Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Explorer.exe Virus Hijacking on Windows XP - Need Urgent Help


  • Please log in to reply
48 replies to this topic

#1 BONES572

BONES572

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 24 October 2013 - 10:47 AM

Greetings,

 

  I need serious help.  I have a Dell - Windows XP SP3 desktop that has contracted what I believe to be the Explorer.exe virus...and my comp was virtually unprotected.  It has disabled my Windows Explorer and hijacked my Internet Explorer.  I have downloaded Malwarebytes, Super Anti Spyware and ran ran the MRT Malware Removal Tool, which has not solved the problem.  If anything, it has made it worse.  I am getting continous and rapid opening of folder icons on my taskbar, which is opening random wierd websites.  Malwarebytes has been blocking a lot of them, but some are still opening up.  I have opened Regedit and looked under HKEY_LOCAL_MACHINE. Software,Microsoft,Windows NT,Current Version, Image File Execution Options and tried to find the "explorer.exe" but I can't find it to delete it.  I have also looked under Winlog Shell for the file and can't find it there.  When I log on normally my CPU usage jumps to 100% and I see explorer.exe popping up numerous times.  I have also seen "ctfmom.exe," "svchost.exe," and "realplay.exe" popping up as well.  I have absolutely no idea what to do and don't have any extra cash to pay a Computer Guru to fix my machine.  I have spent over three nights trying to free our computer and my wife is ready to kill me.  All our family photos and videos are on this machine with no backup...I know...I am an idiot!!!

 

 

Please help.  I am pretty good at following instructions, but have no idea what to look for now.  Thank you in advance!

 

 

BONES572



BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:39 PM

Posted 24 October 2013 - 02:00 PM

Hello and welcome to BleepingComputer, BONES572.

 

Please run the following tools for me and post the logs in your next reply. Please can refrain from making changes to your computer as it makes my job more difficult. Also please tell me how your computer is running after these scans.

 

Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
 

rKill.exehttp://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
 

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

 

--------

 

Please open Malwarebytes' Anti-Malware

  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Post the log back here.

 

--------

 

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
  • List Restore Points

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

 

--------

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!

  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#3 Netghost56

Netghost56

  • Members
  • 973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:39 PM

Posted 24 October 2013 - 03:03 PM

Is it ctfmon.exe or ctfmom.exe?? The first one is a legit executable.

 

Sounds like a fake realplayer app - did you recently download an audio file or a audio program??

 

To wit, Real Player is a legit program, but there are counterfeits out there that look like Real player but are actually malware.

 

Always download software from the creator's website, if at all possible.


Edited by Netghost56, 24 October 2013 - 03:07 PM.


#4 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:39 PM

Posted 24 October 2013 - 03:17 PM

Svchost.exe is a legitimate Windows file, as is explorer.exe. They should not be touched or messed with.

Realplay.exe is part of Realplayer, a media player, probably something you installed or was bundled with other software. I'll deal with that later if it's not something you want once I am sure there is no malware.

Just a note to add, if you have trouble running these programs then run what you can and tell me about the problems.

xXToffeeXx~

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#5 BONES572

BONES572
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 24 October 2013 - 07:33 PM

Hi Toffee,

 

Thanks for the reply.  I greatly appreciate your assistance!!!  I did the following while logged in under Safe mode with Networking ( I don't know if that matters or not?)  I got one Rkill log while running Windows normal and then the CPU usage skyrocketed to 100% and back to 2% and froze.  Here are my logs.  The TDDS scan showed a Root Kill item I believe.  I await further guidance.  My Sincere gratitude!  BONES572

 

 

 

Rkill logs.  I did two; one while logged in as normally I think and one under the Safe Mode with Networking.

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/24/2013 06:56:39 PM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Manual

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * Automatic Updates (wuauserv) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 10/24/2013 06:57:56 PM
Execution time: 0 hours(s), 1 minute(s), and 16 seconds(s)

 

#2

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/24/2013 06:56:39 PM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Manual

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * Automatic Updates (wuauserv) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1       localhost

Program finished at: 10/24/2013 06:57:56 PM
Execution time: 0 hours(s), 1 minute(s), and 16 seconds(s)


 

 

 

 

When running Malware Bytes...  I got the Blue Screen of Death with the following Technical Information

 

Stop 0x000000F4 (0x00000003, 0x8A663BE0, 0x8A663D54, 0x80605682)

 

 

 

 

 

MiniToolBox by Farbar  Version: 13-07-2013
Ran by Administrator (administrator) on 24-10-2013 at 19:03:25
Running from "C:\Documents and Settings\Administrator\My Documents\Downloads"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================


Windows IP Configuration



Successfully flushed the DNS Resolver Cache.


========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================


127.0.0.1       localhost

========================= IP Configuration: ================================

Intel® PRO/100 VE Network Connection = Local Area Connection (Connected)


# ----------------------------------
# Interface IP Configuration         
# ----------------------------------
pushd interface ip


# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp


popd
# End of interface IP configuration




Windows IP Configuration



        Host Name . . . . . . . . . . . . : DJ5GHL91

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : Yes



Ethernet adapter Local Area Connection:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-13-20-D2-DE-E7

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.10.100

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        IP Address. . . . . . . . . . . . : ?

        Default Gateway . . . . . . . . . : 192.168.10.1

        DHCP Server . . . . . . . . . . . : 192.168.10.1

        DNS Servers . . . . . . . . . . . : 192.168.10.1

                                            ?

                                            ?

                                            ?

        Lease Obtained. . . . . . . . . . : Thursday, October 24, 2013 18:29:58

        Lease Expires . . . . . . . . . . : Thursday, October 31, 2013 18:29:58



Tunnel adapter Teredo Tunneling Pseudo-Interface:



        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

        Physical Address. . . . . . . . . : FF-FF-FF-FF-FF-FF-FF-FF

        Dhcp Enabled. . . . . . . . . . . : No

        IP Address. . . . . . . . . . . . : ?

        Default Gateway . . . . . . . . . :

        NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  UnKnown
Address:  192.168.10.1

Name:    google.com
Addresses:  74.125.228.65, 74.125.228.66, 74.125.228.67, 74.125.228.68
      74.125.228.69, 74.125.228.70, 74.125.228.71, 74.125.228.72, 74.125.228.73
      74.125.228.78, 74.125.228.64



Pinging google.com [74.125.228.64] with 32 bytes of data:



Reply from 74.125.228.64: bytes=32 time=39ms TTL=50

Reply from 74.125.228.64: bytes=32 time=42ms TTL=50



Ping statistics for 74.125.228.64:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 39ms, Maximum = 42ms, Average = 40ms

Server:  UnKnown
Address:  192.168.10.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24



Pinging yahoo.com [98.139.183.24] with 32 bytes of data:



Reply from 98.139.183.24: bytes=32 time=57ms TTL=50

Reply from 98.139.183.24: bytes=32 time=127ms TTL=50



Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 57ms, Maximum = 127ms, Average = 92ms



Pinging 127.0.0.1 with 32 bytes of data:



Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128



Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 13 20 d2 de e7 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0     192.168.10.1  192.168.10.100      20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1      1
     192.168.10.0    255.255.255.0   192.168.10.100  192.168.10.100      20
   192.168.10.100  255.255.255.255        127.0.0.1       127.0.0.1      20
   192.168.10.255  255.255.255.255   192.168.10.100  192.168.10.100      20
        224.0.0.0        240.0.0.0   192.168.10.100  192.168.10.100      20
  255.255.255.255  255.255.255.255   192.168.10.100  192.168.10.100      1
Default Gateway:      192.168.10.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/24/2013 02:49:05 PM) (Source: Application Error) (User: )
Description: Faulting application , version 0.0.0.0, faulting module unknown, version 0.0.0.0, fault address 0x00000000.
Processing media-specific event for [!ws!]

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)

Error: (10/20/2013 00:52:27 PM) (Source: .NET Runtime) (User: )
Description: .NET Runtime version 2.0.50727.3649 - Fatal Execution Engine Error (7A0BD156) (80131506)


System errors:
=============
Error: (10/24/2013 06:58:46 PM) (Source: DCOM) (User: DJ5GHL91)
Description: DCOM got error "%%1084" attempting to start the service StiSvc with arguments ""
in order to run the server:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}

Error: (10/24/2013 06:33:20 PM) (Source: 0) (User: )
Description: \Device\Ide\IdePort1

Error: (10/24/2013 06:31:11 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Cdrom
ESProtectionDriver
Fips
Imapi
intelppm
redbook
SASDIFSV
SASKUTIL

Error: (10/24/2013 06:30:40 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: DCOM got error "%%1084" attempting to start the service EventSystem with arguments ""
in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (10/24/2013 06:17:28 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.

Error: (10/24/2013 06:14:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {7F6316B4-4D69-4765-B0A3-B2598F2FA80A} did not register with DCOM within the required timeout.

Error: (10/24/2013 06:14:34 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ESProtectionDriver

Error: (10/24/2013 06:14:28 PM) (Source: Service Control Manager) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error:
%%1053

Error: (10/24/2013 06:14:28 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Google Update Service (gupdate) service to connect.

Error: (10/24/2013 06:14:28 PM) (Source: Service Control Manager) (User: )
Description: The Panasonic Digital Palmcorder service failed to start due to the following error:
%%2


Microsoft Office Sessions:
=========================
Error: (04/11/2013 03:18:15 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 110134 seconds with 2520 seconds of active time.  This session ended with a crash.


=========================== Installed Programs ============================

Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Shockwave Player 11.6 (Version: 11.6.5.635)
AOLIcon (Version: 1.00.0000)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ArcSoft MediaImpression for Kodak (Version: 2.0.24.1216)
AVG 2014 (Version: 14.0.3614)
AVG SafeGuard toolbar (Version: 17.0.1.12)
Bing Rewards Client Installer (Version: 16.0.345.0)
Bonjour (Version: 3.0.0.10)
C751 Verizon Tool Launcher (Version: 1.0.1)
Canon MP Navigator EX 1.0
Canon MX310 series User Registration
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
CASIO USB Driver V1.5.1.0423 (Version: 1.5.1.0423)
Conexant D850 56K V.9x DFVc Modem
DB VGA Cam (Version: 1.0)
Dell CinePlayer (Version: 3.0)
Dell Driver Reset Tool (Version: 1.02.0000)
Dell System Restore (Version: 2.00.0000)
DellSupport (Version: 6.0.3062)
Digital Content Portal (Version: 1.00.0000)
Digital Line Detect (Version: 1.10)
ELIcon (Version: 1.00.0000)
Garmin Lifetime Updater (Version: 2.1.6)
GemMaster Mystic
Get High Speed Internet! (Version: 1.00.0000)
Google (Version: 1.00.0000)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.5.4601.54)
Google Update Helper (Version: 1.3.21.165)
G'zOne C751Upgrader (Version: 1.0.0)
Intel® Graphics Media Accelerator Driver (Version: 6.14.10.4410)
Intel® PRO Network Connections Drivers
Intel® PROSet for Wired Connections (Version: 9.20.0000)
iTunes (Version: 11.1.0.126)
Java 2 Runtime Environment, SE v1.4.2_03 (Version: 1.4.2_03)
Java Auto Updater (Version: 2.0.2.1)
Java™ 6 Update 20 (Version: 6.0.200)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MCU (Version: 1.00.0000)
Microsoft .NET Framework 1.0 Security Update (KB2698035)
Microsoft .NET Framework 1.0 Security Update (KB2742607)
Microsoft .NET Framework 1.0 Security Update (KB2833951)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Word Viewer 2003 (Version: 11.0.8173.0)
Microsoft Plus! Digital Media Edition Installer (Version: 1.1.0.3514)
Microsoft Plus! Photo Story 2 LE (Version: 1.1.0.3463)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (Version: 9.0.21022.218)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
MobileMe Control Panel (Version: 3.1.5.0)
Modem Helper (Version: 2.40)
Mozilla Firefox 24.0 (x86 en-US) (Version: 24.0)
Mozilla Maintenance Service (Version: 24.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NetZeroInstallers (Version: 1.0.0)
Otto
PictureMover (Version: 3.2.1.12)
Presto! PageManager 7.15.16 (Version: 7.15.16)
QuickTime (Version: 7.71.80.42)
RealPlayer Basic
Roxio DLA (Version: 5.2.0)
Roxio MyDVD LE (Version: 6.1.6)
Roxio RecordNow Audio (Version: 2.0.4)
Roxio RecordNow Copy (Version: 2.0.4)
Roxio RecordNow Data (Version: 2.0.4)
SA25x5 & SA26x5 Device Manager (Version: 01.01.00.1020)
SAMSUNG USB Driver for Mobile Phones (Version: 1.3.550.0)
Sonic Activation Module (Version: 1.0)
Sonic Encoders (Version: 1.00)
SUPERAntiSpyware (Version: 5.6.1040)
swMSM (Version: 12.0.0.1)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Zip Extractor
URL Assistant
Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (Version: 1.13.0103)
Verizon Wireless Software Upgrade Assistant - Samsung (Version: 1.13.0602)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VoiceOver Kit (Version: 1.40.128.0)
WebCyberCoach 3.2 Dell
WebFldrs XP (Version: 9.50.7523)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10 (Version: 9.00.3636)
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information]
Windows XP Service Pack 3 (Version: 20080414.031525)
Zip Extractor Packages

========================= Devices: ================================

Name: SONY DVD-ROM DDU1615
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.

Name: PHILIPS DVD+-RW DVD8701
Description: CD-ROM Drive
Class Guid: {4D36E965-E325-11CE-BFC1-08002BE10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.


