Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

IB Updater 2.0.0.530 aka mystart incredibar [Solved]


  • This topic is locked This topic is locked

#16
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Missemily,

Sorry for delay. Let's continue with the fix.

Step 1

NOTE: This fix is custom made for this system only and for current system state! Don't try to run it on another system!

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL
    IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incre...6R8Nn2eb01&i=26
    IE - HKCU\..\SearchScopes,DefaultScope = {95B7759C-8C7F-4BF1-B163-73684A933233}
    IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = http://mystart.incre...6R8Nn2eb01&i=26
    [2012/12/07 06:32:52 | 000,003,571 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
    CHR - default_search_provider: AVG Secure Search (Enabled)
    O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
    O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll ()
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
    O33 - MountPoints2\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\Shell - "" = AutoRun
    O33 - MountPoints2\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\Shell\AutoRun - "" = Auto&Play
    O33 - MountPoints2\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\Shell\AutoRun\command - "" = D:\Setup.exe -- [2000/08/24 17:44:18 | 000,077,824 | R--- | M] (InstallShield Software Corporation)
    O33 - MountPoints2\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\Shell\dinstall\command - "" = D:\Setup\DirectX\dxsetup.exe -- [2000/10/21 04:39:38 | 000,147,456 | R--- | M] (Microsoft Corporation)

    :Files
    ipconfig /flushdns /c

    :Commands
    [purity]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post the fix log it produces in your next reply or you can find it in C:\_OTL\MovedFiles

Step 2

Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
  • Check the boxes beside:

    • Loaded modules

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Make sure to check:

    • Services and drivers
    • Boot sectors
    • Loaded modules
    • Verify Driver Digital Signature
    • Detect TDLFS file system

  • then click OK.
  • Click the Start Scan button to start the scan.
  • If a suspicious object is detected, the default action will be Skip
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected for malicious objects

    Posted Image
  • Click Continue then Reboot now to finish the cleaning process.
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\\ folder) in the form of \"TDSSKiller.[Version]_[Date]_[Time]_log.txt\". Please copy and paste its contents on your next reply.

Step 3

Please don't forget to include these items in your reply:

  • OTL fix log
  • TDSSKiller log
It would be helpful if you could post each log in separate post using "Add Reply" button
  • 0

Advertisements


#17
Missemily

Missemily

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Maliprog,

No problem - thanks for listening to the rant! We all have lives :)

Here's the OTL log - the computer hung up on shutting down and I had to hold the button to turn it off:

========== OTL ==========
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main\\Start Page| /E : value set successfully!
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}\ not found.
C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ deleted successfully.
C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}\ not found.
File C:\Program Files\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\ not found.
File move failed. D:\Setup.exe scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f0847bc3-7e60-11e1-8c3d-806d6172696f}\ not found.
File move failed. D:\Setup\DirectX\dxsetup.exe scheduled to be moved on reboot.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Documents and Settings\user1\Desktop\cmd.bat deleted successfully.
C:\Documents and Settings\user1\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========

OTL by OldTimer - Version 3.2.69.0 log created on 12112012_052832

Files\Folders moved on Reboot...
File move failed. D:\Setup.exe scheduled to be moved on reboot.
File move failed. D:\Setup\DirectX\dxsetup.exe scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
  • 0

#18
Missemily

Missemily

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
There were three TDSS log files: In order of time:
(also MSE came up and said it was cleaning something as well)
#1

