Win32:Evo-gen virus?

Status
Not open for further replies.
Sorry to say, doesn't look like that Fix-It button fixed anything.
Your cryptsvc service is corrupted.

Let's attempt to manually start the service in the event it's just stopped and and not partially missing.

Click Start, click Run, type services.msc, and then click OK.
In the list of services, click Cryptsvc <--might not be there, if this happens please let me know
Make sure that the Status column displays Started and that the Startup Type column displays Automatic.

If the service is not set to Started or if the startup type for the Cryptsvc service is not set to Automatic, follow these steps:

Right-click Cryptsvc , and then click Properties.

In the Cryptsvc Properties dialog box, click the General tab, and then click Automatic in the Startup type list.

Click Start, click Apply, and then click OK.

~~~~~~~~~~~~~~~~~~~~

Please navigate your browser to this page:
http://support.microsoft.com/kb/822798

Scroll about half way down, and press the "Fixit" button. Download and run the Fixit repair.
 
Forgot to ask, other then the service not running how is your computer?
 
Hi juliet, thank you for asking,
after the post yesterday, I decided to check on my system.
it has Service Pack 3 and so I went on and update anything that is available at the Window Update website.


Cryptsvc seems to be there, with status column displays Started and Startup Type displays Automatic.
Maybe it only show up after I updated the system.

Viruses showsup less frequent now, I am not sure if my PC are now Clean, I am doing a full deep scan with Avast! at the moment to see if anything comes up. I will be running Spybots and aswMBR too for scanning purposes.
 
here are the recent logs

This is the Log from Spybot
Search results from Spybot - Search & Destroy

13/03/2014 9:08:48 AM
Scan took 00:15:34.
37 items found.

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977] Text file (File, nothing done)
C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\KW76MRQ6\skype.com\#ui\preferences.sol
Properties.size=217
Properties.md5=D2D3890B2C30ED4A4B228D762A0D7B29
Properties.filedate=1393833618
Properties.filedatetext=2014-03-03 16:00:17

Right Media: [SBI $4E2AF2AC] Tracking cookie (Internet Explorer (User): User) (Browser: Cookie, nothing done)


DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: User (default)) (Browser: Cookie, nothing done)


Common Dialogs: [SBI $4E2AF2AC] History (46 files) (Registry Key, nothing done)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Internet Explorer: [SBI $1E8157BE] Typed URL list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Internet Explorer\TypedURLs

MS Management Console: [SBI $ECD50EAD] Recent command list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Microsoft Management Console\Recent File List

MS Media Player: [SBI $656F1808] Search terms history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\MediaPlayer\AutoComplete\MediaSearch

MS Media Player: [SBI $8E65C0EE] Last opened playlist (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylist

MS Media Player: [SBI $1BDA487B] Last selected track index (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\MediaPlayer\Preferences\LastPlaylistIndex

MS Media Player: [SBI $6D2E50D8] Last selected node (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\MediaPlayer\MediaLibraryUI\MLLastSelectedNode

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\DirectInput\MostRecentApplication\Id

MS Office 12.0 (Excel): [SBI $546355D5] Recent Cartel List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Office\12.0\Excel\File MRU

MS Office 12.0 (Word): [SBI $E357B233] Recent Document List (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Office\12.0\Word\File MRU

MS Search Assistant: [SBI $AE0C4647] Typed search terms history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Search Assistant\ACMru

Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources

Windows.OpenWith: [SBI $F6D91293] Open with list - .AI extension (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.AI\OpenWithList

Windows Explorer: [SBI $A2C7B3CD] Recent wallpaper list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Wallpaper\MRU

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $2026AFB6] User Assistant history IE (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows Explorer: [SBI $6107D172] User Assistant history files (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: [SBI $B7EBA926] Last visited history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows Media\WMSDK\General\ComputerName

Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows Media\WMSDK\General\UniqueID

Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber

WinRAR: [SBI $0B56E92B] Recent file list (Registry Key, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\WinRAR\ArcHistory

WinRAR: [SBI $B84F9965] Last used directory (Registry Change, nothing done)
HKEY_USERS\S-1-5-21-1844237615-776561741-725345543-1003\Software\WinRAR\General\LastFolder

Cookie: [SBI $49804B54] Browser: Cookie (47) (Browser: Cookie, nothing done)


Cache: [SBI $49804B54] Browser: Cache (485) (Browser: Cache, nothing done)


History: [SBI $49804B54] Browser: History (61) (Browser: History, nothing done)


Cookie: [SBI $49804B54] Browser: Cookie (181) (Browser: Cookie, nothing done)



--- Spybot - Search & Destroy version: 2.1.18.131 DLL (build: 20130516) ---

2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2014-01-09 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-01-08 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-02-12 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-01-08 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-01-09 Includes\Malware-005.sbi (*)
2014-01-09 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-02-12 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-02-12 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-01-15 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-02-12 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)
Click to expand...
 
this is the log from aswMBR

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-13 09:20:20
-----------------------------
09:20:20.812 OS Version: Windows 5.1.2600 Service Pack 3
09:20:20.812 Number of processors: 2 586 0x170A
09:20:20.812 ComputerName: CINDY UserName: User
09:20:21.140 Initialize success
09:20:25.578 AVAST engine defs: 14031201
09:20:30.875 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-6
09:20:30.875 Disk 0 Vendor: WDC_WD1600AAJS-08L7A0 03.03E03 Size: 152627MB BusType: 3
09:20:30.953 Disk 0 MBR read successfully
09:20:30.953 Disk 0 MBR scan
09:20:30.968 Disk 0 Windows XP default MBR code
09:20:30.968 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
09:20:30.968 Disk 0 Partition - 00 0F Extended LBA 76308 MB offset 156280320
09:20:30.984 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 76308 MB offset 156280383
09:20:30.984 Disk 0 scanning sectors +312560640
09:20:31.062 Disk 0 scanning C:\WINDOWS\system32\drivers
09:20:38.359 Service scanning
09:20:49.500 Modules scanning
09:20:53.859 Disk 0 trace - called modules:
09:20:53.875 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
09:20:53.890 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a52cab8]
09:20:53.890 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000067[0x8a59f510]
09:20:53.890 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-6[0x8a530d98]
09:20:54.109 AVAST engine scan C:\
11:03:39.109 Scan finished successfully
11:11:38.359 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Desktop\MBR.dat"
11:11:38.375 The log file has been saved successfully to "C:\Documents and Settings\User\Desktop\1332014aswMBR.txt"
Click to expand...

I don't know where to get the Log from Avast! antivirus.
 
Download the latest version of TDSSKiller from here and save it to your Desktop.


  • Doubleclick on TDSSKiller.exe to run the application
    tdss%20start.JPG

  • Then click on Change parameters.

    tdss%20Change%20param.JPG

  • Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.
  • Click the Start Scan button.

  • If a suspicious object is detected, the default action will be Skip, click on Continue.

    tdss%20threat.JPG

  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
  • Get the report by selecting Reports

    tdss%20report.JPG

  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.



~~~~~~~~~~~~~~~~~~~~~~~
Please open Farbar Recovery Scan Tool
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
 
