Infected with svchost.exe virus

[boboso]

Hello, I've seen several other threads with similar issues, so I imagine this is a common problem. All of the other threads suggested having someone to help before making any rash decisions, so here I am. Basically, I have an svchost.exe process that starts to eat up memory at a rapid pace, and my Avast anti-virus occasionally notifies me that it has blocked a malicious website from opening. Any help would be appreciated, thank you!

[MrCharlie]

Welcome to the forum, please start at the link below:

http://forums.malwar...?showtopic=9573

Post back the 2 logs here.....DDS.txt and Attach.txt

<====><====><====><====><====><====><====><====>

Next.......

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[boboso]

I ran the DDS scan, but RogueKiller gave me the blue screen of death when I tried to run it. I've attached the logs from DDS.

Thank you very much for helping out!

attach.txt

dds.txt

[MrCharlie]

Please download the latest version of TDSSKiller from here and save it to your Desktop.

• Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  
  
• Put a checkmark beside loaded modules.
  
  
• A reboot will be needed to apply the changes. Do it.
  
• TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  
• Then click on Change parameters in TDSSKiller.
  
• Check all boxes then click OK.
  
  
• Click the Start Scan button.
  
  
• The scan should take no longer than 2 minutes.
  
• If a suspicious object is detected, the default action will be Skip, click on Continue.
  
  
• If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  
  Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  
• A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  

MrC

[boboso]

12:15:29.0687 1400 TDSS rootkit removing tool 2.8.7.0 Aug 20 2012 17:30:03

12:15:31.0593 1400 ============================================================

12:15:31.0593 1400 Current date / time: 2012/08/20 12:15:31.0593

12:15:31.0593 1400 SystemInfo:

12:15:31.0593 1400

12:15:31.0593 1400 OS Version: 5.1.2600 ServicePack: 3.0

12:15:31.0593 1400 Product type: Workstation

12:15:31.0593 1400 ComputerName: ASIANMAN1

12:15:31.0593 1400 UserName: Asian Man Records

12:15:31.0593 1400 Windows directory: C:\WINDOWS

12:15:31.0593 1400 System windows directory: C:\WINDOWS

12:15:31.0593 1400 Processor architecture: Intel x86

12:15:31.0593 1400 Number of processors: 2

12:15:31.0593 1400 Page size: 0x1000

12:15:31.0593 1400 Boot type: Normal boot

12:15:31.0593 1400 ============================================================

12:15:46.0296 1400 BG loaded

12:15:53.0218 1400 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000058

12:15:53.0359 1400 ============================================================

12:15:53.0359 1400 \Device\Harddisk0\DR0:

12:15:53.0484 1400 MBR partitions:

12:15:53.0484 1400 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x23CFB518

12:15:53.0484 1400 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23CFB557, BlocksNum 0x173216A

12:15:53.0484 1400 ============================================================

12:15:55.0187 1400 C: <-> \Device\Harddisk0\DR0\Partition1

12:15:56.0562 1400 H: <-> \Device\Harddisk0\DR0\Partition2

12:15:57.0093 1400 ============================================================

12:15:57.0093 1400 Initialize success

12:15:57.0093 1400 ============================================================

12:16:19.0437 3392 ============================================================

12:16:19.0437 3392 Scan started

12:16:19.0437 3392 Mode: Manual; SigCheck; TDLFS;

12:16:19.0437 3392 ============================================================

12:16:25.0250 3392 ================ Scan system memory ========================

12:16:25.0250 3392 System memory - ok

12:16:25.0250 3392 ================ Scan services =============================

12:16:27.0406 3392 [ 0B27AE82C113D3687024D18459440426 ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys

12:16:28.0828 3392 Aavmker4 - ok

12:16:28.0828 3392 Abiosdsk - ok

12:16:28.0828 3392 abp480n5 - ok

12:16:28.0890 3392 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys

12:17:00.0484 3392 ACPI - ok

12:17:00.0515 3392 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys

12:17:00.0640 3392 ACPIEC - ok

12:17:00.0671 3392 [ 73685E15EF8B0BD9C30F1AF413F13D49 ] adfs C:\WINDOWS\system32\drivers\adfs.sys

12:17:00.0687 3392 adfs - ok

12:17:00.0703 3392 adpu160m - ok

12:17:00.0750 3392 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys

12:17:00.0906 3392 aec - ok

12:17:00.0937 3392 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys

12:17:01.0046 3392 AFD - ok

12:17:01.0046 3392 Aha154x - ok

12:17:01.0046 3392 aic78u2 - ok

12:17:01.0062 3392 aic78xx - ok

12:17:01.0109 3392 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll

12:17:01.0250 3392 Alerter - ok

12:17:01.0281 3392 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe

12:17:01.0359 3392 ALG - ok

12:17:01.0375 3392 AliIde - ok

12:17:01.0375 3392 amsint - ok

12:17:01.0640 3392 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:17:01.0656 3392 Apple Mobile Device - ok

12:17:01.0718 3392 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll

12:17:01.0796 3392 AppMgmt - ok

12:17:01.0812 3392 [ B5B8A80875C1DEDEDA8B02765642C32F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys

12:17:01.0937 3392 Arp1394 - ok

12:17:01.0937 3392 asc - ok

12:17:01.0953 3392 asc3350p - ok

12:17:01.0953 3392 asc3550 - ok

12:17:02.0187 3392 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe

12:17:02.0390 3392 aspnet_state - ok

12:17:02.0437 3392 [ 1C1F3D6DDDC046C920C493A779649F66 ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys

12:17:02.0453 3392 aswFsBlk - ok

12:17:02.0484 3392 [ B5AAA12631877731A253E44202FFC5BC ] aswFW C:\WINDOWS\system32\drivers\aswFW.sys

12:17:02.0500 3392 aswFW - ok

12:17:02.0515 3392 [ 088BE3EC42010310FE867F874B6FEDF2 ] aswKbd C:\WINDOWS\system32\drivers\aswKbd.sys

12:17:02.0546 3392 aswKbd - ok

12:17:02.0562 3392 [ 9E912FE7B41650701EF2B227ACA440F3 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys

12:17:02.0578 3392 aswMon2 - ok

12:17:02.0609 3392 [ 7B948E3657BEA62E437BC46CA6EF6012 ] aswNdis C:\WINDOWS\system32\DRIVERS\aswNdis.sys

12:17:02.0625 3392 aswNdis - ok

12:17:02.0656 3392 [ 0127263DFC8C4216C085338CE0C047C3 ] aswNdis2 C:\WINDOWS\system32\drivers\aswNdis2.sys

12:17:02.0703 3392 aswNdis2 - ok

12:17:02.0734 3392 [ 982E275D1C5801042FE94209FB0160FB ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys

12:17:02.0750 3392 AswRdr - ok

12:17:02.0796 3392 [ 73DBCF808E00580F2A47F93DD9B03876 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys

12:17:02.0843 3392 aswSnx - ok

12:17:02.0890 3392 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys

12:17:02.0921 3392 aswSP - ok

12:17:02.0953 3392 [ 7109A9AA551F37CD168C02368465957E ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys

12:17:02.0968 3392 aswTdi - ok

12:17:03.0015 3392 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys

12:17:03.0140 3392 AsyncMac - ok

12:17:03.0187 3392 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys

12:17:03.0359 3392 atapi - ok

12:17:03.0359 3392 Atdisk - ok

12:17:03.0390 3392 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys

12:17:03.0562 3392 Atmarpc - ok

12:17:03.0593 3392 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll

12:17:03.0750 3392 AudioSrv - ok

12:17:03.0781 3392 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys

12:17:03.0921 3392 audstub - ok

12:17:04.0031 3392 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe

12:17:04.0046 3392 avast! Antivirus - ok

12:17:04.0078 3392 [ 465A17095EB3B9E101429B669F495D01 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe

12:17:04.0109 3392 avast! Firewall - ok

12:17:04.0156 3392 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys

12:17:04.0296 3392 Beep - ok

12:17:04.0390 3392 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll

12:17:04.0609 3392 BITS - ok

12:17:04.0937 3392 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

12:17:04.0953 3392 Bonjour Service - ok

12:17:05.0015 3392 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll

12:17:05.0187 3392 Browser - ok

12:17:05.0203 3392 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys

12:17:05.0359 3392 cbidf2k - ok

12:17:05.0359 3392 cd20xrnt - ok

12:17:05.0375 3392 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys

12:17:05.0546 3392 Cdaudio - ok

12:17:05.0609 3392 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys

12:17:05.0750 3392 Cdfs - ok

12:17:05.0812 3392 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys

12:17:05.0968 3392 Cdrom - ok

12:17:05.0968 3392 Changer - ok

12:17:06.0015 3392 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe

12:17:06.0156 3392 CiSvc - ok

12:17:06.0203 3392 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe

12:17:06.0343 3392 ClipSrv - ok

12:17:06.0406 3392 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

12:17:06.0890 3392 clr_optimization_v2.0.50727_32 - ok

12:17:06.0906 3392 CmdIde - ok

12:17:06.0906 3392 COMSysApp - ok

12:17:06.0921 3392 Cpqarray - ok

12:17:06.0984 3392 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll

12:17:07.0156 3392 CryptSvc - ok

12:17:07.0156 3392 dac2w2k - ok

12:17:07.0156 3392 dac960nt - ok

12:17:07.0281 3392 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll

12:17:07.0359 3392 DcomLaunch - ok

12:17:07.0421 3392 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll

12:17:07.0546 3392 Dhcp - ok

12:17:07.0609 3392 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys

12:17:07.0750 3392 Disk - ok

12:17:07.0750 3392 dmadmin - ok

12:17:08.0015 3392 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys

12:17:08.0593 3392 dmboot - ok

12:17:08.0687 3392 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys

12:17:08.0828 3392 dmio - ok

12:17:08.0843 3392 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys

12:17:08.0984 3392 dmload - ok

12:17:09.0015 3392 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll

12:17:09.0171 3392 dmserver - ok

12:17:09.0203 3392 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys

12:17:09.0328 3392 DMusic - ok

12:17:09.0359 3392 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll

12:17:09.0390 3392 Dnscache - ok

12:17:09.0421 3392 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll

12:17:09.0593 3392 Dot3svc - ok

12:17:09.0625 3392 [ BD05306428DA63369692477DDC0F6F5F ] Dot4Scan C:\WINDOWS\system32\DRIVERS\Dot4Scan.sys

12:17:09.0765 3392 Dot4Scan - ok

12:17:09.0765 3392 dpti2o - ok

12:17:09.0812 3392 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys

12:17:09.0937 3392 drmkaud - ok

12:17:09.0968 3392 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll

12:17:10.0109 3392 EapHost - ok

12:17:10.0125 3392 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll

12:17:10.0265 3392 ERSvc - ok

12:17:10.0312 3392 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe

12:17:10.0343 3392 Eventlog - ok

12:17:10.0390 3392 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll

12:17:10.0421 3392 EventSystem - ok

12:17:10.0484 3392 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys

12:17:10.0593 3392 Fastfat - ok

12:17:10.0625 3392 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll

12:17:10.0687 3392 FastUserSwitchingCompatibility - ok

12:17:10.0718 3392 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys

12:17:10.0843 3392 Fdc - ok

12:17:10.0875 3392 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys

12:17:10.0984 3392 Fips - ok

12:17:11.0046 3392 [ 1F63900E2EB00101B9ACA2B7A870704E ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

12:17:11.0078 3392 FLEXnet Licensing Service - ok

12:17:11.0078 3392 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys

12:17:11.0218 3392 Flpydisk - ok

12:17:11.0265 3392 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys

12:17:11.0375 3392 FltMgr - ok

12:17:11.0453 3392 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe

12:17:11.0468 3392 FontCache3.0.0.0 - ok

12:17:11.0468 3392 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys

12:17:11.0625 3392 Fs_Rec - ok

12:17:11.0625 3392 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys

12:17:11.0765 3392 Ftdisk - ok

12:17:11.0812 3392 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys

12:17:11.0812 3392 GEARAspiWDM - ok

12:17:11.0859 3392 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys

12:17:12.0000 3392 Gpc - ok

12:17:12.0109 3392 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe

12:17:12.0109 3392 gupdate - ok

12:17:12.0125 3392 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe

12:17:12.0140 3392 gupdatem - ok

12:17:12.0187 3392 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys

12:17:12.0312 3392 HDAudBus - ok

12:17:12.0390 3392 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll

12:17:12.0531 3392 helpsvc - ok

12:17:12.0546 3392 HidServ - ok

12:17:12.0656 3392 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll

12:17:12.0781 3392 hkmsvc - ok

12:17:12.0828 3392 [ 9E3944A558AB84853EF985988E23A8A4 ] HPFXBULK C:\WINDOWS\system32\drivers\hpfxbulk.sys

12:17:12.0843 3392 HPFXBULK - ok

12:17:12.0859 3392 hpn - ok

12:17:12.0906 3392 [ 390920E11D7729A7B98799EBE20E38FB ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll

12:17:12.0937 3392 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning

12:17:12.0937 3392 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)

12:17:12.0953 3392 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys

12:17:12.0984 3392 HPZid412 - ok

12:17:12.0984 3392 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys

12:17:13.0000 3392 HPZipr12 - ok

12:17:13.0062 3392 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys

12:17:13.0078 3392 HPZius12 - ok

12:17:13.0125 3392 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys

12:17:13.0140 3392 HTTP - ok

12:17:13.0203 3392 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll

12:17:13.0312 3392 HTTPFilter - ok

12:17:13.0328 3392 i2omgmt - ok

12:17:13.0328 3392 i2omp - ok

12:17:13.0390 3392 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys

12:17:13.0500 3392 i8042prt - ok

12:17:13.0593 3392 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

12:17:13.0656 3392 idsvc - ok

12:17:13.0687 3392 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys

12:17:13.0828 3392 Imapi - ok

12:17:13.0843 3392 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe

12:17:13.0968 3392 ImapiService - ok

12:17:13.0984 3392 ini910u - ok

12:17:14.0078 3392 [ 41EF008D7B089CE6F5F2E4A61D5638E6 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys

12:17:14.0218 3392 IntcAzAudAddService - ok

12:17:14.0218 3392 IntelIde - ok

12:17:14.0234 3392 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys

12:17:14.0359 3392 Ip6Fw - ok

12:17:14.0390 3392 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys

12:17:14.0531 3392 IpFilterDriver - ok

12:17:14.0531 3392 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys

12:17:14.0640 3392 IpInIp - ok

12:17:14.0687 3392 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys

12:17:14.0796 3392 IpNat - ok

12:17:14.0859 3392 [ F62C69376A95795FE7CDB1C778EDACA4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

12:17:14.0890 3392 iPod Service - ok

12:17:14.0937 3392 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys

12:17:15.0062 3392 IPSec - ok

12:17:15.0109 3392 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys

12:17:15.0156 3392 IRENUM - ok

12:17:15.0171 3392 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys

12:17:15.0296 3392 isapnp - ok

12:17:15.0390 3392 [ 0A5709543986843D37A92290B7838340 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe

12:17:15.0406 3392 JavaQuickStarterService - ok

12:17:15.0453 3392 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys

12:17:15.0593 3392 Kbdclass - ok

12:17:15.0656 3392 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys

12:17:15.0812 3392 kmixer - ok

12:17:15.0875 3392 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys

12:17:15.0937 3392 KSecDD - ok

12:17:15.0968 3392 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll

12:17:16.0000 3392 LanmanServer - ok

12:17:16.0078 3392 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll

12:17:16.0109 3392 lanmanworkstation - ok

12:17:16.0125 3392 lbrtfdc - ok

12:17:16.0187 3392 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll

12:17:16.0343 3392 LmHosts - ok

12:17:16.0484 3392 [ F453D1E6D881E8F8717E20CCD4199E85 ] McComponentHostService C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

12:17:16.0500 3392 McComponentHostService - ok

12:17:16.0515 3392 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll

12:17:16.0687 3392 Messenger - ok

12:17:16.0906 3392 [ 7C4C76B39D5525C4A465E0BE32528E19 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe

12:17:17.0000 3392 Microsoft Office Groove Audit Service - ok

12:17:17.0062 3392 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys

12:17:17.0203 3392 mnmdd - ok

12:17:17.0328 3392 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe

12:17:17.0500 3392 mnmsrvc - ok

12:17:17.0515 3392 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys

12:17:17.0671 3392 Modem - ok

12:17:17.0703 3392 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys

12:17:17.0859 3392 Mouclass - ok

12:17:17.0890 3392 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys

12:17:18.0062 3392 MountMgr - ok

12:17:18.0125 3392 [ C1B935882344F9DB73168611EBDA1C11 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