========================= Memory info: ===================================

Percentage of memory in use: 31%
Total physical RAM: 2037.97 MB
Available physical RAM: 1405.73 MB
Total Pagefile: 2260.44 MB
Available Pagefile: 1815.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1977.29 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:69.82 GB) (Free:3.51 GB) NTFS
2 Drive f: (New Volume) (Fixed) (Total:219.72 GB) (Free:163.65 GB) NTFS
3 Drive g: (New Volume) (Fixed) (Total:246.04 GB) (Free:226.69 GB) NTFS

========================= Users: ========================================

User accounts for \\DJ5GHL91

Administrator            AMY                      AMYLIA                   
ASPNET                   Guest                    HelpAssistant            
MIKE  ANGER              SAMANTHA                 SUPPORT_388945a0         

========================= Minidump Files ==================================

C:\WINDOWS\Minidump\Mini012012-01.dmp
C:\WINDOWS\Minidump\Mini013010-01.dmp
C:\WINDOWS\Minidump\Mini031711-01.dmp
C:\WINDOWS\Minidump\Mini033011-01.dmp
C:\WINDOWS\Minidump\Mini101009-01.dmp
C:\WINDOWS\Minidump\Mini102013-01.dmp
C:\WINDOWS\Minidump\Mini102013-02.dmp
C:\WINDOWS\Minidump\Mini102213-01.dmp
C:\WINDOWS\Minidump\Mini120509-01.dmp
C:\WINDOWS\Minidump\Mini122009-01.dmp
C:\WINDOWS\Minidump\Mini122609-01.dmp
C:\WINDOWS\Minidump\Mini122609-02.dmp
========================= Restore Points ==================================

22-10-2013 03:49:01 Installed Windows XP KB2820197.

**** End of log ****

 

 

TDSS LOG

 

