Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

avg and malware showing infections


  • Please log in to reply
17 replies to this topic

#1 wendywenz

wendywenz

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 12 August 2014 - 07:41 PM

Hi Im new here and Im sorry if Im doing wrong by coming straight here to post this - its late and Im stressed

 

Im still using xp

avg and malware bytes are showing Im infected on both my desktop and my external hard drive

Id appreciate any help from your members here

Thank you

Wendy



BC AdBot (Login to Remove)

 


m

#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:32 PM

Posted 12 August 2014 - 07:59 PM

Hello wendy and welcome.

Did they remove or quarantine what was found?

Lets also run these and see how you are after.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 12 August 2014 - 08:05 PM

Im sorry I was too eager to post and forgot to say what the reports show

 

In avg showing in my external drive and C Drive

Trojan Horse Generic_vb.ABC

Found Tracking cookie - many of these

Corrupted executable file

 

Also on the task bar there is a triangle on avg icon and it wont allow me to update

AVG is saying Im not protected



#4 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 12 August 2014 - 08:14 PM

Hi Boop and thank you for the welcome

Heres the result from mini toolbox

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by Owner (administrator) on 13-08-2014 at 02:11:14
Running from "C:\Documents and Settings\Owner\Desktop"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

NETGEAR WNDA3200 Wireless 11N Dual-band USB Adapter = Wireless Network Connection (Connected)
ADMtek AN983 based ethernet adapter = Local Area Connection (Media disconnected)
Intel® PRO/100 VE Network Connection = Local Area Connection 2 (Media disconnected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Local Area Connection 2"

set address name="Local Area Connection 2" source=dhcp
set dns name="Local Area Connection 2" source=dhcp register=PRIMARY
set wins name="Local Area Connection 2" source=dhcp

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

# Interface IP Configuration for "Wireless Network Connection"

set address name="Wireless Network Connection" source=dhcp
set dns name="Wireless Network Connection" source=dhcp register=PRIMARY
set wins name="Wireless Network Connection" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : OWNER-AD95639F5

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection 2:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : Intel® PRO/100 VE Network Connection

        Physical Address. . . . . . . . . : 00-11-11-85-1D-67

 

Ethernet adapter Local Area Connection:

 

        Media State . . . . . . . . . . . : Media disconnected

        Description . . . . . . . . . . . : ADMtek AN983 based ethernet adapter

        Physical Address. . . . . . . . . : 00-08-A1-34-A1-11

 

Ethernet adapter Wireless Network Connection:

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : NETGEAR WNDA3200 Wireless 11N Dual-band USB Adapter

        Physical Address. . . . . . . . . : E0-46-9A-A2-2D-6A

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.0.2

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.0.1

        DHCP Server . . . . . . . . . . . : 192.168.0.1

        DNS Servers . . . . . . . . . . . : 194.168.4.100

                                            194.168.8.100

        Lease Obtained. . . . . . . . . . : 12 August 2014 23:33:03

        Lease Expires . . . . . . . . . . : 13 August 2014 23:33:03

Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Name:    google.com
Addresses:  64.233.166.139, 64.233.166.138, 64.233.166.102, 64.233.166.101
   64.233.166.113, 64.233.166.100

 

Pinging google.com [64.233.166.102] with 32 bytes of data:

 

Reply from 64.233.166.102: bytes=32 time=24ms TTL=45

Reply from 64.233.166.102: bytes=32 time=23ms TTL=45

 

Ping statistics for 64.233.166.102:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 23ms, Maximum = 24ms, Average = 23ms

Server:  cache1.service.virginmedia.net
Address:  194.168.4.100

Name:    yahoo.com
Addresses:  206.190.36.45, 98.138.253.109, 98.139.183.24

 

Pinging yahoo.com [98.138.253.109] with 32 bytes of data:

 

Reply from 98.138.253.109: bytes=32 time=147ms TTL=48

Reply from 98.138.253.109: bytes=32 time=147ms TTL=48

 

Ping statistics for 98.138.253.109:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 147ms, Maximum = 147ms, Average = 147ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 11 11 85 1d 67 ...... Intel® PRO/100 VE Network Connection - Packet Scheduler Miniport
0x3 ...00 08 a1 34 a1 11 ...... ADMtek AN983 based ethernet adapter - Packet Scheduler Miniport
0x10005 ...e0 46 9a a2 2d 6a ...... NETGEAR WNDA3200 Wireless 11N Dual-band USB Adapter - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1     192.168.0.2   25
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.0.0    255.255.255.0      192.168.0.2     192.168.0.2   25
      192.168.0.2  255.255.255.255        127.0.0.1       127.0.0.1   25
    192.168.0.255  255.255.255.255      192.168.0.2     192.168.0.2   25
        224.0.0.0        240.0.0.0      192.168.0.2     192.168.0.2   25
  255.255.255.255  255.255.255.255      192.168.0.2               2   1
  255.255.255.255  255.255.255.255      192.168.0.2               3   1
  255.255.255.255  255.255.255.255      192.168.0.2     192.168.0.2   1
Default Gateway:       192.168.0.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 12 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 13 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 14 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 15 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 16 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 17 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/13/2014 01:46:07 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (08/12/2014 02:13:28 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/06/2014 01:04:14 AM) (Source: Application Error) (User: )
Description: Faulting application skype.exe, version 6.16.0.105, faulting module jscript.dll, version 5.8.6001.23141, fault address 0x000042d4.
Processing media-specific event for [skype.exe!ws!]

Error: (08/03/2014 11:09:37 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/01/2014 00:47:48 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (08/01/2014 00:19:45 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (07/30/2014 00:53:01 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (07/28/2014 09:19:49 PM) (Source: Application Error) (User: )
Description: Faulting application corel paint shop pro photo.exe, version 12.5.0.0, faulting module corecontrols.dll, version 12.5.0.0, fault address 0x0003a540.
Processing media-specific event for [corel paint shop pro photo.exe!ws!]

Error: (07/27/2014 04:02:17 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

Error: (07/27/2014 03:46:16 AM) (Source: crypt32) (User: )
Description: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.

System errors:
=============
Error: (08/12/2014 11:46:08 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.

Error: (08/11/2014 11:15:46 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.

Error: (08/11/2014 06:46:12 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: The server {1F87137D-0E7C-44D5-8C73-4EFFB68962F2} did not register with DCOM within the required timeout.

Error: (08/01/2014 11:17:26 PM) (Source: Service Control Manager) (User: )
Description: The StarOpen service failed to start due to the following error:
%%2

Error: (08/01/2014 07:45:49 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address E0469AA22D6A.  The following error
occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Error: (08/01/2014 05:23:45 PM) (Source: Dhcp) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP
Server) for the Network Card with network address E0469AA22D6A.  The following error
occurred:
%%1223.
Your computer will continue to try and obtain an address on its own from
the network address (DHCP) server.

Error: (08/01/2014 00:07:15 AM) (Source: Service Control Manager) (User: )
Description: The StarOpen service failed to start due to the following error:
%%2

Microsoft Office Sessions:
=========================
Error: (08/13/2014 01:46:07 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (08/12/2014 02:13:28 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/06/2014 01:04:14 AM) (Source: Application Error)(User: )
Description: skype.exe6.16.0.105jscript.dll5.8.6001.23141000042d4

Error: (08/03/2014 11:09:37 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/01/2014 00:47:48 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (08/01/2014 00:19:45 AM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.6001.18702hungapp0.0.0.000000000

Error: (07/30/2014 00:53:01 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (07/28/2014 09:19:49 PM) (Source: Application Error)(User: )
Description: corel paint shop pro photo.exe12.5.0.0corecontrols.dll12.5.0.00003a540

Error: (07/27/2014 04:02:17 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

Error: (07/27/2014 03:46:16 AM) (Source: crypt32)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txtThis operation returned because the timeout period expired.

