Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Could someone please help me.


  • Please log in to reply
11 replies to this topic

#1 gsxrfathead

gsxrfathead

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 21 January 2015 - 11:16 AM

Hello, 
 
I am looking for some help. I am sure that I am infected BADLY. I asked for help from another website, and they told me they wouldn't help because of the operating systems age, and suggested I tried asking for help here. 

I am running WINDOWS XP, and have been infected with a trojan.agent.ed virus. I can't replace this system, it has programs on it that can't be replaced. My system is running at 100% at all times, and Malware keeps telling me that it is blocking outbound suspicious websites. I desperately need help. Thanks, Andrew



BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:04 AM

Posted 21 January 2015 - 11:25 AM

Hello Andrew.. Lets look at theses logs.


Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 gsxrfathead

gsxrfathead
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 21 January 2015 - 03:40 PM

Here are the logs.

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Valued User (administrator) on 21-01-2015 at 11:58:09
Running from "C:\Documents and Settings\Valued User\Desktop"
Microsoft Windows XP Professional Service Pack 3 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Broadcom NetXtreme 57xx Gigabit Controller = Local Area Connection (Connected)

# ----------------------------------
# Interface IP Configuration        
# ----------------------------------
pushd interface ip

# Interface IP Configuration for "Local Area Connection"

set address name="Local Area Connection" source=dhcp
set dns name="Local Area Connection" source=dhcp register=PRIMARY
set wins name="Local Area Connection" source=dhcp

popd
# End of interface IP configuration

 

Windows IP Configuration

 

        Host Name . . . . . . . . . . . . : gx620-9f3a32a67

        Primary Dns Suffix  . . . . . . . :

        Node Type . . . . . . . . . . . . : Unknown

        IP Routing Enabled. . . . . . . . : No

        WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Local Area Connection:

 

        Connection-specific DNS Suffix  . :

        Description . . . . . . . . . . . : Broadcom NetXtreme 57xx Gigabit Controller

        Physical Address. . . . . . . . . : 00-18-8B-1E-D2-BC

        Dhcp Enabled. . . . . . . . . . . : Yes

        Autoconfiguration Enabled . . . . : Yes

        IP Address. . . . . . . . . . . . : 192.168.1.101

        Subnet Mask . . . . . . . . . . . : 255.255.255.0

        Default Gateway . . . . . . . . . : 192.168.1.1

        DHCP Server . . . . . . . . . . . : 192.168.1.1

        DNS Servers . . . . . . . . . . . : 192.168.15.1

        Lease Obtained. . . . . . . . . . : Wednesday, January 21, 2015 11:01:28 AM

        Lease Expires . . . . . . . . . . : Thursday, January 22, 2015 11:01:28 AM

Server:  mywimax
Address:  192.168.15.1

Name:    google.com
Addresses:  173.194.46.105, 173.194.46.101, 173.194.46.96, 173.194.46.99
   173.194.46.103, 173.194.46.97, 173.194.46.104, 173.194.46.102, 173.194.46.110
   173.194.46.100, 173.194.46.98

 

Pinging google.com [173.194.46.101] with 32 bytes of data:

 

Reply from 173.194.46.101: bytes=32 time=137ms TTL=54

Reply from 173.194.46.101: bytes=32 time=78ms TTL=54

 

Ping statistics for 173.194.46.101:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 78ms, Maximum = 137ms, Average = 107ms

Server:  mywimax
Address:  192.168.15.1

Name:    yahoo.com
Addresses:  206.190.36.45, 98.139.183.24, 98.138.253.109

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

 

Reply from 98.139.183.24: bytes=32 time=167ms TTL=50

Reply from 98.139.183.24: bytes=32 time=119ms TTL=50

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 119ms, Maximum = 167ms, Average = 143ms

 

Pinging 127.0.0.1 with 32 bytes of data:

 

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 18 8b 1e d2 bc ...... Broadcom NetXtreme 57xx Gigabit Controller - Packet Scheduler Miniport
===========================================================================
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1   192.168.1.101   20
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1   1
      192.168.1.0    255.255.255.0    192.168.1.101   192.168.1.101   20
    192.168.1.101  255.255.255.255        127.0.0.1       127.0.0.1   20
    192.168.1.255  255.255.255.255    192.168.1.101   192.168.1.101   20
        224.0.0.0        240.0.0.0    192.168.1.101   192.168.1.101   20
  255.255.255.255  255.255.255.255    192.168.1.101   192.168.1.101   1
Default Gateway:       192.168.1.1
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\system32\winrnr.dll [16896] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 01 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\system32\rsvpsp.dll [92672] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\system32\mswsock.dll [245248] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (01/19/2015 02:23:16 PM) (Source: Application Error) (User: )
Description: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module unknown, version 0.0.0.0, fault address 0x028f0a52.
Processing media-specific event for [iexplore.exe!ws!]

Error: (01/19/2015 00:18:07 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/19/2015 07:59:49 AM) (Source: Application Hang) (User: )
Description: Hanging application SDScan.exe, version 2.4.40.181, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/19/2015 07:14:57 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/15/2015 07:23:39 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/13/2015 11:08:18 AM) (Source: Application Hang) (User: )
Description: Hanging application WINWORD.EXE, version 12.0.4518.1014, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/13/2015 11:08:10 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/10/2015 09:34:13 AM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/09/2015 02:27:08 PM) (Source: Application Hang) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/08/2015 11:40:58 AM) (Source: Application Error) (User: )
Description: Faulting application svchost.exe, version 5.1.2600.5512, faulting module urlmon.dll, version 8.0.6001.23580, fault address 0x00004ffd.
Processing media-specific event for [svchost.exe!ws!]

System errors:
=============
Error: (01/21/2015 09:21:53 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (01/21/2015 09:21:23 AM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
bdftdif

Error: (01/21/2015 09:21:22 AM) (Source: Service Control Manager) (User: )
Description: The System Restore Service service terminated with the following error:
%%2

Error: (01/21/2015 09:21:22 AM) (Source: Service Control Manager) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (01/21/2015 09:21:22 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (01/21/2015 09:21:22 AM) (Source: Service Control Manager) (User: )
Description: The HP Support Solutions Framework Service service failed to start due to the following error:
%%1053

Error: (01/21/2015 09:21:22 AM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for the HP Support Solutions Framework Service service to connect.

Error: (01/21/2015 09:21:19 AM) (Source: SRService) (User: )
Description: The System Restore initialization process failed.

Error: (01/20/2015 05:03:52 PM) (Source: Service Control Manager) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (01/20/2015 05:03:22 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
bdftdif

Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================
32 Bit HP CIO Components Installer (Version: 6.1.2 - Hewlett-Packard) Hidden
AD_Install (Version: 1.00.0000 - HP) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.5.0.600 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.4.402.265 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM\...\Adobe SVG Viewer) (Version:  3.0 - )
ALLDATA Repair (HKLM\...\{73090A5A-E0C0-4E0B-A320-E183877061A5}) (Version: 10.10 - ALLDATA Corporation)
bpd_scan_ent (Version: 3.00.0000 - Hewlett-Packard) Hidden
Broadcom Gigabit Integrated Controller (HKLM\...\{B7F54262-AB66-44B3-88BF-9FC69941B643}) (Version: 8.10.07 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
Dell Resource CD (HKLM\...\{2764CA82-DFB9-4498-AF85-719340BF5305}) (Version: 1.00.0000 - Dell Inc.)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 120.0.194.000 - Hewlett-Packard) Hidden
DocMgr (Version: 120.0.000.000 - Hewlett-Packard) Hidden
DocProc (Version: 12.0.0.0 - Hewlett-Packard) Hidden
Enterprise (Version: 50.0.165.000 - Hewlett-Packard) Hidden
Fax (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM\...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
HP Customer Participation Program 12.0 (HKLM\...\HPExtendedCapabilities) (Version: 12.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 12.0 (HKLM\...\HP Imaging Device Functions) (Version: 12.0 - HP)
HP Officejet Pro 8500 A909 Series Corporate Edition 14.0 (HKLM\...\{906AE747-3E38-4efa-B42F-7FB6D604A01B}) (Version: 14.0 - HP)
HP Smart Web Printing (HKLM\...\HP Smart Web Printing) (Version: 4.05 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Solutions Framework (HKLM\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4396 - )
Java 7 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (Version: 2.1.65.20 - Oracle, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (Version: 120.0.226.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Streets and Trips 2005 (HKLM\...\{67E4EE98-59F4-4210-89A6-A20AF5BEC689}) (Version: 12.00.07.1200 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Motorola Device Manager (HKLM\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.35 - Motorola Mobility)
Motorola Device Software Update (Version: 1.0.41 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Network (Version: 140.0.215.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 12.0 (HKLM\...\HPOCR) (Version: 12.0 - HP)
OnDemand5 (HKLM\...\{5F7DFDFA-27B3-4E06-BCDE-B371424C0032}) (Version: 5.8.1.9 - )
Scan (Version: 140.0.167.000 - Hewlett-Packard) Hidden
SmartWebPrinting (Version: 120.0.194.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
SoundMAX (HKLM\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 5.12.01.5246 - Analog Devices)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (Version: 120.0.194.000 - Hewlett-Packard) Hidden
TrayApp (Version: 120.0.194.000 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM\...\{3C3901C5-3455-3E0A-A214-0B093A5070A6}.KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Windows Internet Explorer 8 (KB2598845) (HKLM\...\KB2598845-IE8) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update for Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB898461) (HKLM\...\KB898461) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (Version: 1 - Microsoft Corporation) Hidden
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Internet Explorer 7 (Version: 20070813.185237 - Microsoft Corporation) Hidden
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows Management Framework Core (HKLM\...\KB968930) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)