20:05:53.0578 0x0898  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
20:06:00.0593 0x0898  ============================================================
20:06:00.0593 0x0898  Current date / time: 2013/10/24 20:06:00.0593
20:06:00.0593 0x0898  SystemInfo:
20:06:00.0593 0x0898  
20:06:00.0593 0x0898  OS Version: 5.1.2600 ServicePack: 3.0
20:06:00.0593 0x0898  Product type: Workstation
20:06:00.0593 0x0898  ComputerName: DJ5GHL91
20:06:00.0593 0x0898  UserName: Administrator
20:06:00.0593 0x0898  Windows directory: C:\WINDOWS
20:06:00.0593 0x0898  System windows directory: C:\WINDOWS
20:06:00.0593 0x0898  Processor architecture: Intel x86
20:06:00.0593 0x0898  Number of processors: 2
20:06:00.0593 0x0898  Page size: 0x1000
20:06:00.0593 0x0898  Boot type: Safe boot with network
20:06:00.0593 0x0898  ============================================================
20:06:09.0656 0x0898  System UUID: {29EAA4C9-E121-A3A1-FD5E-3C55EE6AB28B}
20:06:12.0125 0x0898  Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:06:12.0125 0x0898  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
20:06:12.0140 0x0898  ============================================================
20:06:12.0140 0x0898  \Device\Harddisk0\DR0:
20:06:12.0140 0x0898  MBR partitions:
20:06:12.0140 0x0898  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x8BA231A
20:06:12.0140 0x0898  \Device\Harddisk1\DR1:
20:06:12.0140 0x0898  MBR partitions:
20:06:12.0140 0x0898  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1B77220C
20:06:12.0156 0x0898  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x1B77228A, BlocksNum 0x1EC129B7
20:06:12.0156 0x0898  ============================================================
20:06:12.0234 0x0898  C: <-> \Device\Harddisk0\DR0\Partition1
20:06:12.0312 0x0898  F: <-> \Device\Harddisk1\DR1\Partition1
20:06:12.0500 0x0898  G: <-> \Device\Harddisk1\DR1\Partition2
20:06:12.0546 0x0898  ============================================================
20:06:12.0546 0x0898  Initialize success
20:06:12.0546 0x0898  ============================================================
20:08:26.0593 0x0958  ============================================================
20:08:26.0593 0x0958  Scan started
20:08:26.0593 0x0958  Mode: Manual;
20:08:26.0593 0x0958  ============================================================
20:08:26.0593 0x0958  KSN ping started
20:08:29.0265 0x0958  KSN ping finished: true
20:08:30.0890 0x0958  ================ Scan system memory ========================
20:08:30.0890 0x0958  System memory - ok
20:08:30.0890 0x0958  ================ Scan services =============================
20:08:31.0031 0x0958  [ 51F207D5A9E7B2E76BEE59C05CCC23C4, BE78957DD197777D899FAFBBE71E2FDB5DB9AC6AC4F1595A562FD362429BED6B ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
20:08:31.0078 0x0958  !SASCORE - ok
20:08:31.0765 0x0958  [ C07D5197410AAB28D0D93F943F59656D, 482164BA2B57C7026A7DF3213E0AC59B752A898D9B880BC0629F9CADD05D2894 ] 6to4            C:\WINDOWS\System32\6to4svc.dll
20:08:31.0796 0x0958  6to4 - ok
20:08:31.0875 0x0958  Abiosdsk - ok
20:08:31.0937 0x0958  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
20:08:31.0937 0x0958  abp480n5 - ok
20:08:32.0078 0x0958  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:08:32.0125 0x0958  ACDaemon - ok
20:08:32.0250 0x0958  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
20:08:32.0312 0x0958  ACPI - ok
20:08:32.0359 0x0958  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
20:08:32.0359 0x0958  ACPIEC - ok
20:08:32.0562 0x0958  [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:08:32.0656 0x0958  AdobeFlashPlayerUpdateSvc - ok
20:08:32.0718 0x0958  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
20:08:32.0765 0x0958  adpu160m - ok
20:08:32.0859 0x0958  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
20:08:32.0906 0x0958  aec - ok
20:08:32.0968 0x0958  [ FE3EA6E9AFC1A78E6EDCA121E006AFB7, B596ABBAC058D93C505C9DBF8685049C88E4364195A4092DB580D2D44FA8C23C ] Afc             C:\WINDOWS\system32\drivers\Afc.sys
20:08:32.0968 0x0958  Afc - ok
20:08:33.0062 0x0958  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
20:08:33.0109 0x0958  AFD - ok
20:08:33.0187 0x0958  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
20:08:33.0203 0x0958  agp440 - ok
20:08:33.0234 0x0958  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
20:08:33.0250 0x0958  agpCPQ - ok
20:08:33.0281 0x0958  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
20:08:33.0281 0x0958  Aha154x - ok
20:08:33.0343 0x0958  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
20:08:33.0359 0x0958  aic78u2 - ok
20:08:33.0406 0x0958  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
20:08:33.0437 0x0958  aic78xx - ok
20:08:33.0500 0x0958  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
20:08:33.0500 0x0958  Alerter - ok
20:08:33.0546 0x0958  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
20:08:33.0562 0x0958  ALG - ok
20:08:33.0609 0x0958  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
20:08:33.0609 0x0958  AliIde - ok
20:08:33.0656 0x0958  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
20:08:33.0671 0x0958  alim1541 - ok
20:08:33.0734 0x0958  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
20:08:33.0750 0x0958  amdagp - ok
20:08:33.0796 0x0958  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
20:08:33.0796 0x0958  amsint - ok
20:08:33.0906 0x0958  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:08:33.0937 0x0958  Apple Mobile Device - ok
20:08:34.0046 0x0958  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
20:08:34.0109 0x0958  AppMgmt - ok
20:08:34.0187 0x0958  [ A82F1A1B09593C73EFD02A59DC94920C, E7FA98F15F5CC55C92F23191E6EE9ABBCDD700A8EBC6B3CFEC2F5FB38592C42E ] ArcCD           C:\WINDOWS\system32\drivers\ArcCD.sys
20:08:34.0203 0x0958  ArcCD - ok
20:08:34.0234 0x0958  [ 1AF9061B61741A912368AB4DC309D25E, 37713822E7531B4C426DBD1C2FC0261655225FFC4644366ECC25131B7B550C33 ] ArcRec          C:\WINDOWS\system32\drivers\ArcRec.sys
20:08:34.0234 0x0958  ArcRec - ok
20:08:34.0328 0x0958  [ 3EE9E41102A2C6B8F7DBAD5D44ABDA05, 5DCBEDF6B7AD60ED8AC581336B54E7BB79AC158D1CCEBE789CE8B465A1F74ABC ] ArcUdfs         C:\WINDOWS\system32\drivers\ArcUdfs.sys
20:08:34.0390 0x0958  ArcUdfs - ok
20:08:34.0437 0x0958  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
20:08:34.0453 0x0958  asc - ok
20:08:34.0468 0x0958  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
20:08:34.0484 0x0958  asc3350p - ok
20:08:34.0515 0x0958  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
20:08:34.0515 0x0958  asc3550 - ok
20:08:34.0578 0x0958  [ D880831279ED91F9A4190A2DB9539EA9, EAF7D48E026C99EE9C4BC838A3004966517F948051B39DA5B5072F6DE81165AB ] ASCTRM          C:\WINDOWS\system32\drivers\ASCTRM.sys
20:08:34.0578 0x0958  ASCTRM - ok
20:08:34.0812 0x0958  [ 776ACEFA0CA9DF0FAA51A5FB2F435705, 72DF7ED6B085BC468994F5B3189506FD726A9A17A9C42ACA1E420D787691361D ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
20:08:34.0953 0x0958  aspnet_state - ok
20:08:35.0015 0x0958  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
20:08:35.0015 0x0958  AsyncMac - ok
20:08:35.0093 0x0958  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
20:08:35.0109 0x0958  atapi - ok
20:08:35.0125 0x0958  Atdisk - ok
20:08:35.0187 0x0958  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
20:08:35.0203 0x0958  Atmarpc - ok
20:08:35.0265 0x0958  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
20:08:35.0281 0x0958  AudioSrv - ok
20:08:35.0328 0x0958  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
20:08:35.0328 0x0958  audstub - ok
20:08:35.0406 0x0958  [ 15ACA2AD17ACECA4814F249783E63AD3, AB8E74A5B8FC2FD04BA2B495610A8BE76408E9362A447D7069D5AAB8F3512F33 ] avgtp           C:\WINDOWS\system32\drivers\avgtpx86.sys
20:08:35.0406 0x0958  avgtp - ok
20:08:35.0515 0x0958  [ D466BAC7B0F83F075CB3A6D9D11BA799, 9704AF0120FFD8CAAE9881015DEDB71A20B78EC806BFE93ACD122DA127ADAED1 ] BackupStack     C:\Program Files\MyPC Backup\BackupStack.exe
20:08:35.0531 0x0958  BackupStack - ok
20:08:35.0609 0x0958  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:08:35.0609 0x0958  Beep - ok
20:08:35.0796 0x0958  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
20:08:35.0937 0x0958  BITS - ok
20:08:36.0187 0x0958  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:08:36.0328 0x0958  Bonjour Service - ok
20:08:36.0406 0x0958  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
20:08:36.0421 0x0958  Browser - ok
20:08:36.0437 0x0958  bvrp_pci - ok
20:08:36.0515 0x0958  [ 82D55313CBA91BB399840B93D6BE79A5, 3CB7992899FF547EFB5172633209F119EF7E29BAC3737ECC468808A78437D560 ] C751BUS         C:\WINDOWS\system32\DRIVERS\C751BUS.sys
20:08:36.0531 0x0958  C751BUS - ok
20:08:36.0609 0x0958  [ 307FF3CCCC9D683C3EC6A9B7737E9E8B, 56057B5034B322E512773E95C46F3197A68E1AB9390627F1376019183D1A828B ] C751Mdm         C:\WINDOWS\system32\DRIVERS\C751Mdm.sys
20:08:36.0671 0x0958  C751Mdm - ok
20:08:36.0765 0x0958  [ E1E7C808EAB9791E0DBB3F6C0E99AD62, 5E74144FB0131C5D71051E15C3F6089318EE1E84F4FB326A1A316A8E104F82C5 ] C751Vsp         C:\WINDOWS\system32\DRIVERS\C751Vsp.sys
20:08:36.0812 0x0958  C751Vsp - ok
20:08:36.0859 0x0958  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
20:08:36.0875 0x0958  cbidf - ok
20:08:36.0890 0x0958  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
20:08:36.0890 0x0958  cbidf2k - ok
20:08:36.0953 0x0958  [ 0BE5AEF125BE881C4F854C554F2B025C, 1770DD70B3F115A0EF460907DEDC1E4B7241C08615A98F194D61A49C3E2BAA54 ] CCDECODE        C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
20:08:36.0953 0x0958  CCDECODE - ok
20:08:37.0000 0x0958  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
20:08:37.0000 0x0958  cd20xrnt - ok
20:08:37.0046 0x0958  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
20:08:37.0046 0x0958  Cdaudio - ok
20:08:37.0109 0x0958  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
20:08:37.0140 0x0958  Cdfs - ok
20:08:37.0187 0x0958  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
20:08:37.0203 0x0958  Cdrom - ok
20:08:37.0218 0x0958  Changer - ok
20:08:37.0296 0x0958  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
20:08:37.0296 0x0958  CiSvc - ok
20:08:37.0359 0x0958  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
20:08:37.0375 0x0958  ClipSrv - ok
20:08:37.0718 0x0958  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:08:37.0765 0x0958  clr_optimization_v2.0.50727_32 - ok
20:08:37.0875 0x0958  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:08:38.0203 0x0958  clr_optimization_v4.0.30319_32 - ok
20:08:38.0218 0x0958  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
20:08:38.0234 0x0958  CmdIde - ok
20:08:38.0234 0x0958  COMSysApp - ok
20:08:38.0312 0x0958  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
20:08:38.0312 0x0958  Cpqarray - ok
20:08:38.0375 0x0958  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
20:08:38.0390 0x0958  CryptSvc - ok
20:08:38.0484 0x0958  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
20:08:38.0546 0x0958  dac2w2k - ok
20:08:38.0562 0x0958  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
20:08:38.0578 0x0958  dac960nt - ok
20:08:38.0781 0x0958  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:08:38.0921 0x0958  DcomLaunch - ok
20:08:39.0015 0x0958  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
20:08:39.0062 0x0958  Dhcp - ok
20:08:39.0093 0x0958  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
20:08:39.0109 0x0958  Disk - ok
20:08:39.0187 0x0958  [ E2D0DE31442390C35E3163C87CB6A9EB, 399B4678C18DB92AC186128CE8AC2784FFCD76FDE9DBD4615D47586E3493914E ] DLABOIOM        C:\WINDOWS\system32\DLA\DLABOIOM.SYS
20:08:39.0203 0x0958  DLABOIOM - ok
20:08:39.0234 0x0958  [ D979BEBCF7EDCC9C9EE1857D1A68C67B, 936450704E4F2ADA6FB87F827C042FEC67F67C83D361F858F5F41AA6E8B7256D ] DLACDBHM        C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
20:08:39.0234 0x0958  DLACDBHM - ok
20:08:39.0250 0x0958  [ 83545593E297F50A8E2524B4C071A153, 25B18FEF62395ABB1EB4C17D81D9EB31759F6C5DBAA5CDB192949055D69E3071 ] DLADResN        C:\WINDOWS\system32\DLA\DLADResN.SYS
20:08:39.0250 0x0958  DLADResN - ok
20:08:39.0312 0x0958  [ 96E01D901CDC98C7817155CC057001BF, 77F78754230D9235255F6F4907ACB03D9750E12B9D92B8250DD1DFF605DD2E5B ] DLAIFS_M        C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
20:08:39.0343 0x0958  DLAIFS_M - ok
20:08:39.0359 0x0958  [ 0A60A39CC5E767980A31CA5D7238DFA9, 09826251C384F2E62ABFAA2097007D75B51DB29EAEF13D46174FBE5A3FE3E433 ] DLAOPIOM        C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
20:08:39.0375 0x0958  DLAOPIOM - ok
20:08:39.0390 0x0958  [ 9FE2B72558FC808357F427FD83314375, 37CCBC46ADCFD3B165A383589786C715006767EEFC8D6559C621745B72F9E59F ] DLAPoolM        C:\WINDOWS\system32\DLA\DLAPoolM.SYS
20:08:39.0390 0x0958  DLAPoolM - ok
20:08:39.0437 0x0958  [ 7EE0852AE8907689DF25049DCD2342E8, A5F08D78200F5CB02539C87EA574EB34F0C330C290D7BE5D21ED42B0E04E5CF4 ] DLARTL_N        C:\WINDOWS\system32\Drivers\DLARTL_N.SYS
20:08:39.0437 0x0958  DLARTL_N - ok
20:08:39.0484 0x0958  [ F08E1DAFAC457893399E03430A6A1397, 0784ACE7CA81313A5A8E7B7CCCAFF21E607251FEF604574FDCC81A3AFC6FD127 ] DLAUDFAM        C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
20:08:39.0531 0x0958  DLAUDFAM - ok
20:08:39.0578 0x0958  [ E7D105ED1E694449D444A9933DF8E060, DA66408DF44AB7099BEEED82C21A93F65A04C6FCDBA1D2F5791852EF9FE74D0D ] DLAUDF_M        C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
20:08:39.0609 0x0958  DLAUDF_M - ok
20:08:39.0625 0x0958  dmadmin - ok
20:08:39.0968 0x0958  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
20:08:40.0234 0x0958  dmboot - ok
20:08:40.0343 0x0958  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
20:08:40.0390 0x0958  dmio - ok
20:08:40.0453 0x0958  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
20:08:40.0453 0x0958  dmload - ok
20:08:40.0484 0x0958  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
20:08:40.0484 0x0958  dmserver - ok
20:08:40.0546 0x0958  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
20:08:40.0562 0x0958  DMusic - ok
20:08:40.0625 0x0958  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:08:40.0625 0x0958  Dnscache - ok
20:08:40.0734 0x0958  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:08:40.0781 0x0958  Dot3svc - ok
20:08:40.0828 0x0958  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
20:08:40.0843 0x0958  dpti2o - ok
20:08:40.0859 0x0958  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:08:40.0859 0x0958  drmkaud - ok
20:08:40.0906 0x0958  [ FD0F95981FEF9073659D8EC58E40AA3C, 9EF2D538A90276DFF72BCE0E9A3AF50E607F2FD17B9EE46506156FBF3FC9E970 ] DRVMCDB         C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
20:08:40.0937 0x0958  DRVMCDB - ok
20:08:40.0968 0x0958  [ B4869D320428CDC5EC4D7F5E808E99B5, A84D1D65E84C0B17CE48188AD95DF52E1FEF785E6C6415E028CB5F7F4F31C466 ] DRVNDDM         C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
20:08:40.0984 0x0958  DRVNDDM - ok
20:08:41.0093 0x0958  [ FE80901578E7E3DA70299A5AEB2B7FBD, E68E8BAAA37AE26318BE8C084CFDD9040E97714C75EAA64B9720AB41FB1C9EF5 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
20:08:41.0125 0x0958  DSBrokerService - ok
20:08:41.0171 0x0958  [ 413F2D5F9D802688242C23B38F767ECB, 6D5B6B8FC6E8E45555C444D3E881D3E44DE4C6F2602ADBB4D0E8E9F834089827 ] DSproct         C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
20:08:41.0187 0x0958  DSproct - ok
20:08:41.0203 0x0958  [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18DB46F49859D1C7 ] dsunidrv        C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
20:08:41.0218 0x0958  dsunidrv - ok
20:08:41.0328 0x0958  [ 95974E66D3DE4951D29E28E8BC0B644C, 5737A2FB4D95AAB61A50E25CC570D78FC91C1A7B02754211B1B57DC4209A7D58 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
20:08:41.0375 0x0958  E100B - ok
20:08:41.0437 0x0958  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
20:08:41.0453 0x0958  EapHost - ok
20:08:41.0609 0x0958  [ 8301243BDE5B6CD316D79C0191D50D9A, 6F7435ED1B597B15EFF596F7D866945A7A6D485EF4D0C1A7C63DDDCE11AC0872 ] ehRecvr         C:\WINDOWS\eHome\ehRecvr.exe
20:08:41.0703 0x0958  ehRecvr - ok
20:08:41.0765 0x0958  [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE26544F90B78689EEF9 ] ehSched         C:\WINDOWS\eHome\ehSched.exe
20:08:41.0796 0x0958  ehSched - ok
20:08:41.0859 0x0958  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
20:08:41.0875 0x0958  ERSvc - ok
20:08:41.0906 0x0958  ESProtectionDriver - ok
20:08:42.0000 0x0958  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
20:08:42.0015 0x0958  Eventlog - ok
20:08:42.0156 0x0958  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
20:08:42.0250 0x0958  EventSystem - ok
20:08:42.0359 0x0958  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
20:08:42.0406 0x0958  Fastfat - ok
20:08:42.0515 0x0958  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
20:08:42.0562 0x0958  FastUserSwitchingCompatibility - ok
20:08:42.0718 0x0958  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:08:42.0828 0x0958  Fax - ok
20:08:42.0859 0x0958  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
20:08:42.0875 0x0958  Fdc - ok
20:08:42.0906 0x0958  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
20:08:42.0921 0x0958  Fips - ok
20:08:42.0984 0x0958  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
20:08:43.0000 0x0958  Flpydisk - ok
20:08:43.0093 0x0958  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:08:43.0140 0x0958  FltMgr - ok