alright, here are the logs

from TDSS
08:45:55.0422 0x0f78 TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
08:46:04.0000 0x0f78 ============================================================
08:46:04.0000 0x0f78 Current date / time: 2014/03/17 08:46:04.0000
08:46:04.0000 0x0f78 SystemInfo:
08:46:04.0000 0x0f78
08:46:04.0000 0x0f78 OS Version: 5.1.2600 ServicePack: 3.0
08:46:04.0000 0x0f78 Product type: Workstation
08:46:04.0000 0x0f78 ComputerName: CINDY
08:46:04.0000 0x0f78 UserName: User
08:46:04.0000 0x0f78 Windows directory: C:\WINDOWS
08:46:04.0000 0x0f78 System windows directory: C:\WINDOWS
08:46:04.0000 0x0f78 Processor architecture: Intel x86
08:46:04.0000 0x0f78 Number of processors: 2
08:46:04.0000 0x0f78 Page size: 0x1000
08:46:04.0000 0x0f78 Boot type: Normal boot
08:46:04.0000 0x0f78 ============================================================
08:46:05.0812 0x0f78 KLMD registered as C:\WINDOWS\system32\drivers\65949890.sys
08:46:06.0031 0x0f78 System UUID: {FC881304-455B-FC7A-D520-55E44EBDF0DD}
08:46:06.0672 0x0f78 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
08:46:06.0672 0x0f78 ============================================================
08:46:06.0672 0x0f78 \Device\Harddisk0\DR0:
08:46:06.0672 0x0f78 MBR partitions:
08:46:06.0687 0x0f78 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x950A5C1
08:46:06.0703 0x0f78 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x950A63F, BlocksNum 0x950A5C1
08:46:06.0703 0x0f78 ============================================================
08:46:06.0718 0x0f78 C: <-> \Device\Harddisk0\DR0\Partition1
08:46:06.0734 0x0f78 D: <-> \Device\Harddisk0\DR0\Partition2
08:46:06.0734 0x0f78 ============================================================
08:46:06.0734 0x0f78 Initialize success
08:46:06.0734 0x0f78 ============================================================
08:46:11.0406 0x08f0 ============================================================
08:46:11.0406 0x08f0 Scan started
08:46:11.0406 0x08f0 Mode: Manual;
08:46:11.0406 0x08f0 ============================================================
08:46:11.0406 0x08f0 KSN ping started
08:46:14.0109 0x08f0 KSN ping finished: true
08:46:14.0781 0x08f0 ================ Scan system memory ========================
08:46:14.0781 0x08f0 Scan was interrupted by user!
08:46:14.0875 0x08f0 AV detected via SS1: avast! Antivirus, 5.0.150996957, enabled, updated
08:46:14.0875 0x08f0 Win FW state via NFM: enabled
08:46:17.0406 0x08f0 ============================================================
08:46:17.0406 0x08f0 Scan finished
08:46:17.0406 0x08f0 ============================================================
08:46:17.0406 0x06c0 Detected object count: 0
08:46:17.0406 0x06c0 Actual detected object count: 0
09:03:16.0172 0x028c ============================================================
09:03:16.0172 0x028c Scan started
09:03:16.0172 0x028c Mode: Manual; SigCheck; TDLFS;
09:03:16.0172 0x028c ============================================================
09:03:16.0172 0x028c KSN ping started
09:03:18.0843 0x028c KSN ping finished: true
09:03:19.0297 0x028c ================ Scan system memory ========================
09:03:19.0297 0x028c System memory - ok
09:03:19.0297 0x028c ================ Scan services =============================
09:03:19.0547 0x028c Abiosdsk - ok
09:03:19.0547 0x028c abp480n5 - ok
09:03:19.0593 0x028c [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
09:03:19.0843 0x028c ACPI - ok
09:03:19.0906 0x028c [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
09:03:19.0984 0x028c ACPIEC - ok
09:03:20.0031 0x028c [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:03:20.0047 0x028c AdobeFlashPlayerUpdateSvc - ok
09:03:20.0062 0x028c adpu160m - ok
09:03:20.0078 0x028c [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
09:03:20.0156 0x028c aec - ok
09:03:20.0187 0x028c [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
09:03:20.0203 0x028c AFD - ok
09:03:20.0203 0x028c Aha154x - ok
09:03:20.0218 0x028c aic78u2 - ok
09:03:20.0218 0x028c aic78xx - ok
09:03:20.0234 0x028c [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
09:03:20.0312 0x028c Alerter - ok
09:03:20.0328 0x028c [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
09:03:20.0375 0x028c ALG - ok
09:03:20.0375 0x028c AliIde - ok
09:03:20.0453 0x028c [ F6AF59D6EEE5E1C304F7F73706AD11D8, F5D39EF40CDB5102A84C8594CFC54DDBD5060E193E6D07421A9003D2ABC63E30 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
09:03:20.0562 0x028c Ambfilt - ok
09:03:20.0562 0x028c amsint - ok
09:03:20.0640 0x028c [ 4B5AE15E5C73EB4DC8DBEC2788230D41, E3C69EBDFE979387EFB115971F68C9539BD9C6944F3AE4D356AA6AC814F19D76 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
09:03:20.0656 0x028c Apple Mobile Device - ok
09:03:20.0703 0x028c [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
09:03:20.0750 0x028c AppMgmt - ok
09:03:20.0750 0x028c asc - ok
09:03:20.0750 0x028c asc3350p - ok
09:03:20.0765 0x028c asc3550 - ok
09:03:20.0859 0x028c [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
09:03:20.0906 0x028c aspnet_state - ok
09:03:20.0937 0x028c [ 7021F01CCAC1538CCF9AE004723AF033, 698B199D378426D9A07B01600BA265B8E8EDBEB29BEE223FB22592E59FB5B92E ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
09:03:20.0968 0x028c aswMonFlt - ok
09:03:21.0000 0x028c [ 98C18C78B0C3E7EFBDDA7BD0C35F5903, 92128EA70472EBA8804C2972DAA8557F460C2E082084E29B40CE93A05447592F ] aswRdr C:\WINDOWS\system32\drivers\aswRdr.sys
09:03:21.0015 0x028c aswRdr - ok
09:03:21.0015 0x028c [ F385467DF95D0A73775CB3B076B8B969, D427A5F4FB4D1DAB04AFC29E7EC510844F907ABBA053538995E65747BAD37422 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
09:03:21.0031 0x028c aswRvrt - ok
09:03:21.0062 0x028c [ 8CD8710457FCC1CDE88CBFA3AA119B92, B750481B2D44E2D01DEF500276A7253731EDD2BCB117B083EE10FAA7A8FFF729 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
09:03:21.0125 0x028c aswSnx - ok
09:03:21.0140 0x028c [ C1F95C9481F46B96E23A276639C55AC9, 75F7BCF74E46E3A8EC9AF0DB5D7FCA280DCAF97BD932767DCBDE66E26BF0E7CE ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
09:03:21.0156 0x028c aswSP - ok
09:03:21.0172 0x028c [ E6390554DCB2A730702188547267093C, 1F97F23A2C1767ABD52041DFA0EF9065567CDB02B12F674CF4EE4E8FBA69773B ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
09:03:21.0187 0x028c aswTdi - ok
09:03:21.0203 0x028c [ 1B0662514A68C3A42E60D240C5ABEF28, 71301759C135895C72CAED297A669BA58B3F73E0B7E46DB981F6559D5D5E2B89 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
09:03:21.0218 0x028c aswVmm - ok
09:03:21.0250 0x028c [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
09:03:21.0328 0x028c AsyncMac - ok
09:03:21.0343 0x028c [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
09:03:21.0406 0x028c atapi - ok
09:03:21.0422 0x028c Atdisk - ok
09:03:21.0437 0x028c [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
09:03:21.0515 0x028c Atmarpc - ok
09:03:21.0547 0x028c [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
09:03:21.0625 0x028c AudioSrv - ok
09:03:21.0656 0x028c [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
09:03:21.0734 0x028c audstub - ok
09:03:21.0781 0x028c [ CC42F104172B4A62793083D380867317, 0B09823419B328E29EB9FFBD033B3295590E414F31E7B37F11F62BD4B7EBAF06 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
09:03:21.0797 0x028c avast! Antivirus - ok
09:03:21.0828 0x028c [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
09:03:21.0906 0x028c Beep - ok
09:03:21.0937 0x028c [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
09:03:22.0078 0x028c BITS - ok
09:03:22.0125 0x028c [ 3F56903E124E820AEECE6D471583C6C1, B3C045AFACC8A8F5DC289ADE9ACFB2FE7F9CA24A900BBAED47E2A63837208CB3 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:03:22.0140 0x028c Bonjour Service - ok
09:03:22.0156 0x028c [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
09:03:22.0187 0x028c Browser - ok
09:03:22.0203 0x028c catchme - ok
09:03:22.0218 0x028c [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
09:03:22.0297 0x028c cbidf2k - ok
09:03:22.0297 0x028c cd20xrnt - ok
09:03:22.0312 0x028c [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
09:03:22.0390 0x028c Cdaudio - ok
09:03:22.0422 0x028c [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
09:03:22.0484 0x028c Cdfs - ok
09:03:22.0515 0x028c [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
09:03:22.0609 0x028c Cdrom - ok
09:03:22.0609 0x028c Changer - ok
09:03:22.0640 0x028c [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
09:03:22.0703 0x028c CiSvc - ok
09:03:22.0734 0x028c [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
09:03:22.0812 0x028c ClipSrv - ok
09:03:22.0859 0x028c [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:03:22.0922 0x028c clr_optimization_v2.0.50727_32 - ok
09:03:22.0922 0x028c CmdIde - ok
09:03:22.0922 0x028c COMSysApp - ok
09:03:22.0937 0x028c Cpqarray - ok
09:03:22.0953 0x028c [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
09:03:23.0031 0x028c CryptSvc - ok
09:03:23.0062 0x028c [ 0D15988B79DE14C0EBF145A12137FEC6, 6778E38C32F5FA441BEFAB83A6DE944B59129ECF8C139AFD7A7CC968FB67A7AF ] CSDriver C:\WINDOWS\system32\drivers\CSDriver.sys
09:03:23.0078 0x028c CSDriver - detected UnsignedFile.Multi.Generic ( 1 )
09:03:25.0515 0x028c CSDriver ( UnsignedFile.Multi.Generic ) - warning
09:03:28.0047 0x028c dac2w2k - ok
09:03:28.0047 0x028c dac960nt - ok
09:03:28.0093 0x028c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
09:03:28.0125 0x028c DcomLaunch - ok
09:03:28.0140 0x028c [ D8522960163FA593694E441194A9A574, 719627E23858E0A73A5E9C03561A95C2004BD2351B1393AD37596CAEFD62BE30 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
09:03:28.0156 0x028c dg_ssudbus - ok
09:03:28.0187 0x028c [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
09:03:28.0265 0x028c Dhcp - ok
09:03:28.0281 0x028c [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
09:03:28.0375 0x028c Disk - ok
09:03:28.0375 0x028c dmadmin - ok
09:03:28.0437 0x028c [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
09:03:28.0531 0x028c dmboot - ok
09:03:28.0531 0x028c [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
09:03:28.0609 0x028c dmio - ok
09:03:28.0625 0x028c [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
09:03:28.0703 0x028c dmload - ok
09:03:28.0718 0x028c [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
09:03:28.0797 0x028c dmserver - ok
09:03:28.0812 0x028c [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
09:03:28.0890 0x028c DMusic - ok
09:03:28.0906 0x028c [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
09:03:28.0906 0x028c Dnscache - ok
09:03:28.0953 0x028c [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
09:03:29.0031 0x028c Dot3svc - ok
09:03:29.0031 0x028c dpti2o - ok
09:03:29.0047 0x028c [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
09:03:29.0109 0x028c drmkaud - ok
09:03:29.0140 0x028c [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
09:03:29.0203 0x028c EapHost - ok
09:03:29.0218 0x028c [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
09:03:29.0281 0x028c ERSvc - ok
09:03:29.0312 0x028c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
09:03:29.0328 0x028c Eventlog - ok
09:03:29.0359 0x028c [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
09:03:29.0375 0x028c EventSystem - ok
09:03:29.0422 0x028c [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
09:03:29.0484 0x028c Fastfat - ok
09:03:29.0531 0x028c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
09:03:29.0562 0x028c FastUserSwitchingCompatibility - ok
09:03:29.0578 0x028c [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
09:03:29.0656 0x028c Fdc - ok
09:03:29.0672 0x028c [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
09:03:29.0765 0x028c Fips - ok
09:03:29.0797 0x028c [ 227846995AFEEFA70D328BF5334A86A5, B8EF22DE552B44E7DC352742C775BB6B4992B653AF4B66B231A60182CE7A7201 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
09:03:29.0843 0x028c FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
09:03:32.0218 0x028c Detect skipped due to KSN trusted
09:03:32.0218 0x028c FLEXnet Licensing Service - ok
09:03:32.0234 0x028c [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
09:03:32.0297 0x028c Flpydisk - ok
09:03:32.0328 0x028c [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
09:03:32.0406 0x028c FltMgr - ok
09:03:32.0453 0x028c [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C120BC25B684AF66A ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
09:03:32.0468 0x028c FontCache3.0.0.0 - ok
09:03:32.0484 0x028c [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
09:03:32.0562 0x028c Fs_Rec - ok
09:03:32.0578 0x028c [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
09:03:32.0656 0x028c Ftdisk - ok
09:03:32.0687 0x028c [ 8182FF89C65E4D38B2DE4BB0FB18564E, 2ACFA64D48BF7D25641EC5819C8722144284B8A8E071BF297C1881B07EEAFE88 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
09:03:32.0703 0x028c GEARAspiWDM - ok
09:03:32.0718 0x028c [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
09:03:32.0797 0x028c Gpc - ok
09:03:32.0890 0x028c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
09:03:32.0890 0x028c gupdate - ok
09:03:32.0922 0x028c [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
09:03:32.0937 0x028c gupdatem - ok
09:03:32.0968 0x028c [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F38D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
09:03:33.0062 0x028c HDAudBus - ok
09:03:33.0109 0x028c [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
09:03:33.0172 0x028c helpsvc - ok
09:03:33.0203 0x028c [ 3ECDCDC7CFE63BF2F2F736703CCD7628, AE124D27B89ACAB5BF0ED0F26C15047AC0F8546FE5108B898B0D7797C4514158 ] hidkmdf C:\WINDOWS\system32\DRIVERS\hidkmdf.sys
09:03:33.0218 0x028c hidkmdf - ok
09:03:33.0218 0x028c HidServ - ok
09:03:33.0250 0x028c [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
09:03:33.0328 0x028c HidUsb - ok
09:03:33.0343 0x028c [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
09:03:33.0437 0x028c hkmsvc - ok
09:03:33.0437 0x028c hpn - ok
09:03:33.0468 0x028c [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
09:03:33.0500 0x028c HTTP - ok
09:03:33.0531 0x028c [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
09:03:33.0625 0x028c HTTPFilter - ok
09:03:33.0640 0x028c i2omgmt - ok
09:03:33.0640 0x028c i2omp - ok
09:03:33.0672 0x028c [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
09:03:33.0750 0x028c i8042prt - ok
09:03:33.0922 0x028c [ 0F68E2EC713F132FFB19E45415B09679, B1439A5D157F9FF54E803581D2B86411DB079242D837617021A4A0BC195E67BB ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
09:03:34.0203 0x028c ialm - ok
09:03:34.0359 0x028c [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:03:34.0422 0x028c idsvc - ok
09:03:34.0437 0x028c [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
09:03:34.0515 0x028c Imapi - ok
09:03:34.0531 0x028c [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
09:03:34.0625 0x028c ImapiService - ok
09:03:34.0640 0x028c ini910u - ok
09:03:34.0812 0x028c [ 3A3A539D7DB808FAD3B55740474A6D02, D56B4550BF53B990104BEF73A321FDCC455E9C4F66609986258EBB05883C19F8 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
09:03:35.0125 0x028c IntcAzAudAddService - ok
09:03:35.0156 0x028c IntelIde - ok
09:03:35.0187 0x028c [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
09:03:35.0250 0x028c intelppm - ok
09:03:35.0265 0x028c [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
09:03:35.0343 0x028c Ip6Fw - ok
09:03:35.0375 0x028c [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
09:03:35.0437 0x028c IpFilterDriver - ok
09:03:35.0468 0x028c [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
09:03:35.0547 0x028c IpInIp - ok
09:03:35.0562 0x028c [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
09:03:35.0640 0x028c IpNat - ok
09:03:35.0672 0x028c [ 31116E352808019E69ECA58D1A6C66B0, 4178CCEC9ABBD494132B1AE5A73EB66C84848EA455BAE6ED47D3AA7FA405115C ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:03:35.0703 0x028c iPod Service - ok
09:03:35.0718 0x028c [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
09:03:35.0797 0x028c IPSec - ok
09:03:35.0812 0x028c [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
09:03:35.0859 0x028c IRENUM - ok
09:03:35.0890 0x028c [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
09:03:35.0953 0x028c isapnp - ok
09:03:35.0968 0x028c jcjymt - ok
09:03:35.0984 0x028c [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
09:03:36.0062 0x028c Kbdclass - ok
09:03:36.0078 0x028c [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
09:03:36.0156 0x028c kmixer - ok
09:03:36.0172 0x028c [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
09:03:36.0187 0x028c KSecDD - ok
09:03:36.0218 0x028c [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
09:03:36.0234 0x028c lanmanserver - ok
09:03:36.0265 0x028c [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
09:03:36.0281 0x028c lanmanworkstation - ok
09:03:36.0297 0x028c lbrtfdc - ok
09:03:36.0328 0x028c [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
09:03:36.0406 0x028c LmHosts - ok
09:03:36.0437 0x028c [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
09:03:36.0453 0x028c MBAMProtector - ok
09:03:36.0515 0x028c [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
09:03:36.0547 0x028c MBAMScheduler - ok
09:03:36.0578 0x028c [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
09:03:36.0625 0x028c MBAMService - ok
09:03:36.0703 0x028c [ 8566E3E7E14517C3142F9EBAF68C3CF4, 1E7A279B8EF1FA8C4D7DB0B72E031DDC39D82FC694A22808BD6C76EF98BB7BF1 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
09:03:36.0718 0x028c McComponentHostService - ok
09:03:36.0781 0x028c [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
09:03:36.0812 0x028c MDM - ok
09:03:36.0843 0x028c [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
09:03:36.0937 0x028c Messenger - ok
09:03:37.0015 0x028c [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
09:03:37.0031 0x028c Microsoft Office Groove Audit Service - ok
09:03:37.0062 0x028c [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
09:03:37.0125 0x028c mnmdd - ok
09:03:37.0156 0x028c [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
09:03:37.0234 0x028c mnmsrvc - ok
09:03:37.0250 0x028c [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
09:03:37.0312 0x028c Modem - ok
09:03:37.0359 0x028c [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5, 2AC3875B2E7D9B0692253A9867B940CF214DE03574808B42C3702843BC1D5696 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
09:03:37.0468 0x028c Monfilt - ok
09:03:37.0500 0x028c [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
09:03:37.0578 0x028c Mouclass - ok
09:03:37.0593 0x028c [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
09:03:37.0656 0x028c mouhid - ok
09:03:37.0672 0x028c [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
09:03:37.0750 0x028c MountMgr - ok
09:03:37.0781 0x028c [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
09:03:37.0797 0x028c MozillaMaintenance - ok
09:03:37.0797 0x028c mraid35x - ok
09:03:37.0812 0x028c [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
09:03:37.0875 0x028c MRxDAV - ok
09:03:37.0922 0x028c [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
09:03:37.0953 0x028c MRxSmb - ok
09:03:37.0984 0x028c [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
09:03:38.0062 0x028c MSDTC - ok
09:03:38.0078 0x028c [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
09:03:38.0156 0x028c Msfs - ok
09:03:38.0156 0x028c MSIServer - ok
09:03:38.0172 0x028c [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
09:03:38.0250 0x028c MSKSSRV - ok
09:03:38.0265 0x028c [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
09:03:38.0328 0x028c MSPCLOCK - ok
09:03:38.0343 0x028c [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
09:03:38.0437 0x028c MSPQM - ok
09:03:38.0453 0x028c [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
09:03:38.0515 0x028c mssmbios - ok
09:03:38.0547 0x028c [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
09:03:38.0562 0x028c Mup - ok
09:03:38.0593 0x028c [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
09:03:38.0750 0x028c napagent - ok
09:03:38.0797 0x028c [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
09:03:38.0875 0x028c NDIS - ok
09:03:38.0906 0x028c [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
09:03:38.0922 0x028c NdisTapi - ok
09:03:38.0937 0x028c [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
09:03:39.0015 0x028c Ndisuio - ok
09:03:39.0047 0x028c [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
09:03:39.0125 0x028c NdisWan - ok
09:03:39.0140 0x028c [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
09:03:39.0312 0x028c NDProxy - ok
09:03:39.0343 0x028c [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
09:03:39.0422 0x028c NetBIOS - ok
09:03:39.0437 0x028c [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
09:03:39.0515 0x028c NetBT - ok
09:03:39.0547 0x028c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
09:03:39.0625 0x028c NetDDE - ok
09:03:39.0640 0x028c [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
09:03:39.0703 0x028c NetDDEdsdm - ok
09:03:39.0734 0x028c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
09:03:39.0797 0x028c Netlogon - ok
09:03:39.0828 0x028c [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
09:03:39.0922 0x028c Netman - ok
09:03:40.0000 0x028c [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
09:03:40.0015 0x028c NetTcpPortSharing - ok
09:03:40.0031 0x028c [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
09:03:40.0062 0x028c Nla - ok
09:03:40.0078 0x028c [ C82F4CC10AD315B6D6BCB14D0A7CAD66, 7B12A7CB54DF475A4CCD23228A822FE29A04CF2850D64FCFA80DEFE3003074B1 ] nmwcd C:\WINDOWS\system32\drivers\ccdcmb.sys
09:03:40.0109 0x028c nmwcd - ok
09:03:40.0140 0x028c [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
09:03:40.0203 0x028c Npfs - ok
09:03:40.0234 0x028c [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
09:03:40.0343 0x028c Ntfs - ok
09:03:40.0359 0x028c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
09:03:40.0422 0x028c NtLmSsp - ok
09:03:40.0484 0x028c [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
09:03:40.0593 0x028c NtmsSvc - ok
09:03:40.0609 0x028c [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
09:03:40.0687 0x028c Null - ok
09:03:40.0703 0x028c [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
09:03:40.0781 0x028c NwlnkFlt - ok
09:03:40.0781 0x028c [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
09:03:40.0859 0x028c NwlnkFwd - ok
09:03:40.0937 0x028c [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
09:03:40.0968 0x028c odserv - ok
09:03:41.0000 0x028c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:03:41.0015 0x028c ose - ok
09:03:41.0031 0x028c [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
09:03:41.0093 0x028c Parport - ok
09:03:41.0109 0x028c [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
09:03:41.0172 0x028c PartMgr - ok
09:03:41.0203 0x028c [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
09:03:41.0265 0x028c ParVdm - ok
09:03:41.0281 0x028c [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
09:03:41.0359 0x028c PCI - ok
09:03:41.0359 0x028c PCIDump - ok
09:03:41.0375 0x028c [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
09:03:41.0437 0x028c PCIIde - ok
09:03:41.0468 0x028c [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
09:03:41.0531 0x028c Pcmcia - ok
09:03:41.0531 0x028c PDCOMP - ok
09:03:41.0531 0x028c PDFRAME - ok
09:03:41.0547 0x028c PDRELI - ok
09:03:41.0547 0x028c PDRFRAME - ok
09:03:41.0562 0x028c perc2 - ok
09:03:41.0562 0x028c perc2hib - ok
09:03:41.0593 0x028c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
09:03:41.0593 0x028c PlugPlay - ok
09:03:41.0625 0x028c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
09:03:41.0687 0x028c PolicyAgent - ok
09:03:41.0703 0x028c [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
09:03:41.0765 0x028c PptpMiniport - ok
09:03:41.0781 0x028c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
09:03:42.0015 0x028c ProtectedStorage - ok
09:03:42.0031 0x028c [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
09:03:42.0093 0x028c PSched - ok
09:03:42.0109 0x028c [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
09:03:42.0187 0x028c Ptilink - ok
09:03:42.0218 0x028c [ 1962166E0CEB740704F30FA55AD3D509, 22C21907D7FDCA2CBBE1EC0479D83DDD4C4FCBC07C8791A2F62414EC5E85E488 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
09:03:42.0218 0x028c PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
09:03:44.0984 0x028c Detect skipped due to KSN trusted
09:03:44.0984 0x028c PxHelp20 - ok
09:03:45.0000 0x028c ql1080 - ok
09:03:45.0000 0x028c Ql10wnt - ok
09:03:45.0000 0x028c ql12160 - ok
09:03:45.0015 0x028c ql1240 - ok
09:03:45.0015 0x028c ql1280 - ok
09:03:45.0031 0x028c [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
09:03:45.0093 0x028c RasAcd - ok
09:03:45.0125 0x028c [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
09:03:45.0203 0x028c RasAuto - ok
09:03:45.0218 0x028c [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
09:03:45.0297 0x028c Rasl2tp - ok
09:03:45.0343 0x028c [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
09:03:45.0406 0x028c RasMan - ok
09:03:45.0437 0x028c [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
09:03:45.0500 0x028c RasPppoe - ok
09:03:45.0500 0x028c [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
09:03:45.0578 0x028c Raspti - ok
09:03:45.0593 0x028c [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
09:03:45.0672 0x028c Rdbss - ok
09:03:45.0687 0x028c [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
09:03:45.0750 0x028c RDPCDD - ok
09:03:45.0765 0x028c [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
09:03:45.0843 0x028c rdpdr - ok
09:03:45.0875 0x028c [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
09:03:45.0890 0x028c RDPWD - ok
09:03:45.0937 0x028c [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
09:03:46.0000 0x028c RDSessMgr - ok
09:03:46.0078 0x028c [ 96EFEC24346A8EB1157E80523079ADDC, 7F8FC284029856C754E400B6C954369FFE27763C81D8F4AF4E58BFDD44CBC24A ] RealNetworks Downloader Resolver Service C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
09:03:46.0078 0x028c RealNetworks Downloader Resolver Service - ok
09:03:46.0109 0x028c [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
09:03:46.0187 0x028c redbook - ok
09:03:46.0218 0x028c [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
09:03:46.0297 0x028c RemoteAccess - ok
09:03:46.0328 0x028c [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
09:03:46.0406 0x028c RemoteRegistry - ok
09:03:46.0468 0x028c [ 8CFCA7E2FD4B57C2BEF929C1C1A4C56E, B56D18C70658AE2842AD684FB378CC7805612050A4ED222103F54A38FB22BBA6 ] RichVideo C:\Program Files\CyberLink\Shared files\RichVideo.exe
09:03:46.0484 0x028c RichVideo - ok
09:03:46.0484 0x028c [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
09:03:46.0562 0x028c RpcLocator - ok
09:03:46.0593 0x028c [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
09:03:46.0640 0x028c RpcSs - ok
09:03:46.0656 0x028c [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
09:03:46.0734 0x028c RSVP - ok
09:03:46.0765 0x028c [ 79B4FE884C18DD82D5449F6B6026D092, 434D2D39D20279B566B7C7E5367034DF981B2C8F5F16B0BF94360CE7B6BA0ADC ] RTLE8023xp C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys
09:03:46.0781 0x028c RTLE8023xp - ok
09:03:46.0812 0x028c [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
09:03:46.0890 0x028c SamSs - ok
09:03:46.0890 0x028c [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
09:03:46.0968 0x028c SCardSvr - ok
09:03:47.0000 0x028c [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
09:03:47.0078 0x028c Schedule - ok
09:03:47.0234 0x028c [ 98EF79CC2B07398AC525F9EA1AE0366F, D0D5D69696ED339F363024AF3271867F4C55572C67FD0F2AA27D24B37982E39A ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
09:03:47.0422 0x028c SDScannerService - ok
09:03:47.0515 0x028c [ 14BF6B3AB327D519ED007CDDC56F6900, 4E5DC4AF45347C885E0E87F205EE1F95BB4713A0B581CD7317FBEEE2A9628982 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
09:03:47.0578 0x028c SDUpdateService - ok
09:03:47.0593 0x028c [ 820EBE67AB99F033FDE25B2692157991, A9E86FE6EFD3CFD4EA1A26121C706335A6791CC6F81EE98AE2BE7EA566ECFEBB ] SDWSCService C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
09:03:47.0609 0x028c SDWSCService - ok
09:03:47.0640 0x028c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
09:03:47.0687 0x028c Secdrv - ok
09:03:47.0718 0x028c [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
09:03:47.0797 0x028c seclogon - ok
09:03:47.0812 0x028c [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
09:03:47.0890 0x028c SENS - ok
09:03:47.0922 0x028c [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
09:03:48.0000 0x028c serenum - ok
09:03:48.0015 0x028c [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
09:03:48.0093 0x028c Serial - ok
09:03:48.0125 0x028c [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
09:03:48.0187 0x028c Sfloppy - ok
09:03:48.0234 0x028c [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
09:03:48.0312 0x028c SharedAccess - ok
09:03:48.0328 0x028c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
09:03:48.0359 0x028c ShellHWDetection - ok
09:03:48.0375 0x028c Simbad - ok
09:03:48.0547 0x028c [ 9F712B26EE3B0242DE997A42FD302E2C, 12663EB108F158282A965EE70980627C2F2332BA7944D7DE03B78E18BEB87D26 ] Skype C2C Service C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
09:03:48.0703 0x028c Skype C2C Service - ok
09:03:48.0781 0x028c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
09:03:48.0797 0x028c SkypeUpdate - ok
09:03:48.0812 0x028c Sparrow - ok
09:03:48.0859 0x028c [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
09:03:48.0937 0x028c splitter - ok
09:03:48.0968 0x028c [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
09:03:48.0984 0x028c Spooler - ok
09:03:48.0984 0x028c sptd - ok
09:03:49.0015 0x028c [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
09:03:49.0062 0x028c sr - ok
09:03:49.0109 0x028c [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
09:03:49.0156 0x028c srservice - ok
09:03:49.0187 0x028c [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
09:03:49.0250 0x028c Srv - ok
09:03:49.0297 0x028c [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
09:03:49.0343 0x028c SSDPSRV - ok
09:03:49.0375 0x028c [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
09:03:49.0484 0x028c stisvc - ok
09:03:49.0515 0x028c [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
09:03:49.0593 0x028c swenum - ok
09:03:49.0672 0x028c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:03:49.0734 0x028c SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
09:03:52.0109 0x028c Detect skipped due to KSN trusted
09:03:52.0109 0x028c SwitchBoard - ok
09:03:52.0125 0x028c [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
09:03:52.0203 0x028c swmidi - ok
09:03:52.0218 0x028c SwPrv - ok
09:03:52.0218 0x028c symc810 - ok
09:03:52.0234 0x028c symc8xx - ok
09:03:52.0234 0x028c sym_hi - ok
09:03:52.0250 0x028c sym_u3 - ok
09:03:52.0265 0x028c [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
09:03:52.0343 0x028c sysaudio - ok
09:03:52.0375 0x028c [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
09:03:52.0453 0x028c SysmonLog - ok
09:03:52.0484 0x028c [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
09:03:52.0562 0x028c TapiSrv - ok
09:03:52.0609 0x028c [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
09:03:52.0656 0x028c Tcpip - ok
09:03:52.0922 0x028c [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
09:03:53.0000 0x028c TDPIPE - ok
09:03:53.0015 0x028c [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
09:03:53.0093 0x028c TDTCP - ok
09:03:53.0109 0x028c [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
09:03:53.0187 0x028c TermDD - ok
09:03:53.0218 0x028c [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
09:03:53.0312 0x028c TermService - ok
09:03:53.0343 0x028c [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
09:03:53.0359 0x028c Themes - ok
09:03:53.0390 0x028c [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
09:03:53.0422 0x028c TlntSvr - ok
09:03:53.0422 0x028c TosIde - ok
09:03:53.0453 0x028c [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
09:03:53.0547 0x028c TrkWks - ok
09:03:53.0562 0x028c [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
09:03:53.0625 0x028c Udfs - ok
09:03:53.0625 0x028c ultra - ok
09:03:53.0656 0x028c [ C81B8635DEE0D3EF5F64B3DD643023A5, 6D7438A5FB7168352099F726BD0980AD398A7CFE929B8D2BD362B238C1540D85 ] UMWdf C:\WINDOWS\system32\wdfmgr.exe
09:03:53.0672 0x028c UMWdf - ok
09:03:53.0718 0x028c [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
09:03:53.0828 0x028c Update - ok
09:03:53.0859 0x028c [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
09:03:53.0890 0x028c upnphost - ok
09:03:53.0922 0x028c [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
09:03:53.0984 0x028c UPS - ok
09:03:54.0031 0x028c [ 1DF89C499BF45D878B87EBD4421D462D, 37FE229C128DA2C3380944EDFA8E6117CB4B36D99EEFB2AEB1DD4E0890B49A17 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
09:03:54.0047 0x028c USBAAPL - ok
09:03:54.0078 0x028c [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
09:03:54.0093 0x028c usbccgp - ok
09:03:54.0109 0x028c [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
09:03:54.0125 0x028c usbehci - ok
09:03:54.0140 0x028c [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
09:03:54.0218 0x028c usbhub - ok
09:03:54.0265 0x028c [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
09:03:54.0375 0x028c usbprint - ok
09:03:54.0406 0x028c [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
09:03:54.0422 0x028c usbscan - ok
09:03:54.0468 0x028c [ 84C44D720655A8AA475E57A9E764D675, 2D450199338A217FBD951317812A74223E8B477974C7634667E8896316C3FEA0 ] usbser C:\WINDOWS\system32\drivers\usbser.sys
09:03:54.0515 0x028c usbser - ok
09:03:54.0593 0x028c [ E748D50B3B2EC7F40A2BA67FB094CF01, 35F1F255AA40C11A1379553DDA09470CA39DDE39569CF0DB800AAF2448A7FDE1 ] UsbserFilt C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys
09:03:54.0640 0x028c UsbserFilt - ok
09:03:54.0687 0x028c [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
09:03:54.0765 0x028c USBSTOR - ok
09:03:54.0797 0x028c [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
09:03:54.0875 0x028c usbuhci - ok
09:03:54.0906 0x028c [ B4D7B7AD8A9F7C063C5CC3E2C1A0724E, CFA47A71403419CA7C94333B4F7766DFC97C5DCDBC3AD1B106044B93C979A5C5 ] usb_rndisx C:\WINDOWS\system32\DRIVERS\usb8023x.sys
09:03:54.0953 0x028c usb_rndisx - ok
09:03:54.0968 0x028c [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
09:03:55.0047 0x028c VgaSave - ok
09:03:55.0047 0x028c ViaIde - ok
09:03:55.0062 0x028c [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
09:03:55.0156 0x028c VolSnap - ok
09:03:55.0218 0x028c [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
09:03:55.0297 0x028c VSS - ok
09:03:55.0328 0x028c [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] W32Time C:\WINDOWS\system32\w32time.dll
09:03:55.0390 0x028c W32Time - ok
09:03:55.0422 0x028c [ 2C405B2D6CFD8289BE10198B8DEE94EC, 69683519EBDA32F06C30DFFC6779AD75CF31132CBC8D74AB649C6C4B4BED5B02 ] WacHidRouter C:\WINDOWS\system32\DRIVERS\wachidrouter.sys
09:03:55.0422 0x028c WacHidRouter - ok
09:03:55.0453 0x028c [ E4224671E773CCF3D5D386992B31A460, 310313701564D0D9220E0D3AF98180D852727B0A7FAB135419C8B5933CF13332 ] wacomrouterfilter C:\WINDOWS\system32\DRIVERS\wacomrouterfilter.sys
09:03:55.0453 0x028c wacomrouterfilter - ok
09:03:55.0484 0x028c [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
09:03:55.0562 0x028c Wanarp - ok
09:03:55.0593 0x028c [ D918617B46457B9AC28027722E30F647, 407284D3055DC11944D4EE7E4357E7CF9CAF8CA40CA50633AB6FD4A82CB7EEA6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
09:03:55.0640 0x028c Wdf01000 - ok
09:03:55.0640 0x028c WDICA - ok
09:03:55.0656 0x028c [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
09:03:55.0734 0x028c wdmaud - ok
09:03:55.0765 0x028c [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
09:03:55.0828 0x028c WebClient - ok
09:03:55.0890 0x028c [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
09:03:55.0968 0x028c winmgmt - ok
09:03:56.0015 0x028c [ A477391B7A8B0A0DAABADB17CF533A4B, 9B1929B5BBF2738BA3D402809FCB8DAA09EF4727F860567895D5E73EBE43E627 ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
09:03:56.0047 0x028c WmdmPmSN - ok
09:03:56.0078 0x028c [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
09:03:56.0109 0x028c Wmi - ok
09:03:56.0125 0x028c [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
09:03:56.0218 0x028c WmiApSrv - ok
09:03:56.0234 0x028c [ C1B3D9D75C3FB735F5FA3A5806ADED57, E81D46549C4AB73CB1285A849046655CC5F680EB7ACE7A13A9E4B55B864C33BD ] WpdUsb C:\WINDOWS\system32\Drivers\wpdusb.sys
09:03:56.0250 0x028c WpdUsb - ok
09:03:56.0265 0x028c [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
09:03:56.0343 0x028c WS2IFSL - ok
09:03:56.0359 0x028c [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
09:03:56.0453 0x028c wscsvc - ok
09:03:56.0515 0x028c [ 0DA0AB21B1990CEB4C5FE1242486CF5C, 84D37921C57305AC847D93641BA0674BC5894DC1B945AEC95CC18C7158792A32 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
09:03:56.0531 0x028c WTabletServicePro - ok
09:03:56.0562 0x028c [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
09:03:56.0656 0x028c wuauserv - ok
09:03:56.0687 0x028c [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
09:03:56.0781 0x028c WZCSVC - ok
09:03:56.0812 0x028c [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
09:03:56.0906 0x028c xmlprov - ok
09:03:56.0937 0x028c [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
09:03:56.0984 0x028c YahooAUService - ok
09:03:56.0984 0x028c ================ Scan global ===============================
09:03:57.0015 0x028c [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
09:03:57.0062 0x028c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
09:03:57.0078 0x028c [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
09:03:57.0109 0x028c [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
09:03:57.0109 0x028c [ Global ] - ok
09:03:57.0109 0x028c ================ Scan MBR ==================================
09:03:57.0125 0x028c [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
09:03:57.0375 0x028c \Device\Harddisk0\DR0 - ok
09:03:57.0375 0x028c ================ Scan VBR ==================================
09:03:57.0375 0x028c [ D76CB178CA04CC588C0D08A4A5C68A4A ] \Device\Harddisk0\DR0\Partition1
09:03:57.0406 0x028c \Device\Harddisk0\DR0\Partition1 - ok
09:03:57.0406 0x028c [ 2F05094CA035E3A01DA02133961CBBA6 ] \Device\Harddisk0\DR0\Partition2
09:03:57.0406 0x028c \Device\Harddisk0\DR0\Partition2 - ok
09:03:57.0406 0x028c Waiting for KSN requests completion. In queue: 49
09:03:58.0406 0x028c Waiting for KSN requests completion. In queue: 49
09:03:59.0406 0x028c Waiting for KSN requests completion. In queue: 49
09:04:00.0422 0x028c AV detected via SS1: avast! Antivirus, 5.0.150996957, enabled, updated
09:04:00.0422 0x028c Win FW state via NFM: enabled
09:04:02.0953 0x028c ============================================================
09:04:02.0953 0x028c Scan finished
09:04:02.0953 0x028c ============================================================
09:04:02.0953 0x0b6c Detected object count: 1
09:04:02.0953 0x0b6c Actual detected object count: 1
09:04:26.0375 0x0b6c CSDriver ( UnsignedFile.Multi.Generic ) - skipped by user
09:04:26.0375 0x0b6c CSDriver ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:13:25.0125 0x084c ============================================================
09:13:25.0125 0x084c Scan started
09:13:25.0125 0x084c Mode: Manual; SigCheck; TDLFS;
09:13:25.0125 0x084c ============================================================
09:13:25.0125 0x084c KSN ping started
09:13:27.0468 0x084c KSN ping finished: true
CONT....
Click to expand...
 
Cont...