========================= Memory info: ===================================

Percentage of memory in use: 51%
Total physical RAM: 1014.07 MB
Available physical RAM: 491.37 MB
Total Pagefile: 2441.96 MB
Available Pagefile: 1860.41 MB
Total Virtual: 2047.88 MB
Available Virtual: 1967.23 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:50.44 GB) (Free:34.09 GB) NTFS
3 Drive e: (New Volume) (Fixed) (Total:247.65 GB) (Free:24.37 GB) NTFS

========================= Users: ========================================

User accounts for \\GX620-9F3A32A67

Administrator            Guest                    HelpAssistant           
SUPPORT_388945a0         Valued User             

**** End of log ****

 

 12:01:58.0500 0x0788  TDSS rootkit removing tool 3.0.0.43 Jan 19 2015 18:43:19
12:02:02.0453 0x0788  ============================================================
12:02:02.0453 0x0788  Current date / time: 2015/01/21 12:02:02.0453
12:02:02.0453 0x0788  SystemInfo:
12:02:02.0453 0x0788 
12:02:02.0453 0x0788  OS Version: 5.1.2600 ServicePack: 3.0
12:02:02.0453 0x0788  Product type: Workstation
12:02:02.0453 0x0788  ComputerName: GX620-9F3A32A67
12:02:02.0453 0x0788  UserName: Valued User
12:02:02.0453 0x0788  Windows directory: C:\WINDOWS
12:02:02.0453 0x0788  System windows directory: C:\WINDOWS
12:02:02.0453 0x0788  Processor architecture: Intel x86
12:02:02.0453 0x0788  Number of processors: 2
12:02:02.0453 0x0788  Page size: 0x1000
12:02:02.0453 0x0788  Boot type: Normal boot
12:02:02.0453 0x0788  ============================================================
12:02:04.0406 0x0788  KLMD registered as C:\WINDOWS\system32\drivers\53187418.sys
12:02:04.0640 0x0788  System UUID: {A191E7FD-70FA-F5BF-D00A-9888AD059C9E}
12:02:05.0609 0x0788  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
12:02:05.0609 0x0788  ============================================================
12:02:05.0609 0x0788  \Device\Harddisk0\DR0:
12:02:05.0609 0x0788  MBR partitions:
12:02:05.0609 0x0788  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x64E323A
12:02:05.0609 0x0788  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x64E3280, BlocksNum 0x1EF4A441
12:02:05.0609 0x0788  ============================================================
12:02:05.0640 0x0788  C: <-> \Device\Harddisk0\DR0\Partition1
12:02:05.0671 0x0788  E: <-> \Device\Harddisk0\DR0\Partition2
12:02:05.0671 0x0788  ============================================================
12:02:05.0671 0x0788  Initialize success
12:02:05.0671 0x0788  ============================================================
12:02:08.0250 0x0ab4  ============================================================
12:02:08.0250 0x0ab4  Scan started
12:02:08.0250 0x0ab4  Mode: Manual;
12:02:08.0250 0x0ab4  ============================================================
12:02:08.0250 0x0ab4  KSN ping started
12:02:24.0765 0x0ab4  KSN ping finished: true
12:02:24.0984 0x0ab4  ================ Scan system memory ========================
12:02:24.0984 0x0ab4  System memory - ok
12:02:24.0984 0x0ab4  ================ Scan services =============================
12:02:25.0078 0x0ab4  Abiosdsk - ok
12:02:25.0093 0x0ab4  abp480n5 - ok
12:02:25.0109 0x0ab4  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:02:25.0109 0x0ab4  ACPI - ok
12:02:25.0218 0x0ab4  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
12:02:25.0218 0x0ab4  ACPIEC - ok
12:02:25.0218 0x0ab4  adpu160m - ok
12:02:25.0250 0x0ab4  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
12:02:25.0250 0x0ab4  aec - ok
12:02:25.0281 0x0ab4  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
12:02:25.0281 0x0ab4  AFD - ok
12:02:25.0281 0x0ab4  Aha154x - ok
12:02:25.0296 0x0ab4  aic78u2 - ok
12:02:25.0296 0x0ab4  aic78xx - ok
12:02:25.0328 0x0ab4  [ CB5A5079744A0535416D3A5E462C5EFE, D2FDB93619CEC4F66A799F16B2EC5CB7D7833F8F69554F7FE44DF7A5DC617391 ] aksfridge       C:\WINDOWS\system32\drivers\aksfridge.sys
12:02:25.0343 0x0ab4  aksfridge - ok
12:02:25.0359 0x0ab4  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
12:02:25.0359 0x0ab4  Alerter - ok
12:02:25.0375 0x0ab4  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
12:02:25.0375 0x0ab4  ALG - ok
12:02:25.0375 0x0ab4  AliIde - ok
12:02:25.0390 0x0ab4  amsint - ok
12:02:25.0406 0x0ab4  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
12:02:25.0421 0x0ab4  AppMgmt - ok
12:02:25.0421 0x0ab4  asc - ok
12:02:25.0421 0x0ab4  asc3350p - ok
12:02:25.0437 0x0ab4  asc3550 - ok
12:02:25.0484 0x0ab4  [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:02:25.0484 0x0ab4  aspnet_state - ok
12:02:25.0515 0x0ab4  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:02:25.0515 0x0ab4  AsyncMac - ok
12:02:25.0515 0x0ab4  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
12:02:25.0515 0x0ab4  atapi - ok
12:02:25.0531 0x0ab4  Atdisk - ok
12:02:25.0546 0x0ab4  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:02:25.0546 0x0ab4  Atmarpc - ok
12:02:25.0562 0x0ab4  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
12:02:25.0562 0x0ab4  AudioSrv - ok
12:02:25.0593 0x0ab4  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
12:02:25.0593 0x0ab4  audstub - ok
12:02:25.0593 0x0ab4  avchv - ok
12:02:25.0625 0x0ab4  [ 241474D01380E9ED41D4C07F4F5FD401, 93CAD2FB0260C5CDDF014E16D8D99A63E8CA107BC2EE6D403CC7C877C3ADBD97 ] b57w2k          C:\WINDOWS\system32\DRIVERS\b57xp32.sys
12:02:25.0625 0x0ab4  b57w2k - ok
12:02:25.0671 0x0ab4  bdftdif - ok
12:02:25.0703 0x0ab4  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
12:02:25.0703 0x0ab4  Beep - ok
12:02:25.0734 0x0ab4  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
12:02:25.0750 0x0ab4  BITS - ok
12:02:25.0781 0x0ab4  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
12:02:25.0781 0x0ab4  Browser - ok
12:02:25.0859 0x0ab4  BS2238960586 - ok
12:02:25.0890 0x0ab4  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
12:02:25.0890 0x0ab4  cbidf2k - ok
12:02:25.0890 0x0ab4  cd20xrnt - ok
12:02:25.0921 0x0ab4  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
12:02:25.0921 0x0ab4  Cdaudio - ok
12:02:25.0921 0x0ab4  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
12:02:25.0921 0x0ab4  Cdfs - ok
12:02:25.0953 0x0ab4  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:02:25.0953 0x0ab4  Cdrom - ok
12:02:25.0984 0x0ab4  [ 84853B3FD012251690570E9E7E43343F, 65CACFA643E52A0C0E6B2D901228A8A0AD4993CAFA3C287E65395F4B7C521089 ] cercsr6         C:\WINDOWS\system32\drivers\cercsr6.sys
12:02:25.0984 0x0ab4  cercsr6 - ok
12:02:25.0984 0x0ab4  Changer - ok
12:02:25.0984 0x0ab4  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
12:02:25.0984 0x0ab4  CiSvc - ok
12:02:26.0000 0x0ab4  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
12:02:26.0000 0x0ab4  ClipSrv - ok
12:02:26.0015 0x0ab4  [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:02:26.0015 0x0ab4  clr_optimization_v2.0.50727_32 - ok
12:02:26.0046 0x0ab4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:02:26.0046 0x0ab4  clr_optimization_v4.0.30319_32 - ok
12:02:26.0062 0x0ab4  CmdIde - ok
12:02:26.0062 0x0ab4  COMSysApp - ok
12:02:26.0078 0x0ab4  Cpqarray - ok
12:02:26.0078 0x0ab4  cpuz134 - ok
12:02:26.0093 0x0ab4  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
12:02:26.0093 0x0ab4  CryptSvc - ok
12:02:26.0109 0x0ab4  dac2w2k - ok
12:02:26.0109 0x0ab4  dac960nt - ok
12:02:26.0156 0x0ab4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
12:02:26.0156 0x0ab4  DcomLaunch - ok
12:02:26.0203 0x0ab4  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
12:02:26.0203 0x0ab4  Dhcp - ok
12:02:26.0203 0x0ab4  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
12:02:26.0203 0x0ab4  Disk - ok
12:02:26.0218 0x0ab4  dmadmin - ok
12:02:26.0265 0x0ab4  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
12:02:26.0281 0x0ab4  dmboot - ok
12:02:26.0296 0x0ab4  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
12:02:26.0296 0x0ab4  dmio - ok
12:02:26.0312 0x0ab4  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
12:02:26.0312 0x0ab4  dmload - ok
12:02:26.0328 0x0ab4  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
12:02:26.0328 0x0ab4  dmserver - ok
12:02:26.0343 0x0ab4  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
12:02:26.0343 0x0ab4  DMusic - ok
12:02:26.0359 0x0ab4  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
12:02:26.0359 0x0ab4  Dnscache - ok
12:02:26.0390 0x0ab4  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
12:02:26.0390 0x0ab4  Dot3svc - ok
12:02:26.0390 0x0ab4  dpti2o - ok
12:02:26.0421 0x0ab4  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
12:02:26.0421 0x0ab4  drmkaud - ok
12:02:26.0437 0x0ab4  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
12:02:26.0437 0x0ab4  EapHost - ok
12:02:26.0468 0x0ab4  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
12:02:26.0468 0x0ab4  ERSvc - ok
12:02:26.0500 0x0ab4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
12:02:26.0500 0x0ab4  Eventlog - ok
12:02:26.0531 0x0ab4  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
12:02:26.0546 0x0ab4  EventSystem - ok
12:02:26.0546 0x0ab4  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
12:02:26.0562 0x0ab4  Fastfat - ok
12:02:26.0578 0x0ab4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:02:26.0578 0x0ab4  FastUserSwitchingCompatibility - ok
12:02:26.0578 0x0ab4  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
12:02:26.0578 0x0ab4  Fdc - ok
12:02:26.0593 0x0ab4  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