20:08:43.0250 0x0958  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
20:08:43.0281 0x0958  FontCache3.0.0.0 - ok
20:08:43.0312 0x0958  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:08:43.0312 0x0958  Fs_Rec - ok
20:08:43.0421 0x0958  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
20:08:43.0468 0x0958  Ftdisk - ok
20:08:43.0531 0x0958  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:08:43.0562 0x0958  GEARAspiWDM - ok
20:08:43.0625 0x0958  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
20:08:43.0640 0x0958  Gpc - ok
20:08:43.0796 0x0958  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
20:08:43.0843 0x0958  gupdate - ok
20:08:43.0906 0x0958  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:08:43.0921 0x0958  gupdatem - ok
20:08:44.0046 0x0958  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:08:44.0109 0x0958  gusvc - ok
20:08:44.0203 0x0958  [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus        C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
20:08:44.0218 0x0958  HDAudBus - ok
20:08:44.0343 0x0958  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
20:08:44.0343 0x0958  helpsvc - ok
20:08:44.0359 0x0958  HidServ - ok
20:08:44.0421 0x0958  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
20:08:44.0421 0x0958  HidUsb - ok
20:08:44.0500 0x0958  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
20:08:44.0515 0x0958  hkmsvc - ok
20:08:44.0562 0x0958  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
20:08:44.0578 0x0958  hpn - ok
20:08:44.0687 0x0958  [ 77E4FF0B73BC0AEAAF39BF0C8104231F, A5D35FCD9E52003D990EB97DF1634DE9B516647C8DAAD3152550CD875DBBDA82 ] HSFHWBS2        C:\WINDOWS\system32\DRIVERS\HSFHWBS2.sys
20:08:44.0765 0x0958  HSFHWBS2 - ok
20:08:45.0156 0x0958  [ 60E1604729A15EF4A3B05F298427B3B1, 139DE473F645A300DD436B4AA8359A23FCE3BB9688B6B597E89F8ADBC36A71B9 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
20:08:45.0546 0x0958  HSF_DP - ok
20:08:45.0703 0x0958  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
20:08:45.0796 0x0958  HTTP - ok
20:08:45.0859 0x0958  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
20:08:45.0859 0x0958  HTTPFilter - ok
20:08:45.0890 0x0958  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
20:08:45.0906 0x0958  i2omgmt - ok
20:08:45.0921 0x0958  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
20:08:45.0937 0x0958  i2omp - ok
20:08:45.0984 0x0958  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
20:08:46.0000 0x0958  i8042prt - ok
20:08:46.0484 0x0958  [ 5A8E05F1D5C36ABD58CFFA111EB325EA, F881543B911C94BA6E0E4FF754286F18DBB30DAEEA13982A7D5179E51AC2C30F ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
20:08:46.0953 0x0958  ialm - ok
20:08:47.0500 0x0958  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:08:47.0812 0x0958  idsvc - ok
20:08:47.0875 0x0958  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
20:08:47.0890 0x0958  Imapi - ok
20:08:48.0000 0x0958  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
20:08:48.0046 0x0958  ImapiService - ok
20:08:48.0109 0x0958  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
20:08:48.0109 0x0958  ini910u - ok
20:08:48.0171 0x0958  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
20:08:48.0171 0x0958  IntelIde - ok
20:08:48.0234 0x0958  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
20:08:48.0250 0x0958  intelppm - ok
20:08:48.0312 0x0958  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
20:08:48.0328 0x0958  Ip6Fw - ok
20:08:48.0375 0x0958  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:08:48.0390 0x0958  IpFilterDriver - ok
20:08:48.0421 0x0958  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
20:08:48.0437 0x0958  IpInIp - ok
20:08:48.0515 0x0958  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
20:08:48.0562 0x0958  IpNat - ok
20:08:48.0828 0x0958  [ C00149A7027081539A66DC5A46695EAD, 51F01CD6B37BA52B3D4DC9CAE3A9FBDDB2FA6FB6A9E779C9157BB056CEC3BEC9 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:08:49.0015 0x0958  iPod Service - ok
20:08:49.0078 0x0958  [ F08D74EC300B8BA60CA953C58A24D19E, D6E746EEFE4BBD421757964B68C9A9EC8671A31F6914903A9826CD7D4A0D3FD3 ] Iprip           C:\WINDOWS\System32\iprip.dll
20:08:49.0125 0x0958  Iprip - ok
20:08:49.0187 0x0958  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
20:08:49.0218 0x0958  IPSec - ok
20:08:49.0312 0x0958  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
20:08:49.0312 0x0958  IRENUM - ok
20:08:49.0390 0x0958  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
20:08:49.0406 0x0958  isapnp - ok
20:08:49.0578 0x0958  [ 1834C96FB1F9280BCF6DDFA6DE8338BF, 294C7596A96C3524CB886B4184A9698A078A88F2C37AACDC34E9F1425C259ADF ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
20:08:49.0625 0x0958  JavaQuickStarterService - ok
20:08:49.0671 0x0958  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
20:08:49.0671 0x0958  Kbdclass - ok
20:08:49.0718 0x0958  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
20:08:49.0718 0x0958  kbdhid - ok
20:08:49.0828 0x0958  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
20:08:49.0890 0x0958  kmixer - ok
20:08:49.0968 0x0958  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
20:08:50.0000 0x0958  KSecDD - ok
20:08:50.0109 0x0958  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
20:08:50.0140 0x0958  lanmanserver - ok
20:08:50.0234 0x0958  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
20:08:50.0281 0x0958  lanmanworkstation - ok
20:08:50.0296 0x0958  lbrtfdc - ok
20:08:50.0406 0x0958  [ 5CFFDA921FE0C9E9EBDE3150D3C81594, 89A557FDBDDB2A039A5A7747F38B58799F552056E7BC0E2FBD044B1A4CE955B1 ] Leapfrog-USBLAN C:\WINDOWS\system32\DRIVERS\btblan.sys
20:08:50.0406 0x0958  Leapfrog-USBLAN - ok
20:08:50.0468 0x0958  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
20:08:50.0468 0x0958  LmHosts - ok
20:08:50.0515 0x0958  [ 32933B07FC16D9F778BEE12545FA1B1A, 73CCDD4EBA90138820624FFEFC629EFA3B15FF395D9F31CC4C4678713ECB1F23 ] LPDSVC          C:\WINDOWS\system32\tcpsvcs.exe
20:08:50.0531 0x0958  LPDSVC - ok
20:08:50.0578 0x0958  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
20:08:50.0578 0x0958  MBAMProtector - ok
20:08:50.0812 0x0958  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
20:08:50.0968 0x0958  MBAMScheduler - ok
20:08:51.0250 0x0958  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
20:08:51.0546 0x0958  MBAMService - ok
20:08:51.0609 0x0958  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\mbamswissarmy.sys
20:08:51.0625 0x0958  MBAMSwissArmy - ok
20:08:51.0703 0x0958  [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A67394769E9C0044529B6C ] McrdSvc         C:\WINDOWS\ehome\mcrdsvc.exe
20:08:51.0750 0x0958  McrdSvc - ok
20:08:51.0781 0x0958  [ EEAEA6514BA7C9D273B5E87C4E1AAB30, 3B724C6A8867B1B7A45D832150E0CFAC1004D3B972A2A7BFDD2ADDDB2488BB1E ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
20:08:51.0796 0x0958  mdmxsdk - ok
20:08:51.0859 0x0958  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
20:08:51.0875 0x0958  Messenger - ok
20:08:51.0937 0x0958  [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8BC27932EBF890B ] MHN             C:\WINDOWS\System32\mhn.dll
20:08:51.0968 0x0958  MHN - ok
20:08:52.0015 0x0958  [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F49A397C361585C6 ] MHNDRV          C:\WINDOWS\system32\DRIVERS\mhndrv.sys
20:08:52.0015 0x0958  MHNDRV - ok
20:08:52.0046 0x0958  MKEMUSB - ok
20:08:52.0093 0x0958  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
20:08:52.0093 0x0958  mnmdd - ok
20:08:52.0156 0x0958  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
20:08:52.0171 0x0958  mnmsrvc - ok
20:08:52.0203 0x0958  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
20:08:52.0218 0x0958  Modem - ok
20:08:52.0250 0x0958  [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA        C:\WINDOWS\system32\drivers\MODEMCSA.sys
20:08:52.0265 0x0958  MODEMCSA - ok
20:08:52.0328 0x0958  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
20:08:52.0343 0x0958  Mouclass - ok
20:08:52.0437 0x0958  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
20:08:52.0437 0x0958  mouhid - ok
20:08:52.0484 0x0958  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
20:08:52.0500 0x0958  MountMgr - ok
20:08:52.0625 0x0958  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:08:52.0656 0x0958  MozillaMaintenance - ok
20:08:52.0687 0x0958  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
20:08:52.0703 0x0958  mraid35x - ok
20:08:52.0796 0x0958  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
20:08:52.0875 0x0958  MRxDAV - ok
20:08:53.0078 0x0958  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:08:53.0234 0x0958  MRxSmb - ok
20:08:53.0312 0x0958  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
20:08:53.0312 0x0958  MSDTC - ok
20:08:53.0390 0x0958  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:08:53.0406 0x0958  Msfs - ok
20:08:53.0421 0x0958  MSIServer - ok
20:08:53.0453 0x0958  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:08:53.0453 0x0958  MSKSSRV - ok
20:08:53.0484 0x0958  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:08:53.0484 0x0958  MSPCLOCK - ok
20:08:53.0500 0x0958  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:08:53.0515 0x0958  MSPQM - ok
20:08:53.0546 0x0958  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
20:08:53.0546 0x0958  mssmbios - ok
20:08:53.0609 0x0958  [ E53736A9E30C45FA9E7B5EAC55056D1D, 38602F280BF69EBA3706AD175AFC1AEB561A8302B4B61E3FECB3C27D7A9BDB41 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:08:53.0609 0x0958  MSTEE - ok
20:08:53.0703 0x0958  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
20:08:53.0734 0x0958  Mup - ok
20:08:53.0812 0x0958  [ 5B50F1B2A2ED47D560577B221DA734DB, C16A554B6E1A7F5F98C94DFA88163E0F7426506BF2F51FD351B1A05FC0DB3BC5 ] NABTSFEC        C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
20:08:53.0843 0x0958  NABTSFEC - ok
20:08:54.0000 0x0958  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
20:08:54.0109 0x0958  napagent - ok
20:08:54.0203 0x0958  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
20:08:54.0265 0x0958  NDIS - ok
20:08:54.0343 0x0958  [ 7FF1F1FD8609C149AA432F95A8163D97, 18CD1FF5AC1EF8A38D1EC53014F2BADD28D9CDF4ECE2EBC2313D08903776F323 ] NdisIP          C:\WINDOWS\system32\DRIVERS\NdisIP.sys
20:08:54.0343 0x0958  NdisIP - ok
20:08:54.0406 0x0958  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:08:54.0406 0x0958  NdisTapi - ok
20:08:54.0468 0x0958  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:08:54.0468 0x0958  Ndisuio - ok
20:08:54.0531 0x0958  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:08:54.0562 0x0958  NdisWan - ok
20:08:54.0625 0x0958  [ 9282BD12DFB069D3889EB3FCC1000A9B, 09A46F1712BD9165068D8E153585FE3E6E5CBF4F1DDEC142115555D3A91AEC09 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:08:54.0640 0x0958  NDProxy - ok
20:08:54.0703 0x0958  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:08:54.0703 0x0958  NetBIOS - ok
20:08:54.0796 0x0958  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:08:54.0859 0x0958  NetBT - ok
20:08:54.0953 0x0958  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
20:08:55.0000 0x0958  NetDDE - ok
20:08:55.0046 0x0958  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
20:08:55.0062 0x0958  NetDDEdsdm - ok
20:08:55.0125 0x0958  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:08:55.0125 0x0958  Netlogon - ok
20:08:55.0265 0x0958  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
20:08:55.0328 0x0958  Netman - ok
20:08:55.0437 0x0958  [ 9DA26B773BD04B867A8E9F427CD048FC, A8D8D92720EA31685864B834FC67CD6225D0B65DF40DCDD6A80E6D0DF677C855 ] NetSvc          C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
20:08:55.0500 0x0958  NetSvc - ok
20:08:55.0625 0x0958  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:08:55.0671 0x0958  NetTcpPortSharing - ok
20:08:55.0812 0x0958  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
20:08:55.0875 0x0958  Nla - ok
20:08:55.0937 0x0958  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:08:55.0953 0x0958  Npfs - ok
20:08:56.0171 0x0958  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:08:56.0390 0x0958  Ntfs - ok
20:08:56.0406 0x0958  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
20:08:56.0406 0x0958  NtLmSsp - ok
20:08:56.0593 0x0958  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
20:08:56.0750 0x0958  NtmsSvc - ok
20:08:56.0781 0x0958  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:08:56.0781 0x0958  Null - ok
20:08:57.0484 0x0958  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
20:08:58.0187 0x0958  nv - ok
20:08:58.0250 0x0958  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
20:08:58.0250 0x0958  NwlnkFlt - ok
20:08:58.0296 0x0958  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
20:08:58.0312 0x0958  NwlnkFwd - ok
20:08:58.0609 0x0958  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:08:58.0765 0x0958  odserv - ok
20:08:58.0875 0x0958  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:08:58.0937 0x0958  ose - ok
20:08:59.0031 0x0958  [ 937A02981F11B2CE96B1D493C95AED2B, C619E1B6593E4BF740E631CC5A886C8E10D8796145C0A38417F9C599C2F54191 ] p2pgasvc        C:\WINDOWS\system32\p2pgasvc.dll
20:08:59.0078 0x0958  p2pgasvc - ok
20:08:59.0343 0x0958  [ 4A1035CB8F0D57BE41873B5183D96CF4, D6F53EEEA56C724BF3F7DABC2DD7E1E995B07BE32CB0AF0F77EB6651B741F050 ] p2pimsvc        C:\WINDOWS\system32\p2psvc.dll
20:08:59.0562 0x0958  p2pimsvc - ok
20:08:59.0765 0x0958  [ 4A1035CB8F0D57BE41873B5183D96CF4, D6F53EEEA56C724BF3F7DABC2DD7E1E995B07BE32CB0AF0F77EB6651B741F050 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:08:59.0796 0x0958  p2psvc - ok
20:08:59.0875 0x0958  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
20:08:59.0906 0x0958  Parport - ok
20:08:59.0937 0x0958  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
20:08:59.0953 0x0958  PartMgr - ok
20:09:00.0000 0x0958  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
20:09:00.0000 0x0958  ParVdm - ok
20:09:00.0062 0x0958  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
20:09:00.0078 0x0958  PCI - ok
20:09:00.0093 0x0958  PCIDump - ok
20:09:00.0140 0x0958  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
20:09:00.0140 0x0958  PCIIde - ok
20:09:00.0234 0x0958  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
20:09:00.0281 0x0958  Pcmcia - ok
20:09:00.0296 0x0958  PDCOMP - ok
20:09:00.0328 0x0958  PDFRAME - ok
20:09:00.0343 0x0958  PDRELI - ok
20:09:00.0375 0x0958  PDRFRAME - ok
20:09:00.0421 0x0958  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
20:09:00.0437 0x0958  perc2 - ok
20:09:00.0453 0x0958  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
20:09:00.0453 0x0958  perc2hib - ok
20:09:00.0578 0x0958  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
20:09:00.0578 0x0958  PlugPlay - ok
20:09:00.0796 0x0958  [ 4A1035CB8F0D57BE41873B5183D96CF4, D6F53EEEA56C724BF3F7DABC2DD7E1E995B07BE32CB0AF0F77EB6651B741F050 ] PNRPSvc         C:\WINDOWS\system32\p2psvc.dll
20:09:00.0828 0x0958  PNRPSvc - ok
20:09:00.0859 0x0958  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
20:09:00.0875 0x0958  PolicyAgent - ok
20:09:00.0937 0x0958  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
20:09:00.0953 0x0958  PptpMiniport - ok
20:09:00.0984 0x0958  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
20:09:00.0984 0x0958  ProtectedStorage - ok
20:09:01.0031 0x0958  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
20:09:01.0046 0x0958  PSched - ok
20:09:01.0109 0x0958  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
20:09:01.0125 0x0958  Ptilink - ok
20:09:01.0140 0x0958  PxHelp20 - ok
20:09:01.0203 0x0958  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
20:09:01.0218 0x0958  ql1080 - ok
20:09:01.0250 0x0958  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
20:09:01.0265 0x0958  Ql10wnt - ok
20:09:01.0312 0x0958  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
20:09:01.0328 0x0958  ql12160 - ok
20:09:01.0359 0x0958  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
20:09:01.0375 0x0958  ql1240 - ok
20:09:01.0421 0x0958  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
20:09:01.0437 0x0958  ql1280 - ok
20:09:01.0468 0x0958  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:09:01.0468 0x0958  RasAcd - ok
20:09:01.0531 0x0958  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:09:01.0562 0x0958  RasAuto - ok
20:09:01.0609 0x0958  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
20:09:01.0625 0x0958  Rasl2tp - ok
20:09:01.0750 0x0958  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:09:01.0812 0x0958  RasMan - ok
20:09:01.0859 0x0958  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:09:01.0875 0x0958  RasPppoe - ok
20:09:01.0906 0x0958  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
20:09:01.0906 0x0958  Raspti - ok
20:09:02.0000 0x0958  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:09:02.0062 0x0958  Rdbss - ok
20:09:02.0093 0x0958  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
20:09:02.0093 0x0958  RDPCDD - ok
20:09:02.0234 0x0958  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
20:09:02.0296 0x0958  rdpdr - ok
20:09:02.0406 0x0958  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
20:09:02.0453 0x0958  RDPWD - ok
20:09:02.0531 0x0958  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
20:09:02.0593 0x0958  RDSessMgr - ok
20:09:02.0640 0x0958  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
