9690FE83476 ] C:\Program Files\Outlook Express\msoe.dll
16:05:06.0593 0x0848  C:\Program Files\Outlook Express\msoe.dll - ok
16:05:06.0609 0x0848  [ 731F22BA402EE4B62748ADAF6363C182 ] C:\WINDOWS\system32\drivers\ipfltdrv.sys
16:05:06.0609 0x0848  C:\WINDOWS\system32\drivers\ipfltdrv.sys - ok
16:05:06.0609 0x0848  [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
16:05:06.0609 0x0848  C:\WINDOWS\system32\unimdm.tsp - ok
16:05:06.0625 0x0848  [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
16:05:06.0625 0x0848  C:\WINDOWS\system32\uniplat.dll - ok
16:05:06.0640 0x0848  [ 419F4D80FE7E34E2626C84B3C6035955 ] C:\WINDOWS\system32\drivers\NMSCFG.SYS
16:05:06.0640 0x0848  C:\WINDOWS\system32\drivers\NMSCFG.SYS - ok
16:05:06.0640 0x0848  [ 0485AB01B862FB91C21D39BD60BDF2AC ] C:\WINDOWS\system32\msoert2.dll
16:05:06.0640 0x0848  C:\WINDOWS\system32\msoert2.dll - ok
16:05:06.0656 0x0848  [ 871888B4AA0CA343E73C81E94AD4ED93 ] C:\WINDOWS\system32\msoeacct.dll
16:05:06.0656 0x0848  C:\WINDOWS\system32\msoeacct.dll - ok
16:05:06.0671 0x0848  [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
16:05:06.0671 0x0848  C:\WINDOWS\system32\ssdpsrv.dll - ok
16:05:06.0687 0x0848  [ CE4B444BD0CDCD45D57D17C206159BED ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
16:05:06.0687 0x0848  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
16:05:06.0687 0x0848  [ 57AA18B2896055E8CB269B19DD85E7F3 ] C:\WINDOWS\system32\inetcomm.dll
16:05:06.0687 0x0848  C:\WINDOWS\system32\inetcomm.dll - ok
16:05:06.0703 0x0848  [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
16:05:06.0703 0x0848  C:\WINDOWS\system32\alg.exe - ok
16:05:06.0703 0x0848  [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
16:05:06.0703 0x0848  C:\WINDOWS\system32\kmddsp.tsp - ok
16:05:06.0718 0x0848  [ EDC992A51A19205C619C48261DD53655 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
16:05:06.0718 0x0848  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
16:05:06.0734 0x0848  [ 441086F355F0DEA94621984C9A3BE765 ] C:\WINDOWS\system32\acctres.dll
16:05:06.0734 0x0848  C:\WINDOWS\system32\acctres.dll - ok
16:05:06.0750 0x0848  [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
16:05:06.0750 0x0848  C:\WINDOWS\system32\ndptsp.tsp - ok
16:05:06.0750 0x0848  [ A6F6923B46802785B9A47A03AE3CD8BF ] C:\WINDOWS\system32\inetres.dll
16:05:06.0750 0x0848  C:\WINDOWS\system32\inetres.dll - ok
16:05:06.0765 0x0848  [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
16:05:06.0765 0x0848  C:\WINDOWS\system32\ipconf.tsp - ok
16:05:06.0781 0x0848  [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
16:05:06.0781 0x0848  C:\WINDOWS\system32\wbem\wmiprov.dll - ok
16:05:06.0781 0x0848  [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
16:05:06.0781 0x0848  C:\WINDOWS\system32\h323.tsp - ok
16:05:06.0796 0x0848  [ 4774D83BE60B7F47C612E25D6FE0F010 ] C:\WINDOWS\system32\msshooks.dll
16:05:06.0796 0x0848  C:\WINDOWS\system32\msshooks.dll - ok
16:05:06.0812 0x0848  [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
16:05:06.0812 0x0848  C:\WINDOWS\system32\hidphone.tsp - ok
16:05:06.0828 0x0848  [ 116AA2B169ABD0B620961CAFF0AEAC84 ] C:\Program Files\Outlook Express\msoeres.dll
16:05:06.0828 0x0848  C:\Program Files\Outlook Express\msoeres.dll - ok
16:05:06.0828 0x0848  [ 3EBDCDE525EC17C670C574B5D5D221FF ] C:\Program Files\Alwil Software\Avast5\defs\13092002\ArPot.dll
16:05:06.0828 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\ArPot.dll - ok
16:05:06.0843 0x0848  [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
16:05:06.0843 0x0848  C:\WINDOWS\system32\rasppp.dll - ok
16:05:06.0859 0x0848  [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
16:05:06.0859 0x0848  C:\WINDOWS\system32\ntlsapi.dll - ok
16:05:06.0859 0x0848  [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
16:05:06.0859 0x0848  C:\WINDOWS\system32\rasqec.dll - ok
16:05:06.0875 0x0848  [ 85AC5F11D4759D13674B3E92EAC3F140 ] C:\WINDOWS\system32\msident.dll
16:05:06.0875 0x0848  C:\WINDOWS\system32\msident.dll - ok
16:05:06.0890 0x0848  [ DD963E7DAC38C2684AB69BB23321C020 ] C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll
16:05:06.0890 0x0848  C:\Program Files\Alwil Software\Avast5\ashMaiSv.dll - ok
16:05:06.0906 0x0848  [ 7ED041C7F82A381417AA3F43AB55F95A ] C:\WINDOWS\system32\msidntld.dll
16:05:06.0906 0x0848  C:\WINDOWS\system32\msidntld.dll - ok
16:05:06.0906 0x0848  [ A14D324C50EB71FB480DDD60481D0C04 ] C:\WINDOWS\system32\pstorec.dll
16:05:06.0906 0x0848  C:\WINDOWS\system32\pstorec.dll - ok
16:05:06.0921 0x0848  [ 44BD658E0E4D21C42023AD9EBEFFDB90 ] C:\Program Files\Alwil Software\Avast5\ssleay32.dll
16:05:06.0921 0x0848  C:\Program Files\Alwil Software\Avast5\ssleay32.dll - ok
16:05:06.0937 0x0848  [ 8ED6DA45BAB5CFC809229F26D4D4A2CE ] C:\Program Files\Alwil Software\Avast5\libeay32.dll
16:05:06.0937 0x0848  C:\Program Files\Alwil Software\Avast5\libeay32.dll - ok
16:05:06.0953 0x0848  [ A0C2CB21F4B521429F033FDEB18D63D7 ] C:\Program Files\Common Files\System\directdb.dll
16:05:06.0953 0x0848  C:\Program Files\Common Files\System\directdb.dll - ok
16:05:06.0968 0x0848  [ D2CB96F7D1B96EBF6B153F05921B82E1 ] C:\WINDOWS\system32\msfeeds.dll
16:05:06.0968 0x0848  C:\WINDOWS\system32\msfeeds.dll - ok
16:05:06.0968 0x0848  [ 79ED352549EB6D5B1A454916C37D2E85 ] C:\WINDOWS\system32\UncPH.dll
16:05:06.0968 0x0848  C:\WINDOWS\system32\UncPH.dll - ok
16:05:06.0984 0x0848  [ B6D90C99A72044AEF85A2B7D78FEBEF4 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\exts.dll
16:05:06.0984 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\exts.dll - ok
16:05:06.0984 0x0848  [ 87889A983C015080FA813D7E32910D1E ] C:\WINDOWS\system32\searchfilterhost.exe
16:05:06.0984 0x0848  C:\WINDOWS\system32\searchfilterhost.exe - ok
16:05:07.0000 0x0848  [ 01941FC68B93357C30017F33E1D2C5F8 ] C:\Program Files\Alwil Software\Avast5\snxhk.dll
16:05:07.0000 0x0848  C:\Program Files\Alwil Software\Avast5\snxhk.dll - ok
16:05:07.0015 0x0848  [ 0652852AC9AF6C292D10F36533D375C8 ] C:\Program Files\Alwil Software\Avast5\ashWebSv.dll
16:05:07.0015 0x0848  C:\Program Files\Alwil Software\Avast5\ashWebSv.dll - ok
16:05:07.0031 0x0848  [ E73274AB53EB0E32B2EE0D090320DEB8 ] C:\Program Files\Java\jre7\bin\keytool.exe
16:05:07.0031 0x0848  C:\Program Files\Java\jre7\bin\keytool.exe - ok
16:05:07.0031 0x0848  [ 1D871ADE6939C0BA786E2843084C1100 ] C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll
16:05:07.0031 0x0848  C:\Program Files\Alwil Software\Avast5\ashWsFtr.dll - ok
16:05:07.0046 0x0848  [ 67C00DCE9154BA38F653E28B6B674B80 ] C:\Program Files\Java\jre7\bin\jli.dll
16:05:07.0046 0x0848  C:\Program Files\Java\jre7\bin\jli.dll - ok
16:05:07.0062 0x0848  [ 25871081042C6C30DA3A0F84E1FA1FA8 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswAR.dll
16:05:07.0062 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswAR.dll - ok
16:05:07.0078 0x0848  [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
16:05:07.0078 0x0848  C:\WINDOWS\system32\licwmi.dll - ok
16:05:07.0078 0x0848  [ D5844C513D2C0E12061818DBC8D09DE9 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\aswRawFS.dll
16:05:07.0078 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\aswRawFS.dll - ok
16:05:07.0093 0x0848  [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
16:05:07.0093 0x0848  C:\WINDOWS\system32\wbem\framedyn.dll - ok
16:05:07.0109 0x0848  [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
16:05:07.0109 0x0848  C:\WINDOWS\system32\licdll.dll - ok
16:05:07.0125 0x0848  [ 3E1847D24A320D5C5FC2C9BB0E38A989 ] C:\Program Files\Alwil Software\Avast5\aswPatchMgt.dll
16:05:07.0125 0x0848  C:\Program Files\Alwil Software\Avast5\aswPatchMgt.dll - ok
16:05:07.0125 0x0848  [ EF8B383B78C689E3709733DC32D00E30 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
16:05:07.0125 0x0848  C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
16:05:07.0140 0x0848  [ 950D6743E2F056C5928194972A150B04 ] C:\Program Files\Alwil Software\Avast5\defs\13092002\swhealthex.dll
16:05:07.0140 0x0848  C:\Program Files\Alwil Software\Avast5\defs\13092002\swhealthex.dll - ok
16:05:07.0156 0x0848  [ 1B30B37ADC4F747823C513C51A2214A4 ] C:\Program Files\Alwil Software\Avast5\Setup\avast.setup
16:05:07.0156 0x0848  C:\Program Files\Alwil Software\Avast5\Setup\avast.setup - ok
16:05:07.0171 0x0848  [ 072EB0B839C66230C0270FF456926398 ] C:\Program Files\Java\jre7\bin\verify.dll