12:02:26.0593 0x0ab4  Fips - ok
12:02:26.0609 0x0ab4  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
12:02:26.0609 0x0ab4  Flpydisk - ok
12:02:26.0625 0x0ab4  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
12:02:26.0625 0x0ab4  FltMgr - ok
12:02:26.0671 0x0ab4  [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:02:26.0671 0x0ab4  FontCache3.0.0.0 - ok
12:02:26.0687 0x0ab4  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:02:26.0687 0x0ab4  Fs_Rec - ok
12:02:26.0703 0x0ab4  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:02:26.0703 0x0ab4  Ftdisk - ok
12:02:26.0718 0x0ab4  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:02:26.0718 0x0ab4  Gpc - ok
12:02:26.0750 0x0ab4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
12:02:26.0765 0x0ab4  gupdate - ok
12:02:26.0765 0x0ab4  [ F172AD4E906D97ED8F071896FC6789DC, FC10B3CE3DB0D3BF84DFD28E900EB6A11EDAAE32AC50F23CB03AACC6AA496911 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
12:02:26.0765 0x0ab4  gupdatem - ok
12:02:26.0812 0x0ab4  [ 9DE9A7A19195C57EF38B4EE25422F2D7, EE03EA0F1A1B2DBED01567A0B8C9CF5BCE236FB9E09C9337A9E648982AB6A000 ] Hardlock        C:\WINDOWS\system32\drivers\hardlock.sys
12:02:26.0828 0x0ab4  Hardlock - ok
12:02:26.0828 0x0ab4  hasplms - ok
12:02:26.0859 0x0ab4  [ 2DD25F060DC9F79B5CDF33D90ED93669, 1095E091B1F42E04B054478E029D166990A375D27E9B9D0D1170F35536462C8E ] Haspnt          C:\WINDOWS\system32\drivers\Haspnt.sys
12:02:26.0859 0x0ab4  Haspnt - ok
12:02:26.0890 0x0ab4  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:02:26.0906 0x0ab4  helpsvc - ok
12:02:26.0921 0x0ab4  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
12:02:26.0921 0x0ab4  HidServ - ok
12:02:26.0921 0x0ab4  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] hidusb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:02:26.0921 0x0ab4  hidusb - ok
12:02:26.0953 0x0ab4  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
12:02:26.0953 0x0ab4  hkmsvc - ok
12:02:26.0953 0x0ab4  hpn - ok
12:02:27.0031 0x0ab4  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
12:02:27.0031 0x0ab4  hpqcxs08 - ok
12:02:27.0062 0x0ab4  [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B, D3D1EA40833157386E83EAC3B730E043BE0ED831106972625E285263ADB968C3 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
12:02:27.0078 0x0ab4  hpqddsvc - ok
12:02:27.0125 0x0ab4  [ 56FC98F1014EA8DC51B92839C32759EC, 2F6D21ACE7901E1EC3DEFB96021E131CBEC9821240434A927D2435BBC59E80DC ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
12:02:27.0140 0x0ab4  HPSLPSVC - ok
12:02:27.0203 0x0ab4  [ 82C47A85494249623F40E43C7B04051C, 97EF087B49219B68686914B250634FF67D13B7D3F81562614F108D2A40BEBA54 ] HPSupportSolutionsFrameworkService C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe
12:02:27.0203 0x0ab4  HPSupportSolutionsFrameworkService - ok
12:02:27.0218 0x0ab4  [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794BEAB8D8B71D8DD ] HPZid412        C:\WINDOWS\system32\DRIVERS\HPZid412.sys
12:02:27.0218 0x0ab4  HPZid412 - ok
12:02:27.0218 0x0ab4  [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A7E43410AC99F23 ] HPZipr12        C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
12:02:27.0218 0x0ab4  HPZipr12 - ok
12:02:27.0234 0x0ab4  [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E512C9BC4B86877 ] HPZius12        C:\WINDOWS\system32\DRIVERS\HPZius12.sys
12:02:27.0234 0x0ab4  HPZius12 - ok
12:02:27.0234 0x0ab4  hrjj - ok
12:02:27.0265 0x0ab4  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
12:02:27.0281 0x0ab4  HTTP - ok
12:02:27.0296 0x0ab4  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
12:02:27.0296 0x0ab4  HTTPFilter - ok
12:02:27.0296 0x0ab4  i2omgmt - ok
12:02:27.0296 0x0ab4  i2omp - ok
12:02:27.0312 0x0ab4  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\drivers\i8042prt.sys
12:02:27.0312 0x0ab4  i8042prt - ok
12:02:27.0390 0x0ab4  [ 9A883C3C4D91292C0D09DE7C728E781C, 34DD9E781C42FF55BF83F62DFE7B0F4FE3CAEF19B517245BA004C2C641493A98 ] ialm            C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
12:02:27.0421 0x0ab4  ialm - ok
12:02:27.0468 0x0ab4  [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc           C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:02:27.0500 0x0ab4  idsvc - ok
12:02:27.0515 0x0ab4  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
12:02:27.0515 0x0ab4  Imapi - ok
12:02:27.0546 0x0ab4  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
12:02:27.0546 0x0ab4  ImapiService - ok
12:02:27.0562 0x0ab4  ini910u - ok
12:02:27.0562 0x0ab4  IntelIde - ok
12:02:27.0578 0x0ab4  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:02:27.0578 0x0ab4  intelppm - ok
12:02:27.0593 0x0ab4  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
12:02:27.0593 0x0ab4  Ip6Fw - ok
12:02:27.0609 0x0ab4  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:02:27.0609 0x0ab4  IpFilterDriver - ok
12:02:27.0609 0x0ab4  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:02:27.0609 0x0ab4  IpInIp - ok
12:02:27.0625 0x0ab4  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:02:27.0625 0x0ab4  IpNat - ok
12:02:27.0640 0x0ab4  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:02:27.0640 0x0ab4  IPSec - ok
12:02:27.0640 0x0ab4  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
12:02:27.0656 0x0ab4  IRENUM - ok
12:02:27.0656 0x0ab4  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:02:27.0656 0x0ab4  isapnp - ok
12:02:27.0703 0x0ab4  [ A980296E1EC9921356F0D8AD06A6EF9C, 15ECC4B7FD250C1F4CC4CBB58430B8A16F94B33392E52EE964A3DBC49F114272 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:02:27.0718 0x0ab4  JavaQuickStarterService - ok
12:02:27.0734 0x0ab4  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:02:27.0734 0x0ab4  Kbdclass - ok
12:02:27.0734 0x0ab4  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:02:27.0734 0x0ab4  kbdhid - ok
12:02:27.0750 0x0ab4  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
12:02:27.0750 0x0ab4  kmixer - ok
12:02:27.0765 0x0ab4  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
12:02:27.0765 0x0ab4  KSecDD - ok
12:02:27.0796 0x0ab4  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
12:02:27.0796 0x0ab4  lanmanserver - ok
12:02:27.0828 0x0ab4  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:02:27.0843 0x0ab4  lanmanworkstation - ok
12:02:27.0843 0x0ab4  lbrtfdc - ok
12:02:27.0875 0x0ab4  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
12:02:27.0875 0x0ab4  LmHosts - ok
12:02:27.0890 0x0ab4  [ A3F4391DFDF2F9E9FE4EAD193265A5AD, A60A1A345622F4758181FB0B6EE784B0B718105FEE7B0F6FEDE5AD59FE448EE1 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
12:02:27.0890 0x0ab4  MBAMProtector - ok
12:02:27.0968 0x0ab4  [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler   C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
12:02:28.0015 0x0ab4  MBAMScheduler - ok
12:02:28.0062 0x0ab4  [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService     C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
12:02:28.0093 0x0ab4  MBAMService - ok
12:02:28.0109 0x0ab4  [ 8E2E9CCD873ABF180F48BCAEEEBE347D, 35DBBB8E63B480151EA5701D9DB7C90642FA2391D044DB400D3644F3E21BB0C1 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
12:02:28.0109 0x0ab4  MBAMSwissArmy - ok
12:02:28.0125 0x0ab4  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
12:02:28.0140 0x0ab4  Messenger - ok
12:02:28.0156 0x0ab4  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
12:02:28.0156 0x0ab4  mnmdd - ok
12:02:28.0187 0x0ab4  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
12:02:28.0187 0x0ab4  mnmsrvc - ok
12:02:28.0203 0x0ab4  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
12:02:28.0203 0x0ab4  Modem - ok
12:02:28.0234 0x0ab4  [ 11AAA0083D30F4677AD2B218EE7F5CE9, 6E1070DF996E0A230351D545CE3E7B9B31A0B11917DD6E45953255A8207A151C ] Motorola Device Manager C:\Program Files\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
12:02:28.0234 0x0ab4  Motorola Device Manager - ok
12:02:28.0250 0x0ab4  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:02:28.0250 0x0ab4  Mouclass - ok
12:02:28.0281 0x0ab4  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:02:28.0281 0x0ab4  mouhid - ok
12:02:28.0281 0x0ab4  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
12:02:28.0281 0x0ab4  MountMgr - ok
12:02:28.0296 0x0ab4  mraid35x - ok
12:02:28.0296 0x0ab4  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:02:28.0312 0x0ab4  MRxDAV - ok
12:02:28.0343 0x0ab4  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:02:28.0343 0x0ab4  MRxSmb - ok
12:02:28.0359 0x0ab4  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
12:02:28.0359 0x0ab4  MSDTC - ok
12:02:28.0375 0x0ab4  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
12:02:28.0375 0x0ab4  Msfs - ok
12:02:28.0375 0x0ab4  MSIServer - ok
12:02:28.0390 0x0ab4  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:02:28.0390 0x0ab4  MSKSSRV - ok
12:02:28.0390 0x0ab4  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:02:28.0390 0x0ab4  MSPCLOCK - ok
12:02:28.0406 0x0ab4  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
12:02:28.0406 0x0ab4  MSPQM - ok
12:02:28.0406 0x0ab4  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:02:28.0406 0x0ab4  mssmbios - ok
12:02:28.0421 0x0ab4  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
12:02:28.0421 0x0ab4  Mup - ok
12:02:28.0453 0x0ab4  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