20:09:02.0687 0x0958  redbook - ok
20:09:02.0812 0x0958  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:09:02.0828 0x0958  RemoteAccess - ok
20:09:02.0937 0x0958  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:09:02.0968 0x0958  RemoteRegistry - ok
20:09:03.0093 0x0958  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:09:03.0125 0x0958  RpcLocator - ok
20:09:03.0312 0x0958  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:09:03.0328 0x0958  RpcSs - ok
20:09:03.0453 0x0958  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
20:09:03.0531 0x0958  RSVP - ok
20:09:03.0593 0x0958  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:09:03.0593 0x0958  SamSs - ok
20:09:03.0640 0x0958  [ 39763504067962108505BFF25F024345, 73C9710B61EDC7FBEDE1D7A767AA3D3A169E7AD012494D05CB5EE7E5C5752BB9 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
20:09:03.0640 0x0958  SASDIFSV - ok
20:09:03.0703 0x0958  [ 77B9FC20084B48408AD3E87570EB4A85, B5BC5FEC1356DECB66A7A671DB67112BDAC8F942BF1C4B986B1805B41EF362B1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
20:09:03.0718 0x0958  SASKUTIL - ok
20:09:03.0781 0x0958  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
20:09:03.0828 0x0958  SCardSvr - ok
20:09:03.0968 0x0958  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:09:04.0046 0x0958  Schedule - ok
20:09:04.0125 0x0958  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
20:09:04.0140 0x0958  Secdrv - ok
20:09:04.0203 0x0958  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
20:09:04.0203 0x0958  seclogon - ok
20:09:04.0312 0x0958  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
20:09:04.0343 0x0958  SENS - ok
20:09:04.0390 0x0958  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
20:09:04.0390 0x0958  serenum - ok
20:09:04.0468 0x0958  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
20:09:04.0484 0x0958  Serial - ok
20:09:04.0671 0x0958  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
20:09:04.0671 0x0958  Sfloppy - ok
20:09:04.0921 0x0958  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:09:05.0046 0x0958  SharedAccess - ok
20:09:05.0156 0x0958  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:09:05.0187 0x0958  ShellHWDetection - ok
20:09:05.0218 0x0958  Simbad - ok
20:09:05.0296 0x0958  [ 32933B07FC16D9F778BEE12545FA1B1A, 73CCDD4EBA90138820624FFEFC629EFA3B15FF395D9F31CC4C4678713ECB1F23 ] SimpTcp         C:\WINDOWS\system32\tcpsvcs.exe
20:09:05.0328 0x0958  SimpTcp - ok
20:09:05.0421 0x0958  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
20:09:05.0484 0x0958  sisagp - ok
20:09:05.0531 0x0958  [ 866D538EBE33709A5C9F5C62B73B7D14, BC94BEB7C17B4FCAC8B5D0D5006A203BC209E0504EECE149651D8691935696CD ] SLIP            C:\WINDOWS\system32\DRIVERS\SLIP.sys
20:09:05.0531 0x0958  SLIP - ok
20:09:05.0625 0x0958  [ 60C377BE6B3CC83F6A8584934B181D2E, 58F94CAD0149F634BE2F630A39561073F9399A904E3E3143C0D0BEC348A0C3B2 ] SNMP            C:\WINDOWS\System32\snmp.exe
20:09:05.0656 0x0958  SNMP - ok
20:09:05.0687 0x0958  [ 80A050795A107A76C2B1CD4CFBE010E6, DA5BFB0E8E990BE998F1ED5991CA3318A99E0F252669CE9FAE2EF67C535140B8 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:09:05.0703 0x0958  SNMPTRAP - ok
20:09:05.0734 0x0958  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
20:09:05.0750 0x0958  Sparrow - ok
20:09:05.0796 0x0958  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
20:09:05.0796 0x0958  splitter - ok
20:09:05.0859 0x0958  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
20:09:05.0890 0x0958  Spooler - ok
20:09:05.0984 0x0958  [ 94ED7D542BD3C547358A456E12005B84, 797CF524AAE81222724E2CA7ED26DBD67D5700C36BC55A2084A67461DEBE7B0F ] SQTECH9051      C:\WINDOWS\system32\Drivers\Capt9051.sys
20:09:06.0000 0x0958  SQTECH9051 - ok
20:09:06.0046 0x0958  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
20:09:06.0078 0x0958  sr - ok
20:09:06.0203 0x0958  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
20:09:06.0265 0x0958  srservice - ok
20:09:06.0484 0x0958  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:09:06.0625 0x0958  Srv - ok
20:09:06.0750 0x0958  [ FFE42941E0326C322F40B0B79A46493C, 370A76456D8DCCBEFEA741F14D6971F7449BC59AA24A72F020143B89D217A5C6 ] sscdbus         C:\WINDOWS\system32\DRIVERS\sscdbus.sys
20:09:06.0781 0x0958  sscdbus - ok
20:09:06.0843 0x0958  [ A68E7D87ADFBB8C50D88CD58230C6819, 4FEF3318EB3B3255F1E41443255B9D3DE28D3512D1CEC758A0D6ED6D618A2164 ] sscdmdfl        C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
20:09:06.0859 0x0958  sscdmdfl - ok
20:09:06.0968 0x0958  [ B534B24151281856EC2F69ED3D6D60DD, 741DF18A151347D40CD5AC85D7F6A1E656371D763D37DE77C48381EB0F132F92 ] sscdmdm         C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
20:09:07.0015 0x0958  sscdmdm - ok
20:09:07.0140 0x0958  [ D04BD59F28C78E2E66632092CAFC0A2B, 3DB7E71709CAFEE7BB52FFFFAE63FA6C59306D59B5BE5A5B864E2FEE951091EE ] sscdserd        C:\WINDOWS\system32\DRIVERS\sscdserd.sys
20:09:07.0171 0x0958  sscdserd - ok
20:09:07.0250 0x0958  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:09:07.0281 0x0958  SSDPSRV - ok
20:09:07.0703 0x0958  [ 2A2DC39623ADEF8AB3703AB9FAC4B440, A7D66F8364363085EA8BC54AB41E0C1E509A7A88753D6E6707FACF0265DF2A75 ] STHDA           C:\WINDOWS\system32\drivers\sthda.sys
20:09:08.0093 0x0958  STHDA - ok
20:09:08.0265 0x0958  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
20:09:08.0421 0x0958  stisvc - ok
20:09:08.0500 0x0958  [ 77813007BA6265C4B6098187E6ED79D2, 93939120E803C46FBFD577C8FC2E6C7E71C0460E01D25CB29579490640AB50C7 ] streamip        C:\WINDOWS\system32\DRIVERS\StreamIP.sys
20:09:08.0515 0x0958  streamip - ok
20:09:08.0578 0x0958  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
20:09:08.0578 0x0958  swenum - ok
20:09:08.0640 0x0958  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
20:09:08.0671 0x0958  swmidi - ok
20:09:08.0687 0x0958  SwPrv - ok
20:09:08.0734 0x0958  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
20:09:08.0750 0x0958  symc810 - ok
20:09:08.0781 0x0958  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
20:09:08.0796 0x0958  symc8xx - ok
20:09:08.0812 0x0958  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
20:09:08.0828 0x0958  sym_hi - ok
20:09:08.0859 0x0958  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
20:09:08.0875 0x0958  sym_u3 - ok
20:09:08.0921 0x0958  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
20:09:08.0937 0x0958  sysaudio - ok
20:09:09.0031 0x0958  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
20:09:09.0062 0x0958  SysmonLog - ok
20:09:09.0203 0x0958  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:09:09.0296 0x0958  TapiSrv - ok
20:09:09.0484 0x0958  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:09:09.0609 0x0958  Tcpip - ok
20:09:09.0750 0x0958  [ 4E53BBCC4BE37D7A4BD6EF1098C89FF7, D084EFE07AC200672A1CE7BB8AE736612B3E353271188D26E29EC973E26E1F5F ] Tcpip6          C:\WINDOWS\system32\DRIVERS\tcpip6.sys
20:09:09.0828 0x0958  Tcpip6 - ok
20:09:09.0859 0x0958  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
20:09:09.0859 0x0958  TDPIPE - ok
20:09:09.0906 0x0958  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
20:09:09.0906 0x0958  TDTCP - ok
20:09:09.0953 0x0958  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
20:09:09.0968 0x0958  TermDD - ok
20:09:10.0109 0x0958  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:09:10.0218 0x0958  TermService - ok
20:09:10.0281 0x0958  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
20:09:10.0296 0x0958  Themes - ok
20:09:10.0375 0x0958  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
20:09:10.0406 0x0958  TlntSvr - ok
20:09:10.0468 0x0958  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
20:09:10.0468 0x0958  TosIde - ok
20:09:10.0546 0x0958  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
20:09:10.0578 0x0958  TrkWks - ok
20:09:10.0640 0x0958  [ 8F861EDA21C05857EB8197300A92501C, 374FF9464F273610A051B9220C8D20F01FD4DD029095A7BE37244E20C5C8B5BB ] tunmp           C:\WINDOWS\system32\DRIVERS\tunmp.sys
20:09:10.0656 0x0958  tunmp - ok
20:09:10.0718 0x0958  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
20:09:10.0734 0x0958  Udfs - ok
20:09:10.0781 0x0958  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
20:09:10.0796 0x0958  ultra - ok
20:09:10.0875 0x0958  [ 9651E5D850B6F6BD7C77C70AA06F02BF, 746B9948BD77FE332991C08959908B5E613CE4A358B00BB67B3F8AB13FFD27C8 ] UMWdf           C:\WINDOWS\system32\wdfmgr.exe
20:09:10.0890 0x0958  UMWdf - ok
20:09:11.0078 0x0958  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
20:09:11.0218 0x0958  Update - ok
20:09:11.0359 0x0958  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:09:11.0421 0x0958  upnphost - ok
20:09:11.0484 0x0958  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
20:09:11.0484 0x0958  UPS - ok
20:09:11.0609 0x0958  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\WINDOWS\system32\Drivers\usbaapl.sys
20:09:11.0625 0x0958  USBAAPL - ok
20:09:11.0640 0x0958  usbbus - ok
20:09:11.0703 0x0958  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
20:09:11.0703 0x0958  usbccgp - ok
20:09:11.0718 0x0958  UsbDiag - ok
20:09:11.0781 0x0958  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
20:09:11.0796 0x0958  usbehci - ok
20:09:11.0875 0x0958  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
20:09:11.0890 0x0958  usbhub - ok
20:09:11.0906 0x0958  USBModem - ok
20:09:11.0968 0x0958  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
20:09:11.0984 0x0958  usbprint - ok
20:09:12.0031 0x0958  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
20:09:12.0031 0x0958  usbscan - ok
20:09:12.0062 0x0958  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
20:09:12.0078 0x0958  USBSTOR - ok
20:09:12.0109 0x0958  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
20:09:12.0109 0x0958  usbuhci - ok
20:09:12.0171 0x0958  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
20:09:12.0187 0x0958  VgaSave - ok
20:09:12.0234 0x0958  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
20:09:12.0250 0x0958  viaagp - ok
20:09:12.0281 0x0958  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
20:09:12.0281 0x0958  ViaIde - ok
20:09:12.0328 0x0958  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
20:09:12.0343 0x0958  VolSnap - ok
20:09:12.0515 0x0958  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
20:09:12.0609 0x0958  VSS - ok
20:09:13.0390 0x0958  [ 87DF7E6F9C07843DBA84F5F3859DD44C, 29959C0F4B747F126A1EB27FF26FC7585F57B1CA06AEB2508B9D38FCF2C61AE3 ] vToolbarUpdater17.0.12 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe
20:09:14.0109 0x0958  vToolbarUpdater17.0.12 - ok
20:09:14.0265 0x0958  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
20:09:14.0328 0x0958  w32time - ok
20:09:14.0390 0x0958  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
20:09:14.0406 0x0958  Wanarp - ok
20:09:14.0421 0x0958  wanatw - ok
20:09:14.0453 0x0958  WDICA - ok
20:09:14.0578 0x0958  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
20:09:14.0609 0x0958  wdmaud - ok
20:09:14.0718 0x0958  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:09:14.0750 0x0958  WebClient - ok
20:09:15.0031 0x0958  [ F59ED5A43B988A18EF582BB07B2327A7, E870821C9C4E31D3B05049FBA5D81358F9C30E6A67F600D4EA3A5736CA344028 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
20:09:15.0281 0x0958  winachsf - ok
20:09:15.0453 0x0958  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:09:15.0515 0x0958  winmgmt - ok
20:09:15.0609 0x0958  [ B9715B9C18BC6C8F4B66733D208CC9F7, 1F1298810AB5BA0B669091481ECC6D545B4ADBB2D80C8EFB257439E3818A9A84 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
20:09:15.0625 0x0958  WmdmPmSN - ok
20:09:15.0906 0x0958  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
20:09:16.0093 0x0958  Wmi - ok
20:09:16.0187 0x0958  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
20:09:16.0234 0x0958  WmiApSrv - ok
20:09:16.0296 0x0958  [ BBAEACA1FFA3C86361CF0998474F6C3A, 9EC71AECF9CB752247BB4478ECBA01F29202F2145FA9349C3BBF77687DCCDAF6 ] WpdUsb          C:\WINDOWS\system32\Drivers\wpdusb.sys
20:09:16.0296 0x0958  WpdUsb - ok
20:09:16.0718 0x0958  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:09:17.0140 0x0958  WPFFontCache_v0400 - ok
20:09:17.0187 0x0958  [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL         C:\WINDOWS\System32\drivers\ws2ifsl.sys
20:09:17.0203 0x0958  WS2IFSL - ok
20:09:17.0281 0x0958  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(1) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(1).sys
20:09:17.0343 0x0958  WsAudio_DeviceS(1) - ok
20:09:17.0437 0x0958  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(2) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(2).sys
20:09:17.0531 0x0958  WsAudio_DeviceS(2) - ok
20:09:17.0828 0x0958  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(3) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(3).sys
20:09:17.0906 0x0958  WsAudio_DeviceS(3) - ok
20:09:17.0984 0x0958  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(4) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(4).sys
20:09:18.0359 0x0958  WsAudio_DeviceS(4) - ok
20:09:18.0421 0x0958  [ 4160CBE59D9B5BE22E4C3897E8DB9D56, 8E79ED5925A803225DF4AE069F3FEE606A48BB2526E994BF9C4947543A580211 ] WsAudio_DeviceS(5) C:\WINDOWS\system32\drivers\WsAudio_DeviceS(5).sys
20:09:18.0812 0x0958  WsAudio_DeviceS(5) - ok
20:09:18.0906 0x0958  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
20:09:18.0953 0x0958  wscsvc - ok
20:09:19.0031 0x0958  [ C98B39829C2BBD34E454150633C62C78, 71B60EA3AD0E2637917D528C6A9E7ECF2949E3E5E91036AA5BBADA95BD725511 ] WSTCODEC        C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
20:09:19.0031 0x0958  WSTCODEC - ok
20:09:19.0093 0x0958  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
20:09:19.0093 0x0958  wuauserv - ok
20:09:19.0312 0x0958  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
20:09:19.0546 0x0958  WZCSVC - ok
20:09:19.0750 0x0958  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
20:09:19.0796 0x0958  xmlprov - ok
20:09:19.0859 0x0958  ================ Scan global ===============================
20:09:19.0921 0x0958  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
20:09:20.0078 0x0958  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:09:20.0281 0x0958  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
20:09:20.0359 0x0958  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
20:09:20.0359 0x0958  [ Global ] - ok
20:09:20.0359 0x0958  ================ Scan MBR ==================================
20:09:20.0406 0x0958  [ 91722E6BC3A2B40FF00222DCA4A3DB3E ] \Device\Harddisk0\DR0
20:09:20.0937 0x0958  \Device\Harddisk0\DR0 - ok
20:09:20.0968 0x0958  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
20:09:21.0609 0x0958  \Device\Harddisk1\DR1 - ok
20:09:21.0609 0x0958  ================ Scan VBR ==================================
20:09:21.0625 0x0958  [ 9D158E7FCE5A69CBF0D1EF17980BFD4C ] \Device\Harddisk0\DR0\Partition1
20:09:21.0640 0x0958  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
20:09:21.0640 0x0958  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
20:09:24.0781 0x0958  [ 2B38DEAE47D536BE5B9EC5108E42541B ] \Device\Harddisk1\DR1\Partition1
20:09:24.0796 0x0958  \Device\Harddisk1\DR1\Partition1 - ok
20:09:24.0828 0x0958  [ E6059F6FF04EF457492BECD79DCA780E ] \Device\Harddisk1\DR1\Partition2
20:09:24.0828 0x0958  \Device\Harddisk1\DR1\Partition2 - ok
20:09:24.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:25.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:26.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:27.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:28.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:29.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:30.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:31.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:32.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:33.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:34.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:35.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:36.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:37.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:38.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:39.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:40.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:41.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:42.0828 0x0958  Waiting for KSN requests completion. In queue: 311
20:09:43.0937 0x0958  AV detected via SS1: PC Cleaner Pro, , disabled, updated
20:09:43.0937 0x0958  AV detected via SS1: AVG Internet Security 2012, 2012.0, enabled, updated
20:09:43.0953 0x0958  FW detected via SS1: AVG Internet Security 2012, 2012.0, enabled
20:09:49.0390 0x0958  ============================================================
20:09:49.0390 0x0958  Scan finished
20:09:49.0390 0x0958  ============================================================
20:09:49.0421 0x0954  Detected object count: 1
20:09:49.0421 0x0954  Actual detected object count: 1
20:10:03.0109 0x0954  \Device\Harddisk0\DR0\Partition1 - copied to quarantine
20:10:03.0125 0x0954  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - will be cured on reboot
20:10:03.0125 0x0954  \Device\Harddisk0\DR0\Partition1 - ok
20:10:03.0125 0x0954  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Cure
20:11:54.0781 0x08dc  Deinitialize success