12:17:18.0187 3392 MozillaMaintenance - ok

12:17:18.0187 3392 mraid35x - ok

12:17:18.0281 3392 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys

12:17:18.0421 3392 MRxDAV - ok

12:17:18.0531 3392 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys

12:17:18.0578 3392 MRxSmb - ok

12:17:18.0656 3392 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe

12:17:18.0796 3392 MSDTC - ok

12:17:18.0859 3392 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys

12:17:19.0000 3392 Msfs - ok

12:17:19.0015 3392 MSIServer - ok

12:17:19.0093 3392 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys

12:17:19.0265 3392 MSKSSRV - ok

12:17:19.0296 3392 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys

12:17:19.0453 3392 MSPCLOCK - ok

12:17:19.0484 3392 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys

12:17:19.0656 3392 MSPQM - ok

12:17:19.0703 3392 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys

12:17:19.0843 3392 mssmbios - ok

12:17:19.0906 3392 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys

12:17:19.0921 3392 Mup - ok

12:17:19.0968 3392 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll

12:17:20.0171 3392 napagent - ok

12:17:20.0218 3392 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys

12:17:20.0390 3392 NDIS - ok

12:17:20.0421 3392 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys

12:17:20.0468 3392 NdisTapi - ok

12:17:20.0500 3392 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys

12:17:20.0640 3392 Ndisuio - ok

12:17:20.0687 3392 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys

12:17:20.0828 3392 NdisWan - ok

12:17:20.0859 3392 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys

12:17:20.0890 3392 NDProxy - ok

12:17:20.0937 3392 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys

12:17:21.0109 3392 NetBIOS - ok

12:17:21.0140 3392 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys

12:17:21.0281 3392 NetBT - ok

12:17:21.0312 3392 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe

12:17:21.0468 3392 NetDDE - ok

12:17:21.0484 3392 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe

12:17:21.0609 3392 NetDDEdsdm - ok

12:17:21.0640 3392 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe

12:17:21.0796 3392 Netlogon - ok

12:17:21.0843 3392 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll

12:17:22.0015 3392 Netman - ok

12:17:22.0031 3392 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

12:17:22.0046 3392 NetTcpPortSharing - ok

12:17:22.0078 3392 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys

12:17:22.0218 3392 NIC1394 - ok

12:17:22.0250 3392 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll

12:17:22.0296 3392 Nla - ok

12:17:22.0359 3392 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] NMSAccess C:\Program Files\CDBurnerXP\NMSAccessU.exe

12:17:22.0359 3392 NMSAccess - ok

12:17:22.0421 3392 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys

12:17:22.0578 3392 Npfs - ok

12:17:22.0640 3392 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys

12:17:22.0921 3392 Ntfs - ok

12:17:22.0953 3392 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe

12:17:23.0093 3392 NtLmSsp - ok

12:17:23.0125 3392 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll

12:17:23.0265 3392 NtmsSvc - ok

12:17:23.0312 3392 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys

12:17:23.0437 3392 Null - ok

12:17:24.0109 3392 [ 597A5167C509547FC691416887171079 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys

12:17:24.0468 3392 nv - ok

12:17:24.0531 3392 [ 7D275ECDA4628318912F6C945D5CF963 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys

12:17:24.0593 3392 NVENETFD - ok

12:17:24.0656 3392 [ EA98BFE4931BD13D747D647C1859796E ] nvgts C:\WINDOWS\system32\DRIVERS\nvgts.sys

12:17:24.0671 3392 nvgts - ok

12:17:24.0734 3392 [ B64AACEFAD2BE5BFF5353FE681253C67 ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys

12:17:24.0765 3392 nvnetbus - ok

12:17:24.0843 3392 [ 4A290F88C42DD1037A46CD1867308D82 ] NVSvc C:\WINDOWS\system32\nvsvc32.exe

12:17:24.0906 3392 NVSvc - ok

12:17:24.0921 3392 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys

12:17:25.0109 3392 NwlnkFlt - ok

12:17:25.0156 3392 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys

12:17:25.0312 3392 NwlnkFwd - ok

12:17:25.0578 3392 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

12:17:25.0687 3392 odserv - ok

12:17:25.0703 3392 [ CA33832DF41AFB202EE7AEB05145922F ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys

12:17:25.0843 3392 ohci1394 - ok

12:17:25.0906 3392 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

12:17:25.0906 3392 ose - ok

12:17:25.0968 3392 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys

12:17:26.0109 3392 Parport - ok

12:17:26.0125 3392 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys

12:17:26.0265 3392 PartMgr - ok

12:17:26.0343 3392 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys

12:17:26.0500 3392 ParVdm - ok

12:17:26.0515 3392 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys

12:17:26.0703 3392 PCI - ok

12:17:26.0703 3392 PCIDump - ok

12:17:26.0734 3392 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys

12:17:26.0859 3392 PCIIde - ok

12:17:26.0937 3392 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys

12:17:27.0109 3392 Pcmcia - ok

12:17:27.0109 3392 PDCOMP - ok

12:17:27.0125 3392 PDFRAME - ok

12:17:27.0125 3392 PDRELI - ok

12:17:27.0140 3392 PDRFRAME - ok

12:17:27.0140 3392 perc2 - ok

12:17:27.0156 3392 perc2hib - ok

12:17:27.0187 3392 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe

12:17:27.0203 3392 PlugPlay - ok

12:17:27.0281 3392 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll

12:17:27.0343 3392 Pml Driver HPZ12 - ok

12:17:27.0375 3392 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe

12:17:27.0546 3392 PolicyAgent - ok

12:17:27.0625 3392 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys

12:17:27.0796 3392 PptpMiniport - ok

12:17:27.0859 3392 [ A32BEBAF723557681BFC6BD93E98BD26 ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys

12:17:28.0046 3392 Processor - ok

12:17:28.0078 3392 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe

12:17:28.0187 3392 ProtectedStorage - ok

12:17:28.0234 3392 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys

12:17:28.0359 3392 PSched - ok

12:17:28.0437 3392 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys

12:17:28.0562 3392 Ptilink - ok

12:17:28.0703 3392 [ D2C73B0F27D0750887A3DA3BD28F930C ] QBCFMonitorService C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe

12:17:28.0734 3392 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - warning

12:17:28.0734 3392 QBCFMonitorService - detected UnsignedFile.Multi.Generic (1)

12:17:28.0812 3392 [ 6BEE1814470DC12FA20C53DFC3C97EBB ] QBFCService C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe

12:17:28.0859 3392 QBFCService ( UnsignedFile.Multi.Generic ) - warning

12:17:28.0859 3392 QBFCService - detected UnsignedFile.Multi.Generic (1)

12:17:28.0859 3392 ql1080 - ok

12:17:28.0859 3392 Ql10wnt - ok

12:17:28.0875 3392 ql12160 - ok

12:17:28.0875 3392 ql1240 - ok

12:17:28.0890 3392 ql1280 - ok

12:17:28.0953 3392 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys

12:17:29.0093 3392 RasAcd - ok

12:17:29.0156 3392 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll

12:17:29.0312 3392 RasAuto - ok

12:17:29.0343 3392 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys

12:17:29.0484 3392 Rasl2tp - ok

12:17:29.0562 3392 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll

12:17:29.0687 3392 RasMan - ok

12:17:29.0718 3392 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys

12:17:29.0859 3392 RasPppoe - ok

12:17:29.0921 3392 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys

12:17:30.0031 3392 Raspti - ok

12:17:30.0125 3392 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys

12:17:30.0265 3392 Rdbss - ok

12:17:30.0312 3392 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys

12:17:30.0453 3392 RDPCDD - ok

12:17:30.0546 3392 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys

12:17:30.0703 3392 rdpdr - ok

12:17:30.0781 3392 [ 5B3055DAA788BD688594D2F5981F2A83 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys

12:17:30.0828 3392 RDPWD - ok

12:17:30.0921 3392 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe

12:17:31.0062 3392 RDSessMgr - ok

12:17:31.0093 3392 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys

12:17:31.0250 3392 redbook - ok

12:17:31.0296 3392 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll

12:17:31.0468 3392 RemoteAccess - ok

12:17:31.0515 3392 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll

12:17:31.0640 3392 RemoteRegistry - ok

12:17:31.0734 3392 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe

12:17:31.0890 3392 RpcLocator - ok

12:17:31.0968 3392 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll

12:17:32.0015 3392 RpcSs - ok

12:17:32.0093 3392 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe

12:17:32.0265 3392 RSVP - ok

12:17:32.0296 3392 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe

12:17:32.0421 3392 SamSs - ok

12:17:32.0468 3392 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe

12:17:32.0609 3392 SCardSvr - ok

12:17:32.0656 3392 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll

12:17:32.0796 3392 Schedule - ok

12:17:32.0843 3392 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys

12:17:32.0906 3392 Secdrv - ok

12:17:32.0968 3392 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll

12:17:33.0109 3392 seclogon - ok

12:17:33.0140 3392 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll

12:17:33.0296 3392 SENS - ok

12:17:33.0312 3392 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys

12:17:33.0484 3392 Serial - ok

12:17:33.0515 3392 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys

12:17:33.0656 3392 Sfloppy - ok

12:17:33.0687 3392 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll

12:17:33.0890 3392 SharedAccess - ok

12:17:33.0953 3392 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

12:17:33.0968 3392 ShellHWDetection - ok

12:17:33.0968 3392 Simbad - ok

12:17:33.0984 3392 Sparrow - ok

12:17:34.0015 3392 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys

12:17:34.0140 3392 splitter - ok

12:17:34.0250 3392 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe

12:17:34.0281 3392 Spooler - ok

12:17:34.0703 3392 [ D15DA1BA189770D93EEA2D7E18F95AF9 ] sptd C:\WINDOWS\system32\Drivers\sptd.sys

12:17:34.0781 3392 Suspicious file (NoAccess): C:\WINDOWS\system32\Drivers\sptd.sys. md5: D15DA1BA189770D93EEA2D7E18F95AF9

12:17:34.0796 3392 sptd ( LockedFile.Multi.Generic ) - warning

12:17:34.0796 3392 sptd - detected LockedFile.Multi.Generic (1)

12:17:34.0875 3392 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys

12:17:35.0062 3392 sr - ok

12:17:35.0218 3392 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll

12:17:35.0281 3392 srservice - ok

12:17:35.0421 3392 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys

12:17:35.0453 3392 Srv - ok

12:17:35.0500 3392 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll

12:17:35.0593 3392 SSDPSRV - ok

12:17:35.0609 3392 [ E57B778208C783D8DEBAB320C16A1B82 ] StarOpen C:\WINDOWS\system32\drivers\StarOpen.sys

12:17:35.0625 3392 StarOpen ( UnsignedFile.Multi.Generic ) - warning

12:17:35.0625 3392 StarOpen - detected UnsignedFile.Multi.Generic (1)

12:17:35.0671 3392 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll

12:17:35.0812 3392 stisvc - ok

12:17:35.0843 3392 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys

12:17:36.0015 3392 swenum - ok

12:17:36.0046 3392 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys

12:17:36.0187 3392 swmidi - ok

12:17:36.0187 3392 SwPrv - ok

12:17:36.0203 3392 symc810 - ok

12:17:36.0203 3392 symc8xx - ok

12:17:36.0203 3392 sym_hi - ok

12:17:36.0218 3392 sym_u3 - ok

12:17:36.0265 3392 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys

12:17:36.0421 3392 sysaudio - ok

12:17:36.0453 3392 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe

12:17:36.0593 3392 SysmonLog - ok

12:17:36.0640 3392 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll

12:17:36.0765 3392 TapiSrv - ok

12:17:36.0796 3392 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys

12:17:36.0859 3392 Tcpip - ok

12:17:36.0906 3392 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys

12:17:37.0062 3392 TDPIPE - ok

12:17:37.0078 3392 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys

12:17:37.0218 3392 TDTCP - ok

12:17:37.0250 3392 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys

12:17:37.0406 3392 TermDD - ok

12:17:37.0484 3392 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll

12:17:37.0640 3392 TermService - ok

12:17:37.0671 3392 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll

12:17:37.0687 3392 Themes - ok

12:17:37.0718 3392 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe

12:17:37.0781 3392 TlntSvr - ok

12:17:37.0796 3392 TosIde - ok

12:17:37.0828 3392 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll

12:17:37.0968 3392 TrkWks - ok

12:17:38.0015 3392 [ B3C9C35DC93563B8D19AD414EDF2FC82 ] TrueSight c:\windows\system32\drivers\TrueSight.sys

12:17:38.0015 3392 TrueSight ( UnsignedFile.Multi.Generic ) - warning

12:17:38.0015 3392 TrueSight - detected UnsignedFile.Multi.Generic (1)

12:17:38.0046 3392 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys

12:17:38.0203 3392 Udfs - ok

12:17:38.0203 3392 ultra - ok

12:17:38.0296 3392 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys

12:17:38.0453 3392 Update - ok

12:17:38.0500 3392 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll

12:17:38.0578 3392 upnphost - ok

12:17:38.0593 3392 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe

12:17:38.0750 3392 UPS - ok

12:17:38.0796 3392 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys

12:17:38.0843 3392 USBAAPL - ok

12:17:38.0890 3392 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys

12:17:39.0062 3392 usbccgp - ok

12:17:39.0078 3392 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys

12:17:39.0312 3392 usbehci - ok

12:17:39.0328 3392 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys

12:17:39.0500 3392 usbhub - ok

12:17:39.0546 3392 [ 0DAECCE65366EA32B162F85F07C6753B ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys

12:17:39.0671 3392 usbohci - ok

12:17:39.0734 3392 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys

12:17:39.0875 3392 usbscan - ok

12:17:39.0890 3392 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS

12:17:40.0031 3392 usbstor - ok

12:17:40.0093 3392 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys

12:17:40.0218 3392 VgaSave - ok

12:17:40.0218 3392 ViaIde - ok

12:17:40.0234 3392 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys

12:17:40.0359 3392 VolSnap - ok

12:17:40.0406 3392 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe

12:17:40.0484 3392 VSS - ok

12:17:40.0515 3392 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll

12:17:40.0625 3392 W32Time - ok

12:17:40.0671 3392 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys

12:17:40.0812 3392 Wanarp - ok

12:17:40.0812 3392 WDICA - ok

12:17:40.0828 3392 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys

12:17:40.0937 3392 wdmaud - ok

12:17:40.0937 3392 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll

12:17:41.0093 3392 WebClient - ok

12:17:41.0171 3392 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll

12:17:41.0312 3392 winmgmt - ok

12:17:41.0359 3392 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll

12:17:41.0484 3392 WmdmPmSN - ok

12:17:41.0531 3392 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll

12:17:41.0593 3392 Wmi - ok

12:17:41.0656 3392 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe

12:17:41.0781 3392 WmiApSrv - ok

12:17:41.0812 3392 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll

12:17:41.0968 3392 wscsvc - ok

12:17:42.0015 3392 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll

12:17:42.0140 3392 wuauserv - ok

12:17:42.0171 3392 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll

12:17:42.0343 3392 WZCSVC - ok

12:17:42.0375 3392 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll

12:17:42.0515 3392 xmlprov - ok

[boboso]

12:17:42.0515 3392 ================ Scan global ===============================

12:17:42.0562 3392 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

12:17:42.0578 3392 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

12:17:42.0593 3392 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

12:17:42.0656 3392 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

12:17:42.0656 3392 [Global] - ok

12:17:42.0656 3392 ================ Scan MBR ==================================

12:17:42.0671 3392 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0

12:17:42.0671 3392 Suspicious mbr (Forged): \Device\Harddisk0\DR0

12:17:42.0718 3392 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected

12:17:42.0718 3392 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)

12:17:42.0734 3392 \Device\Harddisk0\DR0 ( TDSS File System ) - warning

12:17:42.0734 3392 \Device\Harddisk0\DR0 - detected TDSS File System (1)

12:17:42.0734 3392 ================ Scan VBR ==================================

12:17:42.0734 3392 [ 07810175AA674F0F6248C3FDC131132B ] \Device\Harddisk0\DR0\Partition1

12:17:42.0750 3392 \Device\Harddisk0\DR0\Partition1 - ok

12:17:42.0796 3392 [ 75A7CF17FB12543A3D753E28B6360DB3 ] \Device\Harddisk0\DR0\Partition2