05:43:29.0375 2128 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
05:43:29.0734 2128 ============================================================
05:43:29.0734 2128 Current date / time: 2012/12/11 05:43:29.0734
05:43:29.0734 2128 SystemInfo:
05:43:29.0734 2128
05:43:29.0734 2128 OS Version: 5.1.2600 ServicePack: 3.0
05:43:29.0734 2128 Product type: Workstation
05:43:29.0734 2128 ComputerName: COMPUTER_1
05:43:29.0734 2128 UserName: user1
05:43:29.0734 2128 Windows directory: C:\WINDOWS
05:43:29.0734 2128 System windows directory: C:\WINDOWS
05:43:29.0734 2128 Processor architecture: Intel x86
05:43:29.0734 2128 Number of processors: 2
05:43:29.0734 2128 Page size: 0x1000
05:43:29.0734 2128 Boot type: Normal boot
05:43:29.0734 2128 ============================================================
05:43:33.0859 2128 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
05:43:33.0875 2128 ============================================================
05:43:33.0875 2128 \Device\Harddisk0\DR0:
05:43:33.0875 2128 MBR partitions:
05:43:33.0875 2128 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
05:43:33.0875 2128 ============================================================
05:43:33.0921 2128 C: <-> \Device\Harddisk0\DR0\Partition1
05:43:33.0921 2128 ============================================================
05:43:33.0921 2128 Initialize success
05:43:33.0921 2128 ============================================================
05:43:53.0640 0184 Deinitialize success