 

=========================== Installed Programs ============================
Adobe Flash Player 14 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Alien Skin Eye Candy 5 Impact (HKLM\...\EyeCandy5Impact) (Version:  - )
Alien Skin Eye Candy 5 Nature (HKLM\...\EyeCandy5Nature) (Version:  - )
Alien Skin Eye Candy 5 Textures (HKLM\...\EyeCandy5Textures) (Version:  - )
Alien Skin Xenofex 2.0 (HKLM\...\Xenofex2) (Version:  - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4744 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4744 - AVG Technologies) Hidden
Color Efex Pro 3.0 Complete (HKLM\...\Color Efex Pro 3.0 Complete) (Version: 3.1.0.0 - Nik Software, Inc.)
Corel Paint Shop Pro Photo X2 (HKLM\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Corel Paint Shop Pro X (HKLM\...\{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Filters Unlimited 2.0 (HKLM\...\Filters Unlimited_is1) (Version:  - )
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version:  - The Plugin Site)
HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{AB2228C5-EA86-44E1-AFF6-58B9CC260CE3}) (Version: 23.0.504.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Help (HKLM\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
Image Resizer Powertoy for Windows XP (HKLM\...\{1CB92574-96F2-467B-B793-5CEB35C40C29}) (Version: 1.00.0001 - Microsoft Corporation)
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4363 - )
Intel® PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Jasc Animation Shop 3 (HKLM\...\{7C4196CA-CA41-4F34-9C08-7724E7705D52}) (Version: 3.11 - Jasc Software Inc)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM\...\{95140000-0080-0409-0000-0000000FF1CE}) (Version: 14.0.6106.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (English) 14 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
neroxml (Version: 1.0.0 - Nero AG) Hidden
NETGEAR WNDA3200 wireless adapter Setup (HKLM\...\{9B02F55E-7E6B-4226-8E67-76514D33FD41}_is1) (Version: 1.0.0.11 - NETGEAR)
NexusFont 2.5 (ver 2.5.8.1582) (HKLM\...\{EFEDD205-43FE-4208-B682-0937E803E19E}_is1) (Version:  - xiles)
Rapport (HKLM\...\Rapport_msi) (Version: 3.5.1201.94 - Trusteer)
Rapport (Version: 3.5.1201.94 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.6482 - Realtek Semiconductor Corp.)
Skype™ 6.16 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Strongvault Online Backup (Version: 5.0.2.34 - Strongvault Online Backup) Hidden
System Requirements Lab for Intel (HKLM\...\{EFE3D683-903C-4B58-AB8F-C68C69F33758}) (Version: 4.5.3.0 - Husdawg, LLC)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB961503) (HKLM\...\KB961503) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.8 (HKLM\...\VLC media player) (Version: 2.0.8 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
webXvid Codec (HKLM\...\webXvid Codec) (Version: 3.6 - webXvid)
Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray (HKLM\...\KB952011) (Version: 1.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip (HKLM\...\WinZip) (Version:  8.1  (4331) - WinZip Computing, Inc.)
Xenofex 1.0 (HKLM\...\Xenofex 1.0) (Version:  - )
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 97%
Total physical RAM: 1270.73 MB
Available physical RAM: 30.75 MB
Total Pagefile: 3033.71 MB
Available Pagefile: 1206.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1978.75 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:48.83 GB) (Free:19.58 GB) NTFS
6 Drive i: (Wenz) (Fixed) (Total:1863.01 GB) (Free:1477.77 GB) NTFS

========================= Users: ========================================

User accounts for \\OWNER-AD95639F5

Administrator            Guest                    HelpAssistant           
Owner                    SUPPORT_388945a0        

**** End of log ****



#5 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 12 August 2014 - 08:27 PM

No threats were found with TDSSKILLER

 

02:19:24.0058 0x2f62c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58

02:19:38.0855 0x2f62c ============================================================

02:19:38.0855 0x2f62c Current date / time: 2014/08/13 02:19:38.0855

02:19:38.0855 0x2f62c SystemInfo:

02:19:38.0855 0x2f62c

02:19:38.0855 0x2f62c OS Version: 5.1.2600 ServicePack: 3.0

02:19:38.0855 0x2f62c Product type: Workstation

02:19:38.0855 0x2f62c ComputerName: OWNER-AD95639F5

02:19:38.0855 0x2f62c UserName: Owner

02:19:38.0855 0x2f62c Windows directory: C:\WINDOWS

02:19:38.0855 0x2f62c System windows directory: C:\WINDOWS

02:19:38.0855 0x2f62c Processor architecture: Intel x86

02:19:38.0855 0x2f62c Number of processors: 1

02:19:38.0855 0x2f62c Page size: 0x1000

02:19:38.0855 0x2f62c Boot type: Normal boot

02:19:38.0855 0x2f62c ============================================================

02:19:44.0152 0x2f62c KLMD registered as C:\WINDOWS\system32\drivers\75512566.sys

02:19:47.0105 0x2f62c System UUID: {B0B3F56F-4064-5B47-D924-3CC60695CA47}

02:19:54.0433 0x2f62c Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054

02:19:55.0167 0x2f62c Drive \Device\Harddisk5\DR10 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

02:19:55.0167 0x2f62c ============================================================

02:19:55.0167 0x2f62c \Device\Harddisk0\DR0:

02:19:55.0183 0x2f62c MBR partitions:

02:19:55.0183 0x2f62c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x61A7927

02:19:55.0183 0x2f62c \Device\Harddisk5\DR10:

02:19:55.0183 0x2f62c MBR partitions:

02:19:55.0183 0x2f62c \Device\Harddisk5\DR10\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xE8E074C1

02:19:55.0183 0x2f62c ============================================================

02:19:55.0214 0x2f62c C: <-> \Device\Harddisk0\DR0\Partition1

02:19:55.0542 0x2f62c I: <-> \Device\Harddisk5\DR10\Partition1

02:19:55.0558 0x2f62c ============================================================

02:19:55.0558 0x2f62c Initialize success

02:19:55.0558 0x2f62c ============================================================

02:20:01.0136 0x2f4a4 ============================================================

02:20:01.0136 0x2f4a4 Scan started

02:20:01.0136 0x2f4a4 Mode: Manual;

02:20:01.0136 0x2f4a4 ============================================================

02:20:01.0136 0x2f4a4 KSN ping started

02:20:18.0886 0x2f4a4 KSN ping finished: true

02:20:28.0120 0x2f4a4 ================ Scan system memory ========================

02:20:28.0323 0x2f4a4 System memory - ok

02:20:28.0323 0x2f4a4 ================ Scan services =============================

02:20:29.0370 0x2f4a4 Abiosdsk - ok

02:20:29.0386 0x2f4a4 abp480n5 - ok

02:20:29.0542 0x2f4a4 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

02:20:29.0667 0x2f4a4 ACPI - ok

02:20:30.0323 0x2f4a4 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

02:20:30.0370 0x2f4a4 ACPIEC - ok

02:20:30.0589 0x2f4a4 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

02:20:30.0792 0x2f4a4 AdobeFlashPlayerUpdateSvc - ok

02:20:30.0917 0x2f4a4 adpu160m - ok

02:20:31.0230 0x2f4a4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys

02:20:31.0605 0x2f4a4 aec - ok

02:20:31.0761 0x2f4a4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys

02:20:31.0917 0x2f4a4 AFD - ok

02:20:31.0948 0x2f4a4 Aha154x - ok

02:20:31.0948 0x2f4a4 aic78u2 - ok

02:20:31.0964 0x2f4a4 aic78xx - ok

02:20:32.0027 0x2f4a4 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

02:20:32.0120 0x2f4a4 Alerter - ok

02:20:32.0167 0x2f4a4 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe

02:20:32.0261 0x2f4a4 ALG - ok

02:20:32.0261 0x2f4a4 AliIde - ok

02:20:33.0511 0x2f4a4 [ 267FC636801EDC5AB28E14036349E3BE, CFEF5DF5F9BE820283376BB86DB3CF6609C02D316A742E17459A2BFA42E724E0 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys

02:20:34.0698 0x2f4a4 Ambfilt - ok

02:20:34.0730 0x2f4a4 amsint - ok

02:20:34.0777 0x2f4a4 [ 116BFF96077A4A724E0AAB800525CEB5, 483C263B7E8183CFFC83DC4D422536FA40ADE7B3BD1709B8FAF99BE6A5A48995 ] AN983 C:\WINDOWS\system32\DRIVERS\AN983.sys

02:20:35.0073 0x2f4a4 AN983 - ok

02:20:35.0136 0x2f4a4 AppMgmt - ok

02:20:36.0105 0x2f4a4 [ 3BC98A53C0ABE3FEB3B2B9B3BD9E7AA5, 6F9128B473A18560806F2C953D77677DD6A862E49B6EDDAD51CBF3DCA1A97ADE ] AR9271 C:\WINDOWS\system32\DRIVERS\athuw.sys

02:20:37.0433 0x2f4a4 AR9271 - ok

02:20:37.0527 0x2f4a4 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

02:20:37.0620 0x2f4a4 Arp1394 - ok

02:20:37.0620 0x2f4a4 asc - ok

02:20:37.0620 0x2f4a4 asc3350p - ok

02:20:37.0636 0x2f4a4 asc3550 - ok

02:20:37.0902 0x2f4a4 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

02:20:38.0089 0x2f4a4 aspnet_state - ok

02:20:38.0167 0x2f4a4 [ 0C83FC56707BF68DB04947052A8188B1, 7F91E45B10D434FD4670E0E00E58E0356B9CC25036601E031D45484D8547ACBC ] ASTSRV C:\WINDOWS\system32\ASTSRV.EXE