12:17:42.0796 3392 \Device\Harddisk0\DR0\Partition2 - ok

12:17:42.0796 3392 ================ Scan active images ========================

12:17:42.0796 3392 [ A32BEBAF723557681BFC6BD93E98BD26 ] C:\WINDOWS\system32\drivers\processr.sys

12:17:42.0812 3392 C:\WINDOWS\system32\drivers\processr.sys - ok

12:17:42.0812 3392 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys

12:17:42.0812 3392 C:\WINDOWS\system32\drivers\i8042prt.sys - ok

12:17:42.0812 3392 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys

12:17:42.0812 3392 C:\WINDOWS\system32\drivers\mouclass.sys - ok

12:17:42.0828 3392 [ 088BE3EC42010310FE867F874B6FEDF2 ] C:\WINDOWS\system32\drivers\aswKbd.sys

12:17:42.0828 3392 C:\WINDOWS\system32\drivers\aswKbd.sys - ok

12:17:42.0828 3392 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys

12:17:42.0828 3392 C:\WINDOWS\system32\drivers\kbdclass.sys - ok

12:17:42.0828 3392 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys

12:17:42.0828 3392 C:\WINDOWS\system32\drivers\usbport.sys - ok

12:17:42.0843 3392 [ 0DAECCE65366EA32B162F85F07C6753B ] C:\WINDOWS\system32\drivers\usbohci.sys

12:17:42.0843 3392 C:\WINDOWS\system32\drivers\usbohci.sys - ok

12:17:42.0843 3392 [ E9E47CFB2D461FA0FC75B7A74C6383EA ] C:\WINDOWS\system32\drivers\nic1394.sys

12:17:42.0843 3392 C:\WINDOWS\system32\drivers\nic1394.sys - ok

12:17:42.0843 3392 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys

12:17:42.0843 3392 C:\WINDOWS\system32\drivers\usbehci.sys - ok

12:17:42.0859 3392 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys

12:17:42.0859 3392 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok

12:17:42.0859 3392 [ C5A2952901DC5E1CC33014E809296D30 ] C:\WINDOWS\system32\drivers\nvnrm.sys

12:17:42.0859 3392 C:\WINDOWS\system32\drivers\nvnrm.sys - ok

12:17:42.0875 3392 [ B64AACEFAD2BE5BFF5353FE681253C67 ] C:\WINDOWS\system32\drivers\nvnetbus.sys

12:17:42.0875 3392 C:\WINDOWS\system32\drivers\nvnetbus.sys - ok

12:17:42.0875 3392 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys

12:17:42.0875 3392 C:\WINDOWS\system32\drivers\imapi.sys - ok

12:17:42.0875 3392 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys

12:17:42.0875 3392 C:\WINDOWS\system32\drivers\cdrom.sys - ok

12:17:42.0890 3392 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys

12:17:42.0890 3392 C:\WINDOWS\system32\drivers\ks.sys - ok

12:17:42.0890 3392 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys

12:17:42.0890 3392 C:\WINDOWS\system32\drivers\redbook.sys - ok

12:17:42.0890 3392 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys

12:17:42.0890 3392 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok

12:17:42.0906 3392 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys

12:17:42.0906 3392 C:\WINDOWS\system32\drivers\videoprt.sys - ok

12:17:42.0906 3392 [ 597A5167C509547FC691416887171079 ] C:\WINDOWS\system32\drivers\nv4_mini.sys

12:17:42.0906 3392 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok

12:17:42.0921 3392 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys

12:17:42.0921 3392 C:\WINDOWS\system32\drivers\audstub.sys - ok

12:17:42.0921 3392 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys

12:17:42.0921 3392 C:\WINDOWS\system32\drivers\ndistapi.sys - ok

12:17:42.0921 3392 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys

12:17:42.0921 3392 C:\WINDOWS\system32\drivers\ndiswan.sys - ok

12:17:42.0937 3392 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys

12:17:42.0937 3392 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok

12:17:42.0937 3392 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys

12:17:42.0937 3392 C:\WINDOWS\system32\drivers\raspppoe.sys - ok

12:17:42.0937 3392 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys

12:17:42.0937 3392 C:\WINDOWS\system32\drivers\tdi.sys - ok

12:17:42.0953 3392 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys

12:17:42.0953 3392 C:\WINDOWS\system32\drivers\msgpc.sys - ok

12:17:42.0953 3392 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys

12:17:42.0953 3392 C:\WINDOWS\system32\drivers\psched.sys - ok

12:17:42.0953 3392 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys

12:17:42.0953 3392 C:\WINDOWS\system32\drivers\ptilink.sys - ok

12:17:42.0968 3392 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys

12:17:42.0968 3392 C:\WINDOWS\system32\drivers\raspptp.sys - ok

12:17:42.0968 3392 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys

12:17:42.0968 3392 C:\WINDOWS\system32\drivers\raspti.sys - ok

12:17:42.0984 3392 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys

12:17:42.0984 3392 C:\WINDOWS\system32\drivers\rdpdr.sys - ok

12:17:42.0984 3392 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys

12:17:42.0984 3392 C:\WINDOWS\system32\drivers\termdd.sys - ok

12:17:42.0984 3392 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys

12:17:42.0984 3392 C:\WINDOWS\system32\drivers\mssmbios.sys - ok

12:17:43.0000 3392 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys

12:17:43.0000 3392 C:\WINDOWS\system32\drivers\swenum.sys - ok

12:17:43.0000 3392 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys

12:17:43.0000 3392 C:\WINDOWS\system32\drivers\update.sys - ok

12:17:43.0000 3392 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys

12:17:43.0000 3392 C:\WINDOWS\system32\drivers\ndproxy.sys - ok

12:17:43.0015 3392 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys

12:17:43.0015 3392 C:\WINDOWS\system32\drivers\usbd.sys - ok

12:17:43.0015 3392 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys

12:17:43.0015 3392 C:\WINDOWS\system32\drivers\usbhub.sys - ok

12:17:43.0015 3392 [ 7D275ECDA4628318912F6C945D5CF963 ] C:\WINDOWS\system32\drivers\NVENETFD.sys

12:17:43.0015 3392 C:\WINDOWS\system32\drivers\NVENETFD.sys - ok

12:17:43.0031 3392 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys

12:17:43.0031 3392 C:\WINDOWS\system32\drivers\drmk.sys - ok

12:17:43.0031 3392 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys

12:17:43.0031 3392 C:\WINDOWS\system32\drivers\portcls.sys - ok

12:17:43.0031 3392 [ 41EF008D7B089CE6F5F2E4A61D5638E6 ] C:\WINDOWS\system32\drivers\RtkHDAud.sys

12:17:43.0046 3392 C:\WINDOWS\system32\drivers\RtkHDAud.sys - ok

12:17:43.0046 3392 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys

12:17:43.0046 3392 C:\WINDOWS\system32\drivers\fdc.sys - ok

12:17:43.0046 3392 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys

12:17:43.0046 3392 C:\WINDOWS\system32\drivers\beep.sys - ok

12:17:43.0062 3392 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys

12:17:43.0062 3392 C:\WINDOWS\system32\drivers\cdaudio.sys - ok

12:17:43.0062 3392 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys

12:17:43.0062 3392 C:\WINDOWS\system32\drivers\flpydisk.sys - ok

12:17:43.0062 3392 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys

12:17:43.0062 3392 C:\WINDOWS\system32\drivers\fs_rec.sys - ok

12:17:43.0078 3392 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys

12:17:43.0078 3392 C:\WINDOWS\system32\drivers\mnmdd.sys - ok

12:17:43.0078 3392 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys

12:17:43.0078 3392 C:\WINDOWS\system32\drivers\msfs.sys - ok

12:17:43.0078 3392 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys

12:17:43.0078 3392 C:\WINDOWS\system32\drivers\null.sys - ok

12:17:43.0093 3392 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys

12:17:43.0093 3392 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok

12:17:43.0093 3392 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys

12:17:43.0093 3392 C:\WINDOWS\system32\drivers\sfloppy.sys - ok

12:17:43.0109 3392 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys

12:17:43.0109 3392 C:\WINDOWS\system32\drivers\vga.sys - ok

12:17:43.0109 3392 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys

12:17:43.0109 3392 C:\WINDOWS\system32\drivers\ipsec.sys - ok

12:17:43.0109 3392 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys

12:17:43.0109 3392 C:\WINDOWS\system32\drivers\npfs.sys - ok

12:17:43.0125 3392 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys

12:17:43.0125 3392 C:\WINDOWS\system32\drivers\rasacd.sys - ok

12:17:43.0125 3392 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys

12:17:43.0125 3392 C:\WINDOWS\system32\drivers\tcpip.sys - ok

12:17:43.0125 3392 [ B5AAA12631877731A253E44202FFC5BC ] C:\WINDOWS\system32\drivers\aswFW.sys

12:17:43.0125 3392 C:\WINDOWS\system32\drivers\aswFW.sys - ok

12:17:43.0140 3392 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys

12:17:43.0140 3392 C:\WINDOWS\system32\drivers\afd.sys - ok

12:17:43.0140 3392 [ B5B8A80875C1DEDEDA8B02765642C32F ] C:\WINDOWS\system32\drivers\arp1394.sys

12:17:43.0140 3392 C:\WINDOWS\system32\drivers\arp1394.sys - ok

12:17:43.0156 3392 [ 982E275D1C5801042FE94209FB0160FB ] C:\WINDOWS\system32\drivers\aswRdr.sys

12:17:43.0156 3392 C:\WINDOWS\system32\drivers\aswRdr.sys - ok

12:17:43.0156 3392 [ 7109A9AA551F37CD168C02368465957E ] C:\WINDOWS\system32\drivers\aswTdi.sys

12:17:43.0156 3392 C:\WINDOWS\system32\drivers\aswTdi.sys - ok

12:17:43.0156 3392 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys

12:17:43.0156 3392 C:\WINDOWS\system32\drivers\ipnat.sys - ok

12:17:43.0171 3392 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys

12:17:43.0171 3392 C:\WINDOWS\system32\drivers\netbt.sys - ok

12:17:43.0171 3392 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys

12:17:43.0171 3392 C:\WINDOWS\system32\drivers\wanarp.sys - ok

12:17:43.0171 3392 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys

12:17:43.0171 3392 C:\WINDOWS\system32\drivers\netbios.sys - ok

12:17:43.0187 3392 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys

12:17:43.0187 3392 C:\WINDOWS\system32\drivers\rdbss.sys - ok

12:17:43.0187 3392 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys

12:17:43.0187 3392 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok

12:17:43.0203 3392 [ 6CBD7D3A33F498D09C831CDD732DA2E0 ] C:\WINDOWS\system32\drivers\aswSP.sys

12:17:43.0203 3392 C:\WINDOWS\system32\drivers\aswSP.sys - ok

12:17:43.0203 3392 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys

12:17:43.0203 3392 C:\WINDOWS\system32\drivers\fips.sys - ok

12:17:43.0203 3392 [ 73DBCF808E00580F2A47F93DD9B03876 ] C:\WINDOWS\system32\drivers\aswSnx.sys

12:17:43.0203 3392 C:\WINDOWS\system32\drivers\aswSnx.sys - ok

12:17:43.0218 3392 [ 0B27AE82C113D3687024D18459440426 ] C:\WINDOWS\system32\drivers\aavmker4.sys

12:17:43.0218 3392 C:\WINDOWS\system32\drivers\aavmker4.sys - ok

12:17:43.0218 3392 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll

12:17:43.0218 3392 C:\WINDOWS\system32\ntdll.dll - ok

12:17:43.0218 3392 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe

12:17:43.0218 3392 C:\WINDOWS\system32\smss.exe - ok

12:17:43.0234 3392 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe

12:17:43.0234 3392 C:\WINDOWS\system32\autochk.exe - ok

12:17:43.0234 3392 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll

12:17:43.0234 3392 C:\WINDOWS\system32\sfcfiles.dll - ok

12:17:43.0234 3392 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys

12:17:43.0234 3392 C:\WINDOWS\system32\drivers\cdfs.sys - ok

12:17:43.0250 3392 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys

12:17:43.0250 3392 C:\WINDOWS\system32\drivers\usbstor.sys - ok

12:17:43.0250 3392 [ E65E2353A5D74EA89971CB918EEEB2F6 ] C:\WINDOWS\system32\drivers\diskdump.sys

12:17:43.0250 3392 C:\WINDOWS\system32\drivers\diskdump.sys - ok

12:17:43.0265 3392 [ EA98BFE4931BD13D747D647C1859796E ] C:\WINDOWS\system32\drivers\nvgts.sys

12:17:43.0265 3392 C:\WINDOWS\system32\drivers\nvgts.sys - ok

12:17:43.0265 3392 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys

12:17:43.0265 3392 C:\WINDOWS\system32\drivers\dxapi.sys - ok

12:17:43.0265 3392 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe

12:17:43.0265 3392 C:\WINDOWS\system32\csrss.exe - ok

12:17:43.0265 3392 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys

12:17:43.0265 3392 C:\WINDOWS\system32\watchdog.sys - ok

12:17:43.0281 3392 [ 4C1CA2B98543ADF66C032E301F936D54 ] C:\WINDOWS\system32\win32k.sys

12:17:43.0281 3392 C:\WINDOWS\system32\win32k.sys - ok

12:17:43.0281 3392 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll

12:17:43.0281 3392 C:\WINDOWS\system32\basesrv.dll - ok

12:17:43.0296 3392 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll

12:17:43.0296 3392 C:\WINDOWS\system32\csrsrv.dll - ok

12:17:43.0296 3392 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll

12:17:43.0296 3392 C:\WINDOWS\system32\gdi32.dll - ok

12:17:43.0296 3392 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll

12:17:43.0296 3392 C:\WINDOWS\system32\kernel32.dll - ok

12:17:43.0312 3392 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll

12:17:43.0312 3392 C:\WINDOWS\system32\winsrv.dll - ok

12:17:43.0312 3392 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll

12:17:43.0312 3392 C:\WINDOWS\system32\user32.dll - ok

12:17:43.0312 3392 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys

12:17:43.0312 3392 C:\WINDOWS\system32\drivers\dxg.sys - ok

12:17:43.0328 3392 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys

12:17:43.0328 3392 C:\WINDOWS\system32\drivers\dxgthk.sys - ok

12:17:43.0328 3392 [ 98F4A19F383D4EA05E9B6D1AE27BE8D9 ] C:\WINDOWS\system32\nv4_disp.dll

12:17:43.0328 3392 C:\WINDOWS\system32\nv4_disp.dll - ok

12:17:43.0343 3392 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll

12:17:43.0343 3392 C:\WINDOWS\system32\vga.dll - ok

12:17:43.0343 3392 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe

12:17:43.0343 3392 C:\WINDOWS\system32\winlogon.exe - ok

12:17:43.0343 3392 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll

12:17:43.0343 3392 C:\WINDOWS\system32\advapi32.dll - ok

12:17:43.0359 3392 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll

12:17:43.0359 3392 C:\WINDOWS\system32\rpcrt4.dll - ok

12:17:43.0359 3392 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll

12:17:43.0359 3392 C:\WINDOWS\system32\authz.dll - ok

12:17:43.0359 3392 [ A90E118F12D355F9946DFB30A8F94609 ] C:\WINDOWS\system32\crypt32.dll

12:17:43.0359 3392 C:\WINDOWS\system32\crypt32.dll - ok

12:17:43.0375 3392 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll

12:17:43.0375 3392 C:\WINDOWS\system32\msvcrt.dll - ok

12:17:43.0375 3392 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll

12:17:43.0375 3392 C:\WINDOWS\system32\secur32.dll - ok

12:17:43.0390 3392 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll

12:17:43.0390 3392 C:\WINDOWS\system32\msasn1.dll - ok

12:17:43.0390 3392 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll

12:17:43.0390 3392 C:\WINDOWS\system32\nddeapi.dll - ok

12:17:43.0390 3392 [ 318230E845919255EF3C5D5E1E863631 ] C:\WINDOWS\system32\netapi32.dll