12:02:28.0453 0x0ab4  napagent - ok
12:02:28.0468 0x0ab4  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
12:02:28.0468 0x0ab4  NDIS - ok
12:02:28.0500 0x0ab4  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:02:28.0500 0x0ab4  NdisTapi - ok
12:02:28.0515 0x0ab4  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:02:28.0515 0x0ab4  Ndisuio - ok
12:02:28.0531 0x0ab4  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:02:28.0531 0x0ab4  NdisWan - ok
12:02:28.0546 0x0ab4  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
12:02:28.0546 0x0ab4  NDProxy - ok
12:02:28.0562 0x0ab4  [ 69C503C004F49AEE8B8E3067CC047BA7, 0E7A2FB0CC7669E6400EDA4D2220BBB1A85CF3D3529739DA5AE2C073FFA08313 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
12:02:28.0562 0x0ab4  Net Driver HPZ12 - ok
12:02:28.0578 0x0ab4  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
12:02:28.0578 0x0ab4  NetBIOS - ok
12:02:28.0593 0x0ab4  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
12:02:28.0593 0x0ab4  NetBT - ok
12:02:28.0609 0x0ab4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
12:02:28.0609 0x0ab4  NetDDE - ok
12:02:28.0625 0x0ab4  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
12:02:28.0625 0x0ab4  NetDDEdsdm - ok
12:02:28.0640 0x0ab4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
12:02:28.0640 0x0ab4  Netlogon - ok
12:02:28.0656 0x0ab4  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
12:02:28.0656 0x0ab4  Netman - ok
12:02:28.0671 0x0ab4  [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:02:28.0671 0x0ab4  NetTcpPortSharing - ok
12:02:28.0703 0x0ab4  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
12:02:28.0703 0x0ab4  Nla - ok
12:02:28.0718 0x0ab4  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
12:02:28.0718 0x0ab4  Npfs - ok
12:02:28.0750 0x0ab4  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
12:02:28.0765 0x0ab4  Ntfs - ok
12:02:28.0765 0x0ab4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
12:02:28.0765 0x0ab4  NtLmSsp - ok
12:02:28.0796 0x0ab4  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
12:02:28.0812 0x0ab4  NtmsSvc - ok
12:02:28.0812 0x0ab4  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
12:02:28.0812 0x0ab4  Null - ok
12:02:28.0828 0x0ab4  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:02:28.0828 0x0ab4  NwlnkFlt - ok
12:02:28.0843 0x0ab4  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:02:28.0843 0x0ab4  NwlnkFwd - ok
12:02:28.0906 0x0ab4  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:02:28.0921 0x0ab4  odserv - ok
12:02:28.0937 0x0ab4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:02:28.0937 0x0ab4  ose - ok
12:02:28.0953 0x0ab4  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
12:02:28.0953 0x0ab4  Parport - ok
12:02:28.0968 0x0ab4  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
12:02:28.0968 0x0ab4  PartMgr - ok
12:02:28.0984 0x0ab4  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
12:02:28.0984 0x0ab4  ParVdm - ok
12:02:29.0000 0x0ab4  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
12:02:29.0000 0x0ab4  PCI - ok
12:02:29.0015 0x0ab4  PCIDump - ok
12:02:29.0015 0x0ab4  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
12:02:29.0015 0x0ab4  PCIIde - ok
12:02:29.0046 0x0ab4  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\drivers\Pcmcia.sys
12:02:29.0046 0x0ab4  Pcmcia - ok
12:02:29.0046 0x0ab4  PDCOMP - ok
12:02:29.0046 0x0ab4  PDFRAME - ok
12:02:29.0062 0x0ab4  PDRELI - ok
12:02:29.0062 0x0ab4  PDRFRAME - ok
12:02:29.0062 0x0ab4  perc2 - ok
12:02:29.0078 0x0ab4  perc2hib - ok
12:02:29.0109 0x0ab4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
12:02:29.0109 0x0ab4  PlugPlay - ok
12:02:29.0140 0x0ab4  [ 12B4549D515CB26BB8D375038017CA65, B09ED2BED994D2B04862BBF62EF56F110235D3489D3B1762432F22A3A8F97BB8 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
12:02:29.0140 0x0ab4  Pml Driver HPZ12 - ok
12:02:29.0140 0x0ab4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
12:02:29.0140 0x0ab4  PolicyAgent - ok
12:02:29.0171 0x0ab4  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:02:29.0171 0x0ab4  PptpMiniport - ok
12:02:29.0171 0x0ab4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:02:29.0171 0x0ab4  ProtectedStorage - ok
12:02:29.0187 0x0ab4  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
12:02:29.0187 0x0ab4  PSched - ok
12:02:29.0203 0x0ab4  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:02:29.0203 0x0ab4  Ptilink - ok
12:02:29.0203 0x0ab4  ql1080 - ok
12:02:29.0218 0x0ab4  Ql10wnt - ok
12:02:29.0218 0x0ab4  ql12160 - ok
12:02:29.0218 0x0ab4  ql1240 - ok
12:02:29.0234 0x0ab4  ql1280 - ok
12:02:29.0234 0x0ab4  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:02:29.0234 0x0ab4  RasAcd - ok
12:02:29.0250 0x0ab4  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
12:02:29.0265 0x0ab4  RasAuto - ok
12:02:29.0265 0x0ab4  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:02:29.0265 0x0ab4  Rasl2tp - ok
12:02:29.0296 0x0ab4  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
12:02:29.0296 0x0ab4  RasMan - ok
12:02:29.0312 0x0ab4  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:02:29.0312 0x0ab4  RasPppoe - ok
12:02:29.0312 0x0ab4  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
12:02:29.0312 0x0ab4  Raspti - ok
12:02:29.0328 0x0ab4  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:02:29.0328 0x0ab4  Rdbss - ok
12:02:29.0328 0x0ab4  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:02:29.0328 0x0ab4  RDPCDD - ok
12:02:29.0343 0x0ab4  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:02:29.0359 0x0ab4  rdpdr - ok
12:02:29.0390 0x0ab4  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
12:02:29.0390 0x0ab4  RDPWD - ok
12:02:29.0390 0x0ab4  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
12:02:29.0406 0x0ab4  RDSessMgr - ok
12:02:29.0406 0x0ab4  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
12:02:29.0406 0x0ab4  redbook - ok
12:02:29.0437 0x0ab4  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
12:02:29.0437 0x0ab4  RemoteAccess - ok
12:02:29.0468 0x0ab4  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
12:02:29.0468 0x0ab4  RemoteRegistry - ok
12:02:29.0468 0x0ab4  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
12:02:29.0484 0x0ab4  RpcLocator - ok
12:02:29.0500 0x0ab4  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
12:02:29.0515 0x0ab4  RpcSs - ok
12:02:29.0531 0x0ab4  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
12:02:29.0531 0x0ab4  RSVP - ok
12:02:29.0546 0x0ab4  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
12:02:29.0546 0x0ab4  SamSs - ok
12:02:29.0546 0x0ab4  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
12:02:29.0546 0x0ab4  SCardSvr - ok
12:02:29.0578 0x0ab4  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
12:02:29.0578 0x0ab4  Schedule - ok
12:02:29.0703 0x0ab4  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
12:02:29.0734 0x0ab4  SDScannerService - ok
12:02:29.0828 0x0ab4  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:02:29.0875 0x0ab4  SDUpdateService - ok
12:02:29.0890 0x0ab4  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:02:29.0890 0x0ab4  SDWSCService - ok
12:02:29.0906 0x0ab4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:02:29.0906 0x0ab4  Secdrv - ok
12:02:29.0906 0x0ab4  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
12:02:29.0921 0x0ab4  seclogon - ok
12:02:29.0968 0x0ab4  [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8, E94F7E97AAB80600DED0310160527C3CC8CAC8593EC2FBEAED2EF5EC5A6C4086 ] senfilt         C:\WINDOWS\system32\drivers\senfilt.sys
12:02:29.0984 0x0ab4  senfilt - ok
12:02:30.0000 0x0ab4  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
12:02:30.0000 0x0ab4  SENS - ok
12:02:30.0000 0x0ab4  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
12:02:30.0015 0x0ab4  serenum - ok
12:02:30.0015 0x0ab4  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
12:02:30.0015 0x0ab4  Serial - ok
12:02:30.0046 0x0ab4  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
12:02:30.0046 0x0ab4  Sfloppy - ok
12:02:30.0062 0x0ab4  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
12:02:30.0078 0x0ab4  SharedAccess - ok
12:02:30.0093 0x0ab4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:02:30.0093 0x0ab4  ShellHWDetection - ok
12:02:30.0109 0x0ab4  Simbad - ok
12:02:30.0140 0x0ab4  [ C6D9959E493682F872A639B6EC1B4A08, 5B6D3FD23A44422F8B3972CF47BF16B5015DC0CCF7EF59FADAFEEF1AEE32958B ] smwdm           C:\WINDOWS\system32\drivers\smwdm.sys
12:02:30.0156 0x0ab4  smwdm - ok
12:02:30.0156 0x0ab4  Sparrow - ok
12:02:30.0187 0x0ab4  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
12:02:30.0187 0x0ab4  splitter - ok
12:02:30.0203 0x0ab4  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
12:02:30.0203 0x0ab4  Spooler - ok
12:02:30.0234 0x0ab4  [ 03D7AD16AC204C48640CBE6ED8281A65, 9F9D7D749B52909EF9FA55C6ADAD750E7D12D62A0F2343695C66A91DCCEF6BA2 ] spupdsvc        C:\WINDOWS\system32\spupdsvc.exe
12:02:30.0234 0x0ab4  spupdsvc - ok
12:02:30.0250 0x0ab4  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
12:02:30.0250 0x0ab4  sr - ok
12:02:30.0281 0x0ab4  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
12:02:30.0281 0x0ab4  srservice - ok
12:02:30.0312 0x0ab4  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
12:02:30.0328 0x0ab4  Srv - ok
12:02:30.0343 0x0ab4  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