09:13:27.0922 0x084c ================ scan system memory ========================
09:13:27.0922 0x084c system memory - ok
09:13:27.0922 0x084c ================ scan services =============================
09:13:28.0172 0x084c abiosdsk - ok
09:13:28.0172 0x084c abp480n5 - ok
09:13:28.0218 0x084c [ 8fd99680a539792a30e97944fdaecf17, 594f8e0c3695400b0c09a797af6bdfac6f750ecd67d0ee803914c572b1dcc43c ] acpi c:\windows\system32\drivers\acpi.sys
09:13:28.0375 0x084c acpi - ok
09:13:28.0406 0x084c [ 9859c0f6936e723e4892d7141b1327d5, 5e8f6a2fc4df2e5e92a1d66ecc2810e08b42b64e9cd0df4ad3f78ea8558b90af ] acpiec c:\windows\system32\drivers\acpiec.sys
09:13:28.0484 0x084c acpiec - ok
09:13:28.0531 0x084c [ 9d96b0d5855fd1b98023b3eec9f06786, e4c79233158be8aa4e9c6dd71585e5d2703a5156531eb3d692d7d81bc443e844 ] adobeflashplayerupdatesvc c:\windows\system32\macromed\flash\flashplayerupdateservice.exe
09:13:28.0547 0x084c adobeflashplayerupdatesvc - ok
09:13:28.0562 0x084c adpu160m - ok
09:13:28.0578 0x084c [ 8bed39e3c35d6a489438b8141717a557, 1b5796e56b0927360ce0759641b1151828bc0a9e45620d2b2d880491f5ce33d0 ] aec c:\windows\system32\drivers\aec.sys
09:13:28.0672 0x084c aec - ok
09:13:28.0703 0x084c [ 1e44bc1e83d8fd2305f8d452db109cf9, cf5ec07e0b589fa2a4701c6cfd69e893fc3abf274ad57ae3c13ffe49063b02c8 ] afd c:\windows\system32\drivers\afd.sys
09:13:28.0703 0x084c afd - ok
09:13:28.0718 0x084c aha154x - ok
09:13:28.0718 0x084c aic78u2 - ok
09:13:28.0718 0x084c aic78xx - ok
09:13:28.0750 0x084c [ a9a3daa780ca6c9671a19d52456705b4, 67c959144b57ae0bbf1d82dbed197f32cdb06fecd883a80c441a0202fe83fab4 ] alerter c:\windows\system32\alrsvc.dll
09:13:28.0812 0x084c alerter - ok
09:13:28.0843 0x084c [ 8c515081584a38aa007909cd02020b3d, a5e13ca10f702928e0de84c74d0ea8accb117fd76fbabc55220c75c4ffd596dc ] alg c:\windows\system32\alg.exe
09:13:28.0890 0x084c alg - ok
09:13:28.0890 0x084c aliide - ok
09:13:28.0968 0x084c [ f6af59d6eee5e1c304f7f73706ad11d8, f5d39ef40cdb5102a84c8594cfc54ddbd5060e193e6d07421a9003d2abc63e30 ] ambfilt c:\windows\system32\drivers\ambfilt.sys
09:13:29.0047 0x084c ambfilt - ok
09:13:29.0062 0x084c amsint - ok
09:13:29.0125 0x084c [ 4b5ae15e5c73eb4dc8dbec2788230d41, e3c69ebdfe979387efb115971f68c9539bd9c6944f3ae4d356aa6ac814f19d76 ] apple mobile device c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe
09:13:29.0140 0x084c apple mobile device - ok
09:13:29.0187 0x084c [ d8849f77c0b66226335a59d26cb4edc6, 4990031453204c57e36e850252a39b05d6ecdab9e71a8136fb4900f17e59c9ca ] appmgmt c:\windows\system32\appmgmts.dll
09:13:29.0234 0x084c appmgmt - ok
09:13:29.0234 0x084c asc - ok
09:13:29.0234 0x084c asc3350p - ok
09:13:29.0250 0x084c asc3550 - ok
09:13:29.0328 0x084c [ 0e5e4957549056e2bf2c49f4f6b601ad, f7f19fdc906b719a3516d30a9b4a2262c8cc5b36b94e3d4195c345ec4610ff2b ] aspnet_state c:\windows\microsoft.net\framework\v2.0.50727\aspnet_state.exe
09:13:29.0343 0x084c aspnet_state - ok
09:13:29.0359 0x084c [ 7021f01ccac1538ccf9ae004723af033, 698b199d378426d9a07b01600ba265b8e8edbeb29bee223fb22592e59fb5b92e ] aswmonflt c:\windows\system32\drivers\aswmonflt.sys
09:13:29.0375 0x084c aswmonflt - ok
09:13:29.0406 0x084c [ 98c18c78b0c3e7efbdda7bd0c35f5903, 92128ea70472eba8804c2972daa8557f460c2e082084e29b40ce93a05447592f ] aswrdr c:\windows\system32\drivers\aswrdr.sys
09:13:29.0422 0x084c aswrdr - ok
09:13:29.0422 0x084c [ f385467df95d0a73775cb3b076b8b969, d427a5f4fb4d1dab04afc29e7ec510844f907abba053538995e65747bad37422 ] aswrvrt c:\windows\system32\drivers\aswrvrt.sys
09:13:29.0437 0x084c aswrvrt - ok
09:13:29.0453 0x084c [ 8cd8710457fcc1cde88cbfa3aa119b92, b750481b2d44e2d01def500276a7253731edd2bcb117b083ee10faa7a8fff729 ] aswsnx c:\windows\system32\drivers\aswsnx.sys
09:13:29.0484 0x084c aswsnx - ok
09:13:29.0500 0x084c [ c1f95c9481f46b96e23a276639c55ac9, 75f7bcf74e46e3a8ec9af0db5d7fca280dcaf97bd932767dcbde66e26bf0e7ce ] aswsp c:\windows\system32\drivers\aswsp.sys
09:13:29.0515 0x084c aswsp - ok
09:13:29.0547 0x084c [ e6390554dcb2a730702188547267093c, 1f97f23a2c1767abd52041dfa0ef9065567cdb02b12f674cf4ee4e8fba69773b ] aswtdi c:\windows\system32\drivers\aswtdi.sys
09:13:29.0562 0x084c aswtdi - ok
09:13:29.0562 0x084c [ 1b0662514a68c3a42e60d240c5abef28, 71301759c135895c72caed297a669ba58b3f73e0b7e46db981f6559d5d5e2b89 ] aswvmm c:\windows\system32\drivers\aswvmm.sys
09:13:29.0578 0x084c aswvmm - ok
09:13:29.0609 0x084c [ b153affac761e7f5fcfa822b9c4e97bc, 7e60f572a6b3c6219e3c86225aa37243affd74337db7f108b04778042e5cc959 ] asyncmac c:\windows\system32\drivers\asyncmac.sys
09:13:29.0687 0x084c asyncmac - ok
09:13:29.0703 0x084c [ 9f3a2f5aa6875c72bf062c712cfa2674, b4df1d2c56a593c6b54de57395e3b51d288f547842893b32b0f59228a0cf70b9 ] atapi c:\windows\system32\drivers\atapi.sys
09:13:29.0765 0x084c atapi - ok
09:13:29.0765 0x084c atdisk - ok
09:13:29.0797 0x084c [ 9916c1225104ba14794209cfa8012159, 5d6f05f715c52a16d05cae15c3dfe77a139a7f27f7ae710ec9a10f9ee05115a1 ] atmarpc c:\windows\system32\drivers\atmarpc.sys
09:13:29.0875 0x084c atmarpc - ok
09:13:29.0890 0x084c [ def7a7882bec100fe0b2ce2549188f9d, 462c95b63d0a1058291a2dc8cbfcb13d7d74ccd1ca43b613a7eb43d49e3276f8 ] audiosrv c:\windows\system32\audiosrv.dll
09:13:29.0968 0x084c audiosrv - ok
09:13:30.0000 0x084c [ d9f724aa26c010a217c97606b160ed68, 329b5118f2409731d06fdae85b6add64a048292801bcb3546651ceb303111695 ] audstub c:\windows\system32\drivers\audstub.sys
09:13:30.0078 0x084c audstub - ok
09:13:30.0125 0x084c [ cc42f104172b4a62793083d380867317, 0b09823419b328e29eb9ffbd033b3295590e414f31e7b37f11f62bd4b7ebaf06 ] avast! Antivirus c:\program files\avast software\avast\avastsvc.exe
09:13:30.0140 0x084c avast! Antivirus - ok
09:13:30.0187 0x084c [ da1f27d85e0d1525f6621372e7b685e9, 5a81a46a3bdd19dafc6c87d277267a5d44f3a1b5302f2cc1111d84b7bad5610d ] beep c:\windows\system32\drivers\beep.sys
09:13:30.0250 0x084c beep - ok
09:13:30.0281 0x084c [ 574738f61fca2935f5265dc4e5691314, 3c7ccf064397186c3a3863dd2370ab6414a61b330097dca4f299ca7bbaa3d1b4 ] bits c:\windows\system32\qmgr.dll
09:13:30.0359 0x084c bits - ok
09:13:30.0390 0x084c [ 3f56903e124e820aeece6d471583c6c1, b3c045afacc8a8f5dc289ade9acfb2fe7f9ca24a900bbaed47e2a63837208cb3 ] bonjour service c:\program files\bonjour\mdnsresponder.exe
09:13:30.0406 0x084c bonjour service - ok
09:13:30.0437 0x084c [ cfd4e51402da9838b5a04ae680af54a0, 5378f42b195b5832b00a05ad64e00473a45ffb86ac25c57241f26ea82b149fe1 ] browser c:\windows\system32\browser.dll
09:13:30.0453 0x084c browser - ok
09:13:30.0468 0x084c catchme - ok
09:13:30.0484 0x084c [ 90a673fc8e12a79afbed2576f6a7aaf9, bde7858a3457db979fedd8577fa6321bf72848e4a7bf9f173c78a6a10cbb3ebe ] cbidf2k c:\windows\system32\drivers\cbidf2k.sys
09:13:30.0562 0x084c cbidf2k - ok
09:13:30.0562 0x084c cd20xrnt - ok
09:13:30.0578 0x084c [ c1b486a7658353d33a10cc15211a873b, aa4dd9e7aae5aab1146b360b17001f975d2f29a1281cf7b13e7136480410f347 ] cdaudio c:\windows\system32\drivers\cdaudio.sys
09:13:30.0656 0x084c cdaudio - ok
09:13:30.0687 0x084c [ c885b02847f5d2fd45a24e219ed93b32, b26b2f8e3a831e2b65eb0c5195b0645cd50e22615ce79c9b0b391cd563b121db ] cdfs c:\windows\system32\drivers\cdfs.sys
09:13:30.0750 0x084c cdfs - ok
09:13:30.0781 0x084c [ 1f4260cc5b42272d71f79e570a27a4fe, b51c2a3ed3c309953d0ea45869c8e464c10f2533dade9e0286af674979098d1d ] cdrom c:\windows\system32\drivers\cdrom.sys
09:13:30.0859 0x084c cdrom - ok
09:13:30.0859 0x084c changer - ok
09:13:30.0875 0x084c [ 1cfe720eb8d93a7158a4ebc3ab178bde, 65d2a9d9a88f38d4af323134c151ba0f4b3cd0f6a134af86e7ac9d07319f1726 ] cisvc c:\windows\system32\cisvc.exe
09:13:30.0937 0x084c cisvc - ok
09:13:30.0968 0x084c [ 34cbe729f38138217f9c80212a2a0c82, a9fd7a758d12e0818a11beef1ce772fefa8373e92ef6c0da8628cd4572cc9a43 ] clipsrv c:\windows\system32\clipsrv.exe
09:13:31.0031 0x084c clipsrv - ok
09:13:31.0062 0x084c [ d87acaed61e417bba546ced5e7e36d9c, 14ac6034a5bc0fb2a1afdad42bef4de641556e54ad30d0c46765660a4be55462 ] clr_optimization_v2.0.50727_32 c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe
09:13:31.0078 0x084c clr_optimization_v2.0.50727_32 - ok
09:13:31.0078 0x084c cmdide - ok
09:13:31.0078 0x084c comsysapp - ok
09:13:31.0093 0x084c cpqarray - ok
09:13:31.0140 0x084c [ 3d4e199942e29207970e04315d02ad3b, 0825960894cf9c86cc8775bdd2a262948a09ca495aa7fe9f210faf49e7086383 ] cryptsvc c:\windows\system32\cryptsvc.dll
09:13:31.0203 0x084c cryptsvc - ok
09:13:31.0234 0x084c [ 0d15988b79de14c0ebf145a12137fec6, 6778e38c32f5fa441befab83a6de944b59129ecf8c139afd7a7cc968fb67a7af ] csdriver c:\windows\system32\drivers\csdriver.sys
09:13:31.0234 0x084c csdriver - detected unsignedfile.multi.generic ( 1 )
09:13:31.0234 0x084c csdriver ( unsignedfile.multi.generic ) - warning
09:13:31.0234 0x084c force sending object to p2p due to detect: C:\windows\system32\drivers\csdriver.sys
09:13:34.0156 0x084c object send p2p result: True
09:13:36.0687 0x084c dac2w2k - ok
09:13:36.0687 0x084c dac960nt - ok
09:13:36.0734 0x084c [ 6b27a5c03dfb94b4245739065431322c, 6aeac16ab4e0dfd25123aaf4d4181fee1b919b7b2793117006ce8cf30e826cfd ] dcomlaunch c:\windows\system32\rpcss.dll
09:13:36.0750 0x084c dcomlaunch - ok
09:13:36.0781 0x084c [ d8522960163fa593694e441194a9a574, 719627e23858e0a73a5e9c03561a95c2004bd2351b1393ad37596caefd62be30 ] dg_ssudbus c:\windows\system32\drivers\ssudbus.sys
09:13:36.0781 0x084c dg_ssudbus - ok
09:13:36.0812 0x084c [ 5e38d7684a49cacfb752b046357e0589, f192ad4190bcfb6939a5cbc91648fe63168af79a5e227a111dead6a92e42ab8d ] dhcp c:\windows\system32\dhcpcsvc.dll
09:13:36.0890 0x084c dhcp - ok
09:13:36.0922 0x084c [ 044452051f3e02e7963599fc8f4f3e25, 584bddb074618be76454cf90e74829cff588b5b5faeb793e2f7aad26352dd689 ] disk c:\windows\system32\drivers\disk.sys
09:13:37.0000 0x084c disk - ok
09:13:37.0015 0x084c dmadmin - ok
09:13:37.0062 0x084c [ d992fe1274bde0f84ad826acae022a41, c82bd6561a14f2932a761f5883a787b99031250ee5e9b7b5714aa045545c9b99 ] dmboot c:\windows\system32\drivers\dmboot.sys
09:13:37.0140 0x084c dmboot - ok
09:13:37.0156 0x084c [ 7c824cf7bbde77d95c08005717a95f6f, a73cb323b7a6410c3d3f258bf204e716adf8c84c9e4f6562c57ab73daed8ccde ] dmio c:\windows\system32\drivers\dmio.sys
09:13:37.0234 0x084c dmio - ok
09:13:37.0250 0x084c [ e9317282a63ca4d188c0df5e09c6ac5f, d41e002f555fe9015ef620975255f58bb79198ca1ff0e09ec950cb450ff77cf7 ] dmload c:\windows\system32\drivers\dmload.sys
09:13:37.0312 0x084c dmload - ok
09:13:37.0343 0x084c [ 57edec2e5f59f0335e92f35184bc8631, 61f6f0dc2d1a6c61d5ef0d5cc4be0ffc217f1e61fda3ea9f704709293656600f ] dmserver c:\windows\system32\dmserver.dll
09:13:37.0406 0x084c dmserver - ok
09:13:37.0422 0x084c [ 8a208dfcf89792a484e76c40e5f50b45, 4e40e2eb38c6254e7caa488200e89ee7debbba773890bc6a84313cc68178d54f ] dmusic c:\windows\system32\drivers\dmusic.sys
09:13:37.0484 0x084c dmusic - ok
09:13:37.0500 0x084c [ 5f7e24fa9eab896051ffb87f840730d2, 356eefdcd54decad0170b34b993e4bf80dd039e2b2922d7a8d09b84031e9fc7a ] dnscache c:\windows\system32\dnsrslvr.dll
09:13:37.0515 0x084c dnscache - ok
09:13:37.0547 0x084c [ 0f0f6e687e5e15579ef4da8dd6945814, 5c32d88119eb1465b2d719bee2e05888d1a73454b5e33f2d4928da710f8bfba3 ] dot3svc c:\windows\system32\dot3svc.dll
09:13:37.0609 0x084c dot3svc - ok
09:13:37.0609 0x084c dpti2o - ok
09:13:37.0609 0x084c [ 8f5fcff8e8848afac920905fbd9d33c8, c8c6fb97ab0871c8c88a2201525a5cf10d5131cb6980d32692ed7a8f58399ad5 ] drmkaud c:\windows\system32\drivers\drmkaud.sys
09:13:37.0687 0x084c drmkaud - ok
09:13:37.0703 0x084c [ 2187855a7703adef0cef9ee4285182cc, 8233cc11f637866c0074043835a785ea2b616739b6b1181b143a253cf2508cfd ] eaphost c:\windows\system32\eapsvc.dll
09:13:37.0765 0x084c eaphost - ok
09:13:37.0781 0x084c [ bc93b4a066477954555966d77fec9ecb, 27f5b780175ef46da102ee33f7f33559c8b40c077eea4405d579d9507f4b1c23 ] ersvc c:\windows\system32\ersvc.dll
09:13:37.0843 0x084c ersvc - ok
09:13:37.0875 0x084c [ 65df52f5b8b6e9bbd183505225c37315, 59c606977db40a3443dff0be2a4c761824881b22c9fdb3d23f6486db580e92a4 ] eventlog c:\windows\system32\services.exe
09:13:37.0906 0x084c eventlog - ok
09:13:37.0937 0x084c [ d4991d98f2db73c60d042f1aef79efae, 58af949eaebf4ff3e3314dfb66ce4198bf65f0836b68cd27a6ed319742ccccd2 ] eventsystem c:\windows\system32\es.dll
09:13:37.0953 0x084c eventsystem - ok
09:13:37.0984 0x084c [ 38d332a6d56af32635675f132548343e, e6909db836af679b4f4d62c7396d6c82769cc7abb8c919c2aabfe934fce268f6 ] fastfat c:\windows\system32\drivers\fastfat.sys
09:13:38.0062 0x084c fastfat - ok
09:13:38.0093 0x084c [ 99bc0b50f511924348be19c7c7313bbf, a1006c687bd352f700b140dc741515a0cdd9e1352c0fbd1ee410d404e344444b ] fastuserswitchingcompatibility c:\windows\system32\shsvcs.dll
09:13:38.0140 0x084c fastuserswitchingcompatibility - ok
09:13:38.0156 0x084c [ 92cdd60b6730b9f50f6a1a0c1f8cdc81, 8307a532ab4d05cbbce206dc2759497708bf5aaa880bd00f0e4f281d8578a1f5 ] fdc c:\windows\system32\drivers\fdc.sys
09:13:38.0218 0x084c fdc - ok
09:13:38.0234 0x084c [ d45926117eb9fa946a6af572fbe1caa3, 4c94ef009d778be0bdf8f812f026b96f91f641be30aa2531427a5e63dbd280da ] fips c:\windows\system32\drivers\fips.sys
09:13:38.0312 0x084c fips - ok
09:13:38.0343 0x084c [ 227846995afeefa70d328bf5334a86a5, b8ef22de552b44e7dc352742c775bb6b4992b653af4b66b231a60182ce7a7201 ] flexnet licensing service c:\program files\common files\macrovision shared\flexnet publisher\fnplicensingservice.exe
09:13:38.0390 0x084c flexnet licensing service - detected unsignedfile.multi.generic ( 1 )
09:13:38.0390 0x084c detect skipped due to ksn trusted
09:13:38.0390 0x084c flexnet licensing service - ok
09:13:38.0406 0x084c [ 9d27e7b80bfcdf1cdd9b555862d5e7f0, 69c271ad5bcebfd8ae5a769bdd7ec51256da3a8adad5d12e5c0d13f4e82d8805 ] flpydisk c:\windows\system32\drivers\flpydisk.sys
09:13:38.0468 0x084c flpydisk - ok
09:13:38.0484 0x084c [ b2cf4b0786f8212cb92ed2b50c6db6b0, 280f5cf8a90f7bede73add0dd0f8952088133a7ca9a3d3b7041957e33b36845d ] fltmgr c:\windows\system32\drivers\fltmgr.sys
09:13:38.0547 0x084c fltmgr - ok
09:13:38.0609 0x084c [ 8ba7c024070f2b7fdd98ed8a4ba41789, 47585006f86b2c6016ec54250a416794792d1e4024ff229c120bc25b684af66a ] fontcache3.0.0.0 c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe
09:13:38.0609 0x084c fontcache3.0.0.0 - ok
09:13:38.0625 0x084c [ 3e1e2bd4f39b0e2b7dc4f4d2bcc2779a, ec635e071201a766845d48973772cbe0958942b4162f3f5f70660d114cc877e0 ] fs_rec c:\windows\system32\drivers\fs_rec.sys
09:13:38.0703 0x084c fs_rec - ok
09:13:38.0718 0x084c [ 6ac26732762483366c3969c9e4d2259d, ff2c9a23cc17f380093f0bea955b1925794271c2fea16b9b7639668e6999bae3 ] ftdisk c:\windows\system32\drivers\ftdisk.sys
09:13:38.0797 0x084c ftdisk - ok
09:13:38.0843 0x084c [ 8182ff89c65e4d38b2de4bb0fb18564e, 2acfa64d48bf7d25641ec5819c8722144284b8a8e071bf297c1881b07eeafe88 ] gearaspiwdm c:\windows\system32\drivers\gearaspiwdm.sys
09:13:38.0843 0x084c gearaspiwdm - ok
09:13:38.0875 0x084c [ 0a02c63c8b144bd8c86b103dee7c86a2, 7a3235dd3e1995dd72b212faeb3eca2a974434de9bf6d269ea11ba65a80e7e50 ] gpc c:\windows\system32\drivers\msgpc.sys
09:13:38.0953 0x084c gpc - ok
09:13:39.0031 0x084c [ f02a533f517eb38333cb12a9e8963773, 1f72cd1cf660766fa8f912e40b7323a0192a300b376186c10f6803dc5efe28df ] gupdate c:\program files\google\update\googleupdate.exe
09:13:39.0031 0x084c gupdate - ok
09:13:39.0047 0x084c [ f02a533f517eb38333cb12a9e8963773, 1f72cd1cf660766fa8f912e40b7323a0192a300b376186c10f6803dc5efe28df ] gupdatem c:\program files\google\update\googleupdate.exe
09:13:39.0062 0x084c gupdatem - ok
09:13:39.0093 0x084c [ 573c7d0a32852b48f3058cfd8026f511, bc384bba394afdcda1a9abc858c692aa84a1f0a31af3ddf7f38d120c027927fb ] hdaudbus c:\windows\system32\drivers\hdaudbus.sys
09:13:39.0172 0x084c hdaudbus - ok
09:13:39.0234 0x084c [ 4fcca060dfe0c51a09dd5c3843888bcd, d82417706b517f2610ddf7c86be03a72efa9a2a389df5c8f8adeab8144e2c80a ] helpsvc c:\windows\pchealth\helpctr\binaries\pchsvc.dll
09:13:39.0297 0x084c helpsvc - ok
09:13:39.0328 0x084c [ 3ecdcdc7cfe63bf2f2f736703ccd7628, ae124d27b89acab5bf0ed0f26c15047ac0f8546fe5108b898b0d7797c4514158 ] hidkmdf c:\windows\system32\drivers\hidkmdf.sys
09:13:39.0328 0x084c hidkmdf - ok
09:13:39.0328 0x084c hidserv - ok
09:13:39.0359 0x084c [ ccf82c5ec8a7326c3066de870c06daf1, 93395fa4c26b2e82dc8b7025ed3bcf583885e5d8c5f60cd6eeaa6335d6a126ec ] hidusb c:\windows\system32\drivers\hidusb.sys
09:13:39.0437 0x084c hidusb - ok
09:13:39.0453 0x084c [ 8878bd685e490239777bfe51320b88e9, c5c3ecf6b049b6736e35b39518a8f830b45c45a88ffe8e3a6b7922ad946597e2 ] hkmsvc c:\windows\system32\kmsvc.dll
09:13:39.0531 0x084c hkmsvc - ok
09:13:39.0531 0x084c hpn - ok
09:13:39.0562 0x084c [ f80a415ef82cd06ffaf0d971528ead38, 524d9e9201572929522f6805011783711b7c0f76308b924c89cf75f4b7a1fdf3 ] http c:\windows\system32\drivers\http.sys
09:13:39.0578 0x084c http - ok
09:13:39.0609 0x084c [ 6100a808600f44d999cebdef8841c7a3, 61a75118c327812c60622010985a2e80e79b6fd9030a5732390ee5426e4af6c9 ] httpfilter c:\windows\system32\w3ssl.dll
09:13:39.0687 0x084c httpfilter - ok
09:13:39.0703 0x084c i2omgmt - ok
09:13:39.0703 0x084c i2omp - ok
09:13:39.0734 0x084c [ 4a0b06aa8943c1e332520f7440c0aa30, db2452390ccfe67e0c5feb4fd42ca24abe2ddd40d0b22dd5f5b8f70416863918 ] i8042prt c:\windows\system32\drivers\i8042prt.sys
09:13:39.0812 0x084c i8042prt - ok
09:13:40.0000 0x084c [ 0f68e2ec713f132ffb19e45415b09679, b1439a5d157f9ff54e803581d2b86411db079242d837617021a4a0bc195e67bb ] ialm c:\windows\system32\drivers\igxpmp32.sys
09:13:40.0218 0x084c ialm - ok
09:13:40.0375 0x084c [ c01ac32dc5c03076cfb852cb5da5229c, a4d7749220b5bc965d96a267f1e02fe8284a230ba249109207bd4b9ea8dfac96 ] idsvc c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe
09:13:40.0422 0x084c idsvc - ok
09:13:40.0468 0x084c [ 083a052659f5310dd8b6a6cb05edcf8e, 48d39b03ffb6faa1529b774443ba12618ae3982d9f65a7b9d18f2269f78b31f4 ] imapi c:\windows\system32\drivers\imapi.sys
09:13:40.0547 0x084c imapi - ok
09:13:40.0578 0x084c [ 30deaf54a9755bb8546168cfe8a6b5e1, 3936228cd3125c763abfcb93e86e4b43838202bcc0913a28e84ac0263b43ee0d ] imapiservice c:\windows\system32\imapi.exe
09:13:40.0656 0x084c imapiservice - ok
09:13:40.0656 0x084c ini910u - ok
09:13:40.0859 0x084c [ 3a3a539d7db808fad3b55740474a6d02, d56b4550bf53b990104bef73a321fdcc455e9c4f66609986258ebb05883c19f8 ] intcazaudaddservice c:\windows\system32\drivers\rtkhdaud.sys
09:13:41.0062 0x084c intcazaudaddservice - ok
09:13:41.0078 0x084c intelide - ok
09:13:41.0109 0x084c [ 8c953733d8f36eb2133f5bb58808b66b, 555868f246d73652e998b0b1296476e42fceded30d646cc000f31ece4ebc25e6 ] intelppm c:\windows\system32\drivers\intelppm.sys
09:13:41.0172 0x084c intelppm - ok
09:13:41.0187 0x084c [ 3bb22519a194418d5fec05d800a19ad0, f6662f440950596dc1382dd1db5d7891ccea30a6062bea942c18445b5f0d8b16 ] ip6fw c:\windows\system32\drivers\ip6fw.sys
09:13:41.0265 0x084c ip6fw - ok
09:13:41.0281 0x084c [ 731f22ba402ee4b62748adaf6363c182, 5c3bebd008a5be4dc2f92076ff41a10ddc01e10ec7e6552213cfa11970811848 ] ipfilterdriver c:\windows\system32\drivers\ipfltdrv.sys
09:13:41.0359 0x084c ipfilterdriver - ok
09:13:41.0375 0x084c [ b87ab476dcf76e72010632b5550955f5, e6e74d3a86a7917a8baed44f8e97ccd2eb171e4e4b27e9907f60d1523faf319a ] ipinip c:\windows\system32\drivers\ipinip.sys
09:13:41.0453 0x084c ipinip - ok
09:13:41.0468 0x084c [ cc748ea12c6effde940ee98098bf96bb, af523e21c25d9a1715efea573e4f52af5d4fc9f28a2d613f5db629c186c439e0 ] ipnat c:\windows\system32\drivers\ipnat.sys
09:13:41.0531 0x084c ipnat - ok
09:13:41.0562 0x084c [ 31116e352808019e69eca58d1a6c66b0, 4178ccec9abbd494132b1ae5a73eb66c84848ea455bae6ed47d3aa7fa405115c ] ipod service c:\program files\ipod\bin\ipodservice.exe
09:13:41.0578 0x084c ipod service - ok
09:13:41.0609 0x084c [ 23c74d75e36e7158768dd63d92789a91, 394d296f38e7d8efd91a6eec301d9ce6af910e35eb9819f1a9e3363863aedfdc ] ipsec c:\windows\system32\drivers\ipsec.sys
09:13:41.0687 0x084c ipsec - ok
09:13:41.0703 0x084c [ c93c9ff7b04d772627a3646d89f7bf89, 805fa48e7a46d4f10240bf880a2468f53dea36e83004399228ab70db7d20544a ] irenum c:\windows\system32\drivers\irenum.sys
09:13:41.0734 0x084c irenum - ok
09:13:41.0765 0x084c [ 05a299ec56e52649b1cf2fc52d20f2d7, 2654619db3e6d6c385b63ab02f87d4241c4f0250cc31383d1b3586917166c2dc ] isapnp c:\windows\system32\drivers\isapnp.sys
09:13:41.0828 0x084c isapnp - ok
09:13:41.0843 0x084c jcjymt - ok
09:13:41.0859 0x084c [ 463c1ec80cd17420a542b7f36a36f128, e3b11ba26afeafb50b0fc168ea07f6049da6b88bcddeee20310602d7fc27a3a7 ] kbdclass c:\windows\system32\drivers\kbdclass.sys
09:13:41.0937 0x084c kbdclass - ok
09:13:41.0953 0x084c [ 692bcf44383d056aed41b045a323d378, 1a99dee83ffaf64e73067fc049c0a4ce07d94e4ae31efa17b38cefa9e41d67dc ] kmixer c:\windows\system32\drivers\kmixer.sys
09:13:42.0015 0x084c kmixer - ok
09:13:42.0047 0x084c [ b467646c54cc746128904e1654c750c1, 3bd71be3663ea23463d236d8a2a2e42dfa10c502bdb4b6e131faf0fba748219e ] ksecdd c:\windows\system32\drivers\ksecdd.sys
09:13:42.0062 0x084c ksecdd - ok
09:13:42.0093 0x084c [ 3a7c3cbe5d96b8ae96ce81f0b22fb527, 0044f03132596a494448cce5f3d6ecc12617bb4cf6bae348f79d4dc40acd6ee0 ] lanmanserver c:\windows\system32\srvsvc.dll
09:13:42.0109 0x084c lanmanserver - ok
09:13:42.0140 0x084c [ a8888a5327621856c0cec4e385f69309, b08b63300d824e35e31eeea2c4c086dfa2c2a964cedae512e74d3d88aadaa2c1 ] lanmanworkstation c:\windows\system32\wkssvc.dll
09:13:42.0156 0x084c lanmanworkstation - ok
09:13:42.0172 0x084c lbrtfdc - ok
09:13:42.0203 0x084c [ a7db739ae99a796d91580147e919cc59, edf4e039ba277b0e6d66feb0b28096e67d682c09dfc18ececf062d9dcfb75acf ] lmhosts c:\windows\system32\lmhsvc.dll
09:13:42.0281 0x084c lmhosts - ok
09:13:42.0312 0x084c [ 4470e3c1e0c3378e4cab137893c12c3a, ca8e66356f0e671d5454e561e7ead74de25dcf53be452369f96ecacfa8709489 ] mbamprotector c:\windows\system32\drivers\mbam.sys
09:13:42.0312 0x084c mbamprotector - ok
09:13:42.0390 0x084c [ 65085456fd9a74d7f1a999520c299ecb, ea564bc913ef1b8a4caa9242fc70f525b68cf1f3ca462f63b0b7215b93fe8530 ] mbamscheduler c:\program files\malwarebytes' anti-malware\mbamscheduler.exe
09:13:42.0406 0x084c mbamscheduler - ok
09:13:42.0437 0x084c [ e0d7732f2d2e24b2db3f67b6750295b8, aa5ca86af1acec900f60339016b3dc55472db40adb99186005a7abe67b7d66fc ] mbamservice c:\program files\malwarebytes' anti-malware\mbamservice.exe
09:13:42.0468 0x084c mbamservice - ok
09:13:42.0547 0x084c [ 8566e3e7e14517c3142f9ebaf68c3cf4, 1e7a279b8ef1fa8c4d7db0b72e031ddc39d82fc694a22808bd6c76ef98bb7bf1 ] mccomponenthostservice c:\program files\mcafee security scan\3.8.141\mcchsvc.exe
09:13:42.0562 0x084c mccomponenthostservice - ok
09:13:42.0625 0x084c [ 11f714f85530a2bd134074dc30e99fca, bdb5fd3b2df4add19b31965b3e789768b59e872b3ea85912b1ffb32b2af9d5d8 ] mdm c:\program files\common files\microsoft shared\vs7debug\mdm.exe
09:13:42.0640 0x084c mdm - ok
09:13:42.0672 0x084c [ 986b1ff5814366d71e0ac5755c88f2d3, e6af051174531c24b38e73987755d366abec595476c6d17793e8dccc73f55340 ] messenger c:\windows\system32\msgsvc.dll
09:13:42.0750 0x084c messenger - ok
09:13:42.0828 0x084c [ 123271bd5237ab991dc5c21fdf8835eb, 004f8f9228ee291a0e36ce33078d572d61733516f9aa5cfc832af204c6869e89 ] microsoft office groove audit service c:\program files\microsoft office\office12\grooveauditservice.exe
09:13:42.0843 0x084c microsoft office groove audit service - ok
09:13:42.0875 0x084c [ 4ae068242760a1fb6e1a44bf4e16afa6, 1fb771162b96aaf787ac24867b818df8511f0780bb094fa9a38c11d8dbfe68bc ] mnmdd c:\windows\system32\drivers\mnmdd.sys
09:13:42.0953 0x084c mnmdd - ok
09:13:42.0984 0x084c [ d18f1f0c101d06a1c1adf26eed16fcdd, ba0837c7780bd8262e143e2935afa63be59c3c39ef56cb8608eed0f50af070d4 ] mnmsrvc c:\windows\system32\mnmsrvc.exe
09:13:43.0047 0x084c mnmsrvc - ok
09:13:43.0078 0x084c [ dfcbad3cec1c5f964962ae10e0bcc8e1, b342cc9ec3729ab1ab4b5e2e99f890c1e0ca649162de91f6768ab857b719e97b ] modem c:\windows\system32\drivers\modem.sys
09:13:43.0140 0x084c modem - ok
09:13:43.0203 0x084c [ 9fa7207d1b1adead88ae8eed9cdbbaa5, 2ac3875b2e7d9b0692253a9867b940cf214de03574808b42c3702843bc1d5696 ] monfilt c:\windows\system32\drivers\monfilt.sys
09:13:43.0265 0x084c monfilt - ok
09:13:43.0297 0x084c [ 35c9e97194c8cfb8430125f8dbc34d04, 0c0fce6b0a23fb0ecb92e1663e1c72d2dd5b177d82e04782957690b69530db39 ] mouclass c:\windows\system32\drivers\mouclass.sys
09:13:43.0375 0x084c mouclass - ok
09:13:43.0406 0x084c [ b1c303e17fb9d46e87a98e4ba6769685, 161a45488522055d0f0474abeda04ddd0b5dac2411af9154b15190bbd66e7153 ] mouhid c:\windows\system32\drivers\mouhid.sys
09:13:43.0468 0x084c mouhid - ok
09:13:43.0500 0x084c [ a80b9a0bad1b73637dbcbba7df72d3fd, 2a5e15ed2c24c6c65ef2f7e1fd93374774076c9d8d451e4422561f4d269c012f ] mountmgr c:\windows\system32\drivers\mountmgr.sys
09:13:43.0562 0x084c mountmgr - ok
09:13:43.0593 0x084c [ 338037efa0e8e8699b2667d57b751574, 59e0d39806d0c4eb57913aa013242837fd39ad378726aee42d250cba87c1c3bf ] mozillamaintenance c:\program files\mozilla maintenance service\maintenanceservice.exe
09:13:43.0609 0x084c mozillamaintenance - ok
09:13:43.0609 0x084c mraid35x - ok
09:13:43.0625 0x084c [ 11d42bb6206f33fbb3ba0288d3ef81bd, 76abcfb62c5ac549f58c231f72a99882cdeb74928104b77fe52554765c2b1a22 ] mrxdav c:\windows\system32\drivers\mrxdav.sys
09:13:43.0687 0x084c mrxdav - ok
09:13:43.0734 0x084c [ 7d304a5eb4344ebeeab53a2fe3ffb9f0, db9b186f7076d7b94f45041af7b77c1ad2cab504d683b459c6cb1c22840ed170 ] mrxsmb c:\windows\system32\drivers\mrxsmb.sys
09:13:43.0750 0x084c mrxsmb - ok
09:13:43.0781 0x084c [ a137f1470499a205abbb9aafb3b6f2b1, fb4951727543030d9e6ed74149c3faace2ca9da8c1b5f616301b30b858c724e8 ] msdtc c:\windows\system32\msdtc.exe
09:13:43.0875 0x084c msdtc - ok
09:13:43.0890 0x084c [ c941ea2454ba8350021d774daf0f1027, c940e978c7b66a713a0fdab54b5f995df59d089afcd96221dd3222948cd49bbd ] msfs c:\windows\system32\drivers\msfs.sys
09:13:43.0953 0x084c msfs - ok
09:13:43.0968 0x084c msiserver - ok
09:13:43.0984 0x084c [ d1575e71568f4d9e14ca56b7b0453bf1, 4abe0e24786c0d39fa2b885447e56204ca6942fb175e534dce675d7bcf0b176a ] mskssrv c:\windows\system32\drivers\mskssrv.sys
09:13:44.0047 0x084c mskssrv - ok
09:13:44.0062 0x084c [ 325bb26842fc7ccc1fcce2c457317f3e, c07be560513b1fb91d756494f0ba4aeeb2e1998de0e1c21ee83db1183b0cee91 ] mspclock c:\windows\system32\drivers\mspclock.sys
09:13:44.0140 0x084c mspclock - ok
09:13:44.0156 0x084c [ bad59648ba099da4a17680b39730cb3d, 9ad4c7c94c186c8815d0bc75dcafb962158da6935a244ba243edddeb33f9816c ] mspqm c:\windows\system32\drivers\mspqm.sys
09:13:44.0234 0x084c mspqm - ok
09:13:44.0250 0x084c [ af5f4f3f14a8ea2c26de30f7a1e17136, ac93a1e4abb0d038b772e429015567e44cc2edb66c54dbe23a5f98176fac1520 ] mssmbios c:\windows\system32\drivers\mssmbios.sys
09:13:44.0312 0x084c mssmbios - ok
09:13:44.0343 0x084c [ de6a75f5c270e756c5508d94b6cf68f5, fcc972ddc36c2c44d836913f10004c2c33b11c54defff0c63e0fdf901d2f9261 ] mup c:\windows\system32\drivers\mup.sys
09:13:44.0359 0x084c mup - ok
09:13:44.0390 0x084c [ 0102140028fad045756796e1c685d695, 5335b8278418ca200e2772124f0602c3e15a5caf2d5cc59f6785dfaabf339b09 ] napagent c:\windows\system32\qagentrt.dll
09:13:44.0468 0x084c napagent - ok
09:13:44.0500 0x084c [ 1df7f42665c94b825322fae71721130d, fe0dcb728471465b39a42a7511f4133021fba5df88f88bcb5fe2ff34cfd713f9 ] ndis c:\windows\system32\drivers\ndis.sys
09:13:44.0578 0x084c ndis - ok
09:13:44.0593 0x084c [ 0109c4f3850dfbab279542515386ae22, 4f6db1e499ac853fd36fd603fbb6d3ac9bdceb298c7fe1fb59a9236cb46729b2 ] ndistapi c:\windows\system32\drivers\ndistapi.sys
09:13:44.0609 0x084c ndistapi - ok
09:13:44.0625 0x084c [ f927a4434c5028758a842943ef1a3849, b1aa3af150c05307461774925901789456b0cccd03a5e71ada4ab58455962bee ] ndisuio c:\windows\system32\drivers\ndisuio.sys
09:13:44.0703 0x084c ndisuio - ok
09:13:44.0734 0x084c [ edc1531a49c80614b2cfda43ca8659ab, 494042f790f33721328b4451e79842e21919681cc421a4f9633ec4d383e06097 ] ndiswan c:\windows\system32\drivers\ndiswan.sys
09:13:44.0812 0x084c ndiswan - ok
09:13:44.0828 0x084c [ 2f597bb467e05b1fe3830eabd821b8e0, 141497f5a49d47cce3c9289644f4bd838dcb238f6d8e847fc006652e21fe02ac ] ndproxy c:\windows\system32\drivers\ndproxy.sys
09:13:44.0843 0x084c ndproxy - ok
09:13:44.0859 0x084c [ 5d81cf9a2f1a3a756b66cf684911cdf0, 7989c36607caea17afa2c1c9904145ca0714a54b9f712d9d4c1ab140d0b2cc0c ] netbios c:\windows\system32\drivers\netbios.sys
09:13:44.0922 0x084c netbios - ok
09:13:44.0937 0x084c [ 74b2b2f5bea5e9a3dc021d685551bd3d, 7932b71f98b4122be88f576bf6d745a757ae378a48924b7f4358837b75640a82 ] netbt c:\windows\system32\drivers\netbt.sys
09:13:45.0000 0x084c netbt - ok
09:13:45.0031 0x084c [ b857ba82860d7ff85ae29b095645563b, 86ff0e4cdd9c394e8babd93a4d57e73ff9a779261717dec6e9cde99f1c6b0f4c ] netdde c:\windows\system32\netdde.exe
09:13:45.0109 0x084c netdde - ok