12:17:43.0390 3392 C:\WINDOWS\system32\netapi32.dll - ok

12:17:43.0406 3392 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll

12:17:43.0406 3392 C:\WINDOWS\system32\profmap.dll - ok

12:17:43.0406 3392 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll

12:17:43.0406 3392 C:\WINDOWS\system32\userenv.dll - ok

12:17:43.0406 3392 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll

12:17:43.0406 3392 C:\WINDOWS\system32\psapi.dll - ok

12:17:43.0421 3392 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll

12:17:43.0421 3392 C:\WINDOWS\system32\regapi.dll - ok

12:17:43.0421 3392 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll

12:17:43.0421 3392 C:\WINDOWS\system32\setupapi.dll - ok

12:17:43.0421 3392 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll

12:17:43.0421 3392 C:\WINDOWS\system32\version.dll - ok

12:17:43.0437 3392 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll

12:17:43.0437 3392 C:\WINDOWS\system32\imagehlp.dll - ok

12:17:43.0437 3392 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll

12:17:43.0437 3392 C:\WINDOWS\system32\imm32.dll - ok

12:17:43.0453 3392 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll

12:17:43.0453 3392 C:\WINDOWS\system32\winsta.dll - ok

12:17:43.0453 3392 [ 95F5C420E9BDD4C3569602911420A774 ] C:\WINDOWS\system32\wintrust.dll

12:17:43.0453 3392 C:\WINDOWS\system32\wintrust.dll - ok

12:17:43.0453 3392 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll

12:17:43.0453 3392 C:\WINDOWS\system32\ws2help.dll - ok

12:17:43.0468 3392 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll

12:17:43.0468 3392 C:\WINDOWS\system32\ws2_32.dll - ok

12:17:43.0468 3392 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll

12:17:43.0468 3392 C:\WINDOWS\system32\shlwapi.dll - ok

12:17:43.0468 3392 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll

12:17:43.0468 3392 C:\WINDOWS\system32\atl.dll - ok

12:17:43.0484 3392 [ 009E7B4C284F080608D7286484015EE5 ] C:\WINDOWS\system32\wininet.dll

12:17:43.0484 3392 C:\WINDOWS\system32\wininet.dll - ok

12:17:43.0484 3392 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll

12:17:43.0484 3392 C:\WINDOWS\system32\normaliz.dll - ok

12:17:43.0500 3392 [ 22C7E8410FC990759533E70B5250CB24 ] C:\WINDOWS\system32\urlmon.dll

12:17:43.0500 3392 C:\WINDOWS\system32\urlmon.dll - ok

12:17:43.0500 3392 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll

12:17:43.0500 3392 C:\WINDOWS\system32\ole32.dll - ok

12:17:43.0500 3392 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll

12:17:43.0500 3392 C:\WINDOWS\system32\oleaut32.dll - ok

12:17:43.0515 3392 [ D5F7CEB91FA9D4D364DD522988DAC618 ] C:\WINDOWS\system32\iertutil.dll

12:17:43.0515 3392 C:\WINDOWS\system32\iertutil.dll - ok

12:17:43.0515 3392 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll

12:17:43.0515 3392 C:\WINDOWS\system32\sxs.dll - ok

12:17:43.0515 3392 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll

12:17:43.0515 3392 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok

12:17:43.0531 3392 [ E86423AA9AA8C382AF02B94A058DC2AA ] C:\WINDOWS\system32\shell32.dll

12:17:43.0531 3392 C:\WINDOWS\system32\shell32.dll - ok

12:17:43.0531 3392 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll

12:17:43.0531 3392 C:\WINDOWS\system32\comctl32.dll - ok

12:17:43.0546 3392 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll

12:17:43.0546 3392 C:\WINDOWS\system32\kbdus.dll - ok

12:17:43.0546 3392 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll

12:17:43.0546 3392 C:\WINDOWS\system32\msgina.dll - ok

12:17:43.0546 3392 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll

12:17:43.0546 3392 C:\WINDOWS\system32\odbc32.dll - ok

12:17:43.0562 3392 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll

12:17:43.0562 3392 C:\WINDOWS\system32\comdlg32.dll - ok

12:17:43.0562 3392 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll

12:17:43.0562 3392 C:\WINDOWS\system32\odbcint.dll - ok

12:17:43.0562 3392 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll

12:17:43.0562 3392 C:\WINDOWS\system32\shsvcs.dll - ok

12:17:43.0578 3392 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll

12:17:43.0578 3392 C:\WINDOWS\system32\apphelp.dll - ok

12:17:43.0578 3392 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll

12:17:43.0578 3392 C:\WINDOWS\system32\sfc.dll - ok

12:17:43.0578 3392 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll

12:17:43.0578 3392 C:\WINDOWS\system32\sfc_os.dll - ok

12:17:43.0593 3392 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe

12:17:43.0593 3392 C:\WINDOWS\system32\lsass.exe - ok

12:17:43.0593 3392 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe

12:17:43.0593 3392 C:\WINDOWS\system32\services.exe - ok

12:17:43.0609 3392 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll

12:17:43.0609 3392 C:\WINDOWS\system32\lsasrv.dll - ok

12:17:43.0609 3392 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll

12:17:43.0609 3392 C:\WINDOWS\system32\ncobjapi.dll - ok

12:17:43.0609 3392 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll

12:17:43.0609 3392 C:\WINDOWS\system32\msvcp60.dll - ok

12:17:43.0625 3392 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll

12:17:43.0625 3392 C:\WINDOWS\system32\mpr.dll - ok

12:17:43.0625 3392 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll

12:17:43.0625 3392 C:\WINDOWS\system32\scesrv.dll - ok

12:17:43.0640 3392 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll

12:17:43.0640 3392 C:\WINDOWS\system32\dnsapi.dll - ok

12:17:43.0640 3392 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll

12:17:43.0640 3392 C:\WINDOWS\system32\ntdsapi.dll - ok

12:17:43.0640 3392 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll

12:17:43.0640 3392 C:\WINDOWS\system32\shimeng.dll - ok

12:17:43.0656 3392 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll

12:17:43.0656 3392 C:\WINDOWS\system32\umpnpmgr.dll - ok

12:17:43.0656 3392 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll

12:17:43.0656 3392 C:\WINDOWS\AppPatch\AcAdProc.dll - ok

12:17:43.0656 3392 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll

12:17:43.0656 3392 C:\WINDOWS\system32\wldap32.dll - ok

12:17:43.0671 3392 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll

12:17:43.0671 3392 C:\WINDOWS\system32\samlib.dll - ok

12:17:43.0671 3392 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll

12:17:43.0671 3392 C:\WINDOWS\system32\samsrv.dll - ok

12:17:43.0671 3392 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll

12:17:43.0671 3392 C:\WINDOWS\AppPatch\AcGenral.dll - ok

12:17:43.0687 3392 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll

12:17:43.0687 3392 C:\WINDOWS\system32\cryptdll.dll - ok

12:17:43.0687 3392 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll

12:17:43.0687 3392 C:\WINDOWS\system32\winmm.dll - ok

12:17:43.0703 3392 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll

12:17:43.0703 3392 C:\WINDOWS\system32\msacm32.dll - ok

12:17:43.0703 3392 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll

12:17:43.0703 3392 C:\WINDOWS\system32\uxtheme.dll - ok

12:17:43.0703 3392 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll

12:17:43.0703 3392 C:\WINDOWS\system32\msapsspc.dll - ok

12:17:43.0718 3392 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll

12:17:43.0718 3392 C:\WINDOWS\system32\msvcrt40.dll - ok

12:17:43.0718 3392 [ A645A78FCDABAD67067324D7E6CD9F79 ] C:\WINDOWS\system32\schannel.dll

12:17:43.0718 3392 C:\WINDOWS\system32\schannel.dll - ok

12:17:43.0718 3392 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll

12:17:43.0718 3392 C:\WINDOWS\system32\digest.dll - ok

12:17:43.0734 3392 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll

12:17:43.0734 3392 C:\WINDOWS\system32\kerberos.dll - ok

12:17:43.0734 3392 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\MSCTFIME.IME

12:17:43.0734 3392 C:\WINDOWS\system32\MSCTFIME.IME - ok

12:17:43.0750 3392 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll

12:17:43.0750 3392 C:\WINDOWS\system32\msnsspc.dll - ok

12:17:43.0750 3392 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll

12:17:43.0750 3392 C:\WINDOWS\system32\msprivs.dll - ok

12:17:43.0750 3392 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll

12:17:43.0750 3392 C:\WINDOWS\system32\msv1_0.dll - ok

12:17:43.0765 3392 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll

12:17:43.0765 3392 C:\WINDOWS\system32\iphlpapi.dll - ok

12:17:43.0765 3392 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll

12:17:43.0765 3392 C:\WINDOWS\system32\netlogon.dll - ok

12:17:43.0765 3392 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll

12:17:43.0765 3392 C:\WINDOWS\system32\atmfd.dll - ok

12:17:43.0781 3392 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll

12:17:43.0781 3392 C:\WINDOWS\system32\rsaenh.dll - ok

12:17:43.0781 3392 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll

12:17:43.0781 3392 C:\WINDOWS\system32\w32time.dll - ok

12:17:43.0781 3392 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll

12:17:43.0781 3392 C:\WINDOWS\system32\wdigest.dll - ok

12:17:43.0796 3392 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll

12:17:43.0796 3392 C:\WINDOWS\system32\winscard.dll - ok

12:17:43.0796 3392 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll

12:17:43.0796 3392 C:\WINDOWS\system32\scecli.dll - ok

12:17:43.0796 3392 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll

12:17:43.0796 3392 C:\WINDOWS\system32\wtsapi32.dll - ok

12:17:43.0812 3392 [ 1C1F3D6DDDC046C920C493A779649F66 ] C:\WINDOWS\system32\drivers\aswFsBlk.sys

12:17:43.0812 3392 C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok

12:17:43.0812 3392 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe

12:17:43.0812 3392 C:\WINDOWS\system32\svchost.exe - ok

12:17:43.0828 3392 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll

12:17:43.0828 3392 C:\WINDOWS\system32\ntmarta.dll - ok

12:17:43.0828 3392 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll

12:17:43.0828 3392 C:\WINDOWS\system32\rpcss.dll - ok

12:17:43.0828 3392 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll

12:17:43.0828 3392 C:\WINDOWS\system32\xpsp2res.dll - ok

12:17:43.0843 3392 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll

12:17:43.0843 3392 C:\WINDOWS\system32\eventlog.dll - ok

12:17:43.0843 3392 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll

12:17:43.0843 3392 C:\WINDOWS\system32\mswsock.dll - ok

12:17:43.0843 3392 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll

12:17:43.0843 3392 C:\WINDOWS\system32\hnetcfg.dll - ok

12:17:43.0859 3392 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll

12:17:43.0859 3392 C:\WINDOWS\system32\wshtcpip.dll - ok

12:17:43.0859 3392 [ 2B81226910F765A9191EB9DB93743237 ] C:\Program Files\Bonjour\mdnsNSP.dll

12:17:43.0859 3392 C:\Program Files\Bonjour\mdnsNSP.dll - ok

12:17:43.0859 3392 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll

12:17:43.0859 3392 C:\WINDOWS\system32\rasadhlp.dll - ok

12:17:43.0875 3392 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll

12:17:43.0875 3392 C:\WINDOWS\system32\winrnr.dll - ok

12:17:43.0875 3392 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll

12:17:43.0875 3392 C:\WINDOWS\system32\dsound.dll - ok

12:17:43.0890 3392 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll

12:17:43.0890 3392 C:\WINDOWS\system32\dhcpcsvc.dll - ok

12:17:43.0890 3392 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys

12:17:43.0890 3392 C:\WINDOWS\system32\drivers\ndisuio.sys - ok

12:17:43.0890 3392 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll

12:17:43.0890 3392 C:\WINDOWS\system32\dnsrslvr.dll - ok

12:17:43.0906 3392 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll

12:17:43.0906 3392 C:\WINDOWS\system32\lmhsvc.dll - ok

12:17:43.0906 3392 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll

12:17:43.0906 3392 C:\WINDOWS\system32\wzcsvc.dll - ok

12:17:43.0906 3392 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll

12:17:43.0906 3392 C:\WINDOWS\system32\dot3api.dll - ok

12:17:43.0921 3392 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll

12:17:43.0921 3392 C:\WINDOWS\system32\eapolqec.dll - ok

12:17:43.0921 3392 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll

12:17:43.0921 3392 C:\WINDOWS\system32\esent.dll - ok

12:17:43.0937 3392 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll

12:17:43.0937 3392 C:\WINDOWS\system32\qutil.dll - ok

12:17:43.0937 3392 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll

12:17:43.0937 3392 C:\WINDOWS\system32\rtutils.dll - ok

12:17:43.0937 3392 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll

12:17:43.0937 3392 C:\WINDOWS\system32\wmi.dll - ok

12:17:43.0953 3392 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll

12:17:43.0953 3392 C:\WINDOWS\system32\cscdll.dll - ok

12:17:43.0953 3392 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe

12:17:43.0953 3392 C:\WINDOWS\system32\logonui.exe - ok

12:17:43.0953 3392 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll

12:17:43.0953 3392 C:\WINDOWS\system32\clbcatq.dll - ok

12:17:43.0968 3392 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll

12:17:43.0968 3392 C:\WINDOWS\system32\dimsntfy.dll - ok

12:17:43.0968 3392 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll

12:17:43.0968 3392 C:\WINDOWS\system32\comres.dll - ok

12:17:43.0968 3392 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv

12:17:43.0968 3392 C:\WINDOWS\system32\winspool.drv - ok

12:17:43.0984 3392 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll

12:17:43.0984 3392 C:\WINDOWS\system32\wlnotify.dll - ok

12:17:43.0984 3392 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll

12:17:43.0984 3392 C:\WINDOWS\system32\duser.dll - ok

12:17:44.0000 3392 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll

12:17:44.0000 3392 C:\WINDOWS\system32\rastls.dll - ok

12:17:44.0000 3392 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll

12:17:44.0000 3392 C:\WINDOWS\system32\cryptui.dll - ok

12:17:44.0000 3392 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll

12:17:44.0000 3392 C:\WINDOWS\system32\msimg32.dll - ok

12:17:44.0015 3392 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll

12:17:44.0015 3392 C:\WINDOWS\system32\oleacc.dll - ok

12:17:44.0015 3392 [ 465A17095EB3B9E101429B669F495D01 ] C:\Program Files\AVAST Software\Avast\afwServ.exe

12:17:44.0015 3392 C:\Program Files\AVAST Software\Avast\afwServ.exe - ok

12:17:44.0015 3392 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll

12:17:44.0015 3392 C:\WINDOWS\system32\mprapi.dll - ok

12:17:44.0031 3392 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll

12:17:44.0031 3392 C:\WINDOWS\system32\activeds.dll - ok

12:17:44.0031 3392 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll

12:17:44.0031 3392 C:\WINDOWS\system32\adsldpc.dll - ok

12:17:44.0031 3392 [ 2FFBC6C6142BA133F35B7337A7A1BC1A ] C:\Program Files\AVAST Software\Avast\afwCore.dll

12:17:44.0031 3392 C:\Program Files\AVAST Software\Avast\afwCore.dll - ok

12:17:44.0046 3392 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll

12:17:44.0046 3392 C:\WINDOWS\system32\rasapi32.dll - ok

12:17:44.0046 3392 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll

12:17:44.0046 3392 C:\WINDOWS\system32\rasman.dll - ok

12:17:44.0046 3392 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll

12:17:44.0046 3392 C:\WINDOWS\system32\tapi32.dll - ok

12:17:44.0062 3392 [ C0727AA6B63C80149B79EA53099D0772 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll

12:17:44.0062 3392 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok

12:17:44.0062 3392 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll

12:17:44.0062 3392 C:\WINDOWS\system32\riched20.dll - ok

12:17:44.0078 3392 [ 01EB8125481C4FA2C400350534FEA31F ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll

12:17:44.0078 3392 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok

12:17:44.0078 3392 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll

12:17:44.0078 3392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok

12:17:44.0078 3392 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll

12:17:44.0078 3392 C:\WINDOWS\system32\raschap.dll - ok

12:17:44.0093 3392 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll

12:17:44.0093 3392 C:\WINDOWS\system32\shgina.dll - ok

12:17:44.0093 3392 [ 0D8C5DF2295E0E7F2CFE07CEBA697A6E ] C:\Program Files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

12:17:44.0093 3392 C:\Program Files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll - ok

12:17:44.0093 3392 [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe

12:17:44.0093 3392 C:\WINDOWS\system32\mpnotify.exe - ok

12:17:44.0109 3392 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll

12:17:44.0109 3392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok

12:17:44.0109 3392 [ E8FFC14D8CF54A7D5A3E4C6EAD38E963 ] C:\Program Files\AVAST Software\Avast\ashBase.dll