#2

05:49:10.0593 2808 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
05:49:11.0062 2808 ============================================================
05:49:11.0062 2808 Current date / time: 2012/12/11 05:49:11.0062
05:49:11.0062 2808 SystemInfo:
05:49:11.0062 2808
05:49:11.0062 2808 OS Version: 5.1.2600 ServicePack: 3.0
05:49:11.0062 2808 Product type: Workstation
05:49:11.0062 2808 ComputerName: COMPUTER_1
05:49:11.0062 2808 UserName: user1
05:49:11.0062 2808 Windows directory: C:\WINDOWS
05:49:11.0078 2808 System windows directory: C:\WINDOWS
05:49:11.0078 2808 Processor architecture: Intel x86
05:49:11.0078 2808 Number of processors: 2
05:49:11.0078 2808 Page size: 0x1000
05:49:11.0078 2808 Boot type: Normal boot
05:49:11.0078 2808 ============================================================
05:49:16.0500 2808 BG loaded
05:49:18.0359 2808 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
05:49:18.0453 2808 ============================================================
05:49:18.0453 2808 \Device\Harddisk0\DR0:
05:49:18.0890 2808 MBR partitions:
05:49:18.0890 2808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
05:49:18.0890 2808 ============================================================
05:49:19.0218 2808 C: <-> \Device\Harddisk0\DR0\Partition1
05:49:19.0484 2808 ============================================================
05:49:19.0484 2808 Initialize success
05:49:19.0484 2808 ============================================================
05:52:07.0859 1000 ============================================================
05:52:07.0859 1000 Scan started
05:52:07.0859 1000 Mode: Manual; SigCheck; TDLFS;
05:52:07.0859 1000 ============================================================
05:52:08.0718 1000 ================ Scan system memory ========================
05:52:08.0718 1000 System memory - ok
05:52:08.0718 1000 ================ Scan services =============================
05:52:09.0484 1000 [ 149A8F7ADF9742554DC323E290551E3E ] Aavmker4 C:\WINDOWS\system32\drivers\Aavmker4.sys
05:52:10.0281 1000 Aavmker4 - ok
05:52:10.0296 1000 Abiosdsk - ok
05:52:10.0312 1000 abp480n5 - ok
05:52:10.0515 1000 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:52:11.0750 1000 ACPI - ok
05:52:11.0781 1000 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
05:52:12.0015 1000 ACPIEC - ok
05:52:12.0093 1000 [ 0CB0AA071C7B86A64F361DCFDF357329 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
05:52:12.0125 1000 AdobeFlashPlayerUpdateSvc - ok
05:52:12.0140 1000 adpu160m - ok
05:52:12.0187 1000 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
05:52:12.0406 1000 aec - ok
05:52:12.0453 1000 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
05:52:12.0578 1000 AFD - ok
05:52:12.0578 1000 Aha154x - ok
05:52:12.0593 1000 aic78u2 - ok
05:52:12.0593 1000 aic78xx - ok
05:52:12.0625 1000 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
05:52:12.0890 1000 Alerter - ok
05:52:12.0906 1000 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
05:52:13.0109 1000 ALG - ok
05:52:13.0109 1000 AliIde - ok
05:52:13.0125 1000 amsint - ok
05:52:13.0156 1000 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
05:52:13.0281 1000 AppMgmt - ok
05:52:13.0281 1000 asc - ok
05:52:13.0296 1000 asc3350p - ok
05:52:13.0296 1000 asc3550 - ok
05:52:13.0406 1000 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
05:52:13.0515 1000 aspnet_state - ok
05:52:13.0640 1000 [ DE6ED95AEF259979B2830450072A627B ] aswFsBlk C:\WINDOWS\system32\drivers\aswFsBlk.sys
05:52:13.0671 1000 aswFsBlk - ok
05:52:13.0703 1000 [ 84F0BE324EE111338589F448C3E8BAB2 ] aswMon2 C:\WINDOWS\system32\drivers\aswMon2.sys
05:52:13.0750 1000 aswMon2 - ok
05:52:13.0765 1000 [ 7C9F0A2AB17D52261A9252A2EB320884 ] AswRdr C:\WINDOWS\system32\drivers\AswRdr.sys
05:52:13.0781 1000 AswRdr - ok
05:52:13.0828 1000 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
05:52:13.0890 1000 aswSnx - ok
05:52:13.0921 1000 [ 67B558895695545FB0568B7541F3BCA7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
05:52:13.0968 1000 aswSP - ok
05:52:14.0000 1000 [ E3E73B2B73A4DFADFDDF557192C4B08A ] aswTdi C:\WINDOWS\system32\drivers\aswTdi.sys
05:52:14.0015 1000 aswTdi - ok
05:52:14.0062 1000 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:52:14.0312 1000 AsyncMac - ok
05:52:14.0328 1000 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
05:52:14.0515 1000 atapi - ok
05:52:14.0515 1000 Atdisk - ok
05:52:14.0531 1000 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:52:14.0750 1000 Atmarpc - ok
05:52:14.0812 1000 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
05:52:15.0031 1000 AudioSrv - ok
05:52:15.0078 1000 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
05:52:15.0265 1000 audstub - ok
05:52:15.0484 1000 [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
05:52:15.0515 1000 avast! Antivirus - ok
05:52:15.0515 1000 AVGIDSHX - ok
05:52:15.0531 1000 AVGIDSShim - ok
05:52:15.0562 1000 [ 95889A9D23F3133250FA8AD13C982D58 ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
05:52:15.0609 1000 Avglogx - ok
05:52:15.0640 1000 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] avgtp C:\WINDOWS\system32\drivers\avgtpx86.sys
05:52:15.0687 1000 avgtp - ok
05:52:15.0718 1000 [ 3A3A82FFD268BCFB7AE6A48CECF00AD9 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
05:52:15.0843 1000 b57w2k - ok
05:52:15.0890 1000 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
05:52:16.0125 1000 Beep - ok
05:52:16.0218 1000 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
05:52:16.0500 1000 BITS - ok
05:52:16.0531 1000 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