02:20:38.0308 0x2f4a4 ASTSRV - ok

02:20:38.0355 0x2f4a4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

02:20:38.0370 0x2f4a4 AsyncMac - ok

02:20:38.0448 0x2f4a4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

02:20:38.0464 0x2f4a4 atapi - ok

02:20:38.0464 0x2f4a4 Atdisk - ok

02:20:38.0511 0x2f4a4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

02:20:38.0558 0x2f4a4 Atmarpc - ok

02:20:38.0683 0x2f4a4 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

02:20:38.0730 0x2f4a4 AudioSrv - ok

02:20:38.0777 0x2f4a4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

02:20:38.0808 0x2f4a4 audstub - ok

02:20:38.0886 0x2f4a4 [ 21C2F3000A7233E517D7AB62F97BF509, 07169A2512D616E4AE7FE0F6B66D2B84D526F6022985871CC29E9F53FDCFCB6D ] Avgdiskx C:\WINDOWS\system32\DRIVERS\avgdiskx.sys

02:20:38.0980 0x2f4a4 Avgdiskx - ok

02:20:41.0245 0x2f4a4 [ 35C4B10F6BE9D2A375F153895D046FC1, 8E798F1413609554197E352E6097E5AC20338BDD15189C629A9E22A10094B24F ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe

02:20:43.0120 0x2f4a4 AVGIDSAgent - ok

02:20:43.0292 0x2f4a4 [ A9794BF4820E6C3225B24F990B5203EF, 13B38AFA28015F6C5CF37922D51949FB4A15A092607B2B4F15CAA484551AA824 ] AVGIDSDriverl C:\WINDOWS\system32\DRIVERS\avgidsdriverlx.sys

02:20:43.0448 0x2f4a4 AVGIDSDriverl - ok

02:20:43.0589 0x2f4a4 [ C0701A3C53F0A0F5E4900F26365A10A1, 2755AF8C98F4855FD467F0174D6AE7AC3E7050D95008FE521918194593684D51 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys

02:20:43.0714 0x2f4a4 AVGIDSHX - ok

02:20:43.0777 0x2f4a4 [ E7FEE532CEF01C97D7682E35D156244F, CF54B4B83E1A060FF52BDEAC4E20492ACFAABC87BC6BE784D6AB4CD64C965B92 ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimx.sys

02:20:44.0011 0x2f4a4 AVGIDSShim - ok

02:20:44.0120 0x2f4a4 [ FA868D5784DE755DD8A1B4B1A80574E4, 9300B4ACBDA96FA4FEE9265ED0E50F750C2B6F7BE854953B8FB73904679DBCA3 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys

02:20:44.0230 0x2f4a4 Avgldx86 - ok

02:20:44.0402 0x2f4a4 [ 8D37558421330218C98722DF4AD85E83, 24C33B317BA605DFC9B9CE2868391A815870A61F58A172806533A16F29F92B0A ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys

02:20:44.0542 0x2f4a4 Avglogx - ok

02:20:44.0714 0x2f4a4 [ 5C3A4A2F473E614C1BF807FE2ABE0D05, 71E786EA1DCBC6ECB915E887B19C86E041C8E4373DAB28548D344323FD9D6CD2 ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys

02:20:44.0964 0x2f4a4 Avgmfx86 - ok

02:20:45.0120 0x2f4a4 [ 86FCB8CE3E68C4777B98F7AF06FE8519, 6B7507DA927ECDBA8B2DAA87530DDAEAC5B0983D3CF11D1F6D00D36601FBC60C ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys

02:20:45.0308 0x2f4a4 Avgrkx86 - ok

02:20:45.0464 0x2f4a4 [ ACFEE559442E1FCD48EC74C7D3452608, 536E36CD59BB1E0F5732D8BF57208A07C88A51D02FA016F844648CA0B44F0073 ] Avgtdix C:\WINDOWS\system32\DRIVERS\avgtdix.sys

02:20:45.0698 0x2f4a4 Avgtdix - ok

02:20:45.0886 0x2f4a4 [ 809201993B2CD679194915D8F2AAB37A, 51407A13CC3B551F4E327FCE5A07956CF73C3E1985FDAA3ADDEEC2114DD3802E ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe

02:20:46.0042 0x2f4a4 avgwd - ok

02:20:46.0089 0x2f4a4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys

02:20:46.0136 0x2f4a4 Beep - ok

02:20:46.0339 0x2f4a4 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll

02:20:46.0605 0x2f4a4 BITS - ok

02:20:46.0683 0x2f4a4 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll

02:20:46.0714 0x2f4a4 Browser - ok

02:20:46.0761 0x2f4a4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

02:20:46.0777 0x2f4a4 cbidf2k - ok

02:20:46.0777 0x2f4a4 cd20xrnt - ok

02:20:46.0823 0x2f4a4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

02:20:46.0855 0x2f4a4 Cdaudio - ok

02:20:46.0902 0x2f4a4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

02:20:46.0948 0x2f4a4 Cdfs - ok

02:20:47.0011 0x2f4a4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

02:20:47.0058 0x2f4a4 Cdrom - ok

02:20:47.0058 0x2f4a4 Changer - ok

02:20:47.0089 0x2f4a4 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe

02:20:47.0120 0x2f4a4 CiSvc - ok

02:20:47.0152 0x2f4a4 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

02:20:47.0183 0x2f4a4 ClipSrv - ok

02:20:47.0355 0x2f4a4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

02:20:47.0480 0x2f4a4 clr_optimization_v2.0.50727_32 - ok

02:20:47.0620 0x2f4a4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

02:20:47.0792 0x2f4a4 clr_optimization_v4.0.30319_32 - ok

02:20:47.0808 0x2f4a4 CmdIde - ok

02:20:47.0808 0x2f4a4 COMSysApp - ok

02:20:47.0839 0x2f4a4 Cpqarray - ok

02:20:47.0870 0x2f4a4 [ D01F685F8B4598D144B0CCE9FF95D8D5, A68EF814CDBD7291DEF4745FE14D5080041BD3275AB12629C7811506AF2B8E17 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys

02:20:47.0917 0x2f4a4 cpudrv - ok

02:20:47.0980 0x2f4a4 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

02:20:48.0042 0x2f4a4 CryptSvc - ok

02:20:48.0058 0x2f4a4 dac2w2k - ok

02:20:48.0058 0x2f4a4 dac960nt - ok

02:20:48.0292 0x2f4a4 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

02:20:48.0589 0x2f4a4 DcomLaunch - ok

02:20:48.0730 0x2f4a4 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

02:20:48.0823 0x2f4a4 Dhcp - ok

02:20:49.0058 0x2f4a4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

02:20:49.0198 0x2f4a4 Disk - ok

02:20:49.0355 0x2f4a4 dmadmin - ok

02:20:49.0808 0x2f4a4 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

02:20:50.0402 0x2f4a4 dmboot - ok

02:20:50.0480 0x2f4a4 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys

02:20:50.0605 0x2f4a4 dmio - ok

02:20:50.0667 0x2f4a4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys

02:20:50.0698 0x2f4a4 dmload - ok

02:20:50.0745 0x2f4a4 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll

02:20:50.0777 0x2f4a4 dmserver - ok

02:20:50.0823 0x2f4a4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

02:20:50.0917 0x2f4a4 DMusic - ok

02:20:50.0980 0x2f4a4 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

02:20:50.0995 0x2f4a4 Dnscache - ok

02:20:51.0089 0x2f4a4 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

02:20:51.0355 0x2f4a4 Dot3svc - ok

02:20:51.0370 0x2f4a4 dpti2o - ok

02:20:51.0417 0x2f4a4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

02:20:51.0448 0x2f4a4 drmkaud - ok

02:20:51.0558 0x2f4a4 [ 6CA101F9AA3D845BA31F6E13C01301A8, E3B715F16EDF6328E384D583D78FAD2A9C2F728A6DE5167294A08AA0D4CAA7B6 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys

02:20:52.0417 0x2f4a4 E100B - ok

02:20:52.0464 0x2f4a4 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll

02:20:52.0527 0x2f4a4 EapHost - ok

02:20:52.0558 0x2f4a4 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll

02:20:52.0573 0x2f4a4 ERSvc - ok

02:20:52.0636 0x2f4a4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe

02:20:52.0730 0x2f4a4 Eventlog - ok

02:20:52.0902 0x2f4a4 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll

02:20:53.0105 0x2f4a4 EventSystem - ok

02:20:53.0277 0x2f4a4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

02:20:53.0652 0x2f4a4 Fastfat - ok

02:20:53.0792 0x2f4a4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

02:20:53.0933 0x2f4a4 FastUserSwitchingCompatibility - ok

02:20:53.0995 0x2f4a4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys

02:20:54.0027 0x2f4a4 Fdc - ok

02:20:54.0042 0x2f4a4 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys

02:20:54.0073 0x2f4a4 Fips - ok

02:20:54.0089 0x2f4a4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

02:20:54.0120 0x2f4a4 Flpydisk - ok

02:20:54.0230 0x2f4a4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys

02:20:54.0323 0x2f4a4 FltMgr - ok

02:20:54.0448 0x2f4a4 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

02:20:54.0495 0x2f4a4 FontCache3.0.0.0 - ok

02:20:54.0511 0x2f4a4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

02:20:54.0558 0x2f4a4 Fs_Rec - ok

02:20:54.0620 0x2f4a4 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

02:20:54.0683 0x2f4a4 Ftdisk - ok

02:20:54.0745 0x2f4a4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

02:20:54.0777 0x2f4a4 Gpc - ok

02:20:54.0933 0x2f4a4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

02:20:55.0136 0x2f4a4 gupdate - ok

02:20:55.0230 0x2f4a4 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

02:20:55.0230 0x2f4a4 gupdatem - ok

02:20:55.0370 0x2f4a4 [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

02:20:55.0698 0x2f4a4 gusvc - ok

02:20:55.0808 0x2f4a4 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

02:20:55.0902 0x2f4a4 HDAudBus - ok

02:20:56.0011 0x2f4a4 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

02:20:56.0120 0x2f4a4 helpsvc - ok

02:20:56.0230 0x2f4a4 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll

02:20:56.0292 0x2f4a4 HidServ - ok

02:20:56.0370 0x2f4a4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys

02:20:56.0370 0x2f4a4 hidusb - ok

02:20:56.0448 0x2f4a4 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

02:20:56.0480 0x2f4a4 hkmsvc - ok

02:20:56.0480 0x2f4a4 hpn - ok

02:20:56.0636 0x2f4a4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

02:20:56.0792 0x2f4a4 HTTP - ok

02:20:56.0855 0x2f4a4 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

02:20:56.0948 0x2f4a4 HTTPFilter - ok

02:20:56.0964 0x2f4a4 i2omgmt - ok

02:20:57.0027 0x2f4a4 i2omp - ok

02:20:57.0198 0x2f4a4 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

02:20:57.0417 0x2f4a4 i8042prt - ok

02:20:58.0089 0x2f4a4 [ 240D0F5D7CAAFD87BD8D801A97BBE041, 37CA330CE08A1A35C767D4512EA4832C98268B899B88E87A6F59FF5245652157 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys

02:20:58.0886 0x2f4a4 ialm - ok

02:20:59.0433 0x2f4a4 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

02:20:59.0948 0x2f4a4 idsvc - ok

02:20:59.0995 0x2f4a4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

02:21:00.0073 0x2f4a4 Imapi - ok

02:21:00.0183 0x2f4a4 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe

02:21:00.0261 0x2f4a4 ImapiService - ok

02:21:00.0277 0x2f4a4 ini910u - ok

02:21:04.0745 0x2f4a4 [ 58DABDEF7A35F9E3AB1FABD2CBAF3D13, 4312C93FBE70A33096E6813B8FE3AAACFB030568E7ABBB9E54F8076CE89DD3FA ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

02:21:09.0855 0x2f4a4 IntcAzAudAddService - ok

02:21:09.0980 0x2f4a4 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys

02:21:10.0011 0x2f4a4 IntelIde - ok

02:21:10.0058 0x2f4a4 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys

02:21:10.0464 0x2f4a4 intelppm - ok

02:21:10.0511 0x2f4a4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

02:21:10.0605 0x2f4a4 Ip6Fw - ok

02:21:10.0652 0x2f4a4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

02:21:10.0667 0x2f4a4 IpFilterDriver - ok

02:21:10.0683 0x2f4a4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

02:21:10.0714 0x2f4a4 IpInIp - ok

02:21:10.0855 0x2f4a4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

02:21:11.0027 0x2f4a4 IpNat - ok

02:21:11.0105 0x2f4a4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

02:21:11.0198 0x2f4a4 IPSec - ok

02:21:11.0261 0x2f4a4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

02:21:11.0698 0x2f4a4 IRENUM - ok

02:21:11.0855 0x2f4a4 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

02:21:11.0886 0x2f4a4 isapnp - ok

02:21:12.0120 0x2f4a4 [ AD7C73C72480EECB7675C90EB565E7CB, 3975739F539F153F3FF83F04CF146F4ED72EEB18978209D0D5ACE24197BD5879 ] jswpsapi C:\Program Files\NETGEAR\WNDA3200\jswpsapi.exe

02:21:12.0355 0x2f4a4 jswpsapi - ok

02:21:12.0542 0x2f4a4 [ AD67795900AA8C05CC4570F5349E0639, D74DEDC8E88504C1D81108B561F9109B6D9583028280089B17DF38EDB04DBBBC ] JSWSCIMD C:\WINDOWS\system32\DRIVERS\jswscimd.sys

02:21:12.0667 0x2f4a4 JSWSCIMD - ok

02:21:12.0730 0x2f4a4 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

02:21:12.0745 0x2f4a4 Kbdclass - ok

02:21:12.0792 0x2f4a4 [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys

02:21:12.0839 0x2f4a4 kbdhid - ok

02:21:13.0042 0x2f4a4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

02:21:13.0245 0x2f4a4 kmixer - ok

02:21:13.0323 0x2f4a4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

02:21:13.0386 0x2f4a4 KSecDD - ok

02:21:13.0433 0x2f4a4 [ 55A473DD71B68EC0B5FE372AEF24A83D, 89A609135C246D700E9EC90273F1D5DA15D218E68DCBC9D433DCFB7A74C854BD ] L8042mou C:\WINDOWS\system32\DRIVERS\L8042mou.Sys

02:21:13.0698 0x2f4a4 L8042mou - ok

02:21:13.0777 0x2f4a4 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll

02:21:13.0839 0x2f4a4 LanmanServer - ok

02:21:13.0948 0x2f4a4 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

02:21:14.0011 0x2f4a4 lanmanworkstation - ok

02:21:14.0011 0x2f4a4 lbrtfdc - ok

02:21:14.0073 0x2f4a4 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

02:21:14.0120 0x2f4a4 LmHosts - ok

02:21:14.0167 0x2f4a4 [ C734B8BA039E5CAD9687D8885CBEAEA3, 296B98AAADA8419D8D30454426DC08322A8FE47C641C031D3BB926BCB9EDF846 ] LMouKE C:\WINDOWS\system32\DRIVERS\LMouKE.Sys

02:21:14.0230 0x2f4a4 LMouKE - ok

02:21:14.0292 0x2f4a4 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll

02:21:14.0339 0x2f4a4 Messenger - ok

02:21:14.0480 0x2f4a4 Microsoft SharePoint Workspace Audit Service - ok

02:21:14.0511 0x2f4a4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

02:21:14.0558 0x2f4a4 mnmdd - ok

02:21:14.0605 0x2f4a4 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

02:21:14.0808 0x2f4a4 mnmsrvc - ok

02:21:14.0855 0x2f4a4 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys

02:21:15.0058 0x2f4a4 Modem - ok

02:21:15.0136 0x2f4a4 [ 1992E0D143B09653AB0F9C5E04B0FD65, 1431EC53A65F561C235A08F926C5348A6B21B06A08C075DE8172A88EE0AA634E ] MODEMCSA C:\WINDOWS\system32\drivers\MODEMCSA.sys

02:21:15.0230 0x2f4a4 MODEMCSA - ok

02:21:16.0136 0x2f4a4 [ C7D9F9717916B34C1B00DD4834AF485C, A9512A03E8142C83534189963F90ADA6FA425BD606928C40C3D724177105A658 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys

02:21:17.0370 0x2f4a4 Monfilt - ok

02:21:17.0417 0x2f4a4 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

02:21:17.0448 0x2f4a4 Mouclass - ok

02:21:17.0448 0x2f4a4 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys

02:21:17.0527 0x2f4a4 mouhid - ok

02:21:17.0589 0x2f4a4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

02:21:17.0636 0x2f4a4 MountMgr - ok

02:21:17.0652 0x2f4a4 mraid35x - ok

02:21:17.0761 0x2f4a4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

02:21:17.0855 0x2f4a4 MRxDAV - ok

02:21:18.0230 0x2f4a4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

02:21:18.0495 0x2f4a4 MRxSmb - ok

02:21:18.0542 0x2f4a4 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe

02:21:18.0761 0x2f4a4 MSDTC - ok

02:21:18.0839 0x2f4a4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

02:21:18.0855 0x2f4a4 Msfs - ok

02:21:18.0855 0x2f4a4 MSIServer - ok

02:21:18.0917 0x2f4a4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

02:21:20.0589 0x2f4a4 MSKSSRV - ok

02:21:20.0620 0x2f4a4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

02:21:20.0667 0x2f4a4 MSPCLOCK - ok

02:21:20.0714 0x2f4a4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

02:21:20.0792 0x2f4a4 MSPQM - ok

02:21:20.0855 0x2f4a4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

02:21:20.0964 0x2f4a4 mssmbios - ok

02:21:21.0105 0x2f4a4 [ C53775780148884AC87C455489A0C070, B73CED99B171ECD4B82FE533A626E226812794A524C62F5563A4377A699D5882 ] Mtlmnt5 C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys

02:21:21.0495 0x2f4a4 Mtlmnt5 - ok

02:21:22.0183 0x2f4a4 [ 54886A652BF5685192141DF304E923FD, CC7DE54F558212AA6DB1B93F547C626964D6CCE6D5B09F6244BE8CBBF467AB0E ] Mtlstrm C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys

02:21:24.0323 0x2f4a4 Mtlstrm - ok

02:21:24.0464 0x2f4a4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

02:21:24.0683 0x2f4a4 Mup - ok

02:21:24.0855 0x2f4a4 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll

02:21:25.0183 0x2f4a4 napagent - ok

02:21:25.0339 0x2f4a4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

02:21:25.0464 0x2f4a4 NDIS - ok

02:21:25.0511 0x2f4a4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

02:21:25.0620 0x2f4a4 NdisTapi - ok

02:21:25.0839 0x2f4a4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

02:21:25.0933 0x2f4a4 Ndisuio - ok

02:21:26.0136 0x2f4a4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

02:21:26.0198 0x2f4a4 NdisWan - ok

02:21:26.0261 0x2f4a4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

02:21:26.0386 0x2f4a4 NDProxy - ok

02:21:26.0511 0x2f4a4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

02:21:26.0542 0x2f4a4 NetBIOS - ok

02:21:26.0839 0x2f4a4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

02:21:27.0136 0x2f4a4 NetBT - ok

02:21:27.0292 0x2f4a4 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe

02:21:27.0495 0x2f4a4 NetDDE - ok

02:21:27.0605 0x2f4a4 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

02:21:27.0605 0x2f4a4 NetDDEdsdm - ok

02:21:27.0667 0x2f4a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe

02:21:28.0058 0x2f4a4 Netlogon - ok

02:21:28.0292 0x2f4a4 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll

02:21:28.0605 0x2f4a4 Netman - ok

02:21:29.0042 0x2f4a4 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

02:21:29.0339 0x2f4a4 NetTcpPortSharing - ok

02:21:29.0433 0x2f4a4 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

02:21:29.0761 0x2f4a4 NIC1394 - ok

02:21:29.0964 0x2f4a4 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll

02:21:30.0323 0x2f4a4 Nla - ok

02:21:30.0417 0x2f4a4 NMIndexingService - ok

02:21:30.0495 0x2f4a4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

02:21:30.0573 0x2f4a4 Npfs - ok

02:21:30.0964 0x2f4a4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

02:21:31.0417 0x2f4a4 Ntfs - ok

02:21:31.0448 0x2f4a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

02:21:31.0464 0x2f4a4 NtLmSsp - ok

02:21:31.0698 0x2f4a4 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

02:21:31.0933 0x2f4a4 NtmsSvc - ok

02:21:32.0042 0x2f4a4 [ 576B34CEAE5B7E5D9FD2775E93B3DB53, 4262286E0EEE7B7667B15E5AF684CE4555A36C89B5F18B87833E79C4C81CC381 ] NtMtlFax C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys

02:21:32.0448 0x2f4a4 NtMtlFax - ok

02:21:32.0480 0x2f4a4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys

02:21:32.0495 0x2f4a4 Null - ok

02:21:32.0558 0x2f4a4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

02:21:32.0573 0x2f4a4 NwlnkFlt - ok

02:21:32.0605 0x2f4a4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

02:21:32.0636 0x2f4a4 NwlnkFwd - ok

02:21:32.0698 0x2f4a4 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

02:21:32.0777 0x2f4a4 ohci1394 - ok

02:21:32.0995 0x2f4a4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

02:21:33.0558 0x2f4a4 ose - ok

02:21:36.0417 0x2f4a4 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

02:21:40.0527 0x2f4a4 osppsvc - ok

02:21:40.0620 0x2f4a4 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys

02:21:40.0761 0x2f4a4 Parport - ok

02:21:40.0792 0x2f4a4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

02:21:40.0823 0x2f4a4 PartMgr - ok

02:21:40.0886 0x2f4a4 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

02:21:41.0011 0x2f4a4 ParVdm - ok

02:21:41.0370 0x2f4a4 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

02:21:41.0527 0x2f4a4 PCI - ok

02:21:41.0542 0x2f4a4 PCIDump - ok

02:21:41.0573 0x2f4a4 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

02:21:41.0589 0x2f4a4 PCIIde - ok

02:21:41.0730 0x2f4a4 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

02:21:41.0808 0x2f4a4 Pcmcia - ok

02:21:41.0808 0x2f4a4 PDCOMP - ok

02:21:41.0823 0x2f4a4 PDFRAME - ok

02:21:41.0823 0x2f4a4 PDRELI - ok

02:21:41.0839 0x2f4a4 PDRFRAME - ok

02:21:41.0855 0x2f4a4 perc2 - ok

02:21:41.0870 0x2f4a4 perc2hib - ok

02:21:41.0948 0x2f4a4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe

02:21:41.0995 0x2f4a4 PlugPlay - ok

02:21:42.0042 0x2f4a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

02:21:42.0042 0x2f4a4 PolicyAgent - ok

02:21:42.0089 0x2f4a4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

02:21:42.0167 0x2f4a4 PptpMiniport - ok

02:21:42.0183 0x2f4a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

02:21:42.0183 0x2f4a4 ProtectedStorage - ok

02:21:42.0230 0x2f4a4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

02:21:42.0277 0x2f4a4 PSched - ok

02:21:42.0558 0x2f4a4 [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2 C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe

02:21:42.0839 0x2f4a4 PSI_SVC_2 - ok

02:21:42.0980 0x2f4a4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

02:21:43.0136 0x2f4a4 Ptilink - ok

02:21:43.0198 0x2f4a4 ql1080 - ok

02:21:43.0292 0x2f4a4 Ql10wnt - ok

02:21:43.0386 0x2f4a4 ql12160 - ok

02:21:43.0605 0x2f4a4 ql1240 - ok

02:21:43.0652 0x2f4a4 ql1280 - ok

02:21:44.0027 0x2f4a4 [ 3AF684252780CF87DC2809F85B8F7591, A73968760A14A54FEC63CDCC1210C63321571A571D040A18DDDC42887C155ED9 ] RapportCerberus_43926 C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\43926\RapportCerberus32_43926.sys

02:21:44.0417 0x2f4a4 RapportCerberus_43926 - ok

02:21:45.0073 0x2f4a4 [ 093B6A040BCF3FD4A0FFF397BAF28330, C3987104FE3BB9CACF70F880085515C86A3D3788CFC575C1F23F76BAADBB0C62 ] RapportEI C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys

02:21:45.0120 0x2f4a4 RapportEI - ok

02:21:45.0245 0x2f4a4 [ 35199EC35EDC7DCBA71FDA711DFB05C0, 49CDDC38397B8F09170D4E60719CF6E29A9E41FAE809F43FF3A3BC0CBF044C34 ] RapportIaso c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\baseline\rapportiaso.sys

02:21:45.0261 0x2f4a4 RapportIaso - ok

02:21:45.0323 0x2f4a4 [ 660436FBE447EBC73873EF2B0B2094B4, 566C56DDC9BB1193717F1DE6587E5FEFFB75075872ECC2E359C066C6384810F9 ] RapportKELL C:\WINDOWS\system32\Drivers\RapportKELL.sys

02:21:45.0402 0x2f4a4 RapportKELL - ok

02:21:46.0495 0x2f4a4 [ 61B37C0B3FD7DA7414C20D917469BFFF, 545E4449781CDE31E0D79ED67CE3EFB93136BDF74BD941D8094068C7D468CE2E ] RapportMgmtService C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe

02:21:47.0417 0x2f4a4 RapportMgmtService - ok

02:21:47.0652 0x2f4a4 [ 3DE33A522BB73E161F20D444687E978B, 629EAE6F841E624294676B5606C1E20F1AC548180F86ED30606B2E502A3A2096 ] RapportPG C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys

02:21:47.0980 0x2f4a4 RapportPG - ok

02:21:48.0058 0x2f4a4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

02:21:48.0073 0x2f4a4 RasAcd - ok

02:21:48.0152 0x2f4a4 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll

02:21:48.0323 0x2f4a4 RasAuto - ok

02:21:48.0370 0x2f4a4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

02:21:48.0417 0x2f4a4 Rasl2tp - ok

02:21:48.0558 0x2f4a4 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll

02:21:48.0761 0x2f4a4 RasMan - ok

02:21:48.0808 0x2f4a4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

02:21:48.0839 0x2f4a4 RasPppoe - ok

02:21:48.0870 0x2f4a4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

02:21:48.0870 0x2f4a4 Raspti - ok

02:21:49.0167 0x2f4a4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

02:21:49.0277 0x2f4a4 Rdbss - ok

02:21:49.0323 0x2f4a4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

02:21:49.0355 0x2f4a4 RDPCDD - ok

02:21:49.0511 0x2f4a4 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

02:21:49.0636 0x2f4a4 RDPWD - ok

02:21:49.0777 0x2f4a4 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

02:21:49.0855 0x2f4a4 RDSessMgr - ok

02:21:49.0886 0x2f4a4 [ E9AAA0092D74A9D371659C4C38882E12, 832E043E4C257D85FE17C422D7705B9342648FB5F07331533D56C8DB1E9CB0E1 ] RecAgent C:\WINDOWS\system32\DRIVERS\RecAgent.sys

02:21:49.0917 0x2f4a4 RecAgent - ok

02:21:50.0136 0x2f4a4 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

02:21:50.0167 0x2f4a4 redbook - ok

02:21:50.0277 0x2f4a4 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

02:21:50.0323 0x2f4a4 RemoteAccess - ok

02:21:50.0417 0x2f4a4 [ F17713D108ACA124A139FDE877EEF68A, AB254B8B4BDB10685280A8595CA69FEA2F1E68923E676C8CAF3F5468AE4C566E ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys

02:21:52.0714 0x2f4a4 RimUsb - ok

02:21:52.0792 0x2f4a4 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe

02:21:52.0839 0x2f4a4 RpcLocator - ok

02:21:53.0011 0x2f4a4 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\system32\rpcss.dll

02:21:53.0198 0x2f4a4 RpcSs - ok

02:21:53.0495 0x2f4a4 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe

02:21:53.0620 0x2f4a4 RSVP - ok

02:21:53.0636 0x2f4a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe

02:21:53.0652 0x2f4a4 SamSs - ok

02:21:53.0730 0x2f4a4 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

02:21:53.0777 0x2f4a4 SCardSvr - ok

02:21:53.0917 0x2f4a4 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll

02:21:54.0042 0x2f4a4 Schedule - ok

02:21:54.0089 0x2f4a4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

02:21:54.0105 0x2f4a4 Secdrv - ok

02:21:54.0183 0x2f4a4 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll

02:21:54.0214 0x2f4a4 seclogon - ok

02:21:54.0433 0x2f4a4 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll

02:21:54.0480 0x2f4a4 SENS - ok

02:21:54.0495 0x2f4a4 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys

02:21:54.0527 0x2f4a4 serenum - ok

02:21:54.0573 0x2f4a4 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys

02:21:54.0620 0x2f4a4 Serial - ok

02:21:54.0745 0x2f4a4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

02:21:54.0761 0x2f4a4 Sfloppy - ok

02:21:54.0948 0x2f4a4 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

02:21:55.0214 0x2f4a4 SharedAccess - ok

02:21:55.0355 0x2f4a4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

02:21:55.0620 0x2f4a4 ShellHWDetection - ok

02:21:55.0730 0x2f4a4 Simbad - ok

02:21:55.0995 0x2f4a4 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe

02:21:56.0245 0x2f4a4 SkypeUpdate - ok

02:21:56.0480 0x2f4a4 [ 2C1779C0FEB1F4A6033600305EBA623A, CF8A0FAE3987AD44FFB6FF27B33B9991448AA14E867D9D84F8362054E1A6FB77 ] Slntamr C:\WINDOWS\system32\DRIVERS\slntamr.sys

02:21:57.0073 0x2f4a4 Slntamr - ok

02:21:57.0152 0x2f4a4 [ F9B8E30E82EE95CF3E1D3E495599B99C, 2E1D551D3CF95B9D967BBE84DB854D74278F9EF511CC578BE42F21DF4E1147CD ] SlNtHal C:\WINDOWS\system32\DRIVERS\Slnthal.sys

02:21:57.0386 0x2f4a4 SlNtHal - ok

02:21:57.0386 0x2f4a4 SLService - ok

02:21:57.0433 0x2f4a4 [ DB56BB2C55723815CF549D7FC50CFCEB, 62D1C546E4AE893D4C6C02D0EC4CEBF10AD476E608CBB279BA6CB1EE9AF41814 ] SlWdmSup C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys

02:21:57.0511 0x2f4a4 SlWdmSup - ok

02:21:57.0761 0x2f4a4 Sparrow - ok

02:21:57.0839 0x2f4a4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys

02:21:57.0917 0x2f4a4 splitter - ok

02:21:58.0089 0x2f4a4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe

02:21:58.0120 0x2f4a4 Spooler - ok

02:21:58.0230 0x2f4a4 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

02:21:58.0292 0x2f4a4 sr - ok

02:21:58.0448 0x2f4a4 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll

02:21:58.0855 0x2f4a4 srservice - ok

02:21:59.0198 0x2f4a4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

02:21:59.0542 0x2f4a4 Srv - ok

02:21:59.0636 0x2f4a4 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

02:22:01.0042 0x2f4a4 SSDPSRV - ok

02:22:01.0073 0x2f4a4 StarOpen - ok

02:22:01.0198 0x2f4a4 [ A9573045BAA16EAB9B1085205B82F1ED, 6A4D68BCD4968C17451EB1C4AB420FFA844D089845520D222BC4A2BD14583C56 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys

02:22:01.0261 0x2f4a4 StillCam - ok

02:22:01.0527 0x2f4a4 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll

02:22:02.0105 0x2f4a4 stisvc - ok

02:22:02.0183 0x2f4a4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

02:22:02.0277 0x2f4a4 swenum - ok

02:22:02.0370 0x2f4a4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

02:22:02.0480 0x2f4a4 swmidi - ok

02:22:02.0495 0x2f4a4 SwPrv - ok

02:22:02.0511 0x2f4a4 symc810 - ok

02:22:02.0542 0x2f4a4 symc8xx - ok

02:22:02.0558 0x2f4a4 sym_hi - ok

02:22:02.0573 0x2f4a4 sym_u3 - ok

02:22:02.0667 0x2f4a4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

02:22:02.0855 0x2f4a4 sysaudio - ok

02:22:03.0261 0x2f4a4 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

02:22:03.0448 0x2f4a4 SysmonLog - ok

02:22:03.0636 0x2f4a4 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

02:22:04.0183 0x2f4a4 TapiSrv - ok

02:22:04.0386 0x2f4a4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

02:22:04.0761 0x2f4a4 Tcpip - ok

02:22:04.0855 0x2f4a4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

02:22:05.0152 0x2f4a4 TDPIPE - ok

02:22:05.0198 0x2f4a4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

02:22:05.0355 0x2f4a4 TDTCP - ok

02:22:05.0448 0x2f4a4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

02:22:05.0495 0x2f4a4 TermDD - ok

02:22:05.0730 0x2f4a4 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll

02:22:05.0902 0x2f4a4 TermService - ok

02:22:06.0011 0x2f4a4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll

02:22:06.0245 0x2f4a4 Themes - ok

02:22:06.0308 0x2f4a4 TosIde - ok

02:22:06.0370 0x2f4a4 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll

02:22:06.0448 0x2f4a4 TrkWks - ok

02:22:06.0558 0x2f4a4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

02:22:06.0605 0x2f4a4 Udfs - ok

02:22:06.0605 0x2f4a4 ultra - ok

02:22:06.0839 0x2f4a4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

02:22:07.0073 0x2f4a4 Update - ok

02:22:07.0761 0x2f4a4 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll

02:22:07.0948 0x2f4a4 upnphost - ok

02:22:07.0980 0x2f4a4 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe

02:22:08.0152 0x2f4a4 UPS - ok

02:22:08.0511 0x2f4a4 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

02:22:08.0777 0x2f4a4 usbccgp - ok

02:22:08.0870 0x2f4a4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

02:22:09.0027 0x2f4a4 usbehci - ok

02:22:09.0120 0x2f4a4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

02:22:09.0495 0x2f4a4 usbhub - ok

02:22:09.0573 0x2f4a4 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys

02:22:09.0808 0x2f4a4 usbprint - ok

02:22:09.0839 0x2f4a4 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

02:22:09.0902 0x2f4a4 usbscan - ok

02:22:09.0980 0x2f4a4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

02:22:10.0183 0x2f4a4 USBSTOR - ok

02:22:10.0214 0x2f4a4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys

02:22:10.0245 0x2f4a4 usbuhci - ok

02:22:10.0292 0x2f4a4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

02:22:10.0870 0x2f4a4 VgaSave - ok

02:22:10.0902 0x2f4a4 ViaIde - ok

02:22:11.0027 0x2f4a4 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

02:22:11.0167 0x2f4a4 VolSnap - ok

02:22:11.0339 0x2f4a4 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe

02:22:11.0683 0x2f4a4 VSS - ok

02:22:11.0808 0x2f4a4 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll

02:22:11.0902 0x2f4a4 W32Time - ok

02:22:12.0011 0x2f4a4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

02:22:12.0198 0x2f4a4 Wanarp - ok

02:22:12.0402 0x2f4a4 [ 49B50BE4C6E61DC378057A09130E0629, 256B78AA9414C00F3B32E0ED4F45349801B7A793785EBF50C5D4E4E07643DDD6 ] WDCS_WNDA3200 C:\Program Files\NETGEAR\WNDA3200\WifiDevChkSvc.exe

02:22:14.0136 0x2f4a4 WDCS_WNDA3200 - ok

02:22:14.0183 0x2f4a4 WDC_SAM - ok

02:22:14.0245 0x2f4a4 WDICA - ok

02:22:14.0292 0x2f4a4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

02:22:14.0355 0x2f4a4 wdmaud - ok

02:22:14.0402 0x2f4a4 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll

02:22:14.0480 0x2f4a4 WebClient - ok

02:22:14.0667 0x2f4a4 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

02:22:15.0027 0x2f4a4 winmgmt - ok

02:22:15.0230 0x2f4a4 [ 051B1BDECD6DEE18C771B5D5EC7F044D, E9D4870C7E4E6119B274CF788D564BE9C48EA63790F5D6A2E987EB6DF7C93200 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll

02:22:15.0480 0x2f4a4 WmdmPmSN - ok

02:22:15.0698 0x2f4a4 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

02:22:16.0042 0x2f4a4 WmiApSrv - ok

02:22:16.0652 0x2f4a4 [ 6BAB4DC65515A098505F8B3D01FB6FE5, 52AA14777920753A8AF76072216A266F5D0036F112F671E7104E1F4C04AE499E ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe

02:22:17.0792 0x2f4a4 WMPNetworkSvc - ok

02:22:17.0933 0x2f4a4 [ C60DC16D4E406810FAD54B98DC92D5EC, 43E7DF323BBD7C889CAD078176E239319A40EE4BEBC7BD753012B94CF5E48551 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys

02:22:18.0370 0x2f4a4 WpdUsb - ok

02:22:19.0073 0x2f4a4 [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe

02:22:20.0027 0x2f4a4 WPFFontCache_v0400 - ok

02:22:20.0105 0x2f4a4 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll

02:22:20.0542 0x2f4a4 wscsvc - ok

02:22:20.0636 0x2f4a4 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll

02:22:20.0730 0x2f4a4 wuauserv - ok

02:22:20.0823 0x2f4a4 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys

02:22:20.0886 0x2f4a4 WudfPf - ok

02:22:20.0980 0x2f4a4 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys

02:22:21.0152 0x2f4a4 WudfRd - ok

02:22:21.0261 0x2f4a4 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll

02:22:21.0339 0x2f4a4 WudfSvc - ok

02:22:21.0902 0x2f4a4 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

02:22:22.0230 0x2f4a4 WZCSVC - ok

02:22:22.0417 0x2f4a4 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll

02:22:23.0027 0x2f4a4 xmlprov - ok

02:22:24.0011 0x2f4a4 [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

02:22:24.0886 0x2f4a4 YahooAUService - ok

02:22:25.0105 0x2f4a4 ================ Scan global ===============================

02:22:25.0167 0x2f4a4 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll

02:22:25.0511 0x2f4a4 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

02:22:26.0027 0x2f4a4 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll

02:22:26.0214 0x2f4a4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe

02:22:26.0230 0x2f4a4 [ Global ] - ok

02:22:26.0245 0x2f4a4 ================ Scan MBR ==================================

02:22:26.0292 0x2f4a4 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

02:22:59.0058 0x2f4a4 \Device\Harddisk0\DR0 - ok

02:22:59.0058 0x2f4a4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR10

02:22:59.0089 0x2f4a4 \Device\Harddisk5\DR10 - ok

02:22:59.0089 0x2f4a4 ================ Scan VBR ==================================

02:22:59.0120 0x2f4a4 [ 5EEF54D6CB9C380393989E5C82284ABD ] \Device\Harddisk0\DR0\Partition1

02:22:59.0136 0x2f4a4 \Device\Harddisk0\DR0\Partition1 - ok

02:22:59.0323 0x2f4a4 [ C159B307E93485A66198EFB2305E6180 ] \Device\Harddisk5\DR10\Partition1

02:22:59.0402 0x2f4a4 \Device\Harddisk5\DR10\Partition1 - ok

02:22:59.0402 0x2f4a4 ================ Scan generic autorun ======================

02:22:59.0636 0x2f4a4 [ 798C0C1FF4E0FCE646CA82AE0379CCB0, 54D08331F511823755CBBAC3AAD698BBCDFCDE71F47B827DCFC6ADA89E753D80 ] C:\WINDOWS\SOUNDMAN.EXE

02:23:04.0089 0x2f4a4 SoundMan - ok

02:23:07.0558 0x2f4a4 [ 39C913873B3AB8593116BD4A7B9BB82B, 190227920185B9EAC3B966AF7A1E5C90276B9E93D42A274DDDCB6DC11E86C940 ] C:\WINDOWS\ALCWZRD.EXE

02:23:10.0323 0x2f4a4 AlcWzrd - ok

02:23:11.0448 0x2f4a4 [ 6E5A178E359EE42F748186A14449D848, 7BA8F72A65E9CA2911938EEE2F2CB44A9BB439BB6FC8C59866745C034098C487 ] C:\WINDOWS\system32\igfxtray.exe

02:23:11.0636 0x2f4a4 igfxtray - ok

02:23:11.0761 0x2f4a4 [ 42344DDF30337979216EA6AFA58BB42A, 565EB63BE814F959BB0E547218C963B5ECA455A394455D411BD1889A66B31E54 ] C:\WINDOWS\system32\hkcmd.exe

02:23:11.0902 0x2f4a4 igfxhkcmd - ok

02:23:11.0980 0x2f4a4 [ 4B10675852FE8862521024778E264D5F, 5520A4D16517708807A01954DF977A790DDD1715B0CF90D48DCE490C5AF60455 ] C:\WINDOWS\system32\igfxpers.exe

02:23:12.0511 0x2f4a4 igfxpers - ok

02:23:12.0902 0x2f4a4 [ 3D6D77C598DA415AF5432BB42B31F40A, 25BFFFA9EAAED871AC6F160AA749C9BEEF12AE45E3FC8271541937B61EA63279 ] C:\Program Files\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe

02:23:12.0995 0x2f4a4 Corel File Shell Monitor - ok

02:23:13.0886 0x2f4a4 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

02:23:14.0855 0x2f4a4 Adobe ARM - ok

02:23:23.0448 0x2f4a4 [ 1425E5356CA84583CBE65B456A0AE97A, A22696B3C601209EB852BEC35AC4E66733ED1136338B73744BE27D7EE31CA7CE ] C:\Program Files\AVG\AVG2014\avgui.exe

02:23:28.0964 0x2f4a4 AVG_UI - ok

02:23:29.0933 0x2f4a4 [ A2F2CB2B9EF133B3D24BCE7180B3596E, BEA34FF48F5E41D63C2123904006D2FE40D95EC02537A31FD8151401A18B89C7 ] C:\Documents and Settings\Owner\Local Settings\Application Data\Strongvault Online Backup\SMessaging.exe