12:17:44.0109 3392 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok

12:17:44.0125 3392 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll

12:17:44.0125 3392 C:\WINDOWS\system32\wsock32.dll - ok

12:17:44.0125 3392 [ 63AFFE4C27760BEAFA966CB28BEB0BD1 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll

12:17:44.0125 3392 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok

12:17:44.0125 3392 [ ABCD006DFCBC7CF6E0E72051AAFFCAB0 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll

12:17:44.0125 3392 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok

12:17:44.0140 3392 [ 622D0B2C57EBC93CF9BD027B1DA22172 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll

12:17:44.0140 3392 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok

12:17:44.0140 3392 [ 2A57197F60CA9E0A0D9DFE88D55626E0 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll

12:17:44.0140 3392 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok

12:17:44.0140 3392 [ A955AAD5BABAB27CAE88CBEC07401F51 ] C:\Program Files\AVAST Software\Avast\ashTask.dll

12:17:44.0140 3392 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok

12:17:44.0156 3392 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll

12:17:44.0156 3392 C:\WINDOWS\system32\cscui.dll - ok

12:17:44.0156 3392 [ 93B2F0C0E82680202F9417962F04383A ] C:\Program Files\AVAST Software\Avast\aswAux.dll

12:17:44.0156 3392 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok

12:17:44.0171 3392 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll

12:17:44.0171 3392 C:\WINDOWS\system32\powrprof.dll - ok

12:17:44.0171 3392 [ 2BC7128348265CABA9BBC058729A8B7B ] C:\WINDOWS\system32\dpcdll.dll

12:17:44.0171 3392 C:\WINDOWS\system32\dpcdll.dll - ok

12:17:44.0171 3392 [ 0F69DFFC9975A322B3F681EC2EA86FEF ] C:\Program Files\AVAST Software\Avast\aswProperty.dll

12:17:44.0171 3392 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok

12:17:44.0187 3392 [ 09FF9B9F7316A21B6269FED8CCD51320 ] C:\Program Files\AVAST Software\Avast\aswLog.dll

12:17:44.0187 3392 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok

12:17:44.0187 3392 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe

12:17:44.0187 3392 C:\WINDOWS\system32\userinit.exe - ok

12:17:44.0187 3392 [ DC21576533E5BA5FB6D7B51ED88C93F9 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll

12:17:44.0187 3392 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok

12:17:44.0203 3392 [ C07D85E2CE555CBC8B560FC6394E5124 ] C:\Program Files\AVAST Software\Avast\afwCoreServ.dll

12:17:44.0203 3392 C:\Program Files\AVAST Software\Avast\afwCoreServ.dll - ok

12:17:44.0203 3392 [ 518D4EDA229D8BC97EC61C8CF1B28011 ] C:\Program Files\AVAST Software\Avast\afwRpc.dll

12:17:44.0203 3392 C:\Program Files\AVAST Software\Avast\afwRpc.dll - ok

12:17:44.0218 3392 [ 2E7983019A531037272DFE0FBB347C78 ] C:\Program Files\AVAST Software\Avast\afwCoreClient.dll

12:17:44.0218 3392 C:\Program Files\AVAST Software\Avast\afwCoreClient.dll - ok

12:17:44.0218 3392 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe

12:17:44.0218 3392 C:\WINDOWS\explorer.exe - ok

12:17:44.0218 3392 [ DBF41489CB39D8344F42008559991C7F ] C:\Program Files\AVAST Software\Avast\afwGeoIP.dll

12:17:44.0218 3392 C:\Program Files\AVAST Software\Avast\afwGeoIP.dll - ok

12:17:44.0234 3392 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll

12:17:44.0234 3392 C:\WINDOWS\system32\browseui.dll - ok

12:17:44.0234 3392 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll

12:17:44.0234 3392 C:\WINDOWS\system32\dbghelp.dll - ok

12:17:44.0234 3392 [ E7470049933725C2ACF035DD3EBB3DC6 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll

12:17:44.0234 3392 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok

12:17:44.0250 3392 [ 0A1D88669C38B3DCD2E8AD9CC3756361 ] C:\WINDOWS\system32\shdocvw.dll

12:17:44.0250 3392 C:\WINDOWS\system32\shdocvw.dll - ok

12:17:44.0250 3392 [ 9E912FE7B41650701EF2B227ACA440F3 ] C:\WINDOWS\system32\drivers\aswmon2.sys

12:17:44.0250 3392 C:\WINDOWS\system32\drivers\aswmon2.sys - ok

12:17:44.0250 3392 [ 2F7C0F3E39C45E0127FB78B2F18A41F3 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe

12:17:44.0250 3392 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok

12:17:44.0265 3392 [ 22FD59C3B9C5356A9FC7FB2742016B4F ] C:\Program Files\AVAST Software\Avast\ashShell.dll

12:17:44.0265 3392 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok

12:17:44.0265 3392 [ 56392A10FB72F0856E02E989E4A9D405 ] C:\Program Files\AVAST Software\Avast\ashServ.dll

12:17:44.0265 3392 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok

12:17:44.0265 3392 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll

12:17:44.0265 3392 C:\WINDOWS\system32\msi.dll - ok

12:17:44.0281 3392 [ E293C073DFD8A224ED4C0EEECB282C42 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll

12:17:44.0281 3392 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok

12:17:44.0281 3392 [ 720A8712006CF6C37172BD57B26BA556 ] C:\Program Files\AVAST Software\Avast\aswIdle.dll

12:17:44.0281 3392 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok

12:17:44.0296 3392 [ 0F766485C7093831D9302BABD16A623B ] C:\Program Files\AVAST Software\Avast\aswDld.dll

12:17:44.0296 3392 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok

12:17:44.0296 3392 [ 265C2D93FCF0B5EF0B9461BBAEF11F6F ] C:\Program Files\AVAST Software\Avast\aswStrm.dll

12:17:44.0296 3392 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok

12:17:44.0296 3392 [ FE2F0988A3A418F6FCCD368B304CF27A ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswEngin.dll

12:17:44.0296 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswEngin.dll - ok

12:17:44.0312 3392 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll

12:17:44.0312 3392 C:\WINDOWS\system32\schedsvc.dll - ok

12:17:44.0312 3392 [ 098A5C78B4B15EFEB95579788B754281 ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswCmnOS.dll

12:17:44.0312 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswCmnOS.dll - ok

12:17:44.0312 3392 [ 6D74290856347CF8682277A54B433D4B ] C:\Documents and Settings\Asian Man Records\Application Data\Dropbox\bin\DropboxExt.14.dll

12:17:44.0312 3392 C:\Documents and Settings\Asian Man Records\Application Data\Dropbox\bin\DropboxExt.14.dll - ok

12:17:44.0328 3392 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Documents and Settings\Asian Man Records\Application Data\Dropbox\bin\msvcp71.dll

12:17:44.0328 3392 C:\Documents and Settings\Asian Man Records\Application Data\Dropbox\bin\msvcp71.dll - ok

12:17:44.0328 3392 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe

12:17:44.0328 3392 C:\WINDOWS\system32\spoolsv.exe - ok

12:17:44.0328 3392 [ 9080F70D8932828DCFE0551A50C30535 ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswCmnIS.dll

12:17:44.0328 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswCmnIS.dll - ok

12:17:44.0343 3392 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll

12:17:44.0343 3392 C:\WINDOWS\system32\msidle.dll - ok

12:17:44.0343 3392 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Documents and Settings\Asian Man Records\Application Data\Dropbox\bin\msvcr71.dll

12:17:44.0343 3392 C:\Documents and Settings\Asian Man Records\Application Data\Dropbox\bin\msvcr71.dll - ok

12:17:44.0359 3392 [ 8078882471D18F366C79E355F4914189 ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswCmnBS.dll

12:17:44.0359 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswCmnBS.dll - ok

12:17:44.0359 3392 [ A6B5A41C0ED007AB6C43CAD899E533D8 ] C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

12:17:44.0359 3392 C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll - ok

12:17:44.0359 3392 [ 8B5E54B7F809B2142936E3E7E8AD25F2 ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswScan.dll

12:17:44.0359 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswScan.dll - ok

12:17:44.0375 3392 [ E2D37F405E21BE2534FF4A84F5032ECA ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswRep.dll

12:17:44.0375 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswRep.dll - ok

12:17:44.0375 3392 [ DC76C57727C8F313C738ABC61A560021 ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswFiDb.dll

12:17:44.0375 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswFiDb.dll - ok

12:17:44.0375 3392 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll

12:17:44.0375 3392 C:\WINDOWS\system32\audiosrv.dll - ok

12:17:44.0390 3392 [ D2182A69EAEE77ECF9ACDBEA64E6CDE7 ] C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll

12:17:44.0390 3392 C:\Program Files\Microsoft Office\Office12\GrooveUtil.dll - ok

12:17:44.0390 3392 [ FECA97242B3B404D79DA2E607207D9FC ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll

12:17:44.0390 3392 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok

12:17:44.0406 3392 [ C9564CF4976E7E96B4052737AA2492B4 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll

12:17:44.0406 3392 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcr80.dll - ok

12:17:44.0406 3392 [ E4C4D1555B76F6F3DEB30AD45FB71337 ] C:\Program Files\Microsoft Office\Office12\GrooveNew.dll

12:17:44.0406 3392 C:\Program Files\Microsoft Office\Office12\GrooveNew.dll - ok

12:17:44.0406 3392 [ D5E459BED3DB9CF7FC6CC1455F177D2D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll

12:17:44.0406 3392 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_a4c618fa\ATL80.dll - ok

12:17:44.0421 3392 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl

12:17:44.0421 3392 C:\WINDOWS\system32\desk.cpl - ok

12:17:44.0421 3392 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll

12:17:44.0421 3392 C:\WINDOWS\system32\themeui.dll - ok

12:17:44.0421 3392 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll

12:17:44.0421 3392 C:\WINDOWS\system32\actxprxy.dll - ok

12:17:44.0437 3392 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll

12:17:44.0437 3392 C:\WINDOWS\system32\wkssvc.dll - ok

12:17:44.0437 3392 [ 68747446F9D982938DB6B110F2908271 ] C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

12:17:44.0437 3392 C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll - ok

12:17:44.0453 3392 [ 0AD792A78419867BF5D750853D80FA11 ] C:\WINDOWS\system32\msxml3.dll

12:17:44.0453 3392 C:\WINDOWS\system32\msxml3.dll - ok

12:17:44.0453 3392 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv

12:17:44.0453 3392 C:\WINDOWS\system32\wdmaud.drv - ok

12:17:44.0453 3392 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys

12:17:44.0453 3392 C:\WINDOWS\system32\drivers\wdmaud.sys - ok

12:17:44.0468 3392 [ CEBE7C43277E5CC8120A0E99C27CFEC6 ] C:\Program Files\AVAST Software\Avast\defs\12082000\fwAux.dll

12:17:44.0468 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\fwAux.dll - ok

12:17:44.0468 3392 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys

12:17:44.0468 3392 C:\WINDOWS\system32\drivers\sysaudio.sys - ok

12:17:44.0468 3392 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys

12:17:44.0468 3392 C:\WINDOWS\system32\drivers\splitter.sys - ok

12:17:44.0484 3392 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys

12:17:44.0484 3392 C:\WINDOWS\system32\drivers\aec.sys - ok

12:17:44.0484 3392 [ 8F0DE4FEF8201E306F9938B0905AC96A ] C:\Program Files\Google\Update\GoogleUpdate.exe

12:17:44.0484 3392 C:\Program Files\Google\Update\GoogleUpdate.exe - ok

12:17:44.0500 3392 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys

12:17:44.0500 3392 C:\WINDOWS\system32\drivers\swmidi.sys - ok

12:17:44.0500 3392 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys

12:17:44.0500 3392 C:\WINDOWS\system32\drivers\DMusic.sys - ok

12:17:44.0500 3392 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys

12:17:44.0500 3392 C:\WINDOWS\system32\drivers\kmixer.sys - ok

12:17:44.0515 3392 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys

12:17:44.0515 3392 C:\WINDOWS\system32\drivers\drmkaud.sys - ok

12:17:44.0515 3392 [ 39C5FCF8AA3B83D79A0E853ECB38BF25 ] C:\Program Files\Google\Update\1.3.21.115\goopdate.dll

12:17:44.0515 3392 C:\Program Files\Google\Update\1.3.21.115\goopdate.dll - ok

12:17:44.0515 3392 [ 93F29E6964BAEF31E53D203992B0AFD4 ] C:\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe

12:17:44.0515 3392 C:\Program Files\Google\Update\1.3.21.115\GoogleCrashHandler.exe - ok

12:17:44.0531 3392 [ 119224478F77BEBDC36368E346D39B0C ] C:\WINDOWS\system32\ieframe.dll

12:17:44.0531 3392 C:\WINDOWS\system32\ieframe.dll - ok

12:17:44.0531 3392 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv

12:17:44.0531 3392 C:\WINDOWS\system32\msacm32.drv - ok

12:17:44.0531 3392 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll

12:17:44.0531 3392 C:\WINDOWS\system32\mstask.dll - ok

12:17:44.0546 3392 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe

12:17:44.0546 3392 C:\WINDOWS\system32\rundll32.exe - ok

12:17:44.0546 3392 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll

12:17:44.0546 3392 C:\WINDOWS\system32\midimap.dll - ok

12:17:44.0546 3392 [ 8F233C5BC68E34D18D38257B283CE96C ] C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll

12:17:44.0546 3392 C:\Documents and Settings\All Users\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\cleanup.dll - ok

12:17:44.0562 3392 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe

12:17:44.0562 3392 C:\WINDOWS\system32\cmd.exe - ok

12:17:44.0562 3392 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys

12:17:44.0562 3392 C:\WINDOWS\system32\drivers\mrxdav.sys - ok

12:17:44.0578 3392 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll

12:17:44.0578 3392 C:\WINDOWS\system32\webclnt.dll - ok

12:17:44.0578 3392 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys

12:17:44.0578 3392 C:\WINDOWS\system32\drivers\parport.sys - ok

12:17:44.0578 3392 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys

12:17:44.0578 3392 C:\WINDOWS\system32\drivers\serial.sys - ok

12:17:44.0593 3392 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll

12:17:44.0593 3392 C:\WINDOWS\system32\rasmans.dll - ok

12:17:44.0593 3392 [ E57B778208C783D8DEBAB320C16A1B82 ] C:\WINDOWS\system32\drivers\StarOpen.sys

12:17:44.0593 3392 C:\WINDOWS\system32\drivers\StarOpen.sys - ok

12:17:44.0609 3392 [ 20F6F19FE9E753F2780DC2FA083AD597 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

12:17:44.0609 3392 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

12:17:44.0609 3392 [ 73685E15EF8B0BD9C30F1AF413F13D49 ] C:\WINDOWS\system32\drivers\adfs.sys

12:17:44.0609 3392 C:\WINDOWS\system32\drivers\adfs.sys - ok

12:17:44.0609 3392 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll

12:17:44.0609 3392 C:\WINDOWS\system32\sens.dll - ok

12:17:44.0625 3392 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll

12:17:44.0625 3392 C:\WINDOWS\system32\winipsec.dll - ok

12:17:44.0625 3392 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll

12:17:44.0625 3392 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\msvcp80.dll - ok

12:17:44.0625 3392 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll

12:17:44.0625 3392 C:\WINDOWS\system32\netcfgx.dll - ok

12:17:44.0640 3392 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll

12:17:44.0640 3392 C:\WINDOWS\system32\clusapi.dll - ok

12:17:44.0640 3392 [ DDDD1D04D5F4360371BC99C7C476F70D ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll

12:17:44.0640 3392 C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok

12:17:44.0656 3392 [ DC70310B3D079D667B67F0C7067209F3 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll

12:17:44.0656 3392 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok

12:17:44.0656 3392 [ DE4835A2DE88D3597FDC92B863333F05 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll

12:17:44.0656 3392 C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

12:17:44.0656 3392 [ 258D35F5F5F5F3F6045488ECDC14FAAB ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll

12:17:44.0656 3392 C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok

12:17:44.0671 3392 [ 15530639789C990827E594344EACC465 ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll

12:17:44.0671 3392 C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

12:17:44.0671 3392 [ 38711BB50D27B7145186F61CE31B3336 ] C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll

12:17:44.0671 3392 C:\Program Files\Common Files\Apple\Apple Application Support\icuin40.dll - ok