12:02:30.0343 0x0ab4  SSDPSRV - ok
12:02:30.0359 0x0ab4  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
12:02:30.0375 0x0ab4  stisvc - ok
12:02:30.0390 0x0ab4  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
12:02:30.0390 0x0ab4  swenum - ok
12:02:30.0390 0x0ab4  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
12:02:30.0390 0x0ab4  swmidi - ok
12:02:30.0406 0x0ab4  SwPrv - ok
12:02:30.0406 0x0ab4  symc810 - ok
12:02:30.0406 0x0ab4  symc8xx - ok
12:02:30.0421 0x0ab4  sym_hi - ok
12:02:30.0421 0x0ab4  sym_u3 - ok
12:02:30.0437 0x0ab4  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
12:02:30.0437 0x0ab4  sysaudio - ok
12:02:30.0468 0x0ab4  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
12:02:30.0468 0x0ab4  SysmonLog - ok
12:02:30.0484 0x0ab4  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
12:02:30.0500 0x0ab4  TapiSrv - ok
12:02:30.0531 0x0ab4  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:02:30.0546 0x0ab4  Tcpip - ok
12:02:30.0562 0x0ab4  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
12:02:30.0562 0x0ab4  TDPIPE - ok
12:02:30.0578 0x0ab4  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
12:02:30.0578 0x0ab4  TDTCP - ok
12:02:30.0578 0x0ab4  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
12:02:30.0578 0x0ab4  TermDD - ok
12:02:30.0609 0x0ab4  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
12:02:30.0609 0x0ab4  TermService - ok
12:02:30.0625 0x0ab4  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
12:02:30.0640 0x0ab4  Themes - ok
12:02:30.0656 0x0ab4  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
12:02:30.0656 0x0ab4  TlntSvr - ok
12:02:30.0656 0x0ab4  TosIde - ok
12:02:30.0687 0x0ab4  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
12:02:30.0687 0x0ab4  TrkWks - ok
12:02:30.0703 0x0ab4  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
12:02:30.0718 0x0ab4  Udfs - ok
12:02:30.0718 0x0ab4  ultra - ok
12:02:30.0734 0x0ab4  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
12:02:30.0750 0x0ab4  Update - ok
12:02:30.0765 0x0ab4  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
12:02:30.0765 0x0ab4  upnphost - ok
12:02:30.0781 0x0ab4  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
12:02:30.0781 0x0ab4  UPS - ok
12:02:30.0812 0x0ab4  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:02:30.0812 0x0ab4  usbccgp - ok
12:02:30.0828 0x0ab4  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:02:30.0828 0x0ab4  usbehci - ok
12:02:30.0843 0x0ab4  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:02:30.0843 0x0ab4  usbhub - ok
12:02:30.0875 0x0ab4  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:02:30.0875 0x0ab4  usbprint - ok
12:02:30.0890 0x0ab4  [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:02:30.0890 0x0ab4  usbscan - ok
12:02:30.0906 0x0ab4  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:02:30.0906 0x0ab4  USBSTOR - ok
12:02:30.0921 0x0ab4  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:02:30.0921 0x0ab4  usbuhci - ok
12:02:30.0937 0x0ab4  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
12:02:30.0937 0x0ab4  VgaSave - ok
12:02:30.0937 0x0ab4  ViaIde - ok
12:02:30.0953 0x0ab4  VirtualFD - ok
12:02:30.0953 0x0ab4  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
12:02:30.0953 0x0ab4  VolSnap - ok
12:02:30.0984 0x0ab4  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
12:02:30.0984 0x0ab4  VSS - ok
12:02:31.0015 0x0ab4  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time         C:\WINDOWS\system32\w32time.dll
12:02:31.0015 0x0ab4  W32Time - ok
12:02:31.0031 0x0ab4  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:02:31.0031 0x0ab4  Wanarp - ok
12:02:31.0078 0x0ab4  [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000        C:\WINDOWS\system32\Drivers\wdf01000.sys
12:02:31.0078 0x0ab4  Wdf01000 - ok
12:02:31.0093 0x0ab4  WDICA - ok
12:02:31.0109 0x0ab4  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
12:02:31.0125 0x0ab4  wdmaud - ok
12:02:31.0125 0x0ab4  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
12:02:31.0125 0x0ab4  WebClient - ok
12:02:31.0187 0x0ab4  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
12:02:31.0187 0x0ab4  winmgmt - ok
12:02:31.0250 0x0ab4  [ 18F347402DA544A780949B8FDF83351B, D1AD972D438A51A4998FEF68670395DAE3353240AD2A17F35794287AF0826FFB ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
12:02:31.0281 0x0ab4  WinRM - ok
12:02:31.0312 0x0ab4  [ C7E39EA41233E9F5B86C8DA3A9F1E4A8, 98C21DEEB7124426D749FACDAD06EBD7F500AE5C465A98D558919C2A51C08554 ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
12:02:31.0312 0x0ab4  WmdmPmSN - ok
12:02:31.0343 0x0ab4  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
12:02:31.0359 0x0ab4  Wmi - ok
12:02:31.0390 0x0ab4  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:02:31.0390 0x0ab4  WmiApSrv - ok
12:02:31.0406 0x0ab4  WpdUsb - ok
12:02:31.0468 0x0ab4  [ 15673BD0B86150CB8E27766059C72A9B, 56C23289A8BFF4945EE532CF6D62D3EC81B827CA15A359F30A327789F9FE9CAF ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
12:02:31.0484 0x0ab4  WPFFontCache_v0400 - ok
12:02:31.0500 0x0ab4  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
12:02:31.0515 0x0ab4  wscsvc - ok
12:02:31.0531 0x0ab4  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
12:02:31.0546 0x0ab4  wuauserv - ok
12:02:31.0562 0x0ab4  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:02:31.0562 0x0ab4  WudfPf - ok
12:02:31.0578 0x0ab4  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:02:31.0578 0x0ab4  WudfRd - ok
12:02:31.0609 0x0ab4  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
12:02:31.0609 0x0ab4  WudfSvc - ok
12:02:31.0640 0x0ab4  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
12:02:31.0656 0x0ab4  WZCSVC - ok
12:02:31.0671 0x0ab4  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
12:02:31.0687 0x0ab4  xmlprov - ok
12:02:31.0687 0x0ab4  ================ Scan global ===============================
12:02:31.0718 0x0ab4  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
12:02:31.0734 0x0ab4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
12:02:31.0765 0x0ab4  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
12:02:31.0781 0x0ab4  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
12:02:31.0781 0x0ab4  [ Global ] - ok
12:02:31.0781 0x0ab4  ================ Scan MBR ==================================
12:02:31.0796 0x0ab4  [ 4E800BC56057CADF2FCDFC8F093595DC ] \Device\Harddisk0\DR0
12:02:31.0968 0x0ab4  \Device\Harddisk0\DR0 - ok
12:02:31.0968 0x0ab4  ================ Scan VBR ==================================
12:02:31.0968 0x0ab4  [ 2F9838A313F8C49B07E635F1D5182CF7 ] \Device\Harddisk0\DR0\Partition1
12:02:32.0000 0x0ab4  \Device\Harddisk0\DR0\Partition1 - ok
12:02:32.0000 0x0ab4  [ 38DDB51CAE65084BAC999C15F0B01E5B ] \Device\Harddisk0\DR0\Partition2
12:02:32.0031 0x0ab4  \Device\Harddisk0\DR0\Partition2 - ok
12:02:32.0031 0x0ab4  ================ Scan generic autorun ======================
12:02:32.0093 0x0ab4  [ 10247C15D999CC116C87DA36BD0AD64D, C2F0EE62505690DD7A11E08B555C522843B9A0902E05A6A75EB6FFFF3654606A ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
12:02:32.0125 0x0ab4  SoundMAXPnP - ok
12:02:32.0156 0x0ab4  [ 3F2C8DD08549BB3419CDA372F5999FFA, D2AF3C3BD950A027094034B40C6F81BE966A557F9BD403D3D10E3D0D31CF8A76 ] C:\WINDOWS\system32\igfxtray.exe
12:02:32.0171 0x0ab4  igfxtray - ok
12:02:32.0187 0x0ab4  [ 996ABAC2332DE28F3B6A179C6DA20205, D9E7D690400FA5816555A1030BB39CC9DC3C5EF195A44085B072BEF5EDA7A67A ] C:\WINDOWS\system32\igfxpers.exe
12:02:32.0187 0x0ab4  igfxpers - ok
12:02:32.0281 0x0ab4  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:02:32.0296 0x0ab4  Adobe ARM - ok
12:02:32.0343 0x0ab4  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
12:02:32.0359 0x0ab4  SunJavaUpdateSched - ok
12:02:32.0390 0x0ab4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
12:02:32.0390 0x0ab4  HP Software Update - ok
12:02:32.0546 0x0ab4  [ 7EE68A122ED08E4AAD8DA551E34D2515, B3C9AB270AF595D3DBAFBF4A312B96CBF00C16F0A03CCC86BE56825CD1EB7143 ] C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
12:02:32.0625 0x0ab4  SDTray - ok
12:02:32.0640 0x0ab4  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
12:02:32.0640 0x0ab4  ctfmon.exe - ok
12:02:32.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:33.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:34.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:35.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:36.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:37.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:38.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:39.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:40.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:41.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:42.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:43.0640 0x0ab4  Waiting for KSN requests completion. In queue: 243
12:02:44.0640 0x0ab4  Waiting for KSN requests completion. In queue: 216
12:02:45.0640 0x0ab4  Waiting for KSN requests completion. In queue: 189
12:02:46.0687 0x0ab4  Win FW state via NFM: disabled
12:02:52.0343 0x0ab4  ============================================================
12:02:52.0343 0x0ab4  Scan finished
12:02:52.0343 0x0ab4  ============================================================
12:02:52.0343 0x0bf0  Detected object count: 0
12:02:52.0343 0x0bf0  Actual detected object count: 0
 