#6 BONES572

BONES572
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 24 October 2013 - 09:11 PM

Here are the Malwarebytes scan logs I did.

 

2013/10/20 20:52:35 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Starting protection
2013/10/20 20:52:35 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Protection started successfully
2013/10/20 20:52:35 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Starting IP protection
2013/10/20 20:58:10 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    IP Protection started successfully
2013/10/20 20:58:10 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Starting database refresh
2013/10/20 20:58:10 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Stopping IP protection
2013/10/20 20:58:11 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    IP Protection stopped successfully
2013/10/20 20:58:28 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Database refreshed successfully
2013/10/20 20:58:28 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Starting IP protection
2013/10/20 20:59:06 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    IP Protection started successfully
2013/10/20 20:59:18 -0400    DJ5GHL91    MIKE  ANGER    IP-BLOCK    5.149.255.46 (Type: incoming)
2013/10/20 21:01:26 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Executing scheduled update:  Daily
2013/10/20 21:01:41 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Database already up-to-date
2013/10/20 21:18:35 -0400    DJ5GHL91    MIKE  ANGER    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 21:28:42 -0400    DJ5GHL91    MIKE  ANGER    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 21:40:12 -0400    DJ5GHL91    MIKE  ANGER    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 21:55:19 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/20 21:55:20 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/20 21:55:20 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/20 21:55:29 -0400    DJ5GHL91        MESSAGE    IP Protection started successfully
2013/10/20 22:02:34 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:02:37 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:02:43 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:02:55 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:02:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:02:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:04 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:16 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:16 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:19 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:19 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:39 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:39 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:42 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:42 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:48 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:03:48 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:00 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:00 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:03 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:03 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:09 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:09 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:21 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:04:30 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/20 22:14:11 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 22:14:14 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 22:14:20 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 22:14:57 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 22:15:00 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 22:15:06 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 23:27:27 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Starting protection
2013/10/20 23:27:27 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Protection started successfully
2013/10/20 23:27:27 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Starting IP protection
2013/10/20 23:28:28 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    IP Protection started successfully
2013/10/20 23:31:29 -0400    DJ5GHL91    MIKE  ANGER    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 23:31:32 -0400    DJ5GHL91    MIKE  ANGER    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/20 23:31:38 -0400    DJ5GHL91    MIKE  ANGER    IP-BLOCK    5.149.255.46 (Type: outgoing)

 

 

2013/10/21 03:52:51 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Executing scheduled update:  Daily
2013/10/21 03:53:15 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Scheduled update executed successfully:  database updated from version v2013.10.20.07 to version v2013.10.21.02
2013/10/21 03:53:15 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Starting database refresh
2013/10/21 03:53:15 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Stopping IP protection
2013/10/21 03:53:16 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    IP Protection stopped successfully
2013/10/21 03:53:26 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Database refreshed successfully
2013/10/21 03:53:26 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    Starting IP protection
2013/10/21 03:53:46 -0400    DJ5GHL91    MIKE  ANGER    MESSAGE    IP Protection started successfully
2013/10/21 15:51:38 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/21 15:51:38 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/21 15:51:38 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/21 15:51:47 -0400    DJ5GHL91        MESSAGE    IP Protection started successfully
2013/10/21 15:55:01 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/21 15:55:01 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/21 15:55:01 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/21 15:55:28 -0400    DJ5GHL91        MESSAGE    IP Protection started successfully
2013/10/21 19:14:29 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/21 19:14:29 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/21 19:14:29 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/21 19:14:39 -0400    DJ5GHL91        MESSAGE    IP Protection started successfully
2013/10/21 19:57:12 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/21 19:57:12 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/21 19:57:12 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/21 19:57:26 -0400    DJ5GHL91        MESSAGE    IP Protection started successfully
2013/10/21 21:08:22 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/21 21:08:22 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/21 21:08:22 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/21 21:10:31 -0400    DJ5GHL91    AMY    MESSAGE    IP Protection started successfully
2013/10/21 21:14:01 -0400    DJ5GHL91    AMY    DETECTION    H:\ZipExtractorSetup.exe    PUP.Optional.InstallCore    QUARANTINE
2013/10/21 22:25:35 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/21 22:25:36 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/21 22:25:36 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/21 22:29:08 -0400    DJ5GHL91        MESSAGE    IP Protection started successfully
2013/10/21 22:47:38 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 22:47:39 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 22:47:40 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 22:47:41 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 22:47:43 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 22:47:47 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 22:47:48 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 22:58:13 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/21 22:58:13 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/21 22:58:13 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/21 23:02:39 -0400    DJ5GHL91    AMY    MESSAGE    IP Protection started successfully
2013/10/21 23:03:54 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:03:55 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:03:57 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:03:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:04:03 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:04:04 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:04:20 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:04:23 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:04:23 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:04:29 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:04:29 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:04:59 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:05:02 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:05:08 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:05:09 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:05:12 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:08:48 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:08:48 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:08:49 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:08:49 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:08:51 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:08:51 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:08:52 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:08:52 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:08:57 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:08:57 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:08:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:10:47 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:10:49 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:10:49 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:10:50 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:10:51 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:10:52 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:10:56 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:10:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/21 23:10:58 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:11:08 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:11:11 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:11:17 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:18:22 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:18:25 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:18:25 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:18:28 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:18:31 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:18:34 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:26:56 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:26:59 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:27:05 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:28:09 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:28:12 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:28:18 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:30:27 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:30:30 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:30:36 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:31:27 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:31:30 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:31:36 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:43:11 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:43:14 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:43:20 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:50:26 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:50:29 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:50:35 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:55:05 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:55:06 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:55:08 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:55:09 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:55:14 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/21 23:55:15 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
 

2013/10/22 14:26:36 -0400    DJ5GHL91        MESSAGE    Executing scheduled update:  Daily
2013/10/22 14:26:39 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/22 14:26:39 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/22 14:26:39 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/22 14:27:26 -0400    DJ5GHL91        MESSAGE    Scheduled update executed successfully:  database updated from version v2013.10.21.02 to version v2013.10.22.08
2013/10/22 14:29:15 -0400    DJ5GHL91    (null)    MESSAGE    IP Protection started successfully
2013/10/22 14:29:15 -0400    DJ5GHL91    (null)    MESSAGE    Starting database refresh
2013/10/22 14:29:15 -0400    DJ5GHL91    (null)    MESSAGE    Stopping IP protection
2013/10/22 14:29:16 -0400    DJ5GHL91    (null)    MESSAGE    IP Protection stopped successfully
2013/10/22 14:29:30 -0400    DJ5GHL91    (null)    MESSAGE    Database refreshed successfully
2013/10/22 14:29:30 -0400    DJ5GHL91    (null)    MESSAGE    Starting IP protection
2013/10/22 14:29:49 -0400    DJ5GHL91    (null)    MESSAGE    IP Protection started successfully
2013/10/22 14:43:56 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:43:57 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 14:43:59 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:44:00 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 14:44:05 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:44:06 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 14:44:30 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:44:33 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:44:39 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:44:52 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:44:52 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:44:55 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:01 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:21 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:22 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:30 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:31 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:56 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:45:59 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:46:05 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:46:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:46:21 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:46:26 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:54:43 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:54:43 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:54:44 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 14:54:46 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:54:46 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:54:47 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 14:54:52 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:54:52 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:54:53 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 14:55:04 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:04 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:07 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:07 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:13 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:13 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:28 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:28 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:34 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:34 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:47 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:47 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:50 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:55:56 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:56:08 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:56:11 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:56:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:56:29 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:56:32 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:56:38 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:19 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:19 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:22 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:22 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:28 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:28 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:41 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:44 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:44 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:50 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:58:50 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:59:03 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:59:06 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:59:12 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:59:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:59:27 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 14:59:33 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:01:12 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:01:12 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:01:13 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:01:15 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:01:15 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:01:16 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:01:20 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:01:21 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:03:33 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:03:36 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:03:42 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:03:53 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:03:56 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:04:02 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:04:20 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:04:23 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:04:29 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:05:59 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:06:02 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:06:08 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:06:53 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:06:53 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:06:56 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:06:56 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:06:56 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:06:59 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:07:02 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:07:02 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:07:05 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:07:14 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:07:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:07:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:07:20 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:07:23 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:07:26 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:09:22 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:09:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:09:31 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:23 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:26 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:27 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:10:27 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:30 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:10:32 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:33 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:36 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:10:45 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:45 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:48 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:48 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:54 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:10:54 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:20 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:42:21 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:22 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:23 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:42:23 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:29 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:42:29 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:31 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:42 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:43 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:44 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:46 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:50 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:42:50 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:52 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/22 15:42:53 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:42:59 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:45:32 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:45:35 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/22 15:45:41 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)

 