12:17:44.0671 3392 [ 7EF0C8A9A1A57756F4868E3693173C08 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll

12:17:44.0671 3392 C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

12:17:44.0687 3392 [ 9E515554A3EA7B70C975F61971C6977D ] C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll

12:17:44.0687 3392 C:\Program Files\Common Files\Apple\Apple Application Support\icuuc40.dll - ok

12:17:44.0687 3392 [ D30DD708F05FB85EF2C53727ED3573D2 ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll

12:17:44.0687 3392 C:\Program Files\Common Files\Apple\Apple Application Support\icudt40.dll - ok

12:17:44.0703 3392 [ C5A2155E27F1E00B629ECA9FED6AC841 ] C:\DOCUME~1\ASIANM~1\LOCALS~1\Temp\A22BF6F4-156B-4D64-98CC-0B7ACCBB0EAD.exe

12:17:44.0703 3392 C:\DOCUME~1\ASIANM~1\LOCALS~1\Temp\A22BF6F4-156B-4D64-98CC-0B7ACCBB0EAD.exe - ok

12:17:44.0703 3392 [ 1783DED72DB168BB2C67429B8E748E33 ] C:\WINDOWS\system32\nwiz.exe

12:17:44.0703 3392 C:\WINDOWS\system32\nwiz.exe - ok

12:17:44.0703 3392 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll

12:17:44.0703 3392 C:\WINDOWS\system32\linkinfo.dll - ok

12:17:44.0718 3392 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll

12:17:44.0718 3392 C:\WINDOWS\system32\ntshrui.dll - ok

12:17:44.0718 3392 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll

12:17:44.0718 3392 C:\WINDOWS\system32\spoolss.dll - ok

12:17:44.0718 3392 [ 7C67D754BA586F2FD34F7AF6D392C7BC ] C:\WINDOWS\RTHDCPL.exe

12:17:44.0718 3392 C:\WINDOWS\RTHDCPL.exe - ok

12:17:44.0734 3392 [ AA897735D5AB916297A6823A9B2D61B1 ] C:\WINDOWS\system32\localspl.dll

12:17:44.0734 3392 C:\WINDOWS\system32\localspl.dll - ok

12:17:44.0734 3392 [ C74B86642F131D76C0EDE673FDF137B2 ] C:\WINDOWS\SkyTel.exe

12:17:44.0734 3392 C:\WINDOWS\SkyTel.exe - ok

12:17:44.0750 3392 [ 644795F6985C740F5E36E9336B837D0B ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

12:17:44.0750 3392 C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe - ok

12:17:44.0750 3392 [ 8B4CBBA1EA526830C7F97E7822E2493A ] C:\WINDOWS\Alcmtr.exe

12:17:44.0750 3392 C:\WINDOWS\Alcmtr.exe - ok

12:17:44.0750 3392 [ A3A9E5888143F3DAB803B007393D791F ] C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe

12:17:44.0750 3392 C:\Program Files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe - ok

12:17:44.0765 3392 [ E2A4A92A3D594F9DE068C1BBEBD6D58D ] C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe

12:17:44.0765 3392 C:\Program Files\eFax Messenger 4.4\J2GDllCmd.exe - ok

12:17:44.0765 3392 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll

12:17:44.0765 3392 C:\WINDOWS\system32\cnbjmon.dll - ok

12:17:44.0765 3392 [ C5BE4D418A199E164BC295FCF7BBA6A1 ] C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe

12:17:44.0765 3392 C:\Program Files\Common Files\Intuit\Sync\IntuitSyncManager.exe - ok

12:17:44.0781 3392 [ 879D74337173A6D630D3D06184D354C1 ] C:\Program Files\iTunes\iTunesHelper.exe

12:17:44.0781 3392 C:\Program Files\iTunes\iTunesHelper.exe - ok

12:17:44.0781 3392 [ 6D3475E2784CFBDDF345DFE736A842DA ] C:\WINDOWS\system32\bzpdf.dll

12:17:44.0781 3392 C:\WINDOWS\system32\bzpdf.dll - ok

12:17:44.0796 3392 [ 98A078F838A70F84E1BD490D7C7675F4 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe

12:17:44.0796 3392 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok

12:17:44.0796 3392 [ 1315C5C5C54CE2AA37A155F97027DB59 ] C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe

12:17:44.0796 3392 C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe - ok

12:17:44.0796 3392 [ 8FE651ACBA3344E645CFEB6286FFF6B8 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe

12:17:44.0796 3392 C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe - ok

12:17:44.0812 3392 [ 20C4535969F2006F6082CDF146CD95C4 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe

12:17:44.0812 3392 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok

12:17:44.0812 3392 [ A81135541C9D4EBCE43EFA8AD31395B4 ] C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe

12:17:44.0812 3392 C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe - ok

12:17:44.0812 3392 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll

12:17:44.0812 3392 C:\WINDOWS\system32\pjlmon.dll - ok

12:17:44.0828 3392 [ 8A55C033F2D2C9318AA8F85F80117BA8 ] C:\WINDOWS\system32\msonpmon.dll

12:17:44.0828 3392 C:\WINDOWS\system32\msonpmon.dll - ok

12:17:44.0828 3392 [ 8E16BF5600797E678EA97051CF93E6BF ] C:\WINDOWS\system32\dumprep.exe

12:17:44.0828 3392 C:\WINDOWS\system32\dumprep.exe - ok

12:17:44.0828 3392 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll

12:17:44.0828 3392 C:\WINDOWS\system32\tcpmon.dll - ok

12:17:44.0843 3392 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll

12:17:44.0843 3392 C:\WINDOWS\system32\usbmon.dll - ok

12:17:44.0843 3392 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe

12:17:44.0843 3392 C:\WINDOWS\system32\ctfmon.exe - ok

12:17:44.0859 3392 [ 5CFD15A43D5E85131853B43945FA1787 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4wm.DLL

12:17:44.0859 3392 C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp4wm.DLL - ok

12:17:44.0859 3392 [ 3E930C641079443D4DE036167A69CAA2 ] C:\Program Files\Messenger\msmsgs.exe

12:17:44.0859 3392 C:\Program Files\Messenger\msmsgs.exe - ok

12:17:44.0859 3392 [ 0AD0E192051C0822449BB1AB4E5BAF0F ] C:\Documents and Settings\Asian Man Records\Application Data\Spotify\Data\SpotifyWebHelper.exe

12:17:44.0859 3392 C:\Documents and Settings\Asian Man Records\Application Data\Spotify\Data\SpotifyWebHelper.exe - ok

12:17:44.0875 3392 [ 872BF42CD340533AA1BFD362C05C9D93 ] C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll

12:17:44.0875 3392 C:\Program Files\Microsoft Office\Office12\GrooveMisc.dll - ok

12:17:44.0875 3392 [ 1C87705CCB2F60172B0FC86B5D82F00D ] C:\Program Files\Bonjour\mDNSResponder.exe

12:17:44.0875 3392 C:\Program Files\Bonjour\mDNSResponder.exe - ok

12:17:44.0875 3392 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll

12:17:44.0875 3392 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok

12:17:44.0890 3392 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll

12:17:44.0890 3392 C:\WINDOWS\system32\qmgr.dll - ok

12:17:44.0890 3392 [ F348280907B38FDBDB3CEF55D456E149 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll

12:17:44.0890 3392 C:\WINDOWS\system32\spool\prtprocs\w32x86\msonpppr.dll - ok

12:17:44.0906 3392 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll

12:17:44.0906 3392 C:\WINDOWS\system32\win32spl.dll - ok

12:17:44.0906 3392 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll

12:17:44.0906 3392 C:\WINDOWS\system32\es.dll - ok

12:17:44.0906 3392 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll

12:17:44.0906 3392 C:\WINDOWS\system32\netrap.dll - ok

12:17:44.0921 3392 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll

12:17:44.0921 3392 C:\WINDOWS\system32\inetpp.dll - ok

12:17:44.0921 3392 [ 08A73B0E7EE6E32983B5F9E540A8E380 ] C:\WINDOWS\system32\mscoree.dll

12:17:44.0921 3392 C:\WINDOWS\system32\mscoree.dll - ok

12:17:44.0921 3392 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll

12:17:44.0921 3392 C:\WINDOWS\system32\shfolder.dll - ok

12:17:44.0937 3392 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll

12:17:44.0937 3392 C:\WINDOWS\system32\winhttp.dll - ok

12:17:44.0937 3392 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll

12:17:44.0937 3392 C:\WINDOWS\system32\webcheck.dll - ok

12:17:44.0953 3392 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll

12:17:44.0953 3392 C:\WINDOWS\system32\mlang.dll - ok

12:17:44.0953 3392 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll

12:17:44.0953 3392 C:\WINDOWS\system32\netman.dll - ok

12:17:44.0953 3392 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll

12:17:44.0953 3392 C:\WINDOWS\system32\netshell.dll - ok

12:17:44.0968 3392 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll

12:17:44.0968 3392 C:\WINDOWS\system32\stobject.dll - ok

12:17:44.0968 3392 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll

12:17:44.0968 3392 C:\WINDOWS\system32\batmeter.dll - ok

12:17:44.0968 3392 [ 5E7D78E61129FF8B4E129C000B52F5FB ] C:\WINDOWS\system32\asfsipc.dll

12:17:44.0968 3392 C:\WINDOWS\system32\asfsipc.dll - ok

12:17:44.0984 3392 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll

12:17:44.0984 3392 C:\WINDOWS\system32\msisip.dll - ok

12:17:44.0984 3392 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll

12:17:44.0984 3392 C:\WINDOWS\system32\wshext.dll - ok

12:17:45.0000 3392 [ 89F7C30A91E5581BDF14C62AB46A2B2D ] C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

12:17:45.0000 3392 C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe - ok

12:17:45.0000 3392 [ F2867BEE7180CDC839F7636FDDC1AA74 ] C:\Program Files\ProxN45j\Proxomitron.exe

12:17:45.0000 3392 C:\Program Files\ProxN45j\Proxomitron.exe - ok

12:17:45.0000 3392 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll

12:17:45.0000 3392 C:\WINDOWS\system32\credui.dll - ok

12:17:45.0015 3392 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll

12:17:45.0015 3392 C:\WINDOWS\system32\dot3dlg.dll - ok

12:17:45.0015 3392 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll

12:17:45.0015 3392 C:\WINDOWS\system32\onex.dll - ok

12:17:45.0015 3392 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll

12:17:45.0015 3392 C:\WINDOWS\system32\eappcfg.dll - ok

12:17:45.0031 3392 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll

12:17:45.0031 3392 C:\WINDOWS\system32\eappprxy.dll - ok

12:17:45.0031 3392 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll

12:17:45.0031 3392 C:\WINDOWS\system32\wzcsapi.dll - ok

12:17:45.0031 3392 [ 7D2E30838E8DECAA5B588C53E9C75725 ] C:\WINDOWS\system32\nvmctray.dll

12:17:45.0031 3392 C:\WINDOWS\system32\nvmctray.dll - ok

12:17:45.0046 3392 [ F9BD443EED551788190D53B7B75AF53F ] C:\WINDOWS\system32\nvcpl.dll

12:17:45.0046 3392 C:\WINDOWS\system32\nvcpl.dll - ok

12:17:45.0046 3392 [ 56B0B5AEC6CB4A8A7B87432FCA0321FE ] C:\WINDOWS\system32\nvapi.dll

12:17:45.0046 3392 C:\WINDOWS\system32\nvapi.dll - ok

12:17:45.0062 3392 [ 96D7067FE8210A4D187990470E335DBA ] C:\Program Files\eFax Messenger 4.4\J2GSDK44.DLL

12:17:45.0062 3392 C:\Program Files\eFax Messenger 4.4\J2GSDK44.DLL - ok

12:17:45.0062 3392 [ AB1F7AA99AF6D95E78980CEABE443A46 ] C:\WINDOWS\system32\nvdisps.dll

12:17:45.0062 3392 C:\WINDOWS\system32\nvdisps.dll - ok

12:17:45.0062 3392 [ 26061963183F446F044DD3FEF90F7C7D ] C:\Program Files\eFax Messenger 4.4\J2GRes_Enu.dll

12:17:45.0062 3392 C:\Program Files\eFax Messenger 4.4\J2GRes_Enu.dll - ok

12:17:45.0078 3392 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll

12:17:45.0078 3392 C:\WINDOWS\system32\MSCTF.dll - ok

12:17:45.0078 3392 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll

12:17:45.0078 3392 C:\WINDOWS\system32\msutb.dll - ok

12:17:45.0078 3392 [ F6F2BFC17069EB335ACCEEF7595F9302 ] C:\WINDOWS\system32\mfc42u.dll

12:17:45.0078 3392 C:\WINDOWS\system32\mfc42u.dll - ok

12:17:45.0093 3392 [ 28E494B3876CB33097C10EF1DB54FB08 ] C:\Program Files\iTunes\iTunesHelper.dll

12:17:45.0093 3392 C:\Program Files\iTunes\iTunesHelper.dll - ok

12:17:45.0093 3392 [ 732D9D6B3D8A2F95F80644FF3630CDD9 ] C:\WINDOWS\system32\nview.dll

12:17:45.0093 3392 C:\WINDOWS\system32\nview.dll - ok

12:17:45.0109 3392 [ 848BC9A0BB2361E549FD4C22D7548FB8 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll

12:17:45.0109 3392 C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

12:17:45.0109 3392 [ 2635B1A6B11105AACE0440CEC6830189 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll

12:17:45.0109 3392 C:\Program Files\Common Files\Adobe\CS6ServiceManager\VulcanControl.dll - ok

12:17:45.0109 3392 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\SPTIP.dll

12:17:45.0109 3392 C:\WINDOWS\ime\SPTIP.dll - ok

12:17:45.0125 3392 [ 0DF77D9E2D601CAD9A53C1C5E230E5C2 ] C:\WINDOWS\system32\nvwddi.dll

12:17:45.0125 3392 C:\WINDOWS\system32\nvwddi.dll - ok

12:17:45.0125 3392 [ 8D2981596016DF4DE87D0DBAD0204CCB ] C:\Program Files\AVAST Software\Avast\aswUtil.dll

12:17:45.0125 3392 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok

12:17:45.0125 3392 [ 22D71D1DB6FC789A1CE8AC6963580259 ] C:\WINDOWS\system32\hhctrl.ocx

12:17:45.0125 3392 C:\WINDOWS\system32\hhctrl.ocx - ok

12:17:45.0140 3392 [ 33D9B7BB7BA323BAFE489DF033DAC824 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll

12:17:45.0140 3392 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22509_x-ww_c7dad023\GdiPlus.dll - ok

12:17:45.0140 3392 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\WINDOWS\system32\msvcp100.dll

12:17:45.0140 3392 C:\WINDOWS\system32\msvcp100.dll - ok

12:17:45.0156 3392 [ 423069307FB726E51E2A66F1C3F738FE ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll

12:17:45.0156 3392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - ok

12:17:45.0156 3392 [ BF88FEADC7786EA328BDCC5CB116DE89 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll

12:17:45.0156 3392 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok

12:17:45.0156 3392 [ 0099D24356585743B0B35C222092FD8F ] C:\WINDOWS\system32\faultrep.dll

12:17:45.0156 3392 C:\WINDOWS\system32\faultrep.dll - ok

12:17:45.0171 3392 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll

12:17:45.0171 3392 C:\WINDOWS\system32\cryptsvc.dll - ok

12:17:45.0171 3392 [ C3C3C665D4CB8460F45C92C87FF5AD63 ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll

12:17:45.0171 3392 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok

12:17:45.0171 3392 [ BED23C787DF1F672959BF29F6AEBE68A ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll

12:17:45.0171 3392 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok

12:17:45.0187 3392 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll

12:17:45.0187 3392 C:\WINDOWS\system32\certcli.dll - ok

12:17:45.0187 3392 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\WINDOWS\system32\msvcr100.dll

12:17:45.0187 3392 C:\WINDOWS\system32\msvcr100.dll - ok

12:17:45.0203 3392 [ 0A5709543986843D37A92290B7838340 ] C:\Program Files\Java\jre6\bin\jqs.exe

12:17:45.0203 3392 C:\Program Files\Java\jre6\bin\jqs.exe - ok

12:17:45.0203 3392 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll

12:17:45.0203 3392 C:\WINDOWS\system32\ersvc.dll - ok

12:17:45.0203 3392 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll

12:17:45.0203 3392 C:\WINDOWS\system32\dmserver.dll - ok

12:17:45.0218 3392 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll

12:17:45.0218 3392 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok

12:17:45.0218 3392 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll

12:17:45.0218 3392 C:\WINDOWS\system32\riched32.dll - ok

12:17:45.0218 3392 [ 9D143DE584AF0B120766B74AA41D1F28 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\libcurl.dll