16:05:07.0171 0x0848  C:\Program Files\Java\jre7\bin\verify.dll - ok
16:05:07.0171 0x0848  [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
16:05:07.0171 0x0848  C:\WINDOWS\system32\wbem\cimwin32.dll - ok
16:05:07.0187 0x0848  [ 20FA028CB6506591A99C51432A3C0174 ] C:\WINDOWS\system32\langwrbk.dll
16:05:07.0187 0x0848  C:\WINDOWS\system32\langwrbk.dll - ok
16:05:07.0187 0x0848  [ 88D4171DA8B349B4BA1DF170E44D0775 ] C:\Program Files\Java\jre7\bin\java.dll
16:05:07.0203 0x0848  C:\Program Files\Java\jre7\bin\java.dll - ok
16:05:07.0203 0x0848  [ 9EFBB3055B3EECE5B0FC7BAED07A6EE9 ] C:\WINDOWS\system32\msxml6.dll
16:05:07.0203 0x0848  C:\WINDOWS\system32\msxml6.dll - ok
16:05:07.0218 0x0848  [ B6932761058DC21BEAA7A1245B1B20E6 ] C:\WINDOWS\system32\infosoft.dll
16:05:07.0218 0x0848  C:\WINDOWS\system32\infosoft.dll - ok
16:05:07.0234 0x0848  [ E86FEB7F883E356404A30BD55AF67AAB ] C:\Program Files\Java\jre7\bin\zip.dll
16:05:07.0234 0x0848  C:\Program Files\Java\jre7\bin\zip.dll - ok
16:05:07.0234 0x0848  [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
16:05:07.0234 0x0848  C:\WINDOWS\system32\wbem\wmipcima.dll - ok
16:05:07.0250 0x0848  [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
16:05:07.0250 0x0848  C:\WINDOWS\system32\qmgr.dll - ok
16:05:07.0265 0x0848  [ F1DAC7969C1337AF790BD1D981AA780C ] C:\WINDOWS\system32\qmgrprxy.dll
16:05:07.0265 0x0848  C:\WINDOWS\system32\qmgrprxy.dll - ok
16:05:07.0281 0x0848  [ 81284914EE1FBF94B1F631C220639960 ] C:\Program Files\Java\jre7\bin\sunec.dll
16:05:07.0281 0x0848  C:\Program Files\Java\jre7\bin\sunec.dll - ok
16:05:07.0281 0x0848  [ 87085C67F547CD929D4A04AD3964DA5E ] C:\Program Files\Java\jre7\bin\sunmscapi.dll
16:05:07.0281 0x0848  C:\Program Files\Java\jre7\bin\sunmscapi.dll - ok
16:05:07.0296 0x0848  [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
16:05:07.0296 0x0848  C:\WINDOWS\system32\oledlg.dll - ok
16:05:07.0312 0x0848  [ 68B57D7C11277EA89F78255480376B4D ] C:\WINDOWS\system32\drivers\psi_mf_x86.sys
16:05:07.0312 0x0848  C:\WINDOWS\system32\drivers\psi_mf_x86.sys - ok
16:05:07.0312 0x0848  ============================================================
16:05:07.0312 0x0848  Scan finished
16:05:07.0312 0x0848  ============================================================
16:05:07.0343 0x0824  Detected object count: 12
16:05:07.0343 0x0824  Actual detected object count: 12
16:07:29.0375 0x0824  ASPI ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0375 0x0824  ASPI ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0375 0x0824  HP DS Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0375 0x0824  HP DS Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0375 0x0824  HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0375 0x0824  HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0375 0x0824  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0375 0x0824  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0375 0x0824  NMSCFG ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0375 0x0824  NMSCFG ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0390 0x0824  NMSSvc ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0390 0x0824  NMSSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0390 0x0824  Pcouffin ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0390 0x0824  Pcouffin ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0390 0x0824  pfc ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0390 0x0824  pfc ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0390 0x0824  PictureTaker ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0390 0x0824  PictureTaker ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0406 0x0824  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0406 0x0824  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0406 0x0824  PrismXL ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0406 0x0824  PrismXL ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:07:29.0406 0x0824  WMDM PMSP Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:07:29.0406 0x0824  WMDM PMSP Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:09:06.0515 0x010c  Deinitialize success
 