 

# AdwCleaner v4.108 - Report created 21/01/2015 at 12:35:53
# Updated 17/01/2015 by Xplode
# Database : 2015-01-18.1 [Live]
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Valued User - GX620-9F3A32A67
# Running from : C:\Documents and Settings\Valued User\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Systweak
Folder Deleted : C:\Program Files\globalUpdate
Folder Deleted : C:\Documents and Settings\Valued User\Local Settings\Application Data\globalUpdate
Folder Deleted : C:\Documents and Settings\Valued User\Application Data\DriverCure
Folder Deleted : C:\Documents and Settings\Valued User\Application Data\HPAppData
Folder Deleted : C:\Documents and Settings\Valued User\Application Data\ParetoLogic
Folder Deleted : C:\Documents and Settings\Valued User\Application Data\Systweak
Folder Deleted : C:\Documents and Settings\Valued User\Application Data\Toolbar4
File Deleted : C:\WINDOWS\Reimage.ini

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\Reimage
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKLM\SOFTWARE\AVG Secure Search
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Reimage
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RegClean-Pro_is1

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702

-\\ Google Chrome v39.0.2171.99

[C:\Documents and Settings\Valued User\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Documents and Settings\Valued User\Local Settings\Application Data\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

*************************

AdwCleaner[R0].txt - [7096 octets] - [21/01/2015 12:05:51]
AdwCleaner[R1].txt - [7156 octets] - [21/01/2015 12:23:56]
AdwCleaner[S0].txt - [7078 octets] - [21/01/2015 12:35:53]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7138 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Microsoft Windows XP x86
Ran by Valued User on Wed 01/21/2015 at 12:43:39.59
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511651108}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511651108}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}

 

~~~ Files

 

~~~ Folders

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 01/21/2015 at 13:00:02.37
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

ESET LOG

 

C:\Documents and Settings\Valued User\Local Settings\Application Data\YfzPack\qrcdodwt.dll a variant of Win32/Boaxxe.CO.gen trojan cleaned by deleting - quarantined
C:\Documents and Settings\Valued User\Local Settings\Application Data\YfzPack\WebKit2WebProcess.dll a variant of Win32/Boaxxe.CO.gen trojan cleaned by deleting - quarantined
 

 

Thanks



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:04 AM

Posted 21 January 2015 - 03:54 PM

OK, good removed a lot of junk and a troublemaker
Trojan:Win32/Boaxxe.B is a Trojan that installs itself as a Browser Helper Object and may contact remote sites related to rogue anti-spyware applications.