12:17:45.0218 3392 C:\Program Files\Common Files\Adobe\CS6ServiceManager\libcurl.dll - ok

12:17:45.0234 3392 [ 3E0AB1C6506F149CC5ABA66433D35E62 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\libeay32.dll

12:17:45.0234 3392 C:\Program Files\Common Files\Adobe\CS6ServiceManager\libeay32.dll - ok

12:17:45.0234 3392 [ 83502D796852329CDFC906FEE2B5EDE4 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\ssleay32.dll

12:17:45.0234 3392 C:\Program Files\Common Files\Adobe\CS6ServiceManager\ssleay32.dll - ok

12:17:45.0234 3392 [ D90DAD5EEA33A178BAC56FFF2847D4C2 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\zlib1.dll

12:17:45.0234 3392 C:\Program Files\Common Files\Adobe\CS6ServiceManager\zlib1.dll - ok

12:17:45.0250 3392 [ 4823DFE702BAE876CB31F58573D7EB55 ] C:\Program Files\Common Files\Adobe\CS6ServiceManager\IMSLib.dll

12:17:45.0250 3392 C:\Program Files\Common Files\Adobe\CS6ServiceManager\IMSLib.dll - ok

12:17:45.0250 3392 [ 521E6A5E7BFBD595CBBA5DEA84A83A43 ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts

12:17:45.0250 3392 C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok

12:17:45.0265 3392 [ D9C739B0F48F465CDBBD0668BE98ED53 ] C:\Program Files\AVAST Software\Avast\defs\12082000\algo.dll

12:17:45.0265 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\algo.dll - ok

12:17:45.0265 3392 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll

12:17:45.0265 3392 C:\Program Files\Java\jre6\bin\msvcr71.dll - ok

12:17:45.0265 3392 [ 516FD7927172BBBE2D335EA94D816B9E ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll

12:17:45.0265 3392 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll - ok

12:17:45.0281 3392 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll

12:17:45.0281 3392 C:\WINDOWS\system32\pdh.dll - ok

12:17:45.0281 3392 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll

12:17:45.0281 3392 C:\WINDOWS\system32\odbcbcp.dll - ok

12:17:45.0281 3392 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll

12:17:45.0281 3392 C:\WINDOWS\system32\fltlib.dll - ok

12:17:45.0296 3392 [ 3B4B75EE7DB46F7D4E904829B8E14C52 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll

12:17:45.0296 3392 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok

12:17:45.0296 3392 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\93402860.sys

12:17:45.0296 3392 C:\WINDOWS\system32\drivers\93402860.sys - ok

12:17:45.0296 3392 [ EC1FCC102C9CB0032D66ABA79CD3995E ] C:\Program Files\AVAST Software\Avast\AhResJs.dll

12:17:45.0296 3392 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok

12:17:45.0312 3392 [ 7BBAE90115326F8727E36C2F541E1DFD ] C:\Program Files\AVAST Software\Avast\AhResMai.dll

12:17:45.0312 3392 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok

12:17:45.0312 3392 [ 7FACB452456EF5C053AF3EE4B228FE0D ] C:\WINDOWS\system32\xpob2res.dll

12:17:45.0312 3392 C:\WINDOWS\system32\xpob2res.dll - ok

12:17:45.0328 3392 [ 2A632A95433E9719F37AE06BA00543AC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll

12:17:45.0328 3392 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - ok

12:17:45.0328 3392 [ 70982F1D8399093970A2B7A89CAA940C ] C:\Program Files\AVAST Software\Avast\AhResMes.dll

12:17:45.0328 3392 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok

12:17:45.0328 3392 [ 037567DF8E84474C797BAFD4F764C409 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll

12:17:45.0328 3392 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok

12:17:45.0343 3392 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll

12:17:45.0343 3392 C:\WINDOWS\system32\icmp.dll - ok

12:17:45.0343 3392 [ 7F90431C12B5EDB881DBB1E081506694 ] C:\Program Files\AVAST Software\Avast\aswAra.dll

12:17:45.0343 3392 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok

12:17:45.0343 3392 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll

12:17:45.0343 3392 C:\WINDOWS\system32\srvsvc.dll - ok

12:17:45.0359 3392 [ 6E6AA4B25A349C3F6E049A78741AD616 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll

12:17:45.0359 3392 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok

12:17:45.0359 3392 [ 1EAEAECB88831B75AB2687A2CBEEDDAB ] C:\Program Files\AVAST Software\Avast\AhResSPM.dll

12:17:45.0359 3392 C:\Program Files\AVAST Software\Avast\AhResSPM.dll - ok

12:17:45.0359 3392 [ C5670008D13FAACFD944BD59B9FE890B ] C:\Program Files\AVAST Software\Avast\AhResStd.dll

12:17:45.0359 3392 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok

12:17:45.0375 3392 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll

12:17:45.0375 3392 C:\WINDOWS\system32\netmsg.dll - ok

12:17:45.0375 3392 [ 7AEA4DF1CA68FD45DD4BBE1F0243CE7F ] C:\Program Files\CDBurnerXP\NMSAccessU.exe

12:17:45.0375 3392 C:\Program Files\CDBurnerXP\NMSAccessU.exe - ok

12:17:45.0390 3392 [ E12C21591485C190C2265703F827B885 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll

12:17:45.0390 3392 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok

12:17:45.0390 3392 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys

12:17:45.0390 3392 C:\WINDOWS\system32\drivers\srv.sys - ok

12:17:45.0390 3392 [ 9132794C7D729764081476176A4015D0 ] C:\Program Files\QuickTime\QTSystem\QTCF.dll

12:17:45.0390 3392 C:\Program Files\QuickTime\QTSystem\QTCF.dll - ok

12:17:45.0406 3392 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll

12:17:45.0406 3392 C:\WINDOWS\system32\comsvcs.dll - ok

12:17:45.0406 3392 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12082000\ArPot.dll

12:17:45.0406 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\ArPot.dll - ok

12:17:45.0406 3392 [ 332B86EC298458A39EDF9D74AA65CB84 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll

12:17:45.0406 3392 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok

12:17:45.0421 3392 [ 1EDD423E34C5FF8F1C9C94A1AFC12D03 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll

12:17:45.0421 3392 C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok

12:17:45.0421 3392 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll

12:17:45.0421 3392 C:\WINDOWS\system32\colbact.dll - ok

12:17:45.0437 3392 [ ED5A7805411E8598805DE5A064E17603 ] C:\Program Files\AVAST Software\Avast\aswData.dll

12:17:45.0437 3392 C:\Program Files\AVAST Software\Avast\aswData.dll - ok

12:17:45.0437 3392 [ 2BAC92E8AC5E16ED60062E9141B8D5F6 ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll

12:17:45.0437 3392 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok

12:17:45.0437 3392 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll

12:17:45.0437 3392 C:\WINDOWS\system32\mtxclu.dll - ok

12:17:45.0453 3392 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll

12:17:45.0453 3392 C:\WINDOWS\system32\resutils.dll - ok

12:17:45.0453 3392 [ 3943907A519731F925511E75DB92E6F4 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll

12:17:45.0453 3392 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\9e3803cd2a11f056291862e306a8e2b2\System.ni.dll - ok

12:17:45.0453 3392 [ 18628BB3EEA95E17EDB4C79193FD9189 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll

12:17:45.0453 3392 C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok

12:17:45.0468 3392 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12082000\exts.dll

12:17:45.0468 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\exts.dll - ok

12:17:45.0468 3392 [ 4A290F88C42DD1037A46CD1867308D82 ] C:\WINDOWS\system32\nvsvc32.exe

12:17:45.0468 3392 C:\WINDOWS\system32\nvsvc32.exe - ok

12:17:45.0484 3392 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll

12:17:45.0484 3392 C:\WINDOWS\system32\ksuser.dll - ok

12:17:45.0484 3392 [ ECE25E37234E862F4B0267CBC08F4132 ] C:\Program Files\AVAST Software\Avast\aswSpam.dll

12:17:45.0484 3392 C:\Program Files\AVAST Software\Avast\aswSpam.dll - ok

12:17:45.0484 3392 [ 2C58EB7106AB5316127CAAC366B5EC29 ] C:\Program Files\AVAST Software\Avast\winspamcatcher.dll

12:17:45.0484 3392 C:\Program Files\AVAST Software\Avast\winspamcatcher.dll - ok

12:17:45.0500 3392 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll

12:17:45.0500 3392 C:\WINDOWS\system32\perfos.dll - ok

12:17:45.0500 3392 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll

12:17:45.0500 3392 C:\WINDOWS\system32\perfdisk.dll - ok

12:17:45.0500 3392 [ C9F43235625C43C35BF560C5E671544D ] C:\Program Files\AVAST Software\Avast\snxhk.dll

12:17:45.0500 3392 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok

12:17:45.0515 3392 [ EB032CF179411874F99127B4F8737150 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

12:17:45.0515 3392 C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok

12:17:45.0515 3392 [ 728B41052D89D9C029167C5367CBF692 ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll

12:17:45.0515 3392 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok

12:17:45.0515 3392 [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINDOWS\system32\ddraw.dll

12:17:45.0515 3392 C:\WINDOWS\system32\ddraw.dll - ok

12:17:45.0531 3392 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll

12:17:45.0531 3392 C:\WINDOWS\system32\wbem\wbemprox.dll - ok

12:17:45.0531 3392 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll

12:17:45.0531 3392 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok

12:17:45.0531 3392 [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll

12:17:45.0531 3392 C:\WINDOWS\system32\dciman32.dll - ok

12:17:45.0546 3392 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll

12:17:45.0546 3392 C:\WINDOWS\system32\security.dll - ok

12:17:45.0546 3392 [ 48C63DE81747BD7758DF1AF04E98DE8F ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll

12:17:45.0546 3392 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok

12:17:45.0562 3392 [ CD57F3CE481BD93FC47A30DA3DAC5837 ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll

12:17:45.0562 3392 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok

12:17:45.0562 3392 [ E6748A0ADC22F0595E31448CAC746D3F ] C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll

12:17:45.0562 3392 C:\Program Files\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok

12:17:45.0562 3392 [ 29896000CFA457ED8FA1E37238AFFB2C ] C:\Program Files\AVAST Software\Avast\CommonRes.dll

12:17:45.0562 3392 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok

12:17:45.0578 3392 [ 9EEFE69139FDBB4A3C327630F8EB993A ] C:\WINDOWS\system32\wlanapi.dll

12:17:45.0578 3392 C:\WINDOWS\system32\wlanapi.dll - ok

12:17:45.0578 3392 [ 9D5B78D279B44A2299398DE3E4467377 ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswAR.dll

12:17:45.0578 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswAR.dll - ok

12:17:45.0578 3392 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll

12:17:45.0578 3392 C:\WINDOWS\system32\rasdlg.dll - ok

12:17:45.0593 3392 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12082000\aswRawFS.dll

12:17:45.0593 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\aswRawFS.dll - ok

12:17:45.0593 3392 [ FE8797F9DC9A6BBF18D6DB12142ED7E2 ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_2_202_235.ocx

12:17:45.0593 3392 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_2_202_235.ocx - ok

12:17:45.0609 3392 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll

12:17:45.0609 3392 C:\WINDOWS\system32\drprov.dll - ok

12:17:45.0609 3392 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll

12:17:45.0609 3392 C:\WINDOWS\system32\ntlanman.dll - ok

12:17:45.0609 3392 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll

12:17:45.0609 3392 C:\WINDOWS\system32\netui0.dll - ok

12:17:45.0625 3392 [ 8FC17E5976B61B9D242CBEEA53C11874 ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll

12:17:45.0625 3392 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\9351cf29bb1ba951e45a9b3b0edab937\System.Drawing.ni.dll - ok

12:17:45.0625 3392 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll

12:17:45.0625 3392 C:\WINDOWS\system32\netui1.dll - ok

12:17:45.0640 3392 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll

12:17:45.0640 3392 C:\WINDOWS\system32\ipsecsvc.dll - ok

12:17:45.0640 3392 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] C:\WINDOWS\system32\hpzipm12.dll

12:17:45.0640 3392 C:\WINDOWS\system32\hpzipm12.dll - ok

12:17:45.0640 3392 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll

12:17:45.0640 3392 C:\WINDOWS\system32\davclnt.dll - ok

12:17:45.0656 3392 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\system32\drivers\secdrv.sys

12:17:45.0656 3392 C:\WINDOWS\system32\drivers\secdrv.sys - ok

12:17:45.0656 3392 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll

12:17:45.0656 3392 C:\WINDOWS\system32\regsvc.dll - ok

12:17:45.0656 3392 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll

12:17:45.0656 3392 C:\WINDOWS\system32\seclogon.dll - ok

12:17:45.0671 3392 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll

12:17:45.0671 3392 C:\WINDOWS\system32\srsvc.dll - ok

12:17:45.0671 3392 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll

12:17:45.0671 3392 C:\WINDOWS\system32\oakley.dll - ok

12:17:45.0687 3392 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll

12:17:45.0687 3392 C:\WINDOWS\system32\pstorsvc.dll - ok

12:17:45.0687 3392 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll

12:17:45.0687 3392 C:\WINDOWS\system32\psbase.dll - ok

12:17:45.0687 3392 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll

12:17:45.0687 3392 C:\WINDOWS\system32\dssenh.dll - ok

12:17:45.0703 3392 [ 3ACCA88C9E2807F5098BD21D17E2099D ] C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll

12:17:45.0703 3392 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ad99ac6b5666edb8ee742dd64f9578af\System.Windows.Forms.ni.dll - ok

12:17:45.0703 3392 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll

12:17:45.0703 3392 C:\WINDOWS\system32\mscms.dll - ok

12:17:45.0703 3392 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll

12:17:45.0703 3392 C:\WINDOWS\system32\wiaservc.dll - ok

12:17:45.0718 3392 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll

12:17:45.0718 3392 C:\WINDOWS\system32\cfgmgr32.dll - ok

12:17:45.0718 3392 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll

12:17:45.0718 3392 C:\WINDOWS\system32\trkwks.dll - ok

12:17:45.0718 3392 [ A06CE3399D16DB864F55FAEB1F1927A9 ] C:\WINDOWS\system32\browser.dll

12:17:45.0718 3392 C:\WINDOWS\system32\browser.dll - ok

12:17:45.0734 3392 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll

12:17:45.0734 3392 C:\WINDOWS\system32\wbem\wmisvc.dll - ok

12:17:45.0734 3392 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll

12:17:45.0734 3392 C:\WINDOWS\system32\wuauserv.dll - ok

12:17:45.0750 3392 [ D5ADA72C30295A6655793324212278CB ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup

12:17:45.0750 3392 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok

12:17:45.0750 3392 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll

12:17:45.0750 3392 C:\WINDOWS\system32\vssapi.dll - ok

12:17:45.0750 3392 [ DEAAE2AF80DE7ACF43900C4A407A4AB4 ] C:\Program Files\AVAST Software\Avast\defs\12082000\uiext.dll

12:17:45.0750 3392 C:\Program Files\AVAST Software\Avast\defs\12082000\uiext.dll - ok

12:17:45.0765 3392 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll

12:17:45.0765 3392 C:\WINDOWS\system32\wuaueng.dll - ok

12:17:45.0765 3392 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll

12:17:45.0765 3392 C:\WINDOWS\system32\cabinet.dll - ok

12:17:45.0765 3392 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll

12:17:45.0765 3392 C:\WINDOWS\system32\mspatcha.dll - ok

12:17:45.0781 3392 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll

12:17:45.0781 3392 C:\WINDOWS\system32\oledlg.dll - ok

12:17:45.0781 3392 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll

12:17:45.0781 3392 C:\WINDOWS\system32\ipnathlp.dll - ok

12:17:45.0781 3392 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll

12:17:45.0781 3392 C:\WINDOWS\system32\wscsvc.dll - ok

12:17:45.0796 3392 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll

12:17:45.0796 3392 C:\WINDOWS\system32\wups.dll - ok

12:17:45.0796 3392 ============================================================

12:17:45.0796 3392 Scan finished

12:17:45.0796 3392 ============================================================

12:17:45.0921 3384 Detected object count: 8

12:17:45.0921 3384 Actual detected object count: 8

12:19:57.0343 3384 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user

12:19:57.0343 3384 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:19:57.0343 3384 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - skipped by user

12:19:57.0343 3384 QBCFMonitorService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:19:57.0343 3384 QBFCService ( UnsignedFile.Multi.Generic ) - skipped by user

12:19:57.0343 3384 QBFCService ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:19:57.0343 3384 sptd ( LockedFile.Multi.Generic ) - skipped by user

12:19:57.0343 3384 sptd ( LockedFile.Multi.Generic ) - User select action: Skip

12:19:57.0343 3384 StarOpen ( UnsignedFile.Multi.Generic ) - skipped by user

12:19:57.0343 3384 StarOpen ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:19:57.0359 3384 TrueSight ( UnsignedFile.Multi.Generic ) - skipped by user

12:19:57.0359 3384 TrueSight ( UnsignedFile.Multi.Generic ) - User select action: Skip

12:19:57.0906 3384 \Device\Harddisk0\DR0\# - copied to quarantine

12:19:57.0906 3384 \Device\Harddisk0\DR0 - copied to quarantine

12:19:57.0921 3384 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine

12:19:57.0937 3384 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine

12:19:57.0968 3384 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine

12:19:57.0968 3384 \Device\Harddisk0\DR0\TDLFS\sub.dll - copied to quarantine

12:20:01.0546 3384 \Device\Harddisk0\DR0\TDLFS\subx.dll - copied to quarantine

12:20:01.0578 3384 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine

12:20:01.0671 3384 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine

12:20:01.0703 3384 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine

12:20:01.0703 3384 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine

12:20:01.0703 3384 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine

12:20:01.0703 3384 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine

12:20:01.0734 3384 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine

12:20:01.0781 3384 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine

12:20:01.0781 3384 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine

12:20:01.0890 3384 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot

12:20:01.0890 3384 \Device\Harddisk0\DR0 - ok

12:20:02.0000 3384 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure

12:20:02.0000 3384 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

12:20:02.0000 3384 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

12:20:34.0390 1804 Deinitialize success

[boboso]

From what I can tell, after rebooting the system, Avast is no longer flagging any malicious URL's trying to be opened like it was before. Are there any further steps that can be taken to review my system and double check that it has indeed been cleaned up?