 

 

RogueKiller V8.6.12 [Sep 18 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.adlice.com/forum/
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows XP (5.1.2600 Service Pack 3) 32 bits version
Started in : Normal mode
User : Sofia Meyen [Admin rights]
Mode : Remove -- Date : 09/20/2013 16:31:46
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 1 ¤¤¤
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> DELETED

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [LOADED] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection :  ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts

127.0.0.1       localhost

¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) (Standard disk drives) - Maxtor 6Y200P0 +++++
--- User ---
[MBR] 915ff5529833a59f6c45a5b82e3a97fa
[BSP] 0ff098391c96c40840912811f7a95559 : Windows XP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 63 | Size: 194466 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[0]_D_09202013_163146.txt >>
RKreport[0]_S_09202013_163114.txt



#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:53 AM

Posted 20 September 2013 - 08:41 PM




Hello yoyoam

Malwarebytes Anti-Rootkit

1.Download Malwarebytes Anti-Rootkit
2.Unzip the contents to a folder in a convenient location.
3.Open the folder where the contents were unzipped and run mbar.exe
4.Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
5.Click on the Cleanup button to remove any threats and reboot if prompted to do so.
6.Wait while the system shuts down and the cleanup process is performed.
7.Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
8.If no additional threats were found, verify that your system is now running normally, making sure that the following items are functional:
  • •Internet access
    •Windows Update
    •Windows Firewall
9.If there are additional problems with your system, such as any of those listed above or other system issues, then run the 'fixdamage' tool included with Malwarebytes Anti-Rootkit and reboot.
10.Verify that your system is now functioning normally.

Please download aswMBR to your desktop.
  • Double click the aswMBR.exe icon to run it
  • it will ask to download extra definitions - ALLOW IT
  • Click the Scan button to start the scan
  • On completion of the scan, click the save log button, save it to your desktop and post it in your next reply.
When you are complete please send me both reports

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 yoyoam

yoyoam
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 21 September 2013 - 11:50 AM

Hi Gringo,

 

I ran Malwarebytes Anti Rootkit including fixdamage. I let all the  microsoft automatic updates run. fixdamag4e seems to have resolved an automatic updates issue that I had trouble with for the last couple months.

The first time I tried to run mbar it aborted the scan because it could not access the drive, but after restarting the computer it went fine.

 

I also ran aswMBR. Should I click fixMBR before I close it out?

 

reports are below

 

The computer is running well apart from the hard drive issue. it is slow on startup (takes a few mitues with with the harddrive running with barely any interuptions) and has trouble with some other harddrive dependent items. one exampl;e is whenever i try to save a pdf scan in my brother scanner application ot takes at least 20 seconds of hard drive ratteling befor it pulls up the save as window.

If it were not for that sort of stuff I would start thinking the hard drive thing might be simply an issue of lack of RAM. What do you thinf 

 

Thank you

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_39

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.049000 GHz
Memory total: 1609871360, free: 663359488

Downloaded database version: v2013.09.20.10
Downloaded database version: v2013.09.20.01
Initializing...
======================
Done!
Can't access volume using primary device, the volume might be encrypted.
The system volume seems inaccessible or encrypted. Scan can't continue.
=======================================
Can't access volume using primary device, the volume might be encrypted.
The system volume seems inaccessible or encrypted. Scan can't continue.
=======================================

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_39

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.049000 GHz
Memory total: 1609871360, free: 1229832192

=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_39

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.049000 GHz
Memory total: 1609871360, free: 837287936