09:13:45.0109 0x084c [ b857ba82860d7ff85ae29b095645563b, 86ff0e4cdd9c394e8babd93a4d57e73ff9a779261717dec6e9cde99f1c6b0f4c ] netddedsdm c:\windows\system32\netdde.exe
09:13:45.0187 0x084c netddedsdm - ok
09:13:45.0203 0x084c [ bf2466b3e18e970d8a976fb95fc1ca85, f7794b5d12dc5d820a162850f4388e2aa80426ad07cb221799cf941c682ab501 ] netlogon c:\windows\system32\lsass.exe
09:13:45.0265 0x084c netlogon - ok
09:13:45.0312 0x084c [ 13e67b55b3abd7bf3fe7aae5a0f9a9de, 4e0a67b3cc897e80d4b342ffe8b7b4cc4f6ca2ef2d34c136027a098b2e1c6166 ] netman c:\windows\system32\netman.dll
09:13:45.0375 0x084c netman - ok
09:13:45.0453 0x084c [ d34612c5d02d026535b3095d620626ae, 1bbcccbf49eb8807240a77dcb43c25c21682073cc5356594e2c4f53ef36bf657 ] nettcpportsharing c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe
09:13:45.0468 0x084c nettcpportsharing - ok
09:13:45.0484 0x084c [ 943337d786a56729263071623bbb9de5, b631b47c869fe4acf46e4aa272435d9a9ca536e3349e3ffbb8602636fee7afd4 ] nla c:\windows\system32\mswsock.dll
09:13:45.0500 0x084c nla - ok
09:13:45.0531 0x084c [ c82f4cc10ad315b6d6bcb14d0a7cad66, 7b12a7cb54df475a4ccd23228a822fe29a04cf2850d64fcfa80defe3003074b1 ] nmwcd c:\windows\system32\drivers\ccdcmb.sys
09:13:45.0547 0x084c nmwcd - ok
09:13:45.0578 0x084c [ 3182d64ae053d6fb034f44b6def8034a, 4adfc76965ba2a5f488e71789a4e4ea702a74af42725f72130d1ca919406cf19 ] npfs c:\windows\system32\drivers\npfs.sys
09:13:45.0656 0x084c npfs - ok
09:13:45.0672 0x084c [ 78a08dd6a8d65e697c18e1db01c5cdca, e0e6f3ed05068e32f1d5c2d2b38cdef4536b8656db6756c66cf6b40b60c8f3da ] ntfs c:\windows\system32\drivers\ntfs.sys
09:13:45.0750 0x084c ntfs - ok
09:13:45.0765 0x084c [ bf2466b3e18e970d8a976fb95fc1ca85, f7794b5d12dc5d820a162850f4388e2aa80426ad07cb221799cf941c682ab501 ] ntlmssp c:\windows\system32\lsass.exe
09:13:45.0828 0x084c ntlmssp - ok
09:13:45.0890 0x084c [ 156f64a3345bd23c600655fb4d10bc08, 9611be411586e068d9297d77102db3be48aa67f1bad6f61a84f83fc3043fa9cd ] ntmssvc c:\windows\system32\ntmssvc.dll
09:13:45.0984 0x084c ntmssvc - ok
09:13:46.0000 0x084c [ 73c1e1f395918bc2c6dd67af7591a3ad, b21133a75253ec15e2dff66d3b480ab1a7e1a2360476c810e7aa55d0f0eb08d4 ] null c:\windows\system32\drivers\null.sys
09:13:46.0062 0x084c null - ok
09:13:46.0078 0x084c [ b305f3fad35083837ef46a0bbce2fc57, 9d0e0e666d652d0fc9eab97280a5d67aaf61d6b21929df7cf8ed72a367720464 ] nwlnkflt c:\windows\system32\drivers\nwlnkflt.sys
09:13:46.0140 0x084c nwlnkflt - ok
09:13:46.0156 0x084c [ c99b3415198d1aab7227f2c88fd664b9, dd8da4b5e804f134ab9233859544c025062902dfc3e8fb8a09a67337a4e73f55 ] nwlnkfwd c:\windows\system32\drivers\nwlnkfwd.sys
09:13:46.0218 0x084c nwlnkfwd - ok
09:13:46.0297 0x084c [ 785f487a64950f3cb8e9f16253ba3b7b, 02445344bd214370a6d48b1ca04921d8efcb13e676b5648266dd0e076c0822b6 ] odserv c:\program files\common files\microsoft shared\office12\odserv.exe
09:13:46.0312 0x084c odserv - ok
09:13:46.0359 0x084c [ 5a432a042dae460abe7199b758e8606c, 6e5d1f477d290905be27cebf9572bac6b05ffef2fad901d3c8e11f665f8b9a71 ] ose c:\program files\common files\microsoft shared\source engine\ose.exe
09:13:46.0375 0x084c ose - ok
09:13:46.0406 0x084c [ 5575faf8f97ce5e713d108c2a58d7c7c, 96d4595d19a78ccbe8b325a08780ac077ae5cc99642acd72fb47aeae8d344d3b ] parport c:\windows\system32\drivers\parport.sys
09:13:46.0468 0x084c parport - ok
09:13:46.0468 0x084c [ beb3ba25197665d82ec7065b724171c6, 7e71c13ba30cd95cee8a9cc85e6f48a01f30edeaadee69d80ae828bf97e5a5ca ] partmgr c:\windows\system32\drivers\partmgr.sys
09:13:46.0547 0x084c partmgr - ok
09:13:46.0562 0x084c [ 70e98b3fd8e963a6a46a2e6247e0bea1, 6771313ec41b3b5bfd398f60706e40be71617046880cc352dd110b001afc22a1 ] parvdm c:\windows\system32\drivers\parvdm.sys
09:13:46.0640 0x084c parvdm - ok
09:13:46.0640 0x084c [ a219903ccf74233761d92bef471a07b1, d4e6c360a1d2fca4d17c991b834d68bf20f5111dd06b1fab8b22984804cec269 ] pci c:\windows\system32\drivers\pci.sys
09:13:46.0718 0x084c pci - ok
09:13:46.0718 0x084c pcidump - ok
09:13:46.0734 0x084c [ ccf5f451bb1a5a2a522a76e670000ff0, d63f7e5a39653ec9cce94b7d84b2d3ebd4f54533bd65701020198724042c9257 ] pciide c:\windows\system32\drivers\pciide.sys
09:13:46.0797 0x084c pciide - ok
09:13:46.0843 0x084c [ 9e89ef60e9ee05e3f2eef2da7397f1c1, 0ba3db21dc7c641c181e2635b5c9b73965fdcdcd3ebbbe48fcfec1c8c987f617 ] pcmcia c:\windows\system32\drivers\pcmcia.sys
09:13:46.0906 0x084c pcmcia - ok
09:13:46.0906 0x084c pdcomp - ok
09:13:46.0906 0x084c pdframe - ok
09:13:46.0922 0x084c pdreli - ok
09:13:46.0922 0x084c pdrframe - ok
09:13:46.0922 0x084c perc2 - ok
09:13:46.0937 0x084c perc2hib - ok
09:13:46.0968 0x084c [ 65df52f5b8b6e9bbd183505225c37315, 59c606977db40a3443dff0be2a4c761824881b22c9fdb3d23f6486db580e92a4 ] plugplay c:\windows\system32\services.exe
09:13:46.0984 0x084c plugplay - ok
09:13:47.0015 0x084c [ bf2466b3e18e970d8a976fb95fc1ca85, f7794b5d12dc5d820a162850f4388e2aa80426ad07cb221799cf941c682ab501 ] policyagent c:\windows\system32\lsass.exe
09:13:47.0078 0x084c policyagent - ok
09:13:47.0093 0x084c [ efeec01b1d3cf84f16ddd24d9d9d8f99, c5f0c8c66a3af7e7bb04cede4ac5306f8387ab384a2107dc5be413aae968eff1 ] pptpminiport c:\windows\system32\drivers\raspptp.sys
09:13:47.0172 0x084c pptpminiport - ok
09:13:47.0172 0x084c [ bf2466b3e18e970d8a976fb95fc1ca85, f7794b5d12dc5d820a162850f4388e2aa80426ad07cb221799cf941c682ab501 ] protectedstorage c:\windows\system32\lsass.exe
09:13:47.0234 0x084c protectedstorage - ok
09:13:47.0250 0x084c [ 09298ec810b07e5d582cb3a3f9255424, 35473a1be25ac289474090eb0806ac6b3035dc33d1f3df97a14bf1e361ac6ac3 ] psched c:\windows\system32\drivers\psched.sys
09:13:47.0312 0x084c psched - ok
09:13:47.0328 0x084c [ 80d317bd1c3dbc5d4fe7b1678c60cadd, da76804b55d0cab3ddd01efc06673764ae4860693375c658b6063fb14af7f12c ] ptilink c:\windows\system32\drivers\ptilink.sys
09:13:47.0406 0x084c ptilink - ok
09:13:47.0422 0x084c [ 1962166e0ceb740704f30fa55ad3d509, 22c21907d7fdca2cbbe1ec0479d83ddd4c4fcbc07c8791a2f62414ec5e85e488 ] pxhelp20 c:\windows\system32\drivers\pxhelp20.sys
09:13:47.0422 0x084c pxhelp20 - detected unsignedfile.multi.generic ( 1 )
09:13:47.0422 0x084c detect skipped due to ksn trusted
09:13:47.0422 0x084c pxhelp20 - ok
09:13:47.0422 0x084c ql1080 - ok
09:13:47.0422 0x084c ql10wnt - ok
09:13:47.0437 0x084c ql12160 - ok
09:13:47.0437 0x084c ql1240 - ok
09:13:47.0453 0x084c ql1280 - ok
09:13:47.0468 0x084c [ fe0d99d6f31e4fad8159f690d68ded9c, 998685622abe631984b7e4dbf91ab3594b1f574378d75eb9f6265f4650470692 ] rasacd c:\windows\system32\drivers\rasacd.sys
09:13:47.0531 0x084c rasacd - ok
09:13:47.0547 0x084c [ ad188be7bdf94e8df4ca0a55c00a5073, c7d76cb579faebccc2873499441bacdd6bd6668acf5ed7f31862656e96e2b20c ] rasauto c:\windows\system32\rasauto.dll
09:13:47.0625 0x084c rasauto - ok
09:13:47.0640 0x084c [ 11b4a627bc9614b885c4969bfa5ff8a6, eae0a412a2b0f68919c32a96b3a08cc1a06585e4998819f5c9051745f63ff5ad ] rasl2tp c:\windows\system32\drivers\rasl2tp.sys
09:13:47.0718 0x084c rasl2tp - ok
09:13:47.0765 0x084c [ 76a9a3cbeadd68cc57cda5e1d7448235, 4afd048c5d2306ab8de46f3aa60ac0213333dda3b09a9e91f7585db6eb978ec8 ] rasman c:\windows\system32\rasmans.dll
09:13:47.0843 0x084c rasman - ok
09:13:47.0843 0x084c [ 5bc962f2654137c9909c3d4603587dee, a5ce5653d0105240f5e86cfaab89e7917d42d939e2f27a5a7d6979289ca651b8 ] raspppoe c:\windows\system32\drivers\raspppoe.sys
09:13:47.0906 0x084c raspppoe - ok
09:13:47.0922 0x084c [ fdbb1d60066fcfbb7452fd8f9829b242, 10a2dacf944bd000032eba8c095cb3d879cc55b28c377adf6e52e508e47444db ] raspti c:\windows\system32\drivers\raspti.sys
09:13:47.0984 0x084c raspti - ok
09:13:48.0000 0x084c [ 7ad224ad1a1437fe28d89cf22b17780a, 6645235ca27d671954e3557fa37082881c3d7d47492c71264cd8cb8d108ec801 ] rdbss c:\windows\system32\drivers\rdbss.sys
09:13:48.0062 0x084c rdbss - ok
09:13:48.0078 0x084c [ 4912d5b403614ce99c28420f75353332, 975341ecd660209987b5e5171b8315e032439e408cbe8a5986e67af767f373bb ] rdpcdd c:\windows\system32\drivers\rdpcdd.sys
09:13:48.0125 0x084c rdpcdd - ok
09:13:48.0140 0x084c [ 15cabd0f7c00c47c70124907916af3f1, 66b5c978b7fb6359ad8bac9f568fe9d469e358feab07b1f129ba9e85f1df723e ] rdpdr c:\windows\system32\drivers\rdpdr.sys
09:13:48.0218 0x084c rdpdr - ok
09:13:48.0250 0x084c [ 43af5212bd8fb5ba6eed9754358bd8f7, af330f61ceca4afa359ceabc5eb3227e6b56a9a2dce50701381d665122d7356d ] rdpwd c:\windows\system32\drivers\rdpwd.sys
09:13:48.0265 0x084c rdpwd - ok
09:13:48.0297 0x084c [ 3c37bf86641bda977c3bf8a840f3b7fa, ab9a6e54dba3f4561cd4837372becce0d73943d02e3288f944333039375ac08c ] rdsessmgr c:\windows\system32\sessmgr.exe
09:13:48.0359 0x084c rdsessmgr - ok
09:13:48.0406 0x084c [ 96efec24346a8eb1157e80523079addc, 7f8fc284029856c754e400b6c954369ffe27763c81d8f4af4e58bfdd44cbc24a ] realnetworks downloader resolver service c:\program files\realnetworks\realdownloader\rndlresolversvc.exe
09:13:48.0422 0x084c realnetworks downloader resolver service - ok
09:13:48.0453 0x084c [ f828dd7e1419b6653894a8f97a0094c5, e6150e1f598ba4cfedb8ff075bc0d576518c331b864388f1cae8812eff106ecf ] redbook c:\windows\system32\drivers\redbook.sys
09:13:48.0515 0x084c redbook - ok
09:13:48.0547 0x084c [ 7e699ff5f59b5d9de5390e3c34c67cf5, 3fcf0442d80ab181fed4303e570378736aa1f8718c0b8b70f689a1e45200ffe4 ] remoteaccess c:\windows\system32\mprdim.dll
09:13:48.0625 0x084c remoteaccess - ok
09:13:48.0656 0x084c [ 5b19b557b0c188210a56a6b699d90b8f, 0fa880b81ae615206fd1738b83428aaa491d54b24168339de6e87fde8c6c14b0 ] remoteregistry c:\windows\system32\regsvc.dll
09:13:48.0750 0x084c remoteregistry - ok
09:13:48.0828 0x084c [ 8cfca7e2fd4b57c2bef929c1c1a4c56e, b56d18c70658ae2842ad684fb378cc7805612050a4ed222103f54a38fb22bba6 ] richvideo c:\program files\cyberlink\shared files\richvideo.exe
09:13:48.0843 0x084c richvideo - ok
09:13:48.0843 0x084c [ aaed593f84afa419bbae8572af87cf6a, cc0ffc5a69394c8830dc66320da01a820bbf41ad7e57d0fc343561dc5ef9a360 ] rpclocator c:\windows\system32\locator.exe
09:13:48.0906 0x084c rpclocator - ok
09:13:48.0953 0x084c [ 6b27a5c03dfb94b4245739065431322c, 6aeac16ab4e0dfd25123aaf4d4181fee1b919b7b2793117006ce8cf30e826cfd ] rpcss c:\windows\system32\rpcss.dll
09:13:48.0968 0x084c rpcss - ok
09:13:48.0984 0x084c [ 471b3f9741d762abe75e9deea4787e47, d9ade42965ec22aeb4b2ad21d429c3c8232a60aa9853defda7aed86a13fe8623 ] rsvp c:\windows\system32\rsvp.exe
09:13:49.0047 0x084c rsvp - ok
09:13:49.0078 0x084c [ 79b4fe884c18dd82d5449f6b6026d092, 434d2d39d20279b566b7c7e5367034df981b2c8f5f16b0bf94360ce7b6ba0adc ] rtle8023xp c:\windows\system32\drivers\rtenicxp.sys
09:13:49.0125 0x084c rtle8023xp - ok
09:13:49.0140 0x084c [ bf2466b3e18e970d8a976fb95fc1ca85, f7794b5d12dc5d820a162850f4388e2aa80426ad07cb221799cf941c682ab501 ] samss c:\windows\system32\lsass.exe
09:13:49.0203 0x084c samss - ok
09:13:49.0203 0x084c [ 86d007e7a654b9a71d1d7d856b104353, 7b1de53d637a5fc9619d5d07c48927afec89d959207f6f2e2f45dd054eea04c7 ] scardsvr c:\windows\system32\scardsvr.exe
09:13:49.0297 0x084c scardsvr - ok
09:13:49.0312 0x084c [ 0a9a7365a1ca4319aa7c1d6cd8e4eafa, 0b582f47bd70732bac48b8b86e5d06ce7f299a20e8177f3f2e6f28217c3fb605 ] schedule c:\windows\system32\schedsvc.dll
09:13:49.0390 0x084c schedule - ok
09:13:49.0562 0x084c [ 98ef79cc2b07398ac525f9ea1ae0366f, d0d5d69696ed339f363024af3271867f4c55572c67fd0f2aa27d24b37982e39a ] sdscannerservice c:\program files\spybot - search & destroy 2\sdfssvc.exe
09:13:49.0687 0x084c sdscannerservice - ok
09:13:49.0734 0x084c [ 14bf6b3ab327d519ed007cddc56f6900, 4e5dc4af45347c885e0e87f205ee1f95bb4713a0b581cd7317fbeee2a9628982 ] sdupdateservice c:\program files\spybot - search & destroy 2\sdupdsvc.exe
09:13:49.0781 0x084c sdupdateservice - ok
09:13:49.0797 0x084c [ 820ebe67ab99f033fde25b2692157991, a9e86fe6efd3cfd4ea1a26121c706335a6791cc6f81ee98ae2be7ea566ecfebb ] sdwscservice c:\program files\spybot - search & destroy 2\sdwscsvc.exe
09:13:49.0812 0x084c sdwscservice - ok
09:13:49.0859 0x084c [ 90a3935d05b494a5a39d37e71f09a677, f72733a69bc6e1a2bb91d7632ff3463c12563f60fdcc00a2cdd67ff20d479952 ] secdrv c:\windows\system32\drivers\secdrv.sys
09:13:49.0890 0x084c secdrv - ok
09:13:49.0906 0x084c [ cbe612e2bb6a10e3563336191eda1250, c331797dc3569f0e715766561de2562f60b924378842246c35d2b1cf867e9d96 ] seclogon c:\windows\system32\seclogon.dll
09:13:49.0968 0x084c seclogon - ok
09:13:50.0000 0x084c [ 7fdd5d0684eca8c1f68b4d99d124dcd0, 7105b026f966a992430f86c3698abe15ec73e4772f1a3e362e29fd5247a5dca6 ] sens c:\windows\system32\sens.dll
09:13:50.0078 0x084c sens - ok
09:13:50.0093 0x084c [ 0f29512ccd6bead730039fb4bd2c85ce, 4f98ae390d1b14a755700dd6cefb9cf921f0404af2145d2d7e5f52394f87c6a5 ] serenum c:\windows\system32\drivers\serenum.sys
09:13:50.0156 0x084c serenum - ok
09:13:50.0172 0x084c [ cca207a8896d4c6a0c9ce29a4ae411a7, 5999b39242283cd803319aadca171cccc6e2a40fb2fafa51b1d29f3ff2dd8d6c ] serial c:\windows\system32\drivers\serial.sys
09:13:50.0250 0x084c serial - ok
09:13:50.0265 0x084c [ 8e6b8c671615d126fdc553d1e2de5562, ceec0067514555d5ca489f50e3d7562fca8db8e952c3c878604c9277fc77959f ] sfloppy c:\windows\system32\drivers\sfloppy.sys
09:13:50.0328 0x084c sfloppy - ok
09:13:50.0375 0x084c [ 83f41d0d89645d7235c051ab1d9523ac, b681f33eeaa511d6a2dcb9fbaa407b739184c9ff6067c6b7e51f1fc37e9d4dd7 ] sharedaccess c:\windows\system32\ipnathlp.dll
09:13:50.0453 0x084c sharedaccess - ok
09:13:50.0468 0x084c [ 99bc0b50f511924348be19c7c7313bbf, a1006c687bd352f700b140dc741515a0cdd9e1352c0fbd1ee410d404e344444b ] shellhwdetection c:\windows\system32\shsvcs.dll
09:13:50.0484 0x084c shellhwdetection - ok
09:13:50.0484 0x084c simbad - ok
09:13:50.0672 0x084c [ 9f712b26ee3b0242de997a42fd302e2c, 12663eb108f158282a965ee70980627c2f2332ba7944d7de03b78e18beb87d26 ] skype c2c service c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe
09:13:50.0781 0x084c skype c2c service - ok
09:13:50.0859 0x084c [ 50d9949020e02b847cd48f1243fcb895, 5bdad5e44de5b412645142810c5fce4b2d9685f928ff4a6b836a9dce7725bd78 ] skypeupdate c:\program files\skype\updater\updater.exe
09:13:50.0875 0x084c skypeupdate - ok
09:13:50.0890 0x084c sparrow - ok
09:13:50.0922 0x084c [ ab8b92451ecb048a4d1de7c3ffcb4a9f, dd17733cbb370fca08f0296704d7cbeaca3c8f76d0abe4761c3b1ffdf7481d9e ] splitter c:\windows\system32\drivers\splitter.sys
09:13:51.0000 0x084c splitter - ok
09:13:51.0031 0x084c [ 60784f891563fb1b767f70117fc2428f, e0b07f08e60ffbad36c2e58180f4b2a16dca47716044cbe0213df7b74d742f1f ] spooler c:\windows\system32\spoolsv.exe
09:13:51.0031 0x084c spooler - ok
09:13:51.0031 0x084c sptd - ok
09:13:51.0062 0x084c [ 76bb022c2fb6902fd5bdd4f78fc13a5d, 6031cb2344d7277fc703480eb43cf856a0f8f818ea98ff26a2ca532336cd2dfa ] sr c:\windows\system32\drivers\sr.sys
09:13:51.0109 0x084c sr - ok
09:13:51.0140 0x084c [ 3805df0ac4296a34ba4bf93b346cc378, b57a14f1b7b0997e619ddd62b73157aa2399a9852166fb58139cbb358a88f6f3 ] srservice c:\windows\system32\srsvc.dll
09:13:51.0187 0x084c srservice - ok
09:13:51.0218 0x084c [ 47ddfc2f003f7f9f0592c6874962a2e7, 17c643bd4eb09b5666fe41817dc785be04a6e491ce79e8e5a702cdbd98e1bdd7 ] srv c:\windows\system32\drivers\srv.sys
09:13:51.0265 0x084c srv - ok
09:13:51.0312 0x084c [ 0a5679b3714edab99e357057ee88fca6, 01e1a101fff48402c77e385a78fef27876e04533b60eb1c18558a737e57e5fa8 ] ssdpsrv c:\windows\system32\ssdpsrv.dll
09:13:51.0375 0x084c ssdpsrv - ok
09:13:51.0406 0x084c [ 8bad69cbac032d4bbacfce0306174c30, 2aa0da710fcbff38fe8da91ee02e7a4503269347e61f8d3246fca3384bba2305 ] stisvc c:\windows\system32\wiaservc.dll
09:13:51.0515 0x084c stisvc - ok
09:13:51.0547 0x084c [ 3941d127aef12e93addf6fe6ee027e0f, ea1f0e32e1c5e90fa4aac421debbe086512340758d3217a6334e886bce638b51 ] swenum c:\windows\system32\drivers\swenum.sys
09:13:51.0625 0x084c swenum - ok
09:13:51.0703 0x084c [ f577910a133a592234ebaad3f3afa258, 36f514740ee2d2b2f7abfffa13d575233ec4ce774eb58bf889c09930fef1f443 ] switchboard c:\program files\common files\adobe\switchboard\switchboard.exe
09:13:51.0718 0x084c switchboard - detected unsignedfile.multi.generic ( 1 )
09:13:51.0718 0x084c detect skipped due to ksn trusted
09:13:51.0718 0x084c switchboard - ok
09:13:51.0734 0x084c [ 8ce882bcc6cf8a62f2b2323d95cb3d01, b408550a581f3da222355964afa4e976ad8471f0aa37573c42c4948ae5a23a3b ] swmidi c:\windows\system32\drivers\swmidi.sys
09:13:51.0797 0x084c swmidi - ok
09:13:51.0812 0x084c swprv - ok
09:13:51.0812 0x084c symc810 - ok
09:13:51.0828 0x084c symc8xx - ok
09:13:51.0828 0x084c sym_hi - ok
09:13:51.0828 0x084c sym_u3 - ok
09:13:51.0859 0x084c [ 8b83f3ed0f1688b4958f77cd6d2bf290, 546d3602183702b4f53e84413cfa2c933d64c8540378e54a8dcd148f3f36a2da ] sysaudio c:\windows\system32\drivers\sysaudio.sys
09:13:51.0922 0x084c sysaudio - ok
09:13:51.0953 0x084c [ c7abbc59b43274b1109df6b24d617051, 4384ca0aa6ce9b603cf7db775a3c721e46715d5b120b94fb57deadaade18535b ] sysmonlog c:\windows\system32\smlogsvc.exe
09:13:52.0015 0x084c sysmonlog - ok
09:13:52.0062 0x084c [ 3cb78c17bb664637787c9a1c98f79c38, f35c31f6b7f366cb949d1044b357c76dec9170441c5e559802794f62b72fd255 ] tapisrv c:\windows\system32\tapisrv.dll
09:13:52.0140 0x084c tapisrv - ok
09:13:52.0187 0x084c [ 9aefa14bd6b182d61e3119fa5f436d3d, ea29e49434585409272e7901af89771fe9d6e911a7dc44ab3c7020cff8a44552 ] tcpip c:\windows\system32\drivers\tcpip.sys
09:13:52.0218 0x084c tcpip - ok
09:13:52.0250 0x084c [ 6471a66807f5e104e4885f5b67349397, f35cbffb8bb235cce30ef94a5273333900dd49fd506bf9d55d99a320b8a53a5a ] tdpipe c:\windows\system32\drivers\tdpipe.sys
09:13:52.0312 0x084c tdpipe - ok
09:13:52.0328 0x084c [ c56b6d0402371cf3700eb322ef3aaf61, 7743fa4c734bce38efb1ca69bc17364d8421e2cd172f856f7e38e7ae1ee93f2f ] tdtcp c:\windows\system32\drivers\tdtcp.sys
09:13:52.0406 0x084c tdtcp - ok
09:13:52.0422 0x084c [ 88155247177638048422893737429d9e, b6d4e8691917946332c2208d01f8c8281978c1ad1e9951c5d99df0d49ac34b3b ] termdd c:\windows\system32\drivers\termdd.sys
09:13:52.0484 0x084c termdd - ok
09:13:52.0531 0x084c [ ff3477c03be7201c294c35f684b3479f, d6246521539ba4acd022d26983182f5e323d2ef1ea7c54265a248c43a1ce5202 ] termservice c:\windows\system32\termsrv.dll
09:13:52.0593 0x084c termservice - ok
09:13:52.0609 0x084c [ 99bc0b50f511924348be19c7c7313bbf, a1006c687bd352f700b140dc741515a0cdd9e1352c0fbd1ee410d404e344444b ] themes c:\windows\system32\shsvcs.dll
09:13:52.0625 0x084c themes - ok
09:13:52.0656 0x084c [ db7205804759ff62c34e3efd8a4cc76a, 13a4248f528ce98aca66898e56822e4fc49b11f491ff1f61a687ba601bf0a802 ] tlntsvr c:\windows\system32\tlntsvr.exe
09:13:52.0703 0x084c tlntsvr - ok
09:13:52.0703 0x084c toside - ok
09:13:52.0734 0x084c [ 55bca12f7f523d35ca3cb833c725f54e, 849fb1ae31b143b14b298bbc0d91230693d41deb95f46516878f53a7f4186c38 ] trkwks c:\windows\system32\trkwks.dll
09:13:52.0812 0x084c trkwks - ok
09:13:52.0859 0x084c [ 5787b80c2e3c5e2f56c2a233d91fa2c9, 3774905cf77954dfcecda5bcc7cde3d0ed72712bfaad85adae5246306447e46c ] udfs c:\windows\system32\drivers\udfs.sys
09:13:52.0922 0x084c udfs - ok
09:13:52.0922 0x084c ultra - ok
09:13:52.0953 0x084c [ c81b8635dee0d3ef5f64b3dd643023a5, 6d7438a5fb7168352099f726bd0980ad398a7cfe929b8d2bd362b238c1540d85 ] umwdf c:\windows\system32\wdfmgr.exe
09:13:52.0984 0x084c umwdf - ok
09:13:53.0015 0x084c [ 402ddc88356b1bac0ee3dd1580c76a31, 32a686595710336a6bfd54c03f552ae39439611662f84ef5d24193ae5665c6f3 ] update c:\windows\system32\drivers\update.sys
09:13:53.0109 0x084c update - ok
09:13:53.0140 0x084c [ 1ebafeb9a3fbdc41b8d9c7f0f687ad91, 7746916db48e3f5b243b63c066596ad9037a494bf1ad935946dd04ac85d983df ] upnphost c:\windows\system32\upnphost.dll
09:13:53.0203 0x084c upnphost - ok
09:13:53.0218 0x084c [ 05365fb38fca1e98f7a566aaaf5d1815, 16843048ceec3daa3b953a12ff1ee339e86783a08f2a56da7f94ad9f9717d77d ] ups c:\windows\system32\ups.exe
09:13:53.0297 0x084c ups - ok
09:13:53.0343 0x084c [ 1df89c499bf45d878b87ebd4421d462d, 37fe229c128da2c3380944edfa8e6117cb4b36d99eefb2aeb1dd4e0890b49a17 ] usbaapl c:\windows\system32\drivers\usbaapl.sys
09:13:53.0343 0x084c usbaapl - ok
09:13:53.0375 0x084c [ 1b611611c28d2df25bc057d79c6f13fc, b0d86f63e44b40413bbae6402cc088046cfae082d41bbc2ed5a916293356b846 ] usbccgp c:\windows\system32\drivers\usbccgp.sys
09:13:53.0390 0x084c usbccgp - ok
09:13:53.0406 0x084c [ 4bac8df07f1d8434fc640e677a62204e, 76c1351af6752224bf59deee0f8665fe699f3dfd679f5bcd01c7d9383e6402a4 ] usbehci c:\windows\system32\drivers\usbehci.sys
09:13:53.0422 0x084c usbehci - ok
09:13:53.0453 0x084c [ 1ab3cdde553b6e064d2e754efe20285c, a99c4528c4227b1e96847614745aafacd3c5f1bdfe435214dbf78740ffb300fe ] usbhub c:\windows\system32\drivers\usbhub.sys
09:13:53.0531 0x084c usbhub - ok
09:13:53.0547 0x084c [ a717c8721046828520c9edf31288fc00, 1530bbe832edbb0974ad89d723a03ff7a0094b368992d73c2c3e62a181df1e0a ] usbprint c:\windows\system32\drivers\usbprint.sys
09:13:53.0625 0x084c usbprint - ok
09:13:53.0640 0x084c [ f8ede2b6928970dce3d5614c27d9e7f6, 6e5ebbc8b70c1d593634daf0c190deadfda18c3cbc8f552a76f156f3869ef05b ] usbscan c:\windows\system32\drivers\usbscan.sys
09:13:53.0656 0x084c usbscan - ok
09:13:53.0687 0x084c [ 84c44d720655a8aa475e57a9e764d675, 2d450199338a217fbd951317812a74223e8b477974c7634667e8896316c3fea0 ] usbser c:\windows\system32\drivers\usbser.sys
09:13:53.0703 0x084c usbser - ok
09:13:53.0718 0x084c [ e748d50b3b2ec7f40a2ba67fb094cf01, 35f1f255aa40c11a1379553dda09470ca39dde39569cf0db800aaf2448a7fde1 ] usbserfilt c:\windows\system32\drivers\usbser_lowerfltj.sys
09:13:53.0734 0x084c usbserfilt - ok
09:13:53.0765 0x084c [ a32426d9b14a089eaa1d922e0c5801a9, ed1dc52ee45f8ead3aec4b1f817bb25634141cf48295494c5947dce6cf7a9817 ] usbstor c:\windows\system32\drivers\usbstor.sys
09:13:53.0828 0x084c usbstor - ok
09:13:53.0859 0x084c [ 26496f9dee2d787fc3e61ad54821ffe6, 8be7ff647470b9a951cbb478faf83d657a15cc78037f42348a6b738f21d523da ] usbuhci c:\windows\system32\drivers\usbuhci.sys
09:13:53.0937 0x084c usbuhci - ok
09:13:53.0984 0x084c [ b4d7b7ad8a9f7c063c5cc3e2c1a0724e, cfa47a71403419ca7c94333b4f7766dfc97c5dcdbc3ad1b106044b93c979a5c5 ] usb_rndisx c:\windows\system32\drivers\usb8023x.sys
09:13:54.0000 0x084c usb_rndisx - ok
09:13:54.0015 0x084c [ 0d3a8fafceacd8b7625cd549757a7df1, b9cfdefcd66aa139f3dc2f967b184669532922563ad5a71769babdc4370d065e ] vgasave c:\windows\system32\drivers\vga.sys
09:13:54.0078 0x084c vgasave - ok
09:13:54.0078 0x084c viaide - ok
09:13:54.0093 0x084c [ 4c8fcb5cc53aab716d810740fe59d025, 010eac43dbed700b73e4fc908faaf9f6a0168ebbd5d86751e49bc33aaa18bfa4 ] volsnap c:\windows\system32\drivers\volsnap.sys
09:13:54.0172 0x084c volsnap - ok
09:13:54.0203 0x084c [ 7a9db3a67c333bf0bd42e42b8596854b, d31a9a3b1aaab373edd73b674102395212fcb616f829e938b7b2b7be7d4752c5 ] vss c:\windows\system32\vssvc.exe
09:13:54.0250 0x084c vss - ok
09:13:54.0265 0x084c [ 54af4b1d5459500ef0937f6d33b1914f, fa1876888bcb9c72a92369dbed4ff1a8666784523fb41e618fa0919490fcddb9 ] w32time c:\windows\system32\w32time.dll
09:13:54.0343 0x084c w32time - ok
09:13:54.0359 0x084c [ 2c405b2d6cfd8289be10198b8dee94ec, 69683519ebda32f06c30dffc6779ad75cf31132cbc8d74ab649c6c4b4bed5b02 ] wachidrouter c:\windows\system32\drivers\wachidrouter.sys
09:13:54.0375 0x084c wachidrouter - ok
09:13:54.0390 0x084c [ e4224671e773ccf3d5d386992b31a460, 310313701564d0d9220e0d3af98180d852727b0a7fab135419c8b5933cf13332 ] wacomrouterfilter c:\windows\system32\drivers\wacomrouterfilter.sys
09:13:54.0406 0x084c wacomrouterfilter - ok
09:13:54.0422 0x084c [ e20b95baedb550f32dd489265c1da1f6, 5589b2067e6c9fba290d8c5eaddc198ebaf39c50c3cd7d2bc5cda7cbfbc445e5 ] wanarp c:\windows\system32\drivers\wanarp.sys
09:13:54.0500 0x084c wanarp - ok
09:13:54.0531 0x084c [ d918617b46457b9ac28027722e30f647, 407284d3055dc11944d4ee7e4357e7cf9caf8ca40ca50633ab6fd4a82cb7eea6 ] wdf01000 c:\windows\system32\drivers\wdf01000.sys
09:13:54.0547 0x084c wdf01000 - ok
09:13:54.0547 0x084c wdica - ok
09:13:54.0578 0x084c [ 6768acf64b18196494413695f0c3a00f, 3a8f8586f1d997d19a8478345338d2aecd785aeabdb61531dd3f92003d3230a5 ] wdmaud c:\windows\system32\drivers\wdmaud.sys
09:13:54.0656 0x084c wdmaud - ok
09:13:54.0672 0x084c [ 77a354e28153ad2d5e120a5a8687bc06, 8b2d37a4443501c0a8e70bc2079be27f0a36fd07b561e6f68b40a72eabbc2dfe ] webclient c:\windows\system32\webclnt.dll
09:13:54.0750 0x084c webclient - ok
09:13:54.0812 0x084c [ 2d0e4ed081963804ccc196a0929275b5, e1d75c7d7233d81dfde13160b0c80138df8b35230d04fb79b367a52facf69bf8 ] winmgmt c:\windows\system32\wbem\wmisvc.dll
09:13:54.0875 0x084c winmgmt - ok
09:13:54.0906 0x084c [ a477391b7a8b0a0daabadb17cf533a4b, 9b1929b5bbf2738ba3d402809fcb8daa09ef4727f860567895d5e73ebe43e627 ] wmdmpmsn c:\windows\system32\mspmsnsv.dll
09:13:54.0922 0x084c wmdmpmsn - ok
09:13:54.0953 0x084c [ e76f8807070ed04e7408a86d6d3a6137, bfcf5361b7335760a7ae4b6958de516a27ac60aa09135a46f0b49f588fafe3a0 ] wmi c:\windows\system32\advapi32.dll
09:13:54.0984 0x084c wmi - ok
09:13:55.0015 0x084c [ e0673f1106e62a68d2257e376079f821, 12992f18c9653050b10dc61d12988067933fcfdf02123d3a7ef5de607a785ddc ] wmiapsrv c:\windows\system32\wbem\wmiapsrv.exe
09:13:55.0093 0x084c wmiapsrv - ok
09:13:55.0125 0x084c [ c1b3d9d75c3fb735f5fa3a5806aded57, e81d46549c4ab73cb1285a849046655cc5f680eb7ace7a13a9e4b55b864c33bd ] wpdusb c:\windows\system32\drivers\wpdusb.sys
09:13:55.0140 0x084c wpdusb - ok
09:13:55.0156 0x084c [ 6abe6e225adb5a751622a9cc3bc19ce8, 4061c5d0f051dff1730e2a3bfc1cca97b29602fc50f10f6b44d93b0d28f42024 ] ws2ifsl c:\windows\system32\drivers\ws2ifsl.sys
09:13:55.0234 0x084c ws2ifsl - ok
09:13:55.0250 0x084c [ 7c278e6408d1dce642230c0585a854d5, da46079a04f6e8e3441e4ae454aeac02b3e935de29ce7f6d4476f57867fcc12a ] wscsvc c:\windows\system32\wscsvc.dll
09:13:55.0328 0x084c wscsvc - ok
09:13:55.0390 0x084c [ 0da0ab21b1990ceb4c5fe1242486cf5c, 84d37921c57305ac847d93641ba0674bc5894dc1b945aec95cc18c7158792a32 ] wtabletservicepro c:\program files\tablet\wacom\wtabletservicepro.exe
09:13:55.0406 0x084c wtabletservicepro - ok
09:13:55.0437 0x084c [ 35321fb577cdc98ce3eb3a3eb9e4610a, c9a6f5cf282d8fcb3cdfcc4b306013480e78e1b664e1a60a4e27b161f9ffd4cd ] wuauserv c:\windows\system32\wuauserv.dll
09:13:55.0515 0x084c wuauserv - ok
09:13:55.0562 0x084c [ 81dc3f549f44b1c1fff022dec9ecf30b, 3d14bfea539f9ceb16555bd56c5e3c7c8f6692fc62c2789f8aaea1c042e63940 ] wzcsvc c:\windows\system32\wzcsvc.dll
09:13:55.0656 0x084c wzcsvc - ok
09:13:55.0687 0x084c [ 295d21f14c335b53cb8154e5b1f892b9, 9418477c2e3ea93e93d931a4edd4500da568fad6040204b5201d1080203b0bbc ] xmlprov c:\windows\system32\xmlprov.dll
09:13:55.0750 0x084c xmlprov - ok
09:13:55.0797 0x084c [ dd0042f0c3b606a6a8b92d49afb18ad6, 8d3be4c93d02af5f42ec46af598d6da40c61d467cb2fee5e222f9c1e7a84b852 ] yahooauservice c:\program files\yahoo!\softwareupdate\yahooauservice.exe
09:13:55.0812 0x084c yahooauservice - ok
09:13:55.0828 0x084c ================ scan global ===============================
09:13:55.0843 0x084c [ 42f1f4c0afb08410e5f02d4b13ebb623, 924c30587c51c0d1e1f47991969af492a644552e15f2480ea991dcb74a3e68d5 ] c:\windows\system32\basesrv.dll
09:13:55.0875 0x084c [ 69ae2b2e6968c316536e5b10b9702e63, d9c5da7a20dde69d91e72400c3f06f3cb099def42ea6c53fce076258a0c22391 ] c:\windows\system32\winsrv.dll
09:13:55.0922 0x084c [ 69ae2b2e6968c316536e5b10b9702e63, d9c5da7a20dde69d91e72400c3f06f3cb099def42ea6c53fce076258a0c22391 ] c:\windows\system32\winsrv.dll
09:13:55.0968 0x084c [ 65df52f5b8b6e9bbd183505225c37315, 59c606977db40a3443dff0be2a4c761824881b22c9fdb3d23f6486db580e92a4 ] c:\windows\system32\services.exe
09:13:55.0968 0x084c [ global ] - ok
09:13:55.0968 0x084c ================ scan mbr ==================================
09:13:55.0984 0x084c [ 8f558eb6672622401da993e1e865c861 ] \device\harddisk0\dr0
09:13:56.0218 0x084c \device\harddisk0\dr0 - ok
09:13:56.0218 0x084c ================ scan vbr ==================================
09:13:56.0234 0x084c [ d76cb178ca04cc588c0d08a4a5c68a4a ] \device\harddisk0\dr0\partition1
09:13:56.0250 0x084c \device\harddisk0\dr0\partition1 - ok
09:13:56.0265 0x084c [ 2f05094ca035e3a01da02133961cbba6 ] \device\harddisk0\dr0\partition2
09:13:56.0265 0x084c \device\harddisk0\dr0\partition2 - ok
09:13:56.0265 0x084c av detected via ss1: Avast! Antivirus, 5.0.150996957, enabled, updated
09:13:56.0281 0x084c win fw state via nfm: Enabled
09:13:58.0797 0x084c ============================================================
09:13:58.0797 0x084c scan finished
09:13:58.0797 0x084c ============================================================
09:13:58.0812 0x0adc detected object count: 1
09:13:58.0812 0x0adc actual detected object count: 1
09:28:28.0515 0x0adc csdriver ( unsignedfile.multi.generic ) - skipped by user
09:28:28.0515 0x0adc csdriver ( unsignedfile.multi.generic ) - user select action: Skip
Click to expand...
 