2013/10/23 15:40:34 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/23 15:40:34 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/23 15:40:34 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/23 15:40:37 -0400    DJ5GHL91        MESSAGE    Executing scheduled update:  Daily
2013/10/23 15:41:37 -0400    DJ5GHL91        MESSAGE    IP Protection started successfully
2013/10/23 15:42:18 -0400    DJ5GHL91    (null)    MESSAGE    Scheduled update executed successfully:  database updated from version v2013.10.22.08 to version v2013.10.23.09
2013/10/23 15:42:18 -0400    DJ5GHL91    (null)    MESSAGE    Starting database refresh
2013/10/23 15:42:19 -0400    DJ5GHL91    (null)    MESSAGE    Stopping IP protection
2013/10/23 15:42:19 -0400    DJ5GHL91    (null)    MESSAGE    IP Protection stopped successfully
2013/10/23 15:42:35 -0400    DJ5GHL91    (null)    MESSAGE    Database refreshed successfully
2013/10/23 15:42:35 -0400    DJ5GHL91    (null)    MESSAGE    Starting IP protection
2013/10/23 15:43:00 -0400    DJ5GHL91    (null)    MESSAGE    IP Protection started successfully
2013/10/23 16:02:56 -0400    DJ5GHL91    AMY    IP-BLOCK    37.139.105.223 (Type: outgoing)
2013/10/23 16:03:05 -0400    DJ5GHL91    AMY    IP-BLOCK    37.139.105.223 (Type: outgoing)
2013/10/23 16:04:01 -0400    DJ5GHL91    AMY    IP-BLOCK    37.139.105.223 (Type: outgoing)
2013/10/23 16:04:05 -0400    DJ5GHL91    AMY    IP-BLOCK    37.139.105.223 (Type: outgoing)
2013/10/23 16:04:10 -0400    DJ5GHL91    AMY    IP-BLOCK    37.139.105.223 (Type: outgoing)
2013/10/23 16:05:51 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:05:54 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:06:00 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:06:44 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:06:47 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:06:47 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:06:50 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:06:53 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:06:55 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:06:56 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:06:57 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:06:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:07:03 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:07:04 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:07:05 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:07:06 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:07:08 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:07:14 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:07:54 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:07:57 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:09:48 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:09:51 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:09:57 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:10:01 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:10:07 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:10:08 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:10:11 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:10:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:14 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:13:14 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:13:14 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:15 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:17 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:13:17 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:13:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:18 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:23 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:13:23 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:13:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:36 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:36 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:39 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:40 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:45 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:46 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:57 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:13:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:14:00 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:14:01 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:14:06 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:14:07 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:18:19 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:18:21 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:18:21 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:18:22 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:18:24 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:18:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:18:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:18:28 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:18:30 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:18:30 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:19:22 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:19:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:19:31 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:20:32 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:32 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:34 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:20:35 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:35 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:37 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:20:41 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:41 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:43 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:20:53 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:53 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:56 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:20:56 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:21:02 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:21:02 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:22:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:22:27 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:22:29 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:22:32 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:22:33 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:22:38 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:24:18 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:24:18 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:24:21 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:24:21 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:24:21 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:24:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:24:27 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:26:30 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:26:34 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:26:35 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:26:39 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:26:39 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:26:40 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:26:41 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:26:51 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:26:54 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:27:00 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:28:49 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/23 16:28:52 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/23 16:28:58 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/23 16:32:59 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:32:59 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:32:59 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:33:00 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:33:02 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:33:02 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:33:02 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:33:02 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:33:08 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:33:08 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:33:08 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:36:00 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:03 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:04 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:07 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:08 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:36:09 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:11 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:36:13 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:36:21 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:24 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:25 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:28 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:30 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:34 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:42 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:45 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:36:51 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:37:37 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:37:40 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:37:46 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:39:14 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:39:15 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:39:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:39:18 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:39:23 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:39:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 16:39:24 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:39:27 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:39:33 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 16:43:55 -0400    DJ5GHL91    AMY    IP-BLOCK    37.139.105.223 (Type: outgoing)
2013/10/23 16:43:58 -0400    DJ5GHL91    AMY    IP-BLOCK    37.139.105.223 (Type: outgoing)
2013/10/23 16:44:04 -0400    DJ5GHL91    AMY    IP-BLOCK    37.139.105.223 (Type: outgoing)
2013/10/23 19:50:53 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:50:53 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:50:54 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:50:56 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:50:56 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:50:57 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:50:57 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:51:02 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:51:02 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:51:03 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:51:04 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:52:31 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:52:34 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:52:40 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:54:34 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:54:36 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:54:39 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:54:46 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 19:54:55 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:54:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 19:55:04 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 20:00:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 20:00:33 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/23 20:01:03 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 20:01:06 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/23 20:01:12 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
 

2013/10/24 10:26:24 -0400    DJ5GHL91        MESSAGE    Executing scheduled update:  Daily
2013/10/24 10:26:34 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/24 10:26:34 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/24 10:26:34 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/24 10:27:42 -0400    DJ5GHL91        MESSAGE    Scheduled update executed successfully:  database updated from version v2013.10.23.09 to version v2013.10.24.05
2013/10/24 10:28:57 -0400    DJ5GHL91    AMY    MESSAGE    IP Protection started successfully
2013/10/24 10:28:57 -0400    DJ5GHL91    AMY    MESSAGE    Starting database refresh
2013/10/24 10:28:58 -0400    DJ5GHL91    AMY    MESSAGE    Stopping IP protection
2013/10/24 10:29:01 -0400    DJ5GHL91    AMY    MESSAGE    IP Protection stopped successfully
2013/10/24 10:29:26 -0400    DJ5GHL91    AMY    MESSAGE    Database refreshed successfully
2013/10/24 10:29:27 -0400    DJ5GHL91    AMY    MESSAGE    Starting IP protection
2013/10/24 10:29:45 -0400    DJ5GHL91    AMY    MESSAGE    IP Protection started successfully
2013/10/24 10:36:08 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:36:10 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:11 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:36:11 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:13 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:14 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:36:19 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:20 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:47 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:47 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:48 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 10:36:49 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:36:50 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:51 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 10:36:52 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:36:56 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:36:57 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 10:36:58 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:37:10 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:37:13 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:37:19 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:37:33 -0400    DJ5GHL91    AMY    IP-BLOCK    212.235.106.113 (Type: outgoing)
2013/10/24 10:37:36 -0400    DJ5GHL91    AMY    IP-BLOCK    212.235.106.113 (Type: outgoing)
2013/10/24 10:37:42 -0400    DJ5GHL91    AMY    IP-BLOCK    212.235.106.113 (Type: outgoing)
2013/10/24 10:48:19 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:48:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:48:26 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:48:27 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:48:31 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:48:33 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:49:25 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:49:27 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:49:33 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 10:58:55 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:58:57 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:58:58 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:58:59 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:59:24 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:59:27 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:59:33 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 10:59:40 -0400    DJ5GHL91    AMY    IP-BLOCK    78.140.143.46 (Type: outgoing)
2013/10/24 10:59:43 -0400    DJ5GHL91    AMY    IP-BLOCK    78.140.143.46 (Type: outgoing)
2013/10/24 10:59:44 -0400    DJ5GHL91    AMY    IP-BLOCK    78.140.143.46 (Type: outgoing)
2013/10/24 10:59:49 -0400    DJ5GHL91    AMY    IP-BLOCK    78.140.143.46 (Type: outgoing)
2013/10/24 10:59:50 -0400    DJ5GHL91    AMY    IP-BLOCK    78.140.143.46 (Type: outgoing)
2013/10/24 11:00:27 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:00:28 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:00:29 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:00:30 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:00:31 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:00:31 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:00:32 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:00:34 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:00:36 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:00:37 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:00:38 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:00:40 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:00:48 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:00:51 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:00:57 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:01:31 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:01:34 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:01:40 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:02:04 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:07 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:08 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:02:08 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:11 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:02:11 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:13 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:14 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:17 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:02:17 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:24 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:27 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:02:33 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:03:32 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:03:35 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:03:42 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:10:07 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:10:10 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:10:16 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:11:40 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:11:40 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:11:41 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:11:42 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:11:43 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:11:43 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:11:44 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:11:45 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:11:49 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:11:50 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:11:51 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:12:01 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:12:04 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:12:10 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:14:34 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:14:37 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:14:43 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:14:54 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:14:57 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:15:03 -0400    DJ5GHL91    AMY    IP-BLOCK    95.211.194.79 (Type: outgoing)
2013/10/24 11:16:22 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:16:25 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:16:28 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:16:31 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 11:16:31 -0400    DJ5GHL91    AMY    IP-BLOCK    5.149.255.46 (Type: outgoing)
2013/10/24 11:16:37 -0400    DJ5GHL91    AMY    IP-BLOCK    66.45.56.109 (Type: outgoing)
2013/10/24 14:40:09 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/24 14:40:09 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/24 14:40:09 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/24 14:41:59 -0400    DJ5GHL91        MESSAGE    IP Protection started successfully
2013/10/24 18:13:11 -0400    DJ5GHL91        MESSAGE    Starting protection
2013/10/24 18:13:12 -0400    DJ5GHL91        MESSAGE    Protection started successfully
2013/10/24 18:13:12 -0400    DJ5GHL91        MESSAGE    Starting IP protection
2013/10/24 18:14:52 -0400    DJ5GHL91    AMY    MESSAGE    IP Protection started successfully

THANK YOU!

 



#7 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:39 PM

Posted 25 October 2013 - 12:48 PM

Hello BONES572,
 
Yes, running the scans in safe mode was fine, but if you can then running them in normal mode is best.
 
TDSSKiller did indeed remove a rootkit, whilst your computer should be running better I have to warn you that your computer has been compromised. These threats have backdoor functionality which allows hackers to remotely control your computer, steal critical system information, and download and execute files. I suggest that use another clean computer to change any passwords of any sites accessed from that computer, if you do any banking or other financial transactions on the PC then I suggest keeping an eye out for suspicious activity.
 
The malwarebytes BSOD was likely due to the rootkit, so I would like you to try running a quick scan on the program again. If that does not work, I would like you to run a slightly modified version of Malwarebtyes, on how to do this then please see hereIf you have any problems then note that in your next reply.
 
I would also like for you to run these scans:
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

--------

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

Also, you are very welcome, just helping people out makes this worthwhile.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#8 BONES572

BONES572
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 25 October 2013 - 06:56 PM

Here it is...  Malwarebytes located 2 Trojans I guess.  Will this ever end???  I am so thankful there are super intelligent people like all of you that help out on this site!!!!!!!!!!!!!!!!!!!!!!!!!!  :)   Is there a truly free Anti-Virus program that actually works great and you don't have to update.  I keep getting a wierd corrupt file prossess notification down on the right corner of my taskbar.  ???

 

Thank you again!

 

# AdwCleaner v3.010 - Report created 25/10/2013 at 17:32:23
# Updated 20/10/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Administrator - DJ5GHL91
# Running from : C:\Documents and Settings\Administrator\My Documents\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : BackupStack
Service Found : vToolbarUpdater17.0.12

***** [ Files / Folders ] *****

File Found : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nu4kir0u.default\user.js
File Found : C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\MyPC Backup.lnk
File Found : C:\WINDOWS\system32\roboot.exe
Folder Found C:\Documents and Settings\Administrator\Application Data\digitalsite
Folder Found C:\Documents and Settings\Administrator\Application Data\Systweak
Folder Found C:\Documents and Settings\All Users\Application Data\SpeedyPC Software
Folder Found C:\Documents and Settings\All Users\Application Data\Systweak
Folder Found C:\Documents and Settings\All Users\Application Data\Trymedia
Folder Found C:\Documents and Settings\AMY\Application Data\BabylonToolbar
Folder Found C:\Documents and Settings\AMY\Application Data\registry mechanic
Folder Found C:\Documents and Settings\AMY\Application Data\searchquband
Folder Found C:\Documents and Settings\AMY\Application Data\Systweak
Folder Found C:\Documents and Settings\AMY\Local Settings\Application Data\AVG Secure Search
Folder Found C:\Documents and Settings\AMY\Local Settings\Application Data\Ilivid Player
Folder Found C:\Documents and Settings\MIKE  ANGER\Application Data\AVG Secure Search
Folder Found C:\Documents and Settings\MIKE  ANGER\Application Data\searchquband
Folder Found C:\Documents and Settings\MIKE  ANGER\Local Settings\Application Data\AVG Secure Search
Folder Found C:\Documents and Settings\SAMANTHA\Application Data\AVG Secure Search
Folder Found C:\Documents and Settings\SAMANTHA\Application Data\searchquband
Folder Found C:\Program Files\Advanced System Protector
Folder Found C:\Program Files\Babylon
Folder Found C:\Program Files\Common Files\AVG Secure Search
Folder Found C:\Program Files\MyPC Backup
Folder Found C:\Program Files\MyPC Backup

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{204DF522-9A96-4A72-ABB0-60F7A216D6D2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\systweak
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Found : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Whilokii
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\464AA55239C100F32AF2D438EDDC0F47
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5652BA3D5FB98AE31B337BF0AF939856
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EB95E1AFCBABE3DB9ECCC669B99494
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\Software\Viewpoint
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Documents and Settings\MIKE  ANGER\Application Data\Mozilla\Firefox\Profiles\ejyagjfk.default\prefs.js ]


[ File : C:\Documents and Settings\AMY\Application Data\Mozilla\Firefox\Profiles\611oxj0y.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");

[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\nu4kir0u.default\prefs.js ]

Line Found : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");
Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");

*************************

AdwCleaner[R0].txt - [9555 octets] - [25/10/2013 17:32:23]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9615 octets] ##########
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Microsoft Windows XP x86
Ran by Administrator on Fri 10/25/2013 at 17:33:51.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] backupstack
Successfully deleted: [Service] backupstack



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\scripthelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\viprotocol.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\axmetastream.metastreamctlsecondary.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\bbylntlbr.bbylntlbrhlpr.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\protocols\handler\viprotocol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\s
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\scripthelper.scripthelperapi.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\viprotocol.viprotocolole.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{35e9438f-19d4-4516-b2ac-59ba9241de4d}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}



~~~ Files

Successfully deleted: [File] "C:\WINDOWS\system32\roboot.exe"



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\pc1data"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\speedypc software"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\systweak"
Successfully deleted: [Folder] "C:\Documents and Settings\All Users\application data\trymedia"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\digitalsite"
Successfully deleted: [Folder] "C:\Documents and Settings\Administrator\Application Data\systweak"
Successfully deleted: [Folder] "C:\Program Files\advanced system protector"
Successfully deleted: [Folder] "C:\Program Files\babylon"
Successfully deleted: [Folder] "C:\Program Files\ietoolbar"
Successfully deleted: [Folder] "C:\Program Files\mypc backup"



~~~ FireFox

Successfully deleted: [File] C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\nu4kir0u.default\user.js
Successfully deleted the following from C:\Documents and Settings\Administrator\Application Data\mozilla\firefox\profiles\nu4kir0u.default\prefs.js

user_pref("avg.install.extHomepage", "hxxp://mysearch.avg.com?pid=safeguard&sg=0&cid=%7B7f43486c-6a1f-4966-9fa7-8ccf802028e1%7D&mid=3e1033fabe3747d0963bd15a66363714-d53d0716c0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 10/25/2013 at 17:41:02.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.25.09

Windows XP Service Pack 3 x86 NTFS (Safe Mode/Networking)
Internet Explorer 8.0.6001.18702
Administrator :: DJ5GHL91 [administrator]

Protection: Disabled

10/25/2013 19:12:26
MBAM-log-2013-10-25 (19-46-10).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 311087
Time elapsed: 27 minute(s), 28 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Documents and Settings\AMY\Local Settings\Temp\hi22.exe (Trojan.Downloader.ED) -> No action taken.
C:\Documents and Settings\AMY\Local Settings\Temp\nmpgbadk.exe (Trojan.Downloader.ED) -> No action taken.