Downloaded database version: v2013.09.20.10
Downloaded database version: v2013.09.20.01
=======================================
Initializing...
------------ Kernel report ------------
     09/20/2013 19:44:22
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\System32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
intelide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
IdeBusDr.sys
VolSnap.sys
atapi.sys
IdeChnDr.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
Mup.sys
aswVmm.sys
aswRvrt.sys
agp440.sys
\SystemRoot\System32\DRIVERS\intelppm.sys
\SystemRoot\System32\DRIVERS\ati2mtag.sys
\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\usbohci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\System32\DRIVERS\e100b325.sys
\SystemRoot\system32\drivers\emu10k1f.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\sfman.sys
\SystemRoot\system32\drivers\ctlface.sys
\SystemRoot\System32\DRIVERS\gameenum.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\itchfltr.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\fdc.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\Drivers\GEARAspiWDM.sys
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\intelsmb.sys
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\psched.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\Drivers\Pcouffin.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\System32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\System32\DRIVERS\ipnat.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\DRIVERS\hidusb.sys
\SystemRoot\System32\DRIVERS\HIDCLASS.SYS
\SystemRoot\System32\DRIVERS\usbprint.sys
\SystemRoot\System32\Drivers\BrScnUsb.sys
\SystemRoot\System32\Drivers\BrUsbSer.sys
\SystemRoot\System32\Drivers\BrSerIf.sys
\SystemRoot\System32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\Drivers\dump_IdeChnDr.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\System32\ATMFD.DLL
\??\C:\WINDOWS\system32\drivers\aswMonFlt.sys
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\System32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\TDTCP.SYS
\SystemRoot\System32\Drivers\RDPWD.SYS
\SystemRoot\System32\DRIVERS\ipfltdrv.sys
\??\C:\WINDOWS\system32\drivers\NMSCFG.SYS
\SystemRoot\system32\DRIVERS\psi_mf_x86.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR2
Upper Device Object: 0xffffffff892613c0
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007b\
Lower Device Object: 0xffffffff89063ea0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8a36c760
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0\
Lower Device Object: 0xffffffff8a371030
Lower Device Driver Name: \Driver\IdeChnDr\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8a36c760, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a36c538, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8a36c760, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8a38a3b0, DeviceName: \Device\00000064\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8a371030, DeviceName: \Device\Ide\IdeDeviceP0T0L0\, DriverName: \Driver\IdeChnDr\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E25DE25D

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 398267352
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 203928109056 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-398277088-398297088)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff892613c0, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8927fe08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff892613c0, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff89063ea0, DeviceName: \Device\0000007b\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1005

© Malwarebytes Corporation 2011-2012

OS version: 5.1.2600 Windows XP Service Pack 3 x86

Account is Administrative

Internet Explorer version: 8.0.6001.18702

Java version: 1.6.0_39

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.049000 GHz
Memory total: 1609871360, free: 903405568