here's the log from FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by User (administrator) on CINDY on 17-03-2014 09:33:45
Running from C:\Documents and Settings\User\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google) C:\Program Files\Google\Drive\googledrivesync.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Documents and Settings\User\Desktop\tdsskiller.exe
(Microsoft Corporation) C:\WINDOWS\system32\calc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [UpdateP2GoShortCut] - C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePPShortCut] - C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM\...\Run: [UpdatePSTShortCut] - C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe [210216 2009-09-29] (CyberLink Corp.)
HKLM\...\Run: [GrooveMonitor] - C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1983816 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-18] (CANON INC.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe [144784 2008-03-25] (Sun Microsystems, Inc.)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-24] (AVAST Software)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
HKU\S-1-5-21-1844237615-776561741-725345543-1003\...\Run: [GoogleDriveSync] - C:\Program Files\Google\Drive\googledrivesync.exe [21822128 2014-01-30] (Google)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll (Yahoo! Inc.)
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search
SearchScopes: HKCU - {32C67B6E-2A8F-4846-9D89-B00C3B0970C9} URL = http://www.flickr.com/search/?q={searchTerms}
SearchScopes: HKCU - {7660B246-140C-4DD7-AE53-2AEAEE58D163} URL = http://au.search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=chr-yie8
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: EWPBrowseObject Class - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll ()
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: {309E27CA-1FDC-4AD2-A3AA-0FF47085E5A6} http://192.168.1.144/IEPlugin.cab
DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://windowsupdate.microsoft.com/...ls/en/x86/client/wuweb_site.cab?1394497364250
DPF: {6F80BF27-CB16-4589-8C6A-DB422AAB2ED9} http://192.168.1.144/vcredist_x86.exe
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B6DDFB53-6BC9-4B06-8CDE-B73327CE27D9}: [NameServer]208.67.222.222,208.67.220.220