05:52:16.0703 1000 Browser - ok
05:52:16.0718 1000 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
05:52:16.0968 1000 cbidf2k - ok
05:52:16.0968 1000 cd20xrnt - ok
05:52:16.0984 1000 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
05:52:17.0265 1000 Cdaudio - ok
05:52:17.0296 1000 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
05:52:17.0500 1000 Cdfs - ok
05:52:17.0531 1000 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:52:17.0734 1000 Cdrom - ok
05:52:17.0734 1000 Changer - ok
05:52:17.0765 1000 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
05:52:18.0031 1000 CiSvc - ok
05:52:18.0062 1000 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
05:52:18.0265 1000 ClipSrv - ok
05:52:18.0296 1000 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
05:52:18.0609 1000 clr_optimization_v2.0.50727_32 - ok
05:52:18.0625 1000 CmdIde - ok
05:52:18.0625 1000 COMSysApp - ok
05:52:18.0656 1000 Cpqarray - ok
05:52:18.0703 1000 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
05:52:18.0921 1000 CryptSvc - ok
05:52:18.0921 1000 dac2w2k - ok
05:52:18.0937 1000 dac960nt - ok
05:52:19.0015 1000 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
05:52:19.0234 1000 DcomLaunch - ok
05:52:19.0281 1000 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
05:52:19.0515 1000 Dhcp - ok
05:52:19.0546 1000 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
05:52:19.0765 1000 Disk - ok
05:52:19.0781 1000 dmadmin - ok
05:52:19.0843 1000 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
05:52:20.0125 1000 dmboot - ok
05:52:20.0140 1000 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
05:52:20.0375 1000 dmio - ok
05:52:20.0390 1000 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
05:52:20.0625 1000 dmload - ok
05:52:20.0656 1000 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
05:52:20.0921 1000 dmserver - ok
05:52:20.0968 1000 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
05:52:21.0218 1000 DMusic - ok
05:52:21.0281 1000 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
05:52:21.0437 1000 Dnscache - ok
05:52:21.0515 1000 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
05:52:21.0796 1000 Dot3svc - ok
05:52:21.0812 1000 dpti2o - ok
05:52:21.0843 1000 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
05:52:22.0078 1000 drmkaud - ok
05:52:22.0140 1000 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
05:52:22.0312 1000 EapHost - ok
05:52:22.0343 1000 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
05:52:22.0515 1000 ERSvc - ok
05:52:22.0515 1000 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
05:52:22.0593 1000 Eventlog - ok
05:52:22.0671 1000 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
05:52:22.0765 1000 EventSystem - ok
05:52:22.0875 1000 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
05:52:23.0093 1000 Fastfat - ok
05:52:23.0171 1000 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:52:23.0281 1000 FastUserSwitchingCompatibility - ok
05:52:23.0312 1000 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
05:52:23.0546 1000 Fdc - ok
05:52:23.0593 1000 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
05:52:23.0765 1000 Fips - ok
05:52:23.0796 1000 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
05:52:23.0984 1000 Flpydisk - ok
05:52:24.0062 1000 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
05:52:24.0250 1000 FltMgr - ok
05:52:24.0375 1000 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
05:52:24.0406 1000 FontCache3.0.0.0 - ok
05:52:24.0437 1000 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:52:24.0750 1000 Fs_Rec - ok
05:52:24.0781 1000 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:52:25.0031 1000 Ftdisk - ok
05:52:25.0109 1000 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:52:25.0312 1000 Gpc - ok
05:52:25.0406 1000 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:52:25.0640 1000 helpsvc - ok
05:52:25.0671 1000 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
05:52:25.0937 1000 HidServ - ok
05:52:25.0968 1000 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] hidusb C:\WINDOWS\system32\DRIVERS\hidusb.sys
05:52:26.0171 1000 hidusb - ok
05:52:26.0234 1000 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
05:52:26.0437 1000 hkmsvc - ok
05:52:26.0453 1000 hpn - ok
05:52:26.0500 1000 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
05:52:26.0671 1000 HTTP - ok
05:52:26.0687 1000 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
05:52:26.0968 1000 HTTPFilter - ok
05:52:26.0968 1000 i2omgmt - ok
05:52:26.0984 1000 i2omp - ok
05:52:27.0015 1000 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:52:27.0296 1000 i8042prt - ok
05:52:27.0375 1000 [ 0F0194C4B635C10C3F785E4FEE52D641 ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
05:52:27.0640 1000 ialm - ok
05:52:27.0765 1000 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
05:52:27.0828 1000 idsvc - ok
05:52:27.0875 1000 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
05:52:28.0109 1000 Imapi - ok
05:52:28.0125 1000 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
05:52:28.0406 1000 ImapiService - ok
05:52:28.0421 1000 ini910u - ok
05:52:28.0468 1000 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
05:52:28.0734 1000 IntelIde - ok
05:52:28.0750 1000 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
05:52:29.0062 1000 intelppm - ok
05:52:29.0078 1000 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
05:52:29.0359 1000 Ip6Fw - ok
05:52:29.0390 1000 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:52:29.0656 1000 IpFilterDriver - ok