(end)
 



#9 BONES572

BONES572
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 25 October 2013 - 07:12 PM

Toffee,

 

Why does MBAM say that Protection is Disabled.  Also, it shows the two Trojans listed, which I believed I deleted, but the log shows no action taken???  Is this concerning?  Thx!



#10 BONES572

BONES572
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 25 October 2013 - 07:21 PM

Toffee,

 

I ran Rkill again and this list showed up.  ?

 

Rkill 2.6.2 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/25/2013 08:16:37 PM in x86 mode. (Safe Mode)
Windows Version: Microsoft Windows XP Service Pack 3

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (Most likely legitimate)!

     * C:\WINDOWS\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a => C:\WINDOWS\WinSxS\x86_System.EnterpriseServices_b03f5f7f11d50a3a_4.0.0.0_x-ww_29b51492 [Dir]
     * C:\WINDOWS\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Workflow.Compiler\v4.0_4.0.0.0__31bf3856ad364e35 => C:\WINDOWS\WinSxS\MSIL_Microsoft.Workflow.Compiler_31bf3856ad364e35_4.0.0.0_x-ww_97359ba5 [Dir]

Checking Windows Service Integrity:

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Manual

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Automatic

 * Automatic Updates (wuauserv) is not Running.
   Startup Type set to: Automatic

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1 www.pornerbros.com # hosts anti-adware / pups
  127.0.0.1 www.x3xtube.com # hosts anti-adware / pups
  127.0.0.1 www.amateurdumper.com # hosts anti-adware / pups
  127.0.0.1 212link.com # hosts anti-adware / pups
  127.0.0.1 www.ping2it.com # hosts anti-adware / pups
  127.0.0.1 dl.ividi.org # hosts anti-adware / pups
  127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
  127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
  127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
  127.0.0.1 2010-fr.com # hosts anti-adware / pups
  127.0.0.1 2012-new.biz # hosts anti-adware / pups
  127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
  127.0.0.1 24h00business.com # hosts anti-adware / pups
  127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
  127.0.0.1 ad.adn360.com # hosts anti-adware / pups
  127.0.0.1 adeartss.eu # hosts anti-adware / pups
  127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
  127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
  127.0.0.1 adm.soft365.com # hosts anti-adware / pups
  127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups

  20 out of 638 HOSTS entries shown.
  Please review HOSTS file for further entries.

Program finished at: 10/25/2013 08:19:09 PM
Execution time: 0 hours(s), 2 minute(s), and 31 seconds(s)
 



#11 BONES572

BONES572
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 25 October 2013 - 08:26 PM

Ran Super Anti Spyware again.  Log below.

 

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/25/2013 at 08:49 PM

Application Version : 5.6.1040

Core Rules Database Version : 10845
Trace Rules Database Version: 8657

Scan type       : Quick Scan
Total Scan Time : 00:27:36

Operating System Information
Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600)
Administrator

Memory items scanned      : 299
Memory threats detected   : 0
Registry items scanned    : 32953
Registry threats detected : 0
File items scanned        : 11973
File threats detected     : 76

Adware.Tracking Cookie
    C:\Documents and Settings\Administrator\Cookies\5S5DLTQD.txt [ /clicksor.com ]
    C:\Documents and Settings\Administrator\Cookies\KZUTMV2G.txt [ /atdmt.com ]
    C:\Documents and Settings\Administrator\Cookies\INW4RBQP.txt [ /imrworldwide.com ]
    C:\Documents and Settings\Administrator\Cookies\8D79TMBG.txt [ /clove.rotator.hadj8.adjuggler.net ]
    C:\Documents and Settings\Administrator\Cookies\GDEAZCLD.txt [ /media6degrees.com ]
    C:\Documents and Settings\Administrator\Cookies\GGP0J77Q.txt [ /adtechus.com ]
    C:\Documents and Settings\Administrator\Cookies\WNWCAJS5.txt [ /legolas-media.com ]
    C:\Documents and Settings\Administrator\Cookies\WPVSIBY0.txt [ /network.realmedia.com ]
    C:\Documents and Settings\Administrator\Cookies\3XTFTKW3.txt [ /clickbooth.com ]
    C:\Documents and Settings\Administrator\Cookies\ZD898JB1.txt [ /ru4.com ]
    C:\Documents and Settings\Administrator\Cookies\HLI4WA2K.txt [ /reserfind.com ]
    C:\Documents and Settings\Administrator\Cookies\ZG3AIMJV.txt [ /myroitracking.com ]
    C:\Documents and Settings\Administrator\Cookies\OY3BULFO.txt [ /ad.mlnadvertising.com ]
    C:\Documents and Settings\Administrator\Cookies\BLESZXKI.txt [ /specificclick.net ]
    C:\Documents and Settings\Administrator\Cookies\XBEA0NX0.txt [ /revsci.net ]
    C:\Documents and Settings\Administrator\Cookies\FOFLAPRQ.txt [ /tribalfusion.com ]
    C:\Documents and Settings\Administrator\Cookies\R0L2783Y.txt [ /tacoda.at.atwola.com ]
    C:\Documents and Settings\Administrator\Cookies\ATQHS171.txt [ /at.atwola.com ]
    C:\Documents and Settings\Administrator\Cookies\32FM4IZI.txt [ /ads.pubmatic.com ]
    C:\Documents and Settings\Administrator\Cookies\LQSNPT27.txt [ /pro-market.net ]
    C:\Documents and Settings\Administrator\Cookies\Q99BPJZS.txt [ /lucidmedia.com ]
    C:\Documents and Settings\Administrator\Cookies\IL6DXHLA.txt [ /invitemedia.com ]
    C:\Documents and Settings\Administrator\Cookies\BOA533QT.txt [ /miva.cinomedia.com ]
    C:\Documents and Settings\Administrator\Cookies\TOQGGAWD.txt [ /wakeboardingmag.com.122.2o7.net ]
    C:\Documents and Settings\Administrator\Cookies\VA4CELEW.txt [ /doubleclick.net ]
    C:\Documents and Settings\Administrator\Cookies\83DXE349.txt [ /pointroll.com ]
    C:\Documents and Settings\Administrator\Cookies\4HZII2JI.txt [ /questionmarket.com ]
    C:\Documents and Settings\Administrator\Cookies\OCP1TK4X.txt [ /serving-sys.com ]
    C:\Documents and Settings\Administrator\Cookies\MJAXC9OC.txt [ /statcounter.com ]
    C:\Documents and Settings\Administrator\Cookies\LUJ6FB0K.txt [ /burstnet.com ]
    C:\Documents and Settings\Administrator\Cookies\YBZO3OOA.txt [ /fastclick.net ]
    C:\Documents and Settings\Administrator\Cookies\1R3YO9MK.txt [ /advertising.com ]
    C:\Documents and Settings\Administrator\Cookies\M1I3BPFX.txt [ /mediaplex.com ]
    C:\Documents and Settings\Administrator\Cookies\3OVC1XKP.txt [ /ads.p161.net ]
    C:\Documents and Settings\Administrator\Cookies\R061IWDJ.txt [ /mshakers.rotator.hadj7.adjuggler.net ]
    C:\Documents and Settings\Administrator\Cookies\Y35KF4MT.txt [ /1sadx.net ]
    C:\Documents and Settings\Administrator\Cookies\9VWFTT4Q.txt [ /intermundomedia.com ]
    C:\Documents and Settings\Administrator\Cookies\H1296MWL.txt [ /ads.pointroll.com ]
    C:\Documents and Settings\Administrator\Cookies\F1BBSJ2T.txt [ /zedo.com ]
    C:\Documents and Settings\Administrator\Cookies\GSUUU12A.txt [ /ad.yieldmanager.com ]
    C:\Documents and Settings\Administrator\Cookies\FIKA1R0V.txt [ /www.burstnet.com ]
    C:\Documents and Settings\Administrator\Cookies\H3Y7GYO9.txt [ /247realmedia.com ]
    C:\Documents and Settings\Administrator\Cookies\V8NLUPO0.txt [ /track.adform.net ]
    C:\Documents and Settings\Administrator\Cookies\H3TSJ6CI.txt [ /insightexpressai.com ]
    C:\Documents and Settings\Administrator\Cookies\NUFTIIK9.txt [ /realmedia.com ]
    C:\Documents and Settings\Administrator\Cookies\I092IXCP.txt [ /mediaservices-d.openxenterprise.com ]
    C:\Documents and Settings\Administrator\Cookies\3PK01KK3.txt [ /casalemedia.com ]
    C:\Documents and Settings\Administrator\Cookies\BI9I6ZJZ.txt [ /adform.net ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\43N5EDCG.txt [ Cookie:amy@atdmt.com/ ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\3VDFCF5Y.txt [ Cookie:amy@track.adform.net/ ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\KU35YK1J.txt [ Cookie:amy@interclick.com/ ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\T7ZLJCTP.txt [ Cookie:amy@adtechus.com/ ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\MYRWZIY6.txt [ Cookie:amy@imrworldwide.com/ ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\IAVG1CX2.txt [ Cookie:amy@clickbooth.com/ ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\O1SP0WLT.txt [ Cookie:amy@apmebf.com/ ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\QWF4O83V.txt [ Cookie:amy@media-servers.net/ ]
    C:\DOCUMENTS AND SETTINGS\AMY\Cookies\LG3X6NVP.txt [ Cookie:amy@ru4.com/ ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .mediacollege.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .mediacollege.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .mediacollege.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    pub12.media-clic.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .atdmt.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .specificclick.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .questionmarket.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .invitemedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    .media6degrees.com [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
    track.adform.net [ C:\DOCUMENTS AND SETTINGS\ADMINISTRATOR\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\NU4KIR0U.DEFAULT\COOKIES.SQLITE ]
 



#12 Netghost56

Netghost56

  • Members
  • 973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:12:39 PM

Posted 25 October 2013 - 09:27 PM

You will always have to keep your anti virus updated, or it won't protect you.

#13 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:39 PM

Posted 26 October 2013 - 06:22 AM

Hi BONES572,

 

I keep getting a wierd corrupt file prossess notification down on the right corner of my taskbar.  ???

Please take a screenshot of this message, upload it to tinypic or other free image sharing site and post the url in your next reply.
 

Toffee,
 
Why does MBAM say that Protection is Disabled.  Also, it shows the two Trojans listed, which I believed I deleted, but the log shows no action taken???  Is this concerning?  Thx!

I believe this is because you are in safe mode which means that only the files needed to run windows are loaded. Your malwarebytes is only a trial though, so eventually it will revert to free mode which is only an on-demand scanner. I suggest purchasing malwarebytes PRO as it is a very good piece of protection software.
 
As I said before, please refrain from running scans on your own. SAS, whilst not bad as an on-demand scanner, tends to only detect cookies (they are harmless) which is only what was detected in the scan.
As for the extras added to the RKill log, they were added by a program which you probably clicked on in AdwCleaner, they will protect you from visiting some malicious sites which infect your computer.

 

Can you please reboot into normal mode and run the malwarebytes scan again to see if those items appear. If so, make sure they are checked, and click remove selected items.
 
Please tell me how normal mode is behaving at this time, and run this scan from there:
 
I'd like us to scan your machine with ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

--------
 

I don’t see an anti-virus program running on your machine. An anti-virus is an essential piece of software which stops the majority of malware before it can do any damage.

 

I personally suggest downloading either of these free antiviruses (but don't download both, one is fine); Avast! or Microsoft Security Essentials. Tell me which one you install and I'll help set it up so it updates automatically and runs a scan every week to keep you protected.

 

xXToffeeXx~


Edited by xXToffeeXx, 26 October 2013 - 06:22 AM.

~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~


#14 BONES572

BONES572
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:12:39 PM

Posted 26 October 2013 - 09:10 PM

Toffee,

 

Had trouble with the screen shot, but here is the message -  Windows-Curropt File Eception Processing Message c0000102 Parameters 75b6bf7c 75b6bf7c 75b6b7c 75b6bf7c.



#15 xXToffeeXx

xXToffeeXx

    Bleepin' Polar Bear


  • Malware Response Instructor
  • 6,054 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Arctic Circle
  • Local time:06:39 PM

Posted 27 October 2013 - 06:02 AM

Hi BONES572,

 

No worries on the screenshot, that message tells me enough. Please run the scans in my last post, and then we will deal with that message.

 

xXToffeeXx~


~If I am helping you and you have not had a reply from me in two days, please send me a PM~

 

logo-25.pngID Ransomware - Identify What Ransomware Encrypted Your Files [Support Topic] - If we have helped you out and you want to support what we do, you can do so here

 

 ~Twitter~ | ~Malware Analyst at Emsisoft~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users