FireFox:
========
FF ProfilePath: C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\iepg7k6a.default
FF NewTab: www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: www.google.com
FF Keyword.URL: https://www.google.com/search
FF NetworkProxy: "no_proxies_on", "*.local"
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @oberon-media.com/ONCAdapter - C:\Program Files\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll No File
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-17]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-02-17]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-01-07]
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-16]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKCU\...\Firefox\Extensions: [dict@www.youdao.com] - C:\Documents and Settings\User\Local Settings\Application Data\Youdao\Dict\Application\stable\extensions\firefox
FF Extension: Youdao Word Capturer - C:\Documents and Settings\User\Local Settings\Application Data\Youdao\Dict\Application\stable\extensions\firefox [2012-04-19]

Chrome:
=======
CHR HomePage: hxxp://start.iplay.com/?o=shp
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\33.0.1750.146\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (DivX® Web Player) - C:\Program Files\Mozilla Firefox\plugins\npdivx32.dll (DivX,Inc.)
CHR Plugin: (DivX Player Netscape Plugin) - C:\Program Files\Mozilla Firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
CHR Plugin: (2007 Microsoft Office system) - C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.4) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealJukebox NS Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll No File
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Microsoft® DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (CANON iMAGE GATEWAY Album Plugin Utility) - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
CHR Plugin: (DivX® Content Upload Plugin) - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (Google Drive) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
CHR Extension: (YouTube) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-19]
CHR Extension: (Google Search) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-19]
CHR Extension: (AdBlock) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-07]
CHR Extension: (avast! Online Security) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-01-07]
CHR Extension: (Windows Media Player Extension for HTML5) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak [2014-02-22]
CHR Extension: (RealDownloader) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-01-03]
CHR Extension: (Auto Replay for YouTube™) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\kanbnempkjnhadplbfgdaagijdbdbjeb [2014-02-11]
CHR Extension: (Skype Click to Call) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-22]
CHR Extension: (Google Wallet) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]
CHR Extension: (Gmail) - C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-19]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-01-07]
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\DOCUME~1\User\LOCALS~1\APPLIC~1\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-03-14]

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [144672 2009-08-28] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-24] (AVAST Software)
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [271760 2009-04-15] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
S2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [531224 2013-12-05] (Wacom Technology, Corp.)
S4 jcjymt; C:\WINDOWS\system32\lvuwppj.dll [X]

==================== Drivers (Whitelisted) ====================

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1684736 2008-08-05] (Creative)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [67824 2014-02-06] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [54832 2014-01-24] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\Drivers\aswRvrt.sys [49944 2014-01-07] ()
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [775952 2014-01-24] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [410784 2014-01-24] (AVAST Software)
R1 aswTdi; C:\WINDOWS\system32\drivers\aswTdi.sys [57672 2014-01-24] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\Drivers\aswVmm.sys [180248 2014-01-07] ()
S3 CSDriver; C:\WINDOWS\system32\drivers\CSDriver.sys [40623 2002-05-24] (Beijing Chinese Star Cyber Technology Limited)
S3 hidkmdf; C:\WINDOWS\System32\DRIVERS\hidkmdf.sys [12088 2013-11-12] (Windows (R) Win 7 DDK provider)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1389056 2006-01-04] (Creative Technology Ltd.)
S4 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [324096 2014-01-22] (Duplex Secure Ltd.)
S3 UsbserFilt; C:\WINDOWS\System32\DRIVERS\usbser_lowerfltj.sys [8064 2008-05-02] (Windows (R) Codename Longhorn DDK provider)
S3 WacHidRouter; C:\WINDOWS\System32\DRIVERS\wachidrouter.sys [76600 2013-11-12] (Wacom Technology)
S3 wacomrouterfilter; C:\WINDOWS\System32\DRIVERS\wacomrouterfilter.sys [13112 2013-11-12] (Wacom Technology)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 IntelIde; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 09:33 - 2014-03-17 09:33 - 00024919 _____ () C:\Documents and Settings\User\Desktop\FRST.txt
2014-03-17 09:33 - 2014-03-17 09:33 - 00000000 ____D () C:\Documents and Settings\User\Desktop\FRST-OlderVersion
2014-03-17 09:32 - 2014-03-17 09:33 - 01145856 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2014-03-17 09:31 - 2014-03-17 09:31 - 00123673 _____ () C:\Documents and Settings\User\Desktop\TDSS.TXT
2014-03-17 08:44 - 2014-03-17 08:34 - 04130656 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\User\Desktop\tdsskiller.exe
2014-03-17 08:23 - 2014-03-17 08:23 - 00010768 _____ () C:\Documents and Settings\User\Desktop\OCT PROFIT.xlsx
2014-03-14 16:14 - 2014-03-14 16:20 - 00016385 _____ () C:\Documents and Settings\User\Desktop\Container MENLITE KK.xlsx
2014-03-14 12:45 - 2014-03-14 12:45 - 00001779 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-03-14 12:45 - 2014-03-14 12:45 - 00001777 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-03-14 12:45 - 2014-03-14 12:45 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-03-14 12:45 - 2014-03-14 12:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-03-14 12:15 - 2014-03-14 17:32 - 00015015 _____ () C:\Documents and Settings\User\Desktop\eurotrac container.xlsx
2014-03-14 12:13 - 2014-03-14 13:08 - 00018194 _____ () C:\Documents and Settings\User\Desktop\March Container list.xlsx
2014-03-14 11:37 - 2014-03-14 17:32 - 00014512 _____ () C:\Documents and Settings\User\Desktop\MSH ELECTRICAL KUCHING.xlsx
2014-03-13 17:31 - 2014-03-13 17:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-03-13 17:30 - 2014-03-13 17:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-03-13 17:24 - 2014-03-13 17:24 - 00006515 _____ () C:\WINDOWS\KB961118.log
2014-03-13 17:24 - 2014-03-13 17:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$
2014-03-13 16:58 - 2014-03-13 16:58 - 00013043 _____ () C:\Documents and Settings\User\Desktop\menlitekk1332014.xlsx
2014-03-13 11:54 - 2014-03-13 17:31 - 00014552 _____ () C:\WINDOWS\KB2345886.log
2014-03-13 11:49 - 2009-01-10 03:19 - 01089593 ____C () C:\WINDOWS\system32\dllcache\ntprint.cat
2014-03-12 17:47 - 2014-03-12 17:47 - 00000000 __SHD () C:\Documents and Settings\Default User\IETldCache
2014-03-12 17:19 - 2014-03-12 17:19 - 00008663 _____ () C:\WINDOWS\WgaNotify.log
2014-03-12 17:12 - 2014-03-12 17:12 - 00047839 _____ () C:\WINDOWS\KB951376-v2.log
2014-03-12 17:12 - 2014-03-12 17:12 - 00047383 _____ () C:\WINDOWS\KB2387149.log
2014-03-12 17:12 - 2014-03-12 17:12 - 00047298 _____ () C:\WINDOWS\KB946648.log
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-03-12 17:11 - 2014-03-12 17:11 - 00047579 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-12 17:11 - 2014-03-12 17:11 - 00039909 _____ () C:\WINDOWS\KB2659262.log
2014-03-12 17:11 - 2014-03-12 17:11 - 00039118 _____ () C:\WINDOWS\KB2564958.log
2014-03-12 17:11 - 2014-03-12 17:11 - 00037061 _____ () C:\WINDOWS\KB2834886.log
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2758857$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-03-12 17:10 - 2014-03-12 17:10 - 00040372 _____ () C:\WINDOWS\KB955759.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00039840 _____ () C:\WINDOWS\KB2536276-v2.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00038287 _____ () C:\WINDOWS\KB975558.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00037378 _____ () C:\WINDOWS\KB2296011.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00036734 _____ () C:\WINDOWS\KB2900986.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-03-12 17:07 - 2014-03-12 17:08 - 00036746 _____ () C:\WINDOWS\KB2378111.log
2014-03-12 17:07 - 2014-03-12 17:07 - 00037450 _____ () C:\WINDOWS\KB2229593.log
2014-03-12 17:07 - 2014-03-12 17:07 - 00034098 _____ () C:\WINDOWS\KB2834902-v2.log
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961503$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834902-v2_WM10$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-03-12 17:06 - 2014-03-12 17:06 - 00035720 _____ () C:\WINDOWS\KB2686509.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00035638 _____ () C:\WINDOWS\KB2485663.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00033986 _____ () C:\WINDOWS\KB2862335.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00032558 _____ () C:\WINDOWS\KB954155.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-03-12 17:05 - 2014-03-12 17:05 - 00037370 _____ () C:\WINDOWS\KB956572.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00032024 _____ () C:\WINDOWS\KB956844.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00030387 _____ () C:\WINDOWS\KB2904266.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00006814 _____ () C:\WINDOWS\system32\TZLog.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-03-12 17:04 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-03-12 17:04 - 2014-03-12 17:04 - 00031673 _____ () C:\WINDOWS\KB973869.log
2014-03-12 17:04 - 2014-03-12 17:04 - 00030789 _____ () C:\WINDOWS\KB2592799.log
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-03-12 17:03 - 2014-03-12 17:03 - 00031407 _____ () C:\WINDOWS\KB941569.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00030558 _____ () C:\WINDOWS\KB2535512.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00030068 _____ () C:\WINDOWS\KB950762.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00030008 _____ () C:\WINDOWS\KB2807986.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00029304 _____ () C:\WINDOWS\KB2570947.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB941569$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-03-12 17:02 - 2014-03-12 17:02 - 00029747 _____ () C:\WINDOWS\KB973904.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00029244 _____ () C:\WINDOWS\KB952287.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00029204 _____ () C:\WINDOWS\KB2868038.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00028819 _____ () C:\WINDOWS\KB2603381.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00027615 _____ () C:\WINDOWS\KB2884256.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00025483 _____ () C:\WINDOWS\KB978695.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2884256$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-03-12 17:01 - 2014-03-12 17:01 - 00018599 _____ () C:\WINDOWS\KB952069.log
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952069_WM9$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-03-12 16:58 - 2014-03-12 16:58 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft Help
2014-03-12 16:57 - 2014-03-12 16:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-03-12 16:56 - 2014-03-12 16:56 - 00021170 _____ () C:\WINDOWS\KB2698365.log
2014-03-12 16:56 - 2014-03-12 16:56 - 00019523 _____ () C:\WINDOWS\KB2723135-v2.log
2014-03-12 16:56 - 2014-03-12 16:56 - 00018901 _____ () C:\WINDOWS\KB981997.log
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-03-12 16:55 - 2014-03-12 17:11 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-12 16:55 - 2014-03-12 16:55 - 00017169 _____ () C:\WINDOWS\KB2510531-IE8.log
2014-03-12 16:55 - 2014-03-12 16:55 - 00014801 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-03-12 16:54 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-03-12 16:54 - 2014-03-12 16:54 - 00018283 _____ () C:\WINDOWS\KB2393802.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00016668 _____ () C:\WINDOWS\KB923561.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00014913 _____ () C:\WINDOWS\KB2566454.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00014706 _____ () C:\WINDOWS\KB2661637.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00012513 _____ () C:\WINDOWS\KB2914368.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00011891 _____ () C:\WINDOWS\KB2423089.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-03-12 16:25 - 2014-03-13 17:07 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-03-12 16:25 - 2014-03-12 16:25 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-12 16:24 - 2008-07-06 20:06 - 01676288 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpssvcs.dll
2014-03-12 16:24 - 2008-07-06 20:06 - 01676288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpssvcs.dll
2014-03-12 16:24 - 2008-07-06 20:06 - 00575488 ____N (Microsoft Corporation) C:\WINDOWS\system32\xpsshhdr.dll
2014-03-12 16:24 - 2008-07-06 20:06 - 00575488 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpsshhdr.dll
2014-03-12 16:24 - 2008-07-06 20:06 - 00117760 ____N (Microsoft Corporation) C:\WINDOWS\system32\prntvpt.dll
2014-03-12 16:24 - 2008-07-06 20:06 - 00089088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\filterpipelineprintproc.dll
2014-03-12 16:24 - 2008-07-06 18:50 - 00597504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\printfilterpipelinesvc.exe
2014-03-12 13:45 - 2014-02-24 19:46 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-03-12 13:45 - 2014-02-24 19:45 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-03-12 13:45 - 2014-02-24 19:45 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-03-12 13:45 - 2014-02-24 19:45 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-03-12 13:42 - 2014-03-12 17:06 - 00043516 _____ () C:\WINDOWS\KB2929961.log
2014-03-12 13:42 - 2014-03-12 17:05 - 00041056 _____ () C:\WINDOWS\KB2930275.log
2014-03-12 09:29 - 2014-03-13 08:03 - 00000000 ____D () C:\WINDOWS\system32\CatRoot2_20143138332
2014-03-12 08:50 - 2014-03-12 08:50 - 00065566 _____ () C:\ComboFix.txt
2014-03-12 08:43 - 2014-03-12 08:50 - 00000000 ____D () C:\ComboFix
2014-03-11 13:59 - 2014-03-12 17:12 - 00058203 _____ () C:\WINDOWS\KB952954.log
2014-03-11 13:59 - 2014-03-12 17:12 - 00056638 _____ () C:\WINDOWS\KB2868626.log
2014-03-11 13:58 - 2014-03-12 17:12 - 00057476 _____ () C:\WINDOWS\KB959426.log
2014-03-11 13:58 - 2010-09-18 14:53 - 00953856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2014-03-11 13:57 - 2014-03-12 17:11 - 00057628 _____ () C:\WINDOWS\KB2712808.log
2014-03-11 13:57 - 2014-03-12 17:11 - 00057220 _____ () C:\WINDOWS\KB960859.log
2014-03-11 13:57 - 2014-03-12 17:11 - 00052441 _____ () C:\WINDOWS\KB2479943.log
2014-03-11 13:56 - 2014-03-12 17:11 - 00050547 _____ () C:\WINDOWS\KB2478971.log
2014-03-11 13:56 - 2014-03-12 17:11 - 00049789 _____ () C:\WINDOWS\KB2758857.log
2014-03-11 13:56 - 2014-03-12 17:11 - 00048227 _____ () C:\WINDOWS\KB2916036.log
2014-03-11 13:56 - 2011-07-15 21:29 - 00456320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mrxsmb.sys
2014-03-11 13:55 - 2014-03-12 17:11 - 00049465 _____ () C:\WINDOWS\KB2544893-v2.log
2014-03-11 13:55 - 2014-03-12 17:10 - 00050461 _____ () C:\WINDOWS\KB2585542.log
2014-03-11 13:55 - 2014-03-12 17:10 - 00049351 _____ () C:\WINDOWS\KB2631813.log
2014-03-11 13:55 - 2010-08-24 00:12 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2014-03-11 13:55 - 2008-06-13 19:05 - 00272128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bthport.sys
2014-03-11 13:54 - 2014-03-12 17:10 - 00049828 _____ () C:\WINDOWS\KB2691442.log
2014-03-11 13:54 - 2014-03-12 17:10 - 00048852 _____ () C:\WINDOWS\KB2115168.log
2014-03-11 13:54 - 2014-03-12 17:10 - 00046560 _____ () C:\WINDOWS\KB2847311.log
2014-03-11 13:51 - 2009-11-21 23:51 - 00471552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aclayers.dll
2014-03-11 13:50 - 2014-03-12 17:07 - 00048217 _____ () C:\WINDOWS\KB974318.log
2014-03-11 13:50 - 2014-03-12 17:07 - 00047760 _____ () C:\WINDOWS\KB951978.log
2014-03-11 13:50 - 2014-03-12 17:07 - 00047696 _____ () C:\WINDOWS\KB2655992.log
2014-03-11 13:50 - 2014-03-12 17:07 - 00046784 _____ () C:\WINDOWS\KB2443105.log
2014-03-11 13:50 - 2014-03-12 17:07 - 00046776 _____ () C:\WINDOWS\KB969059.log
2014-03-11 13:50 - 2014-03-12 17:05 - 00044755 _____ () C:\WINDOWS\KB2780091.log
2014-03-11 13:50 - 2014-03-12 17:05 - 00039699 _____ () C:\WINDOWS\KB2876217.log
2014-03-11 13:50 - 2014-03-12 17:05 - 00038541 _____ () C:\WINDOWS\KB2864063.log
2014-03-11 13:50 - 2014-03-12 17:03 - 00038093 _____ () C:\WINDOWS\KB2859537.log
2014-03-11 13:50 - 2014-03-12 17:03 - 00037198 _____ () C:\WINDOWS\KB2876331.log
2014-03-11 13:50 - 2013-07-17 08:58 - 00123008 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-03-11 13:50 - 2013-07-17 08:58 - 00060160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-03-11 13:50 - 2013-07-17 08:58 - 00046848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-03-11 13:50 - 2013-07-03 10:12 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-03-11 13:49 - 2014-03-12 17:07 - 00046934 _____ () C:\WINDOWS\KB2802968.log
2014-03-11 13:49 - 2014-03-12 17:07 - 00046394 _____ () C:\WINDOWS\KB961503.log
2014-03-11 13:49 - 2014-03-12 17:06 - 00043846 _____ () C:\WINDOWS\KB2898715.log
2014-03-11 13:49 - 2014-03-12 17:03 - 00037127 _____ () C:\WINDOWS\KB2850869.log
2014-03-11 13:49 - 2014-03-12 17:02 - 00038496 _____ () C:\WINDOWS\KB2820917.log
2014-03-11 13:49 - 2014-03-12 17:01 - 00037685 _____ () C:\WINDOWS\KB2757638.log
2014-03-11 13:49 - 2014-03-12 16:56 - 00026436 _____ () C:\WINDOWS\KB2892075.log
2014-03-11 13:49 - 2014-03-11 14:03 - 00008340 _____ () C:\WINDOWS\KB2845187.log
2014-03-11 13:49 - 2013-02-12 08:32 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2014-03-11 13:49 - 2010-06-14 22:31 - 00744448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\helpsvc.exe
2014-03-11 13:48 - 2014-03-12 17:07 - 00045847 _____ () C:\WINDOWS\KB950974.log
2014-03-11 13:48 - 2014-03-12 17:06 - 00046545 _____ () C:\WINDOWS\KB2481109.log
2014-03-11 13:48 - 2014-03-12 17:04 - 00037773 _____ () C:\WINDOWS\KB2862152.log
2014-03-11 13:48 - 2014-03-12 17:02 - 00035520 _____ () C:\WINDOWS\KB2893294.log
2014-03-11 13:48 - 2014-03-12 17:01 - 00030875 _____ () C:\WINDOWS\KB2749655.log
2014-03-11 13:48 - 2014-03-11 14:03 - 00008693 _____ () C:\WINDOWS\KB2893984.log
2014-03-11 13:48 - 2010-08-27 16:02 - 00119808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\t2embed.dll
2014-03-11 13:48 - 2009-10-16 00:28 - 00081920 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fontsub.dll
2014-03-11 13:48 - 2008-05-08 22:02 - 00203136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rmcast.sys
Click to expand...

cont..
 
cont..