Next,, Do this update below (while in Control Panel also Remove Adobe Reader X

Important Note: Your version of Java is out of date. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system.
- Kaspersky Lab report: Evaluating the threat level of software vulnerabilities
- Microsoft: Unprecedented Wave of Java Exploitation
- Ghosts of Java Haunt Users

Please follow these steps to remove older version Java components and update:
  • Download the latest version of Java Runtime Environment (JRE) Version 8 and save it to your desktop.
  • Under "Java Platform, Standard Edition"...click the "Download JRE" button to the right.
  • Read the License Agreement, and then check the box that says: "Accept License Agreement".
  • From the list, select (click on) the download link for your operating system (Windows x86 Offline: jre-8u25-windows-i586.exe or Windows x64: jre-8u25-windows-x64.exe) and save the file to your desktop.
  • Close any programs you may have running - especially your web browser.
  • Go to StartBtn.gif > Control Panel, double-click on Add/Remove Programs or Programs and Features in Vista/Windows 7/8 and remove all older versions of Java.
  • Check (highlight) any item with Java Runtime Environment (JRE or J2SE) in the name.
  • Click the Remove or Change/Remove button and follow the onscreen instructions for the Java uninstaller.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-8u25-windows-i586.exe (or jre-8u25-windows-x64.exe for 64-bit) to install the newest version.
  • If using Windows 7/8 or Vista and the installer refuses to launch due to insufficient user permissions, then Run As Administrator.
  • When the Java Setup - Welcome window opens, click the Install > button.
  • If offered any unwanted software or toolbars during installation, just uncheck the box before continuing unless you want it. The McAfee Security Scan Plus may be installed unless you uncheck the McAfee installation box when updating Java.
-- Java is updated frequently. If you want to be automatically notified of future updates, just turn on the Java Automatic Update feature and you will not have to remember to update when Java releases a new version.

Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications but it's not necessary. To disable the JQS service if you don't want to use it:
  • Go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter.
  • Click Ok and reboot your computer.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,901 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:04 AM

Posted 21 January 2015 - 05:12 PM

boopme is correct about updating but since this is an older system, read on...

Using Java is an unnecessary security risk.

Although Java is commonly used in business environments and many VPN providers still use it, the average user does not need to install Java software.I recommend just uninstalling Java if you don't use it.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 gsxrfathead

gsxrfathead
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 21 January 2015 - 05:12 PM

OK I removed Adobe reader X, and all versions of JAVA, and have installed the latest JAVA as requested.

I am still badly infected.

MALWAREBYTES keeps popping up with the following notifications.

 

BLOCKING MALICIOUS WEBSITE

 

BLOCKING TROJAN.AGENT.EVGEN

 

BLOCKING TROJAN.AGENT.DED

 

BLOCKING TROJAN.AGENT.ED

 

BLOCKING TROJAN.MSIL.ED

 

BLOCKING TROJAN.DORKBOT.ED

 

What should I do now?



#7 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,901 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:04 AM

Posted 21 January 2015 - 05:16 PM

BTW...tell us what anti-virus software you are using.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#8 gsxrfathead

gsxrfathead
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 21 January 2015 - 05:17 PM

Correction, I have only downloaded the new JAVA. I have not installed it yet. I can do without it.



#9 gsxrfathead

gsxrfathead
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 21 January 2015 - 05:18 PM

Right now CCleaner, Malwarebytes, and Spybot S&D



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,901 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:04 AM

Posted 21 January 2015 - 05:25 PM

An outgoing IP alert indicates that a process on your system tried to access a malicious IP and was prevented from loading content onto your system. A browser is not required to be running for an alert to occur...just an active Internet connection with processes running. IP alerts are also triggered by banner ads appearing on websites since in some case these ads are malicious. Notification that an outgoing IP address has been blocked does not necessarily mean the computer is infected. Some legitimate programs on your computer (i.e. iTunes, Instant Messenger client, SKYPE, P2P software, web browsers) have access to the Internet and that action can trigger an IP alert if it tried to access a malicious IP address. No action is required unless you're also experiencing malware symptoms or there are multiple IPs. Your firewall should be able to give you a list of such programs so you can confirm if they are legitimate.

IP Protection is also designed to block incoming connections it determines to be malicious. Botnets and Zombie computers scour the net, randomly scanning a block of IP addresses, searching for vulnerable ports - commonly probed ports and make repeated attempts to access them. Hackers use "port scanning", a popular reconnaissance technique, to search for vulnerable computers with open ports using IP addresses or a group of random IP address ranges so they can break in and install malicious programs. Malwarebytes is doing its job by blocking this kind of traffic and alerting you about these intrusion attempts.

If the IP Block shows in the protection log for a legitimate site, that generally indicates when the block was implemented by Malwarebytes, there were sufficient domains housing malware to warrant it. Unfortunately where shared IPs are concerned there will usually be safe domains that get caught in the cross-fire.

You can examine the events in the Malicious Website Blocking protection-logs for more details. Refer to this topic for instructions on how to properly save/export a Scan log...How do I access and save logs from Malwarebytes Anti-Malware?.

You can post the contents of the complete log for boopme's review in your next reply.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,901 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:11:04 AM

Posted 21 January 2015 - 05:33 PM

Right now CCleaner, Malwarebytes, and Spybot S&D

They are not anti-virus programs and that's probably why your system was infected. You need to install an anti-virus program and perform a full system scan. See Choosing an Anti-Virus Program but read the following links first.

These Anti-Virus Software Products Will Continue to Protect XP after the End of Support

Best advice for those Windows XP users wondering what else they can do to mitigate their risks need to either update the operating system or Ditch the Free AV & Get a Paid Solution.

Webroot SecureAnywhere will support XP until 2019...it has Identity Shield & Web Shield to protect online banking, shopping and block bad web sites so it is a good choice.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#12 gsxrfathead

gsxrfathead
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:10:04 AM

Posted 21 January 2015 - 05:36 PM

Here is todays MALWAREBYTES log.