Initializing...
======================
------------ Kernel report ------------
     09/20/2013 20:35:53
------------ Loaded modules -----------
\WINDOWS\system32\ntoskrnl.exe
\WINDOWS\system32\hal.dll
\WINDOWS\system32\KDCOM.DLL
\WINDOWS\system32\BOOTVID.dll
ACPI.sys
\WINDOWS\System32\DRIVERS\WMILIB.SYS
pci.sys
isapnp.sys
intelide.sys
\WINDOWS\System32\DRIVERS\PCIIDEX.SYS
MountMgr.sys
ftdisk.sys
dmload.sys
dmio.sys
PartMgr.sys
IdeBusDr.sys
VolSnap.sys
atapi.sys
IdeChnDr.sys
disk.sys
\WINDOWS\System32\DRIVERS\CLASSPNP.SYS
fltmgr.sys
sr.sys
KSecDD.sys
WudfPf.sys
Ntfs.sys
NDIS.sys
Mup.sys
aswVmm.sys
aswRvrt.sys
agp440.sys
\SystemRoot\System32\DRIVERS\intelppm.sys
\SystemRoot\System32\DRIVERS\ati2mtag.sys
\SystemRoot\System32\DRIVERS\VIDEOPRT.SYS
\SystemRoot\System32\DRIVERS\usbohci.sys
\SystemRoot\System32\DRIVERS\USBPORT.SYS
\SystemRoot\System32\DRIVERS\usbehci.sys
\SystemRoot\System32\DRIVERS\e100b325.sys
\SystemRoot\system32\drivers\emu10k1f.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\sfman.sys
\SystemRoot\system32\drivers\ctlface.sys
\SystemRoot\System32\DRIVERS\gameenum.sys
\SystemRoot\System32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\itchfltr.sys
\SystemRoot\System32\DRIVERS\kbdclass.sys
\SystemRoot\System32\DRIVERS\fdc.sys
\SystemRoot\System32\DRIVERS\serial.sys
\SystemRoot\System32\DRIVERS\serenum.sys
\SystemRoot\System32\DRIVERS\parport.sys
\SystemRoot\System32\DRIVERS\imapi.sys
\SystemRoot\system32\drivers\pfc.sys
\SystemRoot\System32\DRIVERS\cdrom.sys
\SystemRoot\System32\DRIVERS\redbook.sys
\SystemRoot\System32\Drivers\GEARAspiWDM.sys
\SystemRoot\System32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\intelsmb.sys
\SystemRoot\System32\DRIVERS\audstub.sys
\SystemRoot\System32\DRIVERS\rasl2tp.sys
\SystemRoot\System32\DRIVERS\ndistapi.sys
\SystemRoot\System32\DRIVERS\ndiswan.sys
\SystemRoot\System32\DRIVERS\raspppoe.sys
\SystemRoot\System32\DRIVERS\raspptp.sys
\SystemRoot\System32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\psched.sys
\SystemRoot\System32\DRIVERS\msgpc.sys
\SystemRoot\System32\DRIVERS\ptilink.sys
\SystemRoot\System32\DRIVERS\raspti.sys
\SystemRoot\System32\Drivers\Pcouffin.sys
\SystemRoot\System32\DRIVERS\rdpdr.sys
\SystemRoot\System32\DRIVERS\termdd.sys
\SystemRoot\System32\DRIVERS\swenum.sys
\SystemRoot\System32\DRIVERS\update.sys
\SystemRoot\System32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\DRIVERS\usbhub.sys
\SystemRoot\System32\DRIVERS\USBD.SYS
\SystemRoot\System32\DRIVERS\flpydisk.sys
\SystemRoot\System32\Drivers\Fs_Rec.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\Drivers\mnmdd.SYS
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\DRIVERS\rasacd.sys
\SystemRoot\system32\DRIVERS\ipsec.sys
\SystemRoot\System32\DRIVERS\tcpip.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\System32\DRIVERS\ipnat.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\DRIVERS\wanarp.sys
\SystemRoot\System32\Drivers\aswRdr.SYS
\SystemRoot\System32\drivers\ws2ifsl.sys
\SystemRoot\System32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\DRIVERS\rdbss.sys
\SystemRoot\System32\DRIVERS\mrxsmb.sys
\SystemRoot\System32\Drivers\Fips.SYS
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\DRIVERS\hidusb.sys
\SystemRoot\System32\DRIVERS\HIDCLASS.SYS
\SystemRoot\System32\Drivers\Cdfs.SYS
\SystemRoot\System32\DRIVERS\usbprint.sys
\SystemRoot\System32\Drivers\BrScnUsb.sys
\SystemRoot\System32\Drivers\BrUsbSer.sys
\SystemRoot\System32\Drivers\BrSerIf.sys
\SystemRoot\System32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\DRIVERS\mouhid.sys
\SystemRoot\System32\Drivers\dump_IdeChnDr.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\System32\watchdog.sys
\SystemRoot\System32\drivers\dxg.sys
\SystemRoot\System32\drivers\dxgthk.sys
\SystemRoot\System32\ati2dvag.dll
\SystemRoot\System32\ati2cqag.dll
\SystemRoot\System32\atikvmag.dll
\SystemRoot\System32\ati3duag.dll
\SystemRoot\System32\ativvaxx.dll
\SystemRoot\System32\ATMFD.DLL
\??\C:\WINDOWS\system32\drivers\aswMonFlt.sys
\??\C:\WINDOWS\system32\drivers\mbam.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\System32\DRIVERS\ndisuio.sys
\SystemRoot\system32\drivers\wdmaud.sys
\SystemRoot\system32\drivers\sysaudio.sys
\SystemRoot\System32\Drivers\ParVdm.SYS
\SystemRoot\System32\Drivers\HTTP.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\Drivers\Fastfat.SYS
\SystemRoot\System32\Drivers\TDTCP.SYS
\SystemRoot\System32\Drivers\RDPWD.SYS
\SystemRoot\System32\DRIVERS\ipfltdrv.sys
\??\C:\WINDOWS\system32\drivers\NMSCFG.SYS
\SystemRoot\system32\DRIVERS\psi_mf_x86.sys
\SystemRoot\system32\drivers\kmixer.sys
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
\WINDOWS\system32\ntdll.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR2
Upper Device Object: 0xffffffff891b03c8
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000007c\
Lower Device Object: 0xffffffff88f34ea0
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xffffffff8a370030
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0\
Lower Device Object: 0xffffffff8a376030
Lower Device Driver Name: \Driver\IdeChnDr\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffffff8a370030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff8a370e08, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff8a370030, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff8a3716c0, DeviceName: \Device\00000065\, DriverName: \Driver\ACPI\
DevicePointer: 0xffffffff8a376030, DeviceName: \Device\Ide\IdeDeviceP0T0L0\, DriverName: \Driver\IdeChnDr\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E25DE25D