2014-03-11 13:47 - 2014-03-12 17:06 - 00044499 _____ () C:\WINDOWS\KB975713.log
2014-03-11 13:47 - 2014-03-12 17:06 - 00044236 _____ () C:\WINDOWS\KB2598479.log
2014-03-11 13:47 - 2014-03-12 17:06 - 00043626 _____ () C:\WINDOWS\KB2507938.log
2014-03-11 13:47 - 2014-03-12 17:06 - 00042993 _____ () C:\WINDOWS\KB982132.log
2014-03-11 13:47 - 2014-03-12 17:05 - 00041366 _____ () C:\WINDOWS\KB979687.log
2014-03-11 13:47 - 2014-03-12 17:04 - 00040487 _____ () C:\WINDOWS\KB2719985.log
2014-03-11 13:47 - 2014-03-12 17:01 - 00031934 _____ () C:\WINDOWS\KB2508429.log
2014-03-11 13:47 - 2014-03-12 17:01 - 00029748 _____ () C:\WINDOWS\KB971029.log
2014-03-11 13:47 - 2009-06-22 05:44 - 00153088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\triedit.dll
2014-03-11 13:47 - 2008-05-01 22:33 - 00331776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msadce.dll
2014-03-11 13:46 - 2014-03-12 17:06 - 00042803 _____ () C:\WINDOWS\KB971657.log
2014-03-11 13:46 - 2014-03-12 17:04 - 00040163 _____ () C:\WINDOWS\KB952004.log
2014-03-11 13:46 - 2014-03-12 17:04 - 00039272 _____ () C:\WINDOWS\KB975025.log
2014-03-11 13:46 - 2014-03-12 17:01 - 00028261 _____ () C:\WINDOWS\KB2506212.log
2014-03-11 13:46 - 2014-03-12 16:57 - 00032934 _____ () C:\WINDOWS\KB977914.log
2014-03-11 13:45 - 2014-03-12 17:06 - 00042748 _____ () C:\WINDOWS\KB978338.log
2014-03-11 13:45 - 2014-03-12 17:05 - 00042142 _____ () C:\WINDOWS\KB974112.log
2014-03-11 13:45 - 2014-03-12 17:03 - 00037365 _____ () C:\WINDOWS\KB977816.log
2014-03-11 13:45 - 2014-03-12 17:01 - 00030109 _____ () C:\WINDOWS\KB2653956.log
2014-03-11 13:45 - 2014-03-12 17:01 - 00029624 _____ () C:\WINDOWS\KB974392.log
2014-03-11 13:45 - 2011-04-21 21:37 - 00105472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2014-03-11 13:45 - 2009-07-28 06:27 - 00128512 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dhtmled.ocx
2014-03-11 13:45 - 2009-03-06 22:22 - 00284160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pdh.dll
2014-03-11 13:45 - 2009-02-09 20:10 - 00617472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\advapi32.dll
2014-03-11 13:45 - 2009-02-09 20:10 - 00473600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fastprox.dll
2014-03-11 13:45 - 2009-02-09 20:10 - 00453120 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvsd.dll
2014-03-11 13:45 - 2009-02-09 20:10 - 00401408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rpcss.dll
2014-03-11 13:45 - 2009-02-06 19:11 - 00110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\services.exe
2014-03-11 13:45 - 2009-02-06 18:10 - 00227840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiprvse.exe
2014-03-11 13:44 - 2014-03-12 17:05 - 00039612 _____ () C:\WINDOWS\KB2483185.log
2014-03-11 13:44 - 2014-03-12 17:04 - 00037927 _____ () C:\WINDOWS\KB974571.log
2014-03-11 13:44 - 2014-03-12 17:04 - 00037499 _____ () C:\WINDOWS\KB973507.log
2014-03-11 13:44 - 2014-03-12 17:01 - 00036901 _____ () C:\WINDOWS\KB2419632.log
2014-03-11 13:43 - 2014-03-12 16:56 - 00026484 _____ () C:\WINDOWS\KB2705219-v2.log
2014-03-11 13:43 - 2014-03-12 16:56 - 00025809 _____ () C:\WINDOWS\KB2619339.log
2014-03-11 13:43 - 2014-03-12 16:56 - 00025064 _____ () C:\WINDOWS\KB960803.log
2014-03-11 13:43 - 2014-03-12 16:56 - 00024888 _____ () C:\WINDOWS\KB978542.log
2014-03-11 13:43 - 2014-03-12 16:56 - 00024851 _____ () C:\WINDOWS\KB2727528.log
2014-03-11 13:43 - 2014-03-12 16:56 - 00024765 _____ () C:\WINDOWS\KB978706.log
2014-03-11 13:43 - 2014-03-12 16:56 - 00024759 _____ () C:\WINDOWS\KB979482.log
2014-03-11 13:43 - 2012-07-04 22:05 - 00139784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2014-03-11 13:43 - 2012-05-29 02:16 - 00536576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2014-03-11 13:43 - 2010-06-18 21:36 - 03558912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\moviemk.exe
2014-03-11 13:42 - 2014-03-14 08:43 - 00089641 _____ () C:\WINDOWS\setupapi.log
2014-03-11 13:42 - 2014-03-12 16:56 - 00024365 _____ () C:\WINDOWS\KB973815.log
2014-03-11 13:42 - 2014-03-12 16:55 - 00026472 _____ () C:\WINDOWS\KB2676562.log
2014-03-11 13:42 - 2014-03-12 16:55 - 00025863 _____ () C:\WINDOWS\KB2509553.log
2014-03-11 13:42 - 2014-03-12 16:55 - 00025761 _____ () C:\WINDOWS\KB2813345.log
2014-03-11 13:42 - 2014-03-12 16:55 - 00021472 _____ () C:\WINDOWS\KB982665.log
2014-03-11 13:42 - 2013-11-06 09:03 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsp4res.dll
2014-03-11 13:42 - 2013-08-09 08:55 - 00144128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-03-11 13:42 - 2013-08-09 08:55 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-03-11 13:42 - 2013-07-04 11:03 - 02149888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2014-03-11 13:42 - 2013-07-04 10:59 - 02193536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2014-03-11 13:42 - 2013-07-04 10:08 - 02070144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2014-03-11 13:42 - 2013-07-04 10:08 - 02028544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2014-03-11 13:42 - 2010-12-09 23:15 - 00718336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntdll.dll
2014-03-11 13:42 - 2010-07-12 20:55 - 00218112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wordpad.exe
2014-03-11 13:42 - 2009-11-21 23:51 - 01206508 ____C () C:\WINDOWS\system32\dllcache\sysmain.sdb
2014-03-11 13:42 - 2009-03-18 19:02 - 00030336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-03-11 13:41 - 2014-03-12 16:54 - 00020278 _____ () C:\WINDOWS\KB2620712.log
2014-03-11 13:41 - 2014-03-12 16:54 - 00019789 _____ () C:\WINDOWS\KB2584146.log
2014-03-11 13:41 - 2013-11-28 04:21 - 00040960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-03-11 13:41 - 2012-01-12 03:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2014-03-11 13:41 - 2012-01-12 03:06 - 00003072 ____C () C:\WINDOWS\system32\dllcache\iacenc.dll
2014-03-11 13:41 - 2011-07-08 22:02 - 00010496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2014-03-11 13:40 - 2014-03-12 16:54 - 00020582 _____ () C:\WINDOWS\KB975467.log
2014-03-11 13:39 - 2014-03-12 16:54 - 00021106 _____ () C:\WINDOWS\KB968389.log
2014-03-11 13:39 - 2010-10-11 22:59 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe
2014-03-11 13:36 - 2014-03-12 16:56 - 00023525 _____ () C:\WINDOWS\KB979309.log
2014-03-11 09:38 - 2014-03-11 09:38 - 00000174 _____ () C:\Documents and Settings\User\defogger_reenable
2014-03-11 08:24 - 2012-06-02 15:18 - 00275696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll
2014-03-11 08:24 - 2012-06-02 15:18 - 00017136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mucltui.dll.mui
2014-03-10 09:27 - 2014-03-10 09:27 - 00000000 _RSHD () C:\cmdcons
2014-03-10 09:27 - 2014-03-01 12:26 - 00000245 _____ () C:\Boot.bak
2014-03-10 09:27 - 2004-08-03 23:00 - 00260272 __RSH () C:\cmldr
2014-03-10 09:25 - 2014-03-12 08:50 - 00000000 ____D () C:\Qoobox
2014-03-10 09:25 - 2014-03-10 09:32 - 00000000 ____D () C:\WINDOWS\erdnt
2014-03-10 09:25 - 2011-06-26 14:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2014-03-10 09:25 - 2010-11-08 01:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2014-03-10 09:25 - 2009-04-20 12:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2014-03-10 09:25 - 2000-08-31 08:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2014-03-10 09:25 - 2000-08-31 08:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2014-03-10 09:25 - 2000-08-31 08:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2014-03-10 09:25 - 2000-08-31 08:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2014-03-10 09:25 - 2000-08-31 08:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2014-03-10 09:25 - 2000-08-31 08:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2014-03-08 14:58 - 2014-03-08 15:07 - 00011889 _____ () C:\Documents and Settings\User\Desktop\Book2a.xlsx
2014-03-07 17:58 - 2014-03-11 14:42 - 00000180 _____ () C:\hwsig.log
2014-03-07 10:22 - 2014-03-07 10:22 - 00000000 ____D () C:\Program Files\ESET
2014-03-06 14:57 - 2014-03-14 13:08 - 00054272 _____ () C:\Documents and Settings\User\Desktop\container - 6 3 2014.xls
2014-03-05 10:13 - 2014-03-05 10:13 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-05 09:33 - 2014-03-05 10:09 - 00000000 ____D () C:\AdwCleaner
2014-03-04 10:22 - 2014-03-04 17:57 - 00227455 _____ () C:\Documents and Settings\User\Desktop\CONTAINA - SCHEDULE.xlsx
2014-03-04 09:29 - 2014-03-17 09:33 - 00000000 ____D () C:\FRST
2014-03-03 13:59 - 2014-03-03 13:59 - 00000000 __SHD () C:\Documents and Settings\User\IECompatCache
2014-03-03 10:28 - 2014-03-03 10:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-03 10:28 - 2014-03-03 10:28 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Skype
2014-03-03 10:28 - 2014-03-03 10:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-03-03 09:58 - 2014-03-03 09:58 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Malwarebytes
2014-03-03 09:57 - 2014-03-03 09:57 - 00000796 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 09:57 - 2014-03-03 09:57 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-03 09:57 - 2014-03-03 09:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-03-03 09:57 - 2014-03-03 09:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-03-03 09:57 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-03-01 12:20 - 2014-03-13 11:11 - 00000512 _____ () C:\Documents and Settings\User\Desktop\MBR.dat
2014-03-01 10:32 - 2014-03-01 10:32 - 00000000 ____D () C:\Program Files\ERUNT
2014-03-01 10:32 - 2014-03-01 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
2014-02-20 08:38 - 2014-02-20 08:43 - 00048640 _____ () C:\Documents and Settings\User\Desktop\2002020141_Bong_PriceComfirmation.xls
2014-02-19 14:34 - 2014-02-19 14:34 - 00940794 _____ () C:\WINDOWS\system32\LoopyMusic.wav
2014-02-19 14:34 - 2014-02-19 14:34 - 00146650 _____ () C:\WINDOWS\system32\BuzzingBee.wav
2014-02-17 12:20 - 2014-02-17 12:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-03-17 09:33 - 2014-03-17 09:33 - 00024919 _____ () C:\Documents and Settings\User\Desktop\FRST.txt
2014-03-17 09:33 - 2014-03-17 09:33 - 00000000 ____D () C:\Documents and Settings\User\Desktop\FRST-OlderVersion
2014-03-17 09:33 - 2014-03-17 09:32 - 01145856 _____ (Farbar) C:\Documents and Settings\User\Desktop\FRST.exe
2014-03-17 09:33 - 2014-03-04 09:29 - 00000000 ____D () C:\FRST
2014-03-17 09:31 - 2014-03-17 09:31 - 00123673 _____ () C:\Documents and Settings\User\Desktop\TDSS.TXT
2014-03-17 09:21 - 2010-08-23 10:48 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-17 09:21 - 2010-08-23 10:48 - 00000878 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-17 08:44 - 2014-01-07 15:32 - 00000364 ____H () C:\WINDOWS\Tasks\avast! Emergency Update.job
2014-03-17 08:35 - 2013-12-16 13:08 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-03-17 08:34 - 2014-03-17 08:44 - 04130656 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\User\Desktop\tdsskiller.exe
2014-03-17 08:23 - 2014-03-17 08:23 - 00010768 _____ () C:\Documents and Settings\User\Desktop\OCT PROFIT.xlsx
2014-03-17 08:15 - 2009-12-05 22:25 - 01593223 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-17 08:13 - 2014-01-09 11:02 - 00000644 _____ () C:\WINDOWS\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-03-17 08:12 - 2013-12-16 13:32 - 00000284 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1844237615-776561741-725345543-1003.job
2014-03-17 08:12 - 2013-12-16 13:32 - 00000276 _____ () C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1844237615-776561741-725345543-1003.job
2014-03-17 08:12 - 2012-03-30 11:09 - 00000430 _____ () C:\WINDOWS\Tasks\SogouImeMgr.job
2014-03-17 08:12 - 2009-12-06 06:20 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-03-17 08:12 - 2009-12-06 06:20 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-03-17 08:12 - 2009-12-05 22:29 - 00032616 _____ () C:\WINDOWS\SchedLgU.Txt
2014-03-17 08:12 - 2009-12-05 22:29 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-17 08:12 - 2006-02-28 20:00 - 00013646 _____ () C:\WINDOWS\system32\wpa.dbl
2014-03-14 17:53 - 2014-01-09 11:02 - 00327680 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2014-03-14 17:53 - 2009-12-05 22:29 - 00000178 ___SH () C:\Documents and Settings\User\ntuser.ini
2014-03-14 17:32 - 2014-03-14 12:15 - 00015015 _____ () C:\Documents and Settings\User\Desktop\eurotrac container.xlsx
2014-03-14 17:32 - 2014-03-14 11:37 - 00014512 _____ () C:\Documents and Settings\User\Desktop\MSH ELECTRICAL KUCHING.xlsx
2014-03-14 16:20 - 2014-03-14 16:14 - 00016385 _____ () C:\Documents and Settings\User\Desktop\Container MENLITE KK.xlsx
2014-03-14 15:38 - 2013-12-16 13:33 - 00000438 ____H () C:\WINDOWS\Tasks\Norton Security Scan for User.job
2014-03-14 13:08 - 2014-03-14 12:13 - 00018194 _____ () C:\Documents and Settings\User\Desktop\March Container list.xlsx
2014-03-14 13:08 - 2014-03-06 14:57 - 00054272 _____ () C:\Documents and Settings\User\Desktop\container - 6 3 2014.xls
2014-03-14 12:45 - 2014-03-14 12:45 - 00001779 _____ () C:\Documents and Settings\All Users\Desktop\Google Slides.lnk
2014-03-14 12:45 - 2014-03-14 12:45 - 00001777 _____ () C:\Documents and Settings\All Users\Desktop\Google Sheets.lnk
2014-03-14 12:45 - 2014-03-14 12:45 - 00001767 _____ () C:\Documents and Settings\All Users\Desktop\Google Docs.lnk
2014-03-14 12:45 - 2014-03-14 12:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Drive
2014-03-14 12:45 - 2010-08-23 10:48 - 00000000 ____D () C:\Program Files\Google
2014-03-14 12:45 - 2010-08-23 10:48 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Google
2014-03-14 11:39 - 2010-08-23 10:48 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Skype
2014-03-14 08:59 - 2009-12-08 14:11 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-03-14 08:43 - 2014-03-11 13:42 - 00089641 _____ () C:\WINDOWS\setupapi.log
2014-03-13 18:02 - 2009-12-06 06:18 - 00513832 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-13 17:32 - 2009-12-10 15:17 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-03-13 17:31 - 2014-03-13 17:31 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-03-13 17:31 - 2014-03-13 11:54 - 00014552 _____ () C:\WINDOWS\KB2345886.log
2014-03-13 17:31 - 2009-12-06 06:18 - 01081502 _____ () C:\WINDOWS\iis6.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00949960 _____ () C:\WINDOWS\FaxSetup.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00472217 _____ () C:\WINDOWS\ocgen.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00440535 _____ () C:\WINDOWS\tsoc.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00325654 _____ () C:\WINDOWS\comsetup.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00301710 _____ () C:\WINDOWS\msmqinst.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00196678 _____ () C:\WINDOWS\ntdtcsetup.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00167075 _____ () C:\WINDOWS\netfxocm.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00066401 _____ () C:\WINDOWS\MedCtrOC.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00052889 _____ () C:\WINDOWS\ocmsn.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00048411 _____ () C:\WINDOWS\tabletoc.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00047942 _____ () C:\WINDOWS\msgsocm.log
2014-03-13 17:31 - 2009-12-06 06:18 - 00001374 _____ () C:\WINDOWS\imsins.log
2014-03-13 17:30 - 2014-03-13 17:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB970430$
2014-03-13 17:30 - 2009-12-06 06:18 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2014-03-13 17:30 - 2009-12-05 23:15 - 00207367 _____ () C:\WINDOWS\updspapi.log
2014-03-13 17:24 - 2014-03-13 17:24 - 00006515 _____ () C:\WINDOWS\KB961118.log
2014-03-13 17:24 - 2014-03-13 17:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961118$
2014-03-13 17:09 - 2009-12-05 22:24 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-13 17:09 - 2006-02-28 20:00 - 00000655 _____ () C:\WINDOWS\win.ini
2014-03-13 17:07 - 2014-03-12 16:25 - 00000000 ____D () C:\WINDOWS\system32\XPSViewer
2014-03-13 16:58 - 2014-03-13 16:58 - 00013043 _____ () C:\Documents and Settings\User\Desktop\menlitekk1332014.xlsx
2014-03-13 11:54 - 2009-12-05 22:26 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-03-13 11:11 - 2014-03-01 12:20 - 00000512 _____ () C:\Documents and Settings\User\Desktop\MBR.dat
2014-03-13 08:03 - 2014-03-12 09:29 - 00000000 ____D () C:\WINDOWS\system32\CatRoot2_20143138332
2014-03-13 07:53 - 2009-12-06 06:16 - 00000355 __RSH () C:\boot.ini
2014-03-13 07:53 - 2006-02-28 20:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-03-12 17:47 - 2014-03-12 17:47 - 00000000 __SHD () C:\Documents and Settings\Default User\IETldCache
2014-03-12 17:24 - 2009-12-05 22:29 - 00095440 _____ () C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2014-03-12 17:19 - 2014-03-12 17:19 - 00008663 _____ () C:\WINDOWS\WgaNotify.log
2014-03-12 17:19 - 2009-12-05 23:24 - 00048318 _____ () C:\WINDOWS\spupdsvc.log
2014-03-12 17:15 - 2009-12-06 06:17 - 03904496 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-03-12 17:12 - 2014-03-12 17:12 - 00047839 _____ () C:\WINDOWS\KB951376-v2.log
2014-03-12 17:12 - 2014-03-12 17:12 - 00047383 _____ () C:\WINDOWS\KB2387149.log
2014-03-12 17:12 - 2014-03-12 17:12 - 00047298 _____ () C:\WINDOWS\KB946648.log
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB959426$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952954$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951376-v2$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB946648$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-03-12 17:12 - 2014-03-12 17:12 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-03-12 17:12 - 2014-03-11 13:59 - 00058203 _____ () C:\WINDOWS\KB952954.log
2014-03-12 17:12 - 2014-03-11 13:59 - 00056638 _____ () C:\WINDOWS\KB2868626.log
2014-03-12 17:12 - 2014-03-11 13:58 - 00057476 _____ () C:\WINDOWS\KB959426.log
2014-03-12 17:12 - 2009-12-05 22:23 - 00000000 ____D () C:\Program Files\Messenger
2014-03-12 17:11 - 2014-03-12 17:11 - 00047579 _____ () C:\WINDOWS\KB2925418-IE8.log
2014-03-12 17:11 - 2014-03-12 17:11 - 00039909 _____ () C:\WINDOWS\KB2659262.log
2014-03-12 17:11 - 2014-03-12 17:11 - 00039118 _____ () C:\WINDOWS\KB2564958.log
2014-03-12 17:11 - 2014-03-12 17:11 - 00037061 _____ () C:\WINDOWS\KB2834886.log
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960859$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2758857$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-03-12 17:11 - 2014-03-12 17:11 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-03-12 17:11 - 2014-03-12 16:55 - 00000000 ____D () C:\WINDOWS\ie8updates
2014-03-12 17:11 - 2014-03-11 13:57 - 00057628 _____ () C:\WINDOWS\KB2712808.log
2014-03-12 17:11 - 2014-03-11 13:57 - 00057220 _____ () C:\WINDOWS\KB960859.log
2014-03-12 17:11 - 2014-03-11 13:57 - 00052441 _____ () C:\WINDOWS\KB2479943.log
2014-03-12 17:11 - 2014-03-11 13:56 - 00050547 _____ () C:\WINDOWS\KB2478971.log
2014-03-12 17:11 - 2014-03-11 13:56 - 00049789 _____ () C:\WINDOWS\KB2758857.log
2014-03-12 17:11 - 2014-03-11 13:56 - 00048227 _____ () C:\WINDOWS\KB2916036.log
2014-03-12 17:11 - 2014-03-11 13:55 - 00049465 _____ () C:\WINDOWS\KB2544893-v2.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00040372 _____ () C:\WINDOWS\KB955759.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00039840 _____ () C:\WINDOWS\KB2536276-v2.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00038287 _____ () C:\WINDOWS\KB975558.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00037378 _____ () C:\WINDOWS\KB2296011.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00036734 _____ () C:\WINDOWS\KB2900986.log
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-03-12 17:10 - 2014-03-12 17:10 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-03-12 17:10 - 2014-03-11 13:55 - 00050461 _____ () C:\WINDOWS\KB2585542.log
2014-03-12 17:10 - 2014-03-11 13:55 - 00049351 _____ () C:\WINDOWS\KB2631813.log
2014-03-12 17:10 - 2014-03-11 13:54 - 00049828 _____ () C:\WINDOWS\KB2691442.log
2014-03-12 17:10 - 2014-03-11 13:54 - 00048852 _____ () C:\WINDOWS\KB2115168.log
2014-03-12 17:10 - 2014-03-11 13:54 - 00046560 _____ () C:\WINDOWS\KB2847311.log
2014-03-12 17:08 - 2014-03-12 17:07 - 00036746 _____ () C:\WINDOWS\KB2378111.log
2014-03-12 17:08 - 2009-12-05 22:24 - 00043638 _____ () C:\WINDOWS\wmsetup.log
2014-03-12 17:07 - 2014-03-12 17:07 - 00037450 _____ () C:\WINDOWS\KB2229593.log
2014-03-12 17:07 - 2014-03-12 17:07 - 00034098 _____ () C:\WINDOWS\KB2834902-v2.log
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974318$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB969059$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB961503$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834902-v2_WM10$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-03-12 17:07 - 2014-03-12 17:07 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2229593$
2014-03-12 17:07 - 2014-03-11 13:50 - 00048217 _____ () C:\WINDOWS\KB974318.log
2014-03-12 17:07 - 2014-03-11 13:50 - 00047760 _____ () C:\WINDOWS\KB951978.log
2014-03-12 17:07 - 2014-03-11 13:50 - 00047696 _____ () C:\WINDOWS\KB2655992.log
2014-03-12 17:07 - 2014-03-11 13:50 - 00046784 _____ () C:\WINDOWS\KB2443105.log
2014-03-12 17:07 - 2014-03-11 13:50 - 00046776 _____ () C:\WINDOWS\KB969059.log
2014-03-12 17:07 - 2014-03-11 13:49 - 00046934 _____ () C:\WINDOWS\KB2802968.log
2014-03-12 17:07 - 2014-03-11 13:49 - 00046394 _____ () C:\WINDOWS\KB961503.log
2014-03-12 17:07 - 2014-03-11 13:48 - 00045847 _____ () C:\WINDOWS\KB950974.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00035720 _____ () C:\WINDOWS\KB2686509.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00035638 _____ () C:\WINDOWS\KB2485663.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00033986 _____ () C:\WINDOWS\KB2862335.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00032558 _____ () C:\WINDOWS\KB954155.log
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978338$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975713$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971657$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB954155_WM9$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950974$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-03-12 17:06 - 2014-03-12 17:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-03-12 17:06 - 2014-03-12 13:42 - 00043516 _____ () C:\WINDOWS\KB2929961.log
2014-03-12 17:06 - 2014-03-11 13:49 - 00043846 _____ () C:\WINDOWS\KB2898715.log
2014-03-12 17:06 - 2014-03-11 13:48 - 00046545 _____ () C:\WINDOWS\KB2481109.log
2014-03-12 17:06 - 2014-03-11 13:47 - 00044499 _____ () C:\WINDOWS\KB975713.log
2014-03-12 17:06 - 2014-03-11 13:47 - 00044236 _____ () C:\WINDOWS\KB2598479.log
2014-03-12 17:06 - 2014-03-11 13:47 - 00043626 _____ () C:\WINDOWS\KB2507938.log
2014-03-12 17:06 - 2014-03-11 13:47 - 00042993 _____ () C:\WINDOWS\KB982132.log
2014-03-12 17:06 - 2014-03-11 13:46 - 00042803 _____ () C:\WINDOWS\KB971657.log
2014-03-12 17:06 - 2014-03-11 13:45 - 00042748 _____ () C:\WINDOWS\KB978338.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00037370 _____ () C:\WINDOWS\KB956572.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00032024 _____ () C:\WINDOWS\KB956844.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00030387 _____ () C:\WINDOWS\KB2904266.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00006814 _____ () C:\WINDOWS\system32\TZLog.log
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974112$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB972270$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956844$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB956572$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-03-12 17:05 - 2014-03-12 17:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-03-12 17:05 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-03-12 17:05 - 2014-03-12 13:42 - 00041056 _____ () C:\WINDOWS\KB2930275.log
2014-03-12 17:05 - 2014-03-11 13:50 - 00044755 _____ () C:\WINDOWS\KB2780091.log
2014-03-12 17:05 - 2014-03-11 13:50 - 00039699 _____ () C:\WINDOWS\KB2876217.log
2014-03-12 17:05 - 2014-03-11 13:50 - 00038541 _____ () C:\WINDOWS\KB2864063.log
2014-03-12 17:05 - 2014-03-11 13:47 - 00041366 _____ () C:\WINDOWS\KB979687.log
2014-03-12 17:05 - 2014-03-11 13:45 - 00042142 _____ () C:\WINDOWS\KB974112.log
2014-03-12 17:05 - 2014-03-11 13:44 - 00039612 _____ () C:\WINDOWS\KB2483185.log
2014-03-12 17:04 - 2014-03-12 17:04 - 00031673 _____ () C:\WINDOWS\KB973869.log
2014-03-12 17:04 - 2014-03-12 17:04 - 00030789 _____ () C:\WINDOWS\KB2592799.log
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975560$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974571$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973869$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973507$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952004$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-03-12 17:04 - 2014-03-12 17:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-03-12 17:04 - 2014-03-11 13:48 - 00037773 _____ () C:\WINDOWS\KB2862152.log
2014-03-12 17:04 - 2014-03-11 13:47 - 00040487 _____ () C:\WINDOWS\KB2719985.log
2014-03-12 17:04 - 2014-03-11 13:46 - 00040163 _____ () C:\WINDOWS\KB952004.log
2014-03-12 17:04 - 2014-03-11 13:46 - 00039272 _____ () C:\WINDOWS\KB975025.log
2014-03-12 17:04 - 2014-03-11 13:44 - 00037927 _____ () C:\WINDOWS\KB974571.log
2014-03-12 17:04 - 2014-03-11 13:44 - 00037499 _____ () C:\WINDOWS\KB973507.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00031407 _____ () C:\WINDOWS\KB941569.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00030558 _____ () C:\WINDOWS\KB2535512.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00030068 _____ () C:\WINDOWS\KB950762.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00030008 _____ () C:\WINDOWS\KB2807986.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00029304 _____ () C:\WINDOWS\KB2570947.log
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977816$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB950762$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB941569$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-03-12 17:03 - 2014-03-12 17:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-03-12 17:03 - 2014-03-11 13:50 - 00038093 _____ () C:\WINDOWS\KB2859537.log
2014-03-12 17:03 - 2014-03-11 13:50 - 00037198 _____ () C:\WINDOWS\KB2876331.log
2014-03-12 17:03 - 2014-03-11 13:49 - 00037127 _____ () C:\WINDOWS\KB2850869.log
2014-03-12 17:03 - 2014-03-11 13:45 - 00037365 _____ () C:\WINDOWS\KB977816.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00029747 _____ () C:\WINDOWS\KB973904.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00029244 _____ () C:\WINDOWS\KB952287.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00029204 _____ () C:\WINDOWS\KB2868038.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00028819 _____ () C:\WINDOWS\KB2603381.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00027615 _____ () C:\WINDOWS\KB2884256.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00025483 _____ () C:\WINDOWS\KB978695.log
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978695_WM9$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973904$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952287$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2884256$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-03-12 17:02 - 2014-03-12 17:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-03-12 17:02 - 2014-03-11 13:49 - 00038496 _____ () C:\WINDOWS\KB2820917.log
2014-03-12 17:02 - 2014-03-11 13:48 - 00035520 _____ () C:\WINDOWS\KB2893294.log
2014-03-12 17:01 - 2014-03-12 17:01 - 00018599 _____ () C:\WINDOWS\KB952069.log
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB974392$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973540_WM9$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB952069_WM9$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-03-12 17:01 - 2014-03-12 17:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-03-12 17:01 - 2014-03-11 13:49 - 00037685 _____ () C:\WINDOWS\KB2757638.log
2014-03-12 17:01 - 2014-03-11 13:48 - 00030875 _____ () C:\WINDOWS\KB2749655.log
2014-03-12 17:01 - 2014-03-11 13:47 - 00031934 _____ () C:\WINDOWS\KB2508429.log
2014-03-12 17:01 - 2014-03-11 13:47 - 00029748 _____ () C:\WINDOWS\KB971029.log
2014-03-12 17:01 - 2014-03-11 13:46 - 00028261 _____ () C:\WINDOWS\KB2506212.log
2014-03-12 17:01 - 2014-03-11 13:45 - 00030109 _____ () C:\WINDOWS\KB2653956.log
2014-03-12 17:01 - 2014-03-11 13:45 - 00029624 _____ () C:\WINDOWS\KB974392.log
2014-03-12 17:01 - 2014-03-11 13:44 - 00036901 _____ () C:\WINDOWS\KB2419632.log
2014-03-12 16:59 - 2009-12-10 15:21 - 00000000 ____D () C:\Program Files\Microsoft Works
2014-03-12 16:59 - 2009-12-06 06:18 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-03-12 16:58 - 2014-03-12 16:58 - 00000000 ____D () C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft Help
2014-03-12 16:57 - 2014-03-12 16:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB977914$
2014-03-12 16:57 - 2014-03-11 13:46 - 00032934 _____ () C:\WINDOWS\KB977914.log
2014-03-12 16:56 - 2014-03-12 16:56 - 00021170 _____ () C:\WINDOWS\KB2698365.log
2014-03-12 16:56 - 2014-03-12 16:56 - 00019523 _____ () C:\WINDOWS\KB2723135-v2.log
2014-03-12 16:56 - 2014-03-12 16:56 - 00018901 _____ () C:\WINDOWS\KB981997.log
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979482$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979309$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978706$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB978542$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB973815$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB960803$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-03-12 16:56 - 2014-03-12 16:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-03-12 16:56 - 2014-03-11 13:49 - 00026436 _____ () C:\WINDOWS\KB2892075.log
2014-03-12 16:56 - 2014-03-11 13:43 - 00026484 _____ () C:\WINDOWS\KB2705219-v2.log
2014-03-12 16:56 - 2014-03-11 13:43 - 00025809 _____ () C:\WINDOWS\KB2619339.log
2014-03-12 16:56 - 2014-03-11 13:43 - 00025064 _____ () C:\WINDOWS\KB960803.log
2014-03-12 16:56 - 2014-03-11 13:43 - 00024888 _____ () C:\WINDOWS\KB978542.log
2014-03-12 16:56 - 2014-03-11 13:43 - 00024851 _____ () C:\WINDOWS\KB2727528.log
2014-03-12 16:56 - 2014-03-11 13:43 - 00024765 _____ () C:\WINDOWS\KB978706.log
2014-03-12 16:56 - 2014-03-11 13:43 - 00024759 _____ () C:\WINDOWS\KB979482.log
2014-03-12 16:56 - 2014-03-11 13:42 - 00024365 _____ () C:\WINDOWS\KB973815.log
2014-03-12 16:56 - 2014-03-11 13:36 - 00023525 _____ () C:\WINDOWS\KB979309.log
2014-03-12 16:56 - 2009-12-05 22:24 - 00000000 ____D () C:\Program Files\Outlook Express
2014-03-12 16:56 - 2009-12-05 22:24 - 00000000 ____D () C:\Program Files\Movie Maker
2014-03-12 16:55 - 2014-03-12 16:55 - 00017169 _____ () C:\WINDOWS\KB2510531-IE8.log
2014-03-12 16:55 - 2014-03-12 16:55 - 00014801 _____ () C:\WINDOWS\KB2909210-IE8.log
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-03-12 16:55 - 2014-03-12 16:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-03-12 16:55 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-03-12 16:55 - 2014-03-11 13:42 - 00026472 _____ () C:\WINDOWS\KB2676562.log
2014-03-12 16:55 - 2014-03-11 13:42 - 00025863 _____ () C:\WINDOWS\KB2509553.log
2014-03-12 16:55 - 2014-03-11 13:42 - 00025761 _____ () C:\WINDOWS\KB2813345.log
2014-03-12 16:55 - 2014-03-11 13:42 - 00021472 _____ () C:\WINDOWS\KB982665.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00018283 _____ () C:\WINDOWS\KB2393802.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00016668 _____ () C:\WINDOWS\KB923561.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00014913 _____ () C:\WINDOWS\KB2566454.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00014706 _____ () C:\WINDOWS\KB2661637.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00012513 _____ () C:\WINDOWS\KB2914368.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00011891 _____ () C:\WINDOWS\KB2423089.log
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975467$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB968389$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB923561$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-03-12 16:54 - 2014-03-12 16:54 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-03-12 16:54 - 2014-03-11 13:41 - 00020278 _____ () C:\WINDOWS\KB2620712.log
2014-03-12 16:54 - 2014-03-11 13:41 - 00019789 _____ () C:\WINDOWS\KB2584146.log
2014-03-12 16:54 - 2014-03-11 13:40 - 00020582 _____ () C:\WINDOWS\KB975467.log
2014-03-12 16:54 - 2014-03-11 13:39 - 00021106 _____ () C:\WINDOWS\KB968389.log
2014-03-12 16:36 - 2009-12-05 22:52 - 00000000 ____D () C:\WINDOWS\pss
2014-03-12 16:25 - 2014-03-12 16:25 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-03-12 16:25 - 2009-12-10 15:20 - 00000000 ____D () C:\Program Files\MSBuild
2014-03-12 16:24 - 2009-12-06 06:11 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-03-12 16:22 - 2009-12-06 06:11 - 00000000 ____D () C:\WINDOWS\system32\mui
2014-03-12 15:50 - 2009-12-05 22:51 - 00000284 _____ () C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2014-03-12 15:35 - 2013-12-16 13:08 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-12 15:35 - 2011-12-30 10:35 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-12 09:33 - 2009-12-05 22:28 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-03-12 09:29 - 2009-12-06 06:17 - 00000000 ____D () C:\WINDOWS\system32\CatRoot2_201431292917
2014-03-12 08:50 - 2014-03-12 08:50 - 00065566 _____ () C:\ComboFix.txt
2014-03-12 08:50 - 2014-03-12 08:43 - 00000000 ____D () C:\ComboFix
2014-03-12 08:50 - 2014-03-10 09:25 - 00000000 ____D () C:\Qoobox
2014-03-11 16:02 - 2013-12-16 13:33 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-11 14:46 - 2012-03-30 11:09 - 00000000 ____D () C:\Documents and Settings\User\Application Data\SogouPY
2014-03-11 14:42 - 2014-03-07 17:58 - 00000180 _____ () C:\hwsig.log
2014-03-11 14:03 - 2014-03-11 13:49 - 00008340 _____ () C:\WINDOWS\KB2845187.log
2014-03-11 14:03 - 2014-03-11 13:48 - 00008693 _____ () C:\WINDOWS\KB2893984.log
2014-03-11 09:38 - 2014-03-11 09:38 - 00000174 _____ () C:\Documents and Settings\User\defogger_reenable
2014-03-11 09:10 - 2009-12-06 06:17 - 01047179 _____ () C:\WINDOWS\setupapi.log.0.old
2014-03-11 08:23 - 2009-12-06 06:11 - 00000000 ____D () C:\WINDOWS\Help
2014-03-10 10:00 - 2009-12-08 14:13 - 00000000 ____D () C:\UBSSTK94
2014-03-10 09:32 - 2014-03-10 09:25 - 00000000 ____D () C:\WINDOWS\erdnt
2014-03-10 09:27 - 2014-03-10 09:27 - 00000000 _RSHD () C:\cmdcons
2014-03-08 15:07 - 2014-03-08 14:58 - 00011889 _____ () C:\Documents and Settings\User\Desktop\Book2a.xlsx
2014-03-07 10:22 - 2014-03-07 10:22 - 00000000 ____D () C:\Program Files\ESET
2014-03-07 09:15 - 2009-12-05 22:24 - 00000000 ____D () C:\WINDOWS\system32\Restore
2014-03-05 10:13 - 2014-03-05 10:13 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-03-05 10:09 - 2014-03-05 09:33 - 00000000 ____D () C:\AdwCleaner
2014-03-05 10:09 - 2013-04-02 10:33 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\搜狗拼音输入法
2014-03-04 17:57 - 2014-03-04 10:22 - 00227455 _____ () C:\Documents and Settings\User\Desktop\CONTAINA - SCHEDULE.xlsx
2014-03-03 13:59 - 2014-03-03 13:59 - 00000000 __SHD () C:\Documents and Settings\User\IECompatCache
2014-03-03 10:28 - 2014-03-03 10:28 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-03-03 10:28 - 2014-03-03 10:28 - 00000000 ____D () C:\Documents and Settings\User\Local Settings\Application Data\Skype
2014-03-03 10:28 - 2014-03-03 10:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Skype
2014-03-03 10:28 - 2010-08-23 10:47 - 00000000 ___RD () C:\Program Files\Skype
2014-03-03 10:28 - 2010-08-23 10:47 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Skype
2014-03-03 10:10 - 2014-01-23 08:56 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-03-03 09:58 - 2014-03-03 09:58 - 00000000 ____D () C:\Documents and Settings\User\Application Data\Malwarebytes
2014-03-03 09:57 - 2014-03-03 09:57 - 00000796 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-03 09:57 - 2014-03-03 09:57 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-03-03 09:57 - 2014-03-03 09:57 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2014-03-03 09:57 - 2014-03-03 09:57 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2014-03-01 12:26 - 2014-03-10 09:27 - 00000245 _____ () C:\Boot.bak
2014-03-01 12:26 - 2014-01-09 11:02 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2014-03-01 10:32 - 2014-03-01 10:32 - 00000000 ____D () C:\Program Files\ERUNT
2014-03-01 10:32 - 2014-03-01 10:32 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\ERUNT
2014-02-24 19:46 - 2014-03-12 13:45 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xpshims.dll
2014-02-24 19:46 - 2009-12-05 22:25 - 00759296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\vgx.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 06022144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtml.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 06022144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 01216000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\urlmon.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 01216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00920064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wininet.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00611840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstime.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstime.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00206848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\occache.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\url.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00067072 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mshtmled.dll
2014-02-24 19:46 - 2006-02-28 20:00 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-02-24 19:45 - 2014-03-12 13:45 - 00743424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedvtool.dll
2014-02-24 19:45 - 2014-03-12 13:45 - 00522240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsdbgui.dll
2014-02-24 19:45 - 2014-03-12 13:45 - 00247808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieproxy.dll
2014-02-24 19:45 - 2009-12-05 23:14 - 11113472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ieframe.dll
2014-02-24 19:45 - 2009-12-05 23:14 - 02006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iertutil.dll
2014-02-24 19:45 - 2009-12-05 23:14 - 00630272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeeds.dll
2014-02-24 19:45 - 2009-12-05 23:14 - 00055296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2014-02-24 19:45 - 2007-08-13 18:54 - 11113472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-24 19:45 - 2007-08-13 18:54 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-24 19:45 - 2007-08-13 18:54 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-02-24 19:45 - 2007-08-13 18:34 - 02006016 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 01469440 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inetcpl.cpl
2014-02-24 19:45 - 2006-02-28 20:00 - 01469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-24 19:45 - 2006-02-28 20:00 - 00387584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iedkcs32.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00184320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\iepeers.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\licmgr10.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jsproxy.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\corpol.dll
2014-02-24 19:45 - 2006-02-28 20:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\corpol.dll
2014-02-24 18:54 - 2006-02-28 20:00 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-02-24 16:24 - 2006-02-28 20:00 - 00174592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ie4uinit.exe
2014-02-24 16:24 - 2006-02-28 20:00 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-20 08:43 - 2014-02-20 08:38 - 00048640 _____ () C:\Documents and Settings\User\Desktop\2002020141_Bong_PriceComfirmation.xls
2014-02-19 14:34 - 2014-02-19 14:34 - 00940794 _____ () C:\WINDOWS\system32\LoopyMusic.wav
2014-02-19 14:34 - 2014-02-19 14:34 - 00146650 _____ () C:\WINDOWS\system32\BuzzingBee.wav
2014-02-17 14:15 - 2013-04-25 11:04 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-02-17 12:20 - 2014-02-17 12:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================
Click to expand...