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Detection, 1/21/2015 12:08:43 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 12:09:03 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:09:06 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:09:12 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:10 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:11 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:13 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:14 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:19 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:31 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:34 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:35 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:40 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:10:41 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Update, 1/21/2015 12:19:31 AM, SYSTEM, GX620-9F3A32A67, Scheduler, Malware Database, 2015.1.21.3, 2015.1.21.4,
Protection, 1/21/2015 12:19:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Starting,
Protection, 1/21/2015 12:19:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 12:20:25 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 12:24:53 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Success,
Protection, 1/21/2015 12:24:57 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 12:25:13 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 12:36:31 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 12:49:21 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 12:49:24 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 12:49:30 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 1:00:46 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 1:00:48 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 1:00:54 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 1:09:40 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:09:43 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:09:49 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:31:17 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.228, 0, Outbound,
Detection, 1/21/2015 1:31:20 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.228, 0, Outbound,
Detection, 1/21/2015 1:31:26 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.228, 0, Outbound,
Detection, 1/21/2015 1:31:40 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.167, 0, Outbound,
Detection, 1/21/2015 1:31:43 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.167, 0, Outbound,
Detection, 1/21/2015 1:31:49 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.167, 0, Outbound,
Detection, 1/21/2015 1:32:01 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.169, 0, Outbound,
Detection, 1/21/2015 1:32:04 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.169, 0, Outbound,
Detection, 1/21/2015 1:32:10 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.169, 0, Outbound,
Detection, 1/21/2015 1:32:22 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.229, 0, Outbound,
Detection, 1/21/2015 1:32:25 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.229, 0, Outbound,
Detection, 1/21/2015 1:32:31 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.229, 0, Outbound,
Detection, 1/21/2015 1:40:16 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:51:29 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:51:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:51:38 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:52:56 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.169, 0, Outbound,
Detection, 1/21/2015 1:52:59 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.169, 0, Outbound,
Detection, 1/21/2015 1:53:05 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.169, 0, Outbound,
Detection, 1/21/2015 1:53:17 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.167, 0, Outbound,
Detection, 1/21/2015 1:53:20 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.167, 0, Outbound,
Detection, 1/21/2015 1:53:27 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.150.195.167, 0, Outbound,
Detection, 1/21/2015 1:53:40 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.229, 0, Outbound,
Detection, 1/21/2015 1:53:43 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.229, 0, Outbound,
Detection, 1/21/2015 1:53:50 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 80.252.188.229, 0, Outbound,
Update, 1/21/2015 2:16:58 AM, SYSTEM, GX620-9F3A32A67, Scheduler, Malware Database, 2015.1.21.4, 2015.1.21.5,
Protection, 1/21/2015 2:17:00 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Starting,
Protection, 1/21/2015 2:17:00 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 2:17:54 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 2:21:50 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Success,
Protection, 1/21/2015 2:21:50 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 2:22:01 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 2:30:14 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 2:30:17 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 2:30:23 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 2:53:03 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 2:53:10 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:24:37 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:24:45 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:37:20 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:37:29 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:52:24 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:52:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Scan, 1/21/2015 4:10:54 AM, SYSTEM, GX620-9F3A32A67, Manual, Start:1/21/2015 3:59:54 AM, Duration:10 min 59 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,
Protection, 1/21/2015 4:10:56 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 4:11:03 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 4:11:06 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 4:11:20 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 4:33:22 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:33:25 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:33:31 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:43:38 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:43:41 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:43:47 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:53:56 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:53:59 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:53:59 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:54:02 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:54:05 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:54:08 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:55:23 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:55:26 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 4:55:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:16:08 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:16:10 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:16:16 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:16:17 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:16:20 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:16:26 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:18:39 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:18:41 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:18:47 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:27:59 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:02 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:03 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:06 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:08 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:12 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:22 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:24 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:25 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:27 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:28:31 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:29:29 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 5:29:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 5:29:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 5:29:35 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 5:29:38 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 5:29:41 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 5:48:38 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:48:45 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 5:50:37 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:50:40 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 5:50:46 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 6:00:52 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 6:10:54 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Update, 1/21/2015 6:16:38 AM, SYSTEM, GX620-9F3A32A67, Scheduler, Malware Database, 2015.1.21.5, 2015.1.21.6,
Protection, 1/21/2015 6:16:48 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Starting,
Protection, 1/21/2015 6:16:49 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 6:19:40 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 6:26:08 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Success,
Protection, 1/21/2015 6:26:23 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 6:26:46 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 6:33:54 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 6:33:59 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 6:36:43 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 6:36:46 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 6:36:53 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 6:37:53 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 6:37:56 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 6:38:02 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 7:20:21 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:27:37 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:27:40 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:27:46 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:27:59 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:28:08 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:28:08 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:28:21 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:28:24 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:28:30 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:31:58 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:32:00 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:32:07 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:32:18 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:32:21 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:32:28 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:32:40 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:32:43 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:32:49 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:40:41 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:50:20 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:50:47 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:50:50 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 7:50:56 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:02:29 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 8:02:36 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 8:13:01 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 8:33:38 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 8:34:51 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:34:52 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:34:54 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:34:55 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:35:00 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:35:01 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:35:12 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:35:15 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:35:21 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:43:56 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:43:57 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:43:58 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:44:00 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:44:04 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:44:06 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:44:17 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:44:20 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 8:44:26 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 9:12:08 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 9:12:16 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Protection, 1/21/2015 9:22:15 AM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, Starting,
Protection, 1/21/2015 9:22:15 AM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, Started,
Protection, 1/21/2015 9:22:15 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 9:22:20 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Update, 1/21/2015 9:28:58 AM, SYSTEM, GX620-9F3A32A67, Scheduler, Malware Database, 2015.1.21.6, 2015.1.21.7,
Protection, 1/21/2015 9:29:06 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Starting,
Protection, 1/21/2015 9:29:06 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 9:29:17 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 9:30:21 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Success,
Protection, 1/21/2015 9:30:23 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 9:30:43 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 9:33:24 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 9:33:32 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 9:42:57 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 9:43:06 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 9:54:38 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Update, 1/21/2015 10:13:27 AM, SYSTEM, GX620-9F3A32A67, Scheduler, Failed, Unable to access update server,
Update, 1/21/2015 10:24:59 AM, SYSTEM, GX620-9F3A32A67, Scheduler, Failed, Unable to access update server,
Update, 1/21/2015 11:22:33 AM, SYSTEM, GX620-9F3A32A67, Scheduler, Malware Database, 2015.1.21.7, 2015.1.21.8,
Protection, 1/21/2015 11:22:33 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Starting,
Protection, 1/21/2015 11:22:33 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 11:22:37 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 11:24:38 AM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Success,
Protection, 1/21/2015 11:24:38 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 11:24:48 AM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 12:04:51 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 12:04:53 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 12:04:59 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 12:18:34 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:18:47 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Update, 1/21/2015 12:24:23 PM, SYSTEM, GX620-9F3A32A67, Scheduler, Malware Database, 2015.1.21.8, 2015.1.21.9,
Protection, 1/21/2015 12:24:24 PM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Starting,
Protection, 1/21/2015 12:24:24 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 12:24:34 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 12:32:00 PM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Success,
Protection, 1/21/2015 12:32:13 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 12:32:40 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Protection, 1/21/2015 12:40:33 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, Starting,
Protection, 1/21/2015 12:40:33 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, Started,
Protection, 1/21/2015 12:40:33 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 12:40:38 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 12:57:51 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:57:59 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 12:59:24 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 12:59:27 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 12:59:33 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 216.172.61.83, 0, Outbound,
Detection, 1/21/2015 1:10:34 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:10:42 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:20:06 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:20:09 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:20:12 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 1:20:15 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:20:18 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 1:31:39 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 1:45:51 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 1:45:53 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:45:54 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 1:45:56 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 1:46:00 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 1:46:02 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:08:55 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:08:59 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:09:04 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:10:24 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:10:24 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:10:26 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:10:27 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:10:33 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:10:45 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:10:48 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:10:54 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 2:19:03 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 2:28:20 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Update, 1/21/2015 2:29:03 PM, SYSTEM, GX620-9F3A32A67, Scheduler, Malware Database, 2015.1.21.9, 2015.1.21.10,
Protection, 1/21/2015 2:29:04 PM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Starting,
Protection, 1/21/2015 2:29:04 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 2:29:51 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 2:35:21 PM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Success,
Protection, 1/21/2015 2:35:22 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 2:35:39 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 3:06:46 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:06:54 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:30:27 PM, Valued User, GX620-9F3A32A67, Protection, Malware Protection, File, Trojan.Agent.ED, C:\Documents and Settings\Valued User\Application Data\Yxage\geudo.exe, Quarantine, [b55904f62a5f84b27d7227e6986a9f61]
Detection, 1/21/2015 3:30:28 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, File, Trojan.MSIL.ED, C:\Documents and Settings\Valued User\Local Settings\Temp\982.tmp.exe, Quarantine, [5db139c1f099b87e0365a767f9090df3]
Detection, 1/21/2015 3:30:38 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, File, Trojan.Agent.DED, C:\Documents and Settings\Valued User\Local Settings\Temp\984.tmp.exe, Quarantine Failed, 5, Access is denied.  , [5cb2996144459e98a686c42aed149967]
Detection, 1/21/2015 3:30:50 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, File, Trojan.Dorkbot.ED, C:\Documents and Settings\Valued User\Local Settings\Temp\986.tmp.exe, Quarantine Failed, 2, The system cannot find the file specified.  , [ee2032c87811bc7a564f5032fc059e62]
Detection, 1/21/2015 3:30:52 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, File, Trojan.Agent.EVGen, C:\Documents and Settings\Valued User\Application Data\Microsoft\Windows\IEUpdate\lights.exe, Quarantine, [a569f703b5d4b97da5ec2be371918e72]
Detection, 1/21/2015 3:39:59 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:40:02 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:40:08 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:43:07 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:43:10 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:43:16 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:43:28 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:43:31 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:43:37 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 66.45.56.109, 0, Outbound,
Detection, 1/21/2015 3:44:32 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:44:34 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:44:38 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:44:42 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:44:44 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:52:09 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:52:12 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 3:52:18 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Protection, 1/21/2015 3:58:16 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, Starting,
Protection, 1/21/2015 3:58:16 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, Started,
Protection, 1/21/2015 3:58:16 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 3:58:21 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 4:00:01 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 4:00:04 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 4:00:10 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Protection, 1/21/2015 4:21:38 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, Starting,
Protection, 1/21/2015 4:21:38 PM, SYSTEM, GX620-9F3A32A67, Protection, Malware Protection, Started,
Protection, 1/21/2015 4:21:38 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 4:21:43 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,
Detection, 1/21/2015 4:23:33 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 4:23:36 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 4:23:37 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 38.84.134.28, 0, Outbound,
Detection, 1/21/2015 4:23:40 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 38.84.134.28, 0, Outbound,
Detection, 1/21/2015 4:23:42 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 5.149.250.194, 0, Outbound,
Detection, 1/21/2015 4:23:46 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 38.84.134.28, 0, Outbound,
Detection, 1/21/2015 4:23:50 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 144.76.255.252, 0, Outbound,
Detection, 1/21/2015 4:23:54 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 144.76.255.252, 0, Outbound,
Detection, 1/21/2015 4:23:59 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, IP, 144.76.255.252, 0, Outbound,
Update, 1/21/2015 4:26:52 PM, SYSTEM, GX620-9F3A32A67, Scheduler, Malware Database, 2015.1.21.10, 2015.1.21.11,
Protection, 1/21/2015 4:26:52 PM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Starting,
Protection, 1/21/2015 4:26:52 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopping,
Protection, 1/21/2015 4:26:53 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Stopped,
Protection, 1/21/2015 4:27:21 PM, SYSTEM, GX620-9F3A32A67, Protection, Refresh, Success,
Protection, 1/21/2015 4:27:21 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Starting,
Protection, 1/21/2015 4:27:36 PM, SYSTEM, GX620-9F3A32A67, Protection, Malicious Website Protection, Started,

(end)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users