02:23:30.0417 0x2f4a4 SMessaging - ok

02:23:30.0823 0x2f4a4 [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

02:23:31.0292 0x2f4a4 SunJavaUpdateSched - ok

02:23:31.0433 0x2f4a4 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\CTFMON.EXE

02:23:31.0495 0x2f4a4 CTFMON.EXE - ok

02:23:31.0558 0x2f4a4 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\CTFMON.EXE

02:23:31.0558 0x2f4a4 CTFMON.EXE - ok

02:23:31.0573 0x2f4a4 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe

02:23:31.0589 0x2f4a4 ctfmon.exe - ok

02:23:33.0527 0x2f4a4 [ 0512BBB9FFA43A9F4182D7B76B6473A1, 561AE7F18B480074775C4F422BAC87D129A8782F984950AC062395DFF5CD7B1A ] C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe

02:23:35.0261 0x2f4a4 HP Deskjet 3050A J611 series (NET) - ok

02:23:35.0323 0x2f4a4 Skype - ok

02:23:36.0073 0x2f4a4 [ C8BC9A2DC599F1A52DC6B42FDD47B01E, F32F869EFA1E8ACECC9BDE7D0C9460EF3C85482629A22C4C7BEABE644B9C7E97 ] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_14_0_0_145_ActiveX.exe

02:23:36.0667 0x2f4a4 FlashPlayerUpdate - ok

02:23:36.0683 0x2f4a4 Waiting for KSN requests completion. In queue: 8

02:23:37.0698 0x2f4a4 Waiting for KSN requests completion. In queue: 8

02:23:38.0714 0x2f4a4 Waiting for KSN requests completion. In queue: 8

02:23:39.0714 0x2f4a4 Waiting for KSN requests completion. In queue: 6

02:23:40.0714 0x2f4a4 Waiting for KSN requests completion. In queue: 6

02:23:41.0714 0x2f4a4 Waiting for KSN requests completion. In queue: 6

02:23:42.0730 0x2f4a4 Waiting for KSN requests completion. In queue: 6

02:23:43.0730 0x2f4a4 Waiting for KSN requests completion. In queue: 6

02:23:44.0808 0x2f4a4 Waiting for KSN requests completion. In queue: 6

02:23:46.0917 0x2f4a4 AV detected via SS1: AVG AntiVirus Free Edition 2014, 2014.0, enabled, updated

02:23:46.0980 0x2f4a4 Win FW state via NFM: enabled

02:23:49.0464 0x2f4a4 ============================================================

02:23:49.0464 0x2f4a4 Scan finished

02:23:49.0464 0x2f4a4 ============================================================

02:23:49.0542 0x2f090 Detected object count: 0

02:23:49.0542 0x2f090 Actual detected object count: 0


Edited by wendywenz, 12 August 2014 - 08:31 PM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:32 PM

Posted 12 August 2014 - 08:27 PM

No problem, cookies are not necessarily bad but should go.
Let's see if it updates after the last scan is done.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 12 August 2014 - 09:22 PM

Here are the results from AdwCleaner

 

# AdwCleaner v3.304 - Report created 13/08/2014 at 02:39:42
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - OWNER-AD95639F5
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Conduit
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\SmartTweak
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\visi_coupon
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Strongvault
Folder Deleted : C:\Documents and Settings\Owner\Application Data\SwvUpdater
Folder Deleted : C:\Documents and Settings\Owner\Application Data\xVidly
Folder Deleted : C:\Documents and Settings\Owner\Start Menu\Programs\SmartTweak Software
File Deleted : C:\WINDOWS\system32\roboot.exe

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\fedd8cb33eb946
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ACC01A56-70E3-472E-9C4F-83B1DA817DD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A6BE320-DC9B-4D24-A6E8-621B81544F4B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ACC01A56-70E3-472E-9C4F-83B1DA817DD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A6BE320-DC9B-4D24-A6E8-621B81544F4B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [5365 octets] - [13/08/2014 02:34:41]
AdwCleaner[S0].txt - [5373 octets] - [13/08/2014 02:39:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5433 octets] ##########
# AdwCleaner v3.304 - Report created 13/08/2014 at 03:01:11
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - OWNER-AD95639F5
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6268 octets] - [13/08/2014 02:34:41]
AdwCleaner[S0].txt - [6277 octets] - [13/08/2014 02:39:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6337 octets] ##########



#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:32 PM

Posted 12 August 2014 - 09:30 PM

Oh yeah that's the stuff that creates havoc..


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 12 August 2014 - 09:43 PM

Heres the results from JRT

 

# AdwCleaner v3.304 - Report created 13/08/2014 at 02:39:42
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - OWNER-AD95639F5
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Conduit
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\SmartTweak
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\visi_coupon
Folder Deleted : C:\Documents and Settings\Owner\Application Data\Strongvault
Folder Deleted : C:\Documents and Settings\Owner\Application Data\SwvUpdater
Folder Deleted : C:\Documents and Settings\Owner\Application Data\xVidly
Folder Deleted : C:\Documents and Settings\Owner\Start Menu\Programs\SmartTweak Software
File Deleted : C:\WINDOWS\system32\roboot.exe

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\fedd8cb33eb946
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ACC01A56-70E3-472E-9C4F-83B1DA817DD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A6BE320-DC9B-4D24-A6E8-621B81544F4B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ACC01A56-70E3-472E-9C4F-83B1DA817DD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3A6BE320-DC9B-4D24-A6E8-621B81544F4B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe]
Key Deleted : HKCU\Software\BI
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\ImInstaller
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\smarttweak
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Deleted [Extension] : fbmimoidopbghbcmdmpkjaffffmcbmbg
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Deleted [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Deleted [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [5365 octets] - [13/08/2014 02:34:41]
AdwCleaner[S0].txt - [5373 octets] - [13/08/2014 02:39:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5433 octets] ##########
# AdwCleaner v3.304 - Report created 13/08/2014 at 03:01:11
# Updated 08/08/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Owner - OWNER-AD95639F5
# Running from : C:\Documents and Settings\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v

[ File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [6268 octets] - [13/08/2014 02:34:41]
AdwCleaner[S0].txt - [6277 octets] - [13/08/2014 02:39:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6337 octets] ##########



#10 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 12 August 2014 - 10:50 PM

oops wrong one... sorry

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Microsoft Windows XP x86
Ran by Owner on 13/08/2014 at  3:26:39.06
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SMessaging [Strongvault]

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-448539723-1336601894-1644491937-1003\Software\sweetim

 

~~~ Files

 

~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Local Settings\Application Data\stronghold_llc"
Successfully deleted: [Folder] "C:\Documents and Settings\Owner\Local Settings\Application Data\strongvault online backup"
Successfully deleted: [Folder] "C:\WINDOWS\system32\ai_recyclebin"

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13/08/2014 at  3:37:33.67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#11 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 12 August 2014 - 11:43 PM

No threats were found with ESET online scanner

 

Is there anything else i need to do?

Thank you

Wendy



#12 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:32 PM

Posted 13 August 2014 - 04:21 PM

Hi, was your External connected for the scans?
Was Malwarebytes run as a Full scan?
 
In control panel .. Add/Remove Uninstall these....
 
Adobe Reader X (10.1.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
 
Reboot
Install Adobe Reader XI

NOTE: UNcheck the boxes so you do NOT install Optional offers



Yes, install Google Chrome as my default browser.

Learn more | Install Option

Yes, install Google Toolbar for Internet Explorer.

Learn more
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#13 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 13 August 2014 - 07:14 PM

Hi again Boop

 

I dont remember now which of the programs run asked me to reboot... but after that one my external wasnt connected

With malware bytes i just click on scan ...not sure if its full or not as its changed its look since i updated it last

 

I have now done as you asked on your last post

 

I really do appreciate all your help

Thank you

Wendy



#14 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,109 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:32 PM

Posted 13 August 2014 - 07:30 PM

You're welcome Wendy!

The MBAM FULL scan will scan all drives connected .. The ESET scan will scan all drives connected.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#15 wendywenz

wendywenz
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:10:32 PM

Posted 14 August 2014 - 08:01 AM

I ran malware bytes and no threats were found

 

Here are the results from ESET scan

 

I:\Mums Lappie\User\AppData\Local\uTorrentBar\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.1.1\bin\PriceGongIE.dll a variant of Win32/PriceGong.A potentially unwanted application deleted - quarantined
I:\PROGRAMS\Nero 7.10.1.0\Nero-7.10.1.0_eng_full.exe Win32/Toolbar.AskSBar potentially unwanted application deleted - quarantined
 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users