i believe that should be all
 
Did you install Youdao?
Did you set Chrome home page to CHR HomePage to : start.iplay.com/ ?

~~~~~~~~~~~~~~~~~~~~~~~~~
Please go to one of the below sites to scan the following files:
Virus Total (Recommended)
jotti.org
VirScan
click on Browse, and upload the following file for analysis:

C:\windows\system32\drivers\csdriver.sys


Then click Submit. Allow the file to be scanned, and then please copy and paste the results link (for Virus Total) here for me to see.
If it says already scanned -- click "reanalyze now"
Please post the results in your next reply.

~~~~~~~~~~~~~~~~~~~~~~~~~`

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.
It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

start
S4 jcjymt;
C:\WINDOWS\system32\lvuwppj.dll
C:\WINDOWS\Tasks\Norton Security Scan for User.job
Reboot:
end
Click to expand...
Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.


Please post
scan results for csdriver.sys
Fixlog.txt

Please update me on how the computer is at the moment.
 
I believe the PC is fix, I have yet come across the sound which Avast! made when it encounter a virus.
Eventho it has longer PC boot up time, comparing to the time before I came to the forum for help.

I didnt install Youdao, maybe it was my Aunt who installed it(accidentally or not), she still uses firefox.
and no i set Google Chrome homepage as empty URL which shows a google search bar, some popular recently visited web tabs and options for which you could pick whether to search google images or uses gmail


the csdriver file is actually a tool for typing chinese characters all the way back from window 98.
but non the less here's the information that i got after the virus total scan

SHA256: 6778e38c32f5fa441befab83a6de944b59129ecf8c139afd7a7cc968fb67a7af
File name: csdriver.sys
Detection ratio: 0 / 49
Analysis date: 2014-03-18 01:59:39 UTC ( 0 minutes ago )

Authenticode signature block
Copyright Copyright (C) Chinese Star Ltd.
Publisher Beijing Chinese Star Cyber Technology Limited
Product csdriver
Original name csdriver.sys
Internal name csdriver.sys
File version 1.00.1000.1
Description CStar Driver

PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2002-05-24 01:39:31
Entry Point 0x0000046E
Number of sections 7

Name Virtual address Virtual size Raw size Entropy MD5
.text 736 15818 15840 6.22 1ec3a480a685469d1cd0b9ff62d987f3
.rdata 16576 16279 16288 4.49 72096ce946d1e704c18f0787e5fae7c5
.data 32864 1240 1248 2.46 5e11529959dfb1cbc16392a2d6947e34
CODE_PAG 34112 4 32 0.00 70bc8f4b72a86921468bf8e8441dce51
INIT 34144 608 608 4.98 03ffe1909e8ac63adcf5de2125e241b1
.rsrc 34752 1032 1056 3.20 4a1e5b29552b62b572a87d128c743ff1
.reloc 35808 3480 3488 6.60 6da9975e30f09786ecfb4e79c1c0d02e

PE imports
[+] HAL.dll
KfAcquireSpinLock
KfReleaseSpinLock
[+] ntoskrnl.exe
MmUnmapIoSpace
MmMapIoSpace
IoAllocateMdl
IofCompleteRequest
IoCreateSymbolicLink
IoDeleteSymbolicLink
RtlAnsiStringToUnicodeString
IoCreateDevice
RtlInitUnicodeString
MmProbeAndLockPages
IoDeleteDevice
MmGetPhysicalAddress
DbgPrint
sprintf
ExFreePool
MmIsAddressValid
KeInitializeSpinLock
ExAllocatePoolWithTag
IoFreeMdl
MmUnlockPages


Number of PE resources by type
RT_VERSION 1
Number of PE resources by language
CHINESE SIMPLIFIED 1
ExifTool file metadata
SubsystemVersion 5.0
LinkerVersion 5.12
ImageVersion 5.0
FileSubtype 0
FileVersionNumber 1.0.1000.1
UninitializedDataSize 0
LanguageCode English (U.S.)
FileFlagsMask 0x003f
CharacterSet Unicode
InitializedDataSize 22112
FileOS Windows NT 32-bit
MIMEType application/octet-stream
LegalCopyright Copyright (C) Chinese Star Ltd.
FileVersion 1.00.1000.1
TimeStamp 2002:05:24 02:39:31+01:00
FileType Win32 EXE
PEType PE32
InternalName csdriver.sys
FileAccessDate 2014:03:18 02:59:43+01:00
ProductVersion 1.00.1000.1
FileDescription CStar Driver
OSVersion 5.0
FileCreateDate 2014:03:18 02:59:43+01:00
OriginalFilename csdriver.sys
Subsystem Native
MachineType Intel 386 or later, and compatibles
CompanyNameBeijing Chinese Star Cyber Technology Limited
CodeSize 16448
ProductName csdriver
ProductVersionNumber 1.0.1000.1
EntryPoint 0x046e
ObjectFileType Dynamic link library



MD5 0d15988b79de14c0ebf145a12137fec6
SHA1 d2e0a969849d8e32b2b678785fa14910522a2397
SHA256 6778e38c32f5fa441befab83a6de944b59129ecf8c139afd7a7cc968fb67a7af
ssdeep 768:gYAhNB1uSQlKWjmQmlT6aVQlOIQGPfnQoUoobbpKk9cPT5oc9NTfCMnY14:pAhNB1uHlJrmd6aVQwaPfQo/Ybf9CT57
imphash ee3d9ed372851e2ffadaa770c2e8e8e0
File size 39.7 KB ( 40623 bytes )
File type Win32 EXE
Magic literal PE32 executable for MS Windows (native) Intel 80386 32-bit
TrID Win32 Dynamic Link Library (generic) (43.5%)
Win32 Executable (generic) (29.8%)
Generic Win/DOS Executable (13.2%)
DOS Executable Generic (13.2%)
Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
Tags peexe native

VirusTotal metadata
First submission 2010-01-26 18:23:39 UTC ( 4 years, 1 month ago )
Last submission 2014-03-18 01:59:39 UTC ( 8 minutes ago )
File names csdriver.sys
Click to expand...

here are the FRST fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-03-2014 01
Ran by User at 2014-03-18 10:12:51 Run:3
Running from C:\Documents and Settings\User\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
S4 jcjymt;
C:\WINDOWS\system32\lvuwppj.dll
C:\WINDOWS\Tasks\Norton Security Scan for User.job
Reboot:
end
*****************

jcjymt => Service deleted successfully.
"C:\WINDOWS\system32\lvuwppj.dll" => File/Directory not found.
C:\WINDOWS\Tasks\Norton Security Scan for User.job => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====
Click to expand...
 
here are the most recent aswMBR scanlog

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2014-03-18 10:46:02
-----------------------------
10:46:02.468 OS Version: Windows 5.1.2600 Service Pack 3
10:46:02.468 Number of processors: 2 586 0x170A
10:46:02.468 ComputerName: CINDY UserName: User
10:46:02.750 Initialize success
10:46:05.609 AVAST engine defs: 14031701
10:46:08.296 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-6
10:46:08.296 Disk 0 Vendor: WDC_WD1600AAJS-08L7A0 03.03E03 Size: 152627MB BusType: 3
10:46:08.609 Disk 0 MBR read successfully
10:46:08.609 Disk 0 MBR scan
10:46:08.609 Disk 0 Windows XP default MBR code
10:46:08.609 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 76308 MB offset 63
10:46:08.609 Disk 0 Partition - 00 0F Extended LBA 76308 MB offset 156280320
10:46:08.625 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 76308 MB offset 156280383
10:46:08.625 Disk 0 scanning sectors +312560640
10:46:08.703 Disk 0 scanning C:\WINDOWS\system32\drivers
10:46:15.875 Service scanning
10:46:28.109 Modules scanning
10:46:31.109 Disk 0 trace - called modules:
10:46:31.140 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
10:46:31.140 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a5fdab8]
10:46:31.156 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000067[0x8a536f18]
10:46:31.156 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-6[0x8a5a9d98]
10:46:31.359 AVAST engine scan C:\WINDOWS
10:46:45.843 AVAST engine scan C:\WINDOWS\system32
10:48:19.796 AVAST engine scan C:\WINDOWS\system32\drivers
10:48:30.453 AVAST engine scan C:\Documents and Settings\User
10:53:01.031 AVAST engine scan C:\Documents and Settings\All Users
10:54:44.062 Scan finished successfully
10:58:36.937 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\User\Desktop\MBR.dat"
10:58:36.937 The log file has been saved successfully to "C:\Documents and Settings\User\Desktop\aswMBR.txt"
Click to expand...
 
Then it's good news.

A couple of things to check.

Please run this security check for my review.

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

~~~~~~~~~~~~~~~~~~~~~~~~~~

Download HijackThis
  • Go Here to download HijackThis program
  • Save HijackThis to your desktop.
  • Right Click on Hijackthis and select "Run as Admin" (XP users just need to double click to run)
  • Click on "Do A system scan and save a logfile" (if you do not see "Do A system scan and save a logfile" then click on main menu)
  • copy and paste hijackthis report into the topic



In your next post I need the following
checkup.txt
report from Hijackthis
 
here are the checkup.txt

Results of screen317's Security Check version 0.99.80
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Spybot - Search & Destroy
Malwarebytes Anti-Malware version 1.75.0.1300
Java(TM) 6 Update 6
Java version out of Date!
Adobe Flash Player 12.0.0.77
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (27.0.1)
Google Chrome 33.0.1750.146
Google Chrome 33.0.1750.154
````````Process Check: objlist.exe by Laurent````````
Spybot Teatimer.exe is disabled!
Malwarebytes' Anti-Malware mbamscheduler.exe
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
Click to expand...

here are the hijackthis.log
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:45:22 AM, on 19/03/2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\User\Desktop\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {309E27CA-1FDC-4AD2-A3AA-0FF47085E5A6} (PLUGIN Control) - http://192.168.1.144/IEPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1260026980718
O16 - DPF: {6F80BF27-CB16-4589-8C6A-DB422AAB2ED9} (HEM Video Decoder) - http://192.168.1.144/vcredist_x86.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{B6DDFB53-6BC9-4B06-8CDE-B73327CE27D9}: NameServer = 208.67.222.222,208.67.220.220
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

--
End of file - 11654 bytes
Click to expand...
 
Java(TM) 6 Update 6 <-- Uninstall this outdated version


Install Java:

Please go here to install Java
  • click on the Free Java Download Button
  • click on Agree and start Free download
  • click on Run
  • click on run again
  • click on install
  • when install is complete click on close

Update Adobe reader

Recently there have been vulnerabilities detected in older versions of Adobe Reader. It is strongly suggested that you update to the current version.

You can download it from http://www.adobe.com/products/acrobat/readstep2.html
After installing the latest Adobe Reader, uninstall all previous versions.
If you already have Adobe Photoshop® Album Starter Edition installed or do not wish to have it installed UNcheck the box which says Also Download Adobe Photoshop® Album Starter Edition.
  • If you don't like Adobe Reader (53 MB), you can download Foxit PDF Reader(7 MB) from here. It's a much smaller file to download and uses a lot less resources than Adobe Reader.

    Note: When installing FoxitReader, be careful not to install anything to do with AskBar.

~~~~~~~~~~~~~~~`

Open HijackThis, Click Do a system scan only, checkmark these. Then close all other windows and browsers except HijackThis and press fix checked.

O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart


Now reboot the computer to set the registry.

~~~~~~~~~~~~~~~~~~~~~~~

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.
Paste this into the open notepad. save it to the Desktop as fixlist.txt
NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Run FRST/FRST64 and press the Fix button just once and wait.
no needed to post the log this time.

start
DeleteQuarantine:
end
Click to expand...

~~~~~~~~~~~~~~~~


Don't miss or skip this next step, this will remove malicious files from quarantine and set a clean restore point.

Go to Start > Run > copy and paste the full text path in the run box

ComboFix /Uninstall

Note the space between the x and the /U, it needs to be there.

~~~~~~~~~~~~~~~~~~~~~

  1. Download Delfix from here
  2. Ensure Remove disinfection tools is ticked
    Also tick:
    • Create registry backup
    • Purge system restore
    delfix.jpg

  3. Click Run



Any other tools and files found can simply be deleted or uninstall via Add/Remove Programs in the Control Panel etc.

~~~~~~~~~~~~~~~~~~~~~~~~~

Your good to go, good job!

Please take the time to read over a few of my preventive tips.

Computer Security
http://malwareremoval.com/forum/viewtopic.php?p=557960#p557960
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Be prepared for CryptoLocker:

Cryptolocker Ransomware: What You Need To Know

CryptoLocker Ransomware Information Guide and FAQ

to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

CryptoPrevent.JPG


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Please navigate to Microsoft Windows Updates and download all the "Critical Updates" for Windows.


Firefox 3
The award-winning Web browser is now faster, more secure, and fully customizable to your online life. With Firefox 3, added powerful new features that make your online experience even better. It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
*NoScript - Addon for Firefox that stops all scripts from running on websites. Stops malicious software from invading via flash, java, javascript, and many other entry points.

AdblockPlus
  • AdblockPlus, Surf the web without annoying ads!
  • Blocks banners, pop-ups and video ads - even on Facebook and YouTube
  • Protects your online privacy
  • Two-click installation, It's free!
  • click the icon that corresponds to your browser and download.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
WOT Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites - green to go, yellow for caution and red to stop, helping you avoid the dangerous sites. WOT has an addon available for both Firefox and IE.
  • Green should be good to go
  • Yellow for caution
  • Red to stop



~~~~~~~~~~~~~~~~~~~~~~~~~~~~
How to prevent Malware: Created by Miekiemoes


WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article (http://www.forbes.com/sites/eliseackerman/2013/01/11/us-department-of-homeland-security-calls-on-computer-users-to-disable-java/
and this article (http://www.nbcnews.com/technology/technolog/us-warns-java-software-security-concerns-escalate-1B7938755

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser (http://www.geekstogo.com/2600/how-to-disable-java-in-your-web-browser/) and How to unplug Java from the browser ([url]http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/))[/url]


Avoid P2P

P2P may be a great way to get lots of stuffs, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

*********************************************
Please read the following safe computing articles..

Secure My Computer: A Layered Approach


Free Antivirus-AntiSpyware-Firewall Software

Keep a backup of your important files - Now, more than ever, it's especially important to protect your digital files and memories. This article is full of good information on alternatives for home backup solutions.
 
Thank you Juliet for Everything :):):):)
I am now going to read through all the links provided.

While at the mean time, and since PC1 i believe is now clean from Viruses.
I will now prep my PC2 for a new thread soon.


Very much appreciated!!
 
Glad we could help. :)
sparkle.gif


Since this issue appears resolved ... this Topic is closed.
 
Status
Not open for further replies.
Back
Top