[MrCharlie]

We're not done yet!!

Run TDSSKiller again and choose Delete for this one only: (no need to post the log)

12:20:02.0000 3384 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user

12:20:02.0000 3384 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

-------------------------------------

Please download and run ComboFix.

The most important things to remember when running it is to disable all your malware programs and run Combofix from your desktop.

Please visit this webpage for download links, and instructions for running ComboFix

http://www.bleepingc...to-use-combofix

Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Information on disabling your malware programs can be found Here.

Make sure you run ComboFix from your desktop.

Give it at least 30-45 minutes to finish if needed.

Please include the C:\ComboFix.txt in your next reply for further review.

---------->NOTE<----------

If you get the message Illegal operation attempted on registry key that has been marked for deletion after you run ComboFix....please reboot the computer, this should resolve the problem. You may have to do this several times if needed.

MrC

[boboso]

ComboFix 12-08-20.02 - Asian Man Records 08/20/2012 12:52:22.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2942.2439 [GMT -7:00]

Running from: c:\documents and settings\Asian Man Records\Desktop\ComboFix.exe

AV: avast! Internet Security *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}

FW: avast! Internet Security *Disabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}

* Created a new restore point

.

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

.

.

((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 )))))))))))))))))))))))))))))))

.

.

2012-08-20 19:20 . 2012-08-20 19:20 177496 ----a-w- c:\windows\system32\drivers\81379545.sys

2012-08-20 19:19 . 2012-08-20 19:39 -------- d-----w- C:\TDSSKiller_Quarantine

2012-08-20 19:13 . 2012-08-20 19:13 177496 ----a-w- c:\windows\system32\drivers\02857685.sys

2012-08-20 17:05 . 2012-08-20 17:08 14080 ----a-w- c:\windows\system32\drivers\TrueSight.sys

2012-08-20 16:41 . 2012-08-20 16:41 -------- d-----w- c:\documents and settings\Asian Man Records\Application Data\Malwarebytes

2012-08-20 16:41 . 2012-08-20 16:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2012-08-20 16:41 . 2012-08-20 16:41 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-08-20 16:41 . 2012-07-03 20:46 22344 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-08-16 22:42 . 2012-07-03 16:21 353688 ----a-w- c:\windows\system32\drivers\aswSP.sys

2012-08-16 22:42 . 2012-07-03 16:21 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys

2012-08-16 22:42 . 2012-07-03 16:21 113776 ----a-w- c:\windows\system32\drivers\aswFW.sys

2012-08-16 22:42 . 2012-07-03 16:21 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys

2012-08-16 22:42 . 2012-07-03 16:21 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys

2012-08-16 22:42 . 2012-07-03 16:21 202928 ----a-w- c:\windows\system32\drivers\aswNdis2.sys

2012-08-16 22:42 . 2012-07-03 16:21 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys

2012-08-16 22:42 . 2012-07-03 16:21 89624 ----a-w- c:\windows\system32\drivers\aswmon.sys

2012-08-16 22:42 . 2012-07-03 16:21 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys

2012-08-16 22:42 . 2012-07-03 16:21 18544 ----a-w- c:\windows\system32\drivers\aswKbd.sys

2012-08-16 22:42 . 2012-07-03 16:21 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys

2012-08-16 22:41 . 2012-06-27 20:33 12112 ----a-w- c:\windows\system32\drivers\aswNdis.sys

2012-08-16 22:41 . 2012-07-03 16:21 41224 ----a-w- c:\windows\avastSS.scr

2012-08-16 22:41 . 2012-07-03 16:21 227648 ----a-w- c:\windows\system32\aswBoot.exe

2012-08-16 22:22 . 2012-08-16 22:22 -------- d-----w- c:\windows\system32\wbem\Repository

2012-08-16 22:15 . 2012-08-16 22:21 -------- d-s---w- c:\documents and settings\Administrator

2012-08-16 18:52 . 2012-08-16 22:58 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software

2012-08-16 18:52 . 2012-08-16 22:41 -------- d-----w- c:\program files\AVAST Software

2012-07-30 18:07 . 2012-07-30 18:07 -------- d-----w- c:\documents and settings\Asian Man Records\Application Data\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2012-07-30 18:07 . 2012-07-30 18:07 -------- d-----w- c:\documents and settings\All Users\Adobe

2012-07-30 18:02 . 2012-07-30 18:02 -------- d-----w- c:\documents and settings\All Users\Application Data\regid.1986-12.com.adobe

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-08-01 17:15 . 2012-05-04 17:02 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-08-01 17:15 . 2011-08-05 18:43 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-06-03 17:44 . 2012-07-18 18:18 5504 ----a-w- c:\windows\system32\drivers\StarOpen.sys

2012-06-02 22:19 . 2008-10-16 21:09 22040 ----a-w- c:\windows\system32\wucltui.dll.mui

2012-06-02 22:19 . 2009-05-29 21:02 329240 ----a-w- c:\windows\system32\wucltui.dll

2012-06-02 22:19 . 2009-05-29 21:02 219160 ----a-w- c:\windows\system32\wuaucpl.cpl

2012-06-02 22:19 . 2009-05-29 21:02 210968 ----a-w- c:\windows\system32\wuweb.dll

2012-06-02 22:19 . 2008-10-16 21:07 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2012-06-02 22:19 . 2009-05-29 21:02 53784 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-02 22:19 . 2009-05-29 21:02 35864 ----a-w- c:\windows\system32\wups.dll

2012-06-02 22:19 . 2008-10-16 21:09 45080 ----a-w- c:\windows\system32\wups2.dll

2012-06-02 22:19 . 2008-10-16 21:07 15384 ----a-w- c:\windows\system32\wuapi.dll.mui

2012-06-02 22:19 . 2008-04-14 04:41 97304 ----a-w- c:\windows\system32\cdm.dll

2012-06-02 22:19 . 2008-10-16 21:07 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui

2012-06-02 22:19 . 2009-05-29 21:02 577048 ----a-w- c:\windows\system32\wuapi.dll

2012-06-02 22:19 . 2009-05-29 21:02 1933848 ----a-w- c:\windows\system32\wuaueng.dll

2012-08-10 22:34 . 2012-08-10 22:34 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2012-07-03 16:21 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Asian Man Records\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Asian Man Records\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Asian Man Records\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2012-02-14 22:58 94208 ----a-w- c:\documents and settings\Asian Man Records\Application Data\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Spotify Web Helper"="c:\documents and settings\Asian Man Records\Application Data\Spotify\Data\SpotifyWebHelper.exe" [2012-07-30 1193176]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-08-01 13529088]

"nwiz"="nwiz.exe" [2008-08-01 1630208]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-08-01 86016]

"RTHDCPL"="RTHDCPL.EXE" [2007-02-26 16125440]

"SkyTel"="SkyTel.EXE" [2006-05-17 2879488]

"GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072]

"AdobeCS4ServiceManager"="c:\program files\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" [2012-01-27 611712]

"eFax 4.4"="c:\program files\eFax Messenger 4.4\J2GDllCmd.exe" [2008-10-07 95744]

"Intuit SyncManager"="c:\program files\Common Files\Intuit\Sync\IntuitSyncManager.exe" [2011-02-22 1497352]

"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2011-08-19 421736]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"AdobeAAMUpdater-1.0"="c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]

"AdobeCS6ServiceManager"="c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]

"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-07-03 4273976]

.

c:\documents and settings\Asian Man Records\Start Menu\Programs\Startup\

Proxomitron.lnk - c:\program files\ProxN45j\Proxomitron.exe [2009-6-26 295424]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\2.0.181\SSScheduler.exe [2010-1-15 255536]

.

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^QuickBooks Update Agent.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk

backup=c:\windows\pss\QuickBooks Update Agent.lnkCommon Startup

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

2001-07-09 17:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]

2011-07-06 01:36 421888 ----a-w- c:\program files\QuickTime\QTTask.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]

"QBCFMonitorService"=2 (0x2)

"QBFCService"=3 (0x3)

"gupdatem"=3 (0x3)

"gupdate"=2 (0x2)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=

"c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=

"c:\\Program Files\\Common Files\\Adobe\\CS4ServiceManager\\CS4ServiceManager.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Intuit\\QuickBooks 2010\\QBDBMgrN.exe"=

"c:\\Program Files\\Spotify\\spotify.exe"=

"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=

"c:\\Program Files\\iTunes\\iTunes.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

"c:\\Documents and Settings\\Asian Man Records\\Application Data\\Spotify\\spotify.exe"=

"c:\\Documents and Settings\\Asian Man Records\\Application Data\\Dropbox\\bin\\Dropbox.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"5353:TCP"= 5353:TCP:Adobe CSI CS4

.

R0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\drivers\aswNdis.sys [8/16/2012 3:41 PM 12112]

R0 aswNdis2;avast! Firewall Core Firewall Service;c:\windows\system32\drivers\aswNdis2.sys [8/16/2012 3:42 PM 202928]

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [5/29/2009 5:12 PM 721904]

R1 aswFW;avast! TDI Firewall driver;c:\windows\system32\drivers\aswFW.sys [8/16/2012 3:42 PM 113776]

R1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys [8/16/2012 3:42 PM 18544]

R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [8/16/2012 3:42 PM 721000]

R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [8/16/2012 3:42 PM 353688]

R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [8/16/2012 3:42 PM 21256]

R2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe [8/16/2012 3:41 PM 133912]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\2.0.181\McCHSvc.exe [1/15/2010 5:49 AM 227232]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [3/21/2012 4:06 PM 114144]

S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [3/4/2010 3:45 PM 135664]

S4 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [3/4/2010 3:45 PM 135664]

.

--- Other Services/Drivers In Memory ---

.

*NewlyCreated* - 13119637

*NewlyCreated* - 38847299

*NewlyCreated* - 98832915

*Deregistered* - 13119637

*Deregistered* - 38847299

*Deregistered* - 98832915

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

hpdevmgmt REG_MULTI_SZ hpqcxs08

.

Contents of the 'Scheduled Tasks' folder

.

2012-08-13 c:\windows\Tasks\AppleSoftwareUpdate.job

- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 00:57]

.

2012-08-20 c:\windows\Tasks\avast! Emergency Update.job

- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-08-16 16:21]

.

2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-04 22:45]

.

2012-08-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files\Google\Update\GoogleUpdate.exe [2010-03-04 22:45]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.asianmanrecords.com/

uInternet Settings,ProxyOverride = *.local

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000

TCP: DhcpNameServer = 75.75.75.75 75.75.76.76

FF - ProfilePath - c:\documents and settings\Asian Man Records\Application Data\Mozilla\Firefox\Profiles\g94veqhx.default\

FF - prefs.js: network.proxy.http - localhost

FF - prefs.js: network.proxy.http_port - 8080

FF - prefs.js: network.proxy.ssl - localhost

FF - prefs.js: network.proxy.ssl_port - 8080

FF - prefs.js: network.proxy.type - 1

.

- - - - ORPHANS REMOVED - - - -

.

SafeBoot-01884861.sys

SafeBoot-98832915.sys

AddRemove-DAEMON Tools Toolbar - c:\program files\DAEMON Tools Toolbar\uninst.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2012-08-20 13:01

Windows 5.1.2600 Service Pack 3 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'winlogon.exe'(1100)

c:\program files\Common Files\Adobe\Adobe Drive CS4\AdobeDriveCS4_NP.dll

.

- - - - - - - > 'explorer.exe'(2516)

c:\windows\system32\WININET.dll

c:\documents and settings\Asian Man Records\Application Data\Dropbox\bin\DropboxExt.14.dll

c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86\MSVCR80.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

.

Completion time: 2012-08-20 13:02:58

ComboFix-quarantined-files.txt 2012-08-20 20:02

.

Pre-Run: 188,262,883,328 bytes free

Post-Run: 189,637,672,960 bytes free

.

- - End Of File - - D60487FA0DAF3F32EF56CCD2C562FCFF

[boboso]

The recovery console wouldn't install for some reason, so combofix proceeded without it. Also, I went into Avast and disabled it while my scan was running, but Combofix still stated that it was running, so I wasn't sure if there was anything more that could be done short of uninstalling it that would've disabled it for Combofix's purposes.

[MrCharlie]

Looks Good.....

Please Update and run a Quick Scan with MBAM, post the report.

Make sure that everything is checked, and click Remove Selected.

Please let me know how computer is running now, MrC

[boboso]

Malwarebytes Anti-Malware 1.62.0.1300

www.malwarebytes.org

Database version: v2012.08.20.09

Windows XP Service Pack 3 x86 NTFS

Internet Explorer 8.0.6001.18702

Asian Man Records :: ASIANMAN1 [administrator]

8/20/2012 1:18:59 PM

mbam-log-2012-08-20 (13-18-59).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 224494

Time elapsed: 2 minute(s), 25 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

[boboso]

Thanks again for sticking with me this far! I really appreciate it.

[MrCharlie]

How is it???? MrC

[boboso]

So far so good! I'll report back in a couple hours in case anything comes up, but I'm not noticing any of the issues that were plaguing me before.

[MrCharlie]

Great

A little clean up to do....

Please Uninstall ComboFix: (if you used it)

Press the Windows logo key + R to bring up the "run box"

Copy and paste next command in the field:

ComboFix /uninstall

Make sure there's a space between Combofix and /

Then hit enter.

This will uninstall Combofix, delete its related folders and files, hide file extensions, hide the system/hidden files and clears System Restore cache and create new Restore point

(If that doesn't work.....you can simply rename ComboFix.exe to Uninstall.exe and double click it to complete the uninstall)

---------------------------------

Please download OTL from one of the links below: (you may already have OTL on the system)

http://oldtimer.geekstogo.com/OTL.exe

http://oldtimer.geekstogo.com/OTL.com

http://www.itxassociates.com/OT-Tools/OTL.exe

Save it to your desktop.

Run OTL and hit the CleanUp button. (This will cleanup the tools and logs used including itself)

Any other programs or logs you can manually delete.

IE: RogueKiller.exe, RKreport.txt, RK_Quarantine folder, C:\FRST, etc....

-------------------------------

Any questions...please post back.

If you think I've helped you, please leave a comment > click on my avatar picture > click Profile Feed.

Take a look at My Preventive Maintenance to avoid being infected again.

Good Luck and Thanks for using the forum, MrC

[boboso]

Everything stayed good for the rest of the work day. Thanks again!!!

[MrCharlie]

OK...Take Care MrC

[LDTate]

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!