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 398267352
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 203928109056 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-398277088-398297088)...
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffffff891b03c8, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xffffffff88fda020, DeviceName: Unknown, DriverName: \Driver\PartMgr\
DevicePointer: 0xffffffff891b03c8, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xffffffff88f34ea0, DeviceName: \Device\0000007c\, DriverName: \Driver\USBSTOR\
------------ End ----------

 

 

 

 

 

 

aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-09-20 23:43:57
-----------------------------
23:43:57.343    OS Version: Windows 5.1.2600 Service Pack 3
23:43:57.343    Number of processors: 2 586 0x207
23:43:57.343    ComputerName: SOFIA-AEXAL2Y6T  UserName: Sofia Meyen
23:43:58.015    Initialize success
23:44:01.781    AVAST engine defs: 13092002
23:44:08.015    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0
23:44:08.015    Disk 0 Vendor: Maxtor_6 YAR4 Size: 194481MB BusType: 3
23:44:08.140    Disk 0 MBR read successfully
23:44:08.140    Disk 0 MBR scan
23:44:08.156    Disk 0 Windows XP default MBR code
23:44:08.156    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       194466 MB offset 63
23:44:08.156    Disk 0 scanning sectors +398267415
23:44:08.250    Disk 0 scanning C:\WINDOWS\system32\drivers
23:44:19.890    Service scanning
23:44:31.750    Modules scanning
23:44:39.625    Disk 0 trace - called modules:
23:44:39.640    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll IdeChnDr.sys
23:44:39.640    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a3721f0]
23:44:39.640    3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000065[0x8a3736b8]
23:44:39.640    5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0[0x8a355030]
23:44:40.328    AVAST engine scan C:\WINDOWS
23:44:52.015    AVAST engine scan C:\WINDOWS\system32
23:47:29.703    AVAST engine scan C:\WINDOWS\system32\drivers
23:47:54.265    AVAST engine scan C:\Documents and Settings\Sofia Meyen
01:03:57.609    AVAST engine scan C:\Documents and Settings\All Users
01:06:24.234    Scan finished successfully
09:14:06.593    Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sofia Meyen\Desktop\Malware fighting stuff\Reports Sofia Desk PC\MBR.dat"
09:14:06.609    The log file has been saved successfully to "C:\Documents and Settings\Sofia Meyen\Desktop\Malware fighting stuff\Reports Sofia Desk PC\aswMBR.txt"

 



#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:53 AM

Posted 21 September 2013 - 11:58 AM


Hello


I want you to reset the DMA you can do this by this script here - Reset DMA

If you have problems when you click on the link try to right click on the link and select "Save Target As" and then save to your desktop.
Once it is on your desktop right click on the file and select "Run"

If you still can't run it then you can go here "Reset DMA" to see what I want to do



Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#11 yoyoam

yoyoam
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 21 September 2013 - 01:29 PM

Hi Gringo,

 

I ran the script, but have not observed any changes.

One thing that I forgot to mention entirely is that on startup the computer beeps and sits there with a black screen for about 15 sec just showing a cursor a couple lines below the top on the left side. This occurs after the initiap strtup of the computer just before it begins to load Windows XP. 

I don't know if this could have any relation to the hard drive issue (none of the other computers do this).

 

thanks



#12 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:53 AM

Posted 21 September 2013 - 09:13 PM


Hello



Please print out these instructions, or copy them to a Notepad file. It will make it easier for you to follow the instructions and complete all of the necessary steps..

Clean Out Temp Files
  • This small application you may want to keep and use once a week to keep the computer clean.

    Download CCleaner from here CCleaner
    • Run the installer to install the application.
    • When it gives you the option to install Yahoo toolbar uncheck the box next to it.
    • Run CCleaner. default settings are fine
    • Click Run Cleaner.
    • Close CCleaner.
: Malwarebytes' Anti-Malware :

I see that you have MBAM installed - That is great!! and at this time I would like you to update it and run me a quick scan
  • Double-click mbam icon
  • go to the update tab at the top
  • click on check for updates
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is Checked (ticked) except items in the C:\System Volume Information folder and click on Remove Selected.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply
    • If you accidentally close it, the log file is saved here and will be named like this:
    • C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.



Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic
"information and logs"
  • In your next post I need the following
    • Log From MBAM
    • report from Hijackthis
    • let me know of any problems you may have had
    • How is the computer doing now?
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#13 yoyoam

yoyoam
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 22 September 2013 - 01:04 AM

Hi Gringo,

 

I ran CCleaner and Malwarebytes again (ran both of them just a couple days ago) as well as hijackthis.

 

all ran without a problem.

 

computer condition unchanged.

 

Thank you.

 

reports below:

 

 Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.09.22.01

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Sofia Meyen :: SOFIA-AEXAL2Y6T [administrator]

Protection: Enabled

9/21/2013 10:10:12 PM
mbam-log-2013-09-21 (22-10-12).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 196266
Time elapsed: 8 minute(s), 15 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

 

 

 

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:53:46 PM, on 9/21/2013
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe
C:\Program Files\Sierra Wireless Inc\Watcher\WaHelper.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre7\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\NMSSvc.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Sofia Meyen\Desktop\Malware fighting stuff\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = http://localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [TRUUpdater] "C:\Program Files\Sierra Wireless Inc\WebUpdater\TRUUpdater.exe" /bkground
O4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files\Sierra Wireless Inc\Watcher\WaHelper.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\Dropbox.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1357877316937
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Unknown owner - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Update Service (gupdate1c9cb8549081488) (gupdate1c9cb8549081488) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: PictureTaker - LANovation - C:\WINDOWS\System32\PCTKRNT.SYS
O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
O23 - Service: Windows Presentation Foundation Font Cache 4.0.0.0 (WPFFontCache_v0400) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe (file missing)

--
End of file - 8489 bytes



#14 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:03:53 AM

Posted 22 September 2013 - 01:08 AM


Greetings

These logs are looking very good, we are almost done!!! Just one more scan to go.

:Remove unneeded start-up entries:

This part of the fix is purely optional
These are programs that start up when you turn on your computer but don't need to be, any of these programs you can click on their icons (or start from the control panel) and start the program when you need it. By stopping these programs you will boot up faster and your computer will work faster.
  • Run HijackThis (rightclick and run as admin)
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    • O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
      O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
      O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
      O4 - Startup: Dropbox.lnk = C:\Documents and Settings\Sofia Meyen\Application Data\Dropbox\bin\Dropbox.exe
      O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe


  • Close all open windows and browsers/email, etc...
  • Click on the "Fix Checked" button
  • When completed, close the application.
    • NOTE**You can research each of those lines >here< and see if you want to keep them or not
      just copy the name between the brackets and paste into the search space
      O4 - HKLM\..\Run: [IntelliPoint]


Eset Online Scanner

**Note** You will need to use Internet explorer for this scan - Vista and win 7 right click on IE shortcut and run as admin

Go Eset web page to run an online scanner from ESET.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • click on the Run ESET Online Scanner button
  • Tick the box next to YES, I accept the Terms of Use.
    • Click Start
  • When asked, allow the add/on to be installed
    • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings, ensure the options
    • Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.

  • Click Scan
  • wait for the virus definitions to be downloaded
  • Wait for the scan to finish
When the scan is complete
  • If no threats were found
    • put a checkmark in "Uninstall application on close"
    • close program
    • report to me that nothing was found
  • If threats were found
    • click on "list of threats found"
    • click on "export to text file" and save it as ESET SCAN and save to the desktop
    • Click on back
    • put a checkmark in "Uninstall application on close"
    • click on finish
    • close program
    • copy and paste the report here
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#15 yoyoam

yoyoam
  • Topic Starter

  • Members
  • 20 posts
  • OFFLINE
  •  
  • Local time:12:53 AM

Posted 22 September 2013 - 01:47 PM

Hi Gringo,



Startup seems a little faster since I disabled the programs you listed, but at the end the harddrive is still running for some time while cpu usage is low.



Thank you



Johannes



ESET scan report:



C:\Documents and Settings\Sofia Meyen\Desktop\JOHANNES Current\software downloads\couponprinter.exe probably a variant of Win32/Adware.Softomate.AD application
C:\Documents and Settings\Sofia Meyen\Desktop\PROGRAMS\pdfsam-x86-v2_2_2.exe Win32/OpenCandy application
C:\Documents and Settings\Sofia Meyen\My Documents\Downloads\KeyFinderInstaller.exe Win32/OpenCandy application
C:\Qoobox\Quarantine\C\Documents and Settings\Sofia Meyen\Local Settings\Application Data\vixjxwgt.exe.vir Win32/TrojanDownloader.Zortob.B trojan
C:\System Volume Information\_restore{CB4A1614-7C9D-4B54-AABB-B6980237CA62}\RP1118\A0132368.exe a variant of Win32/OpenCandy.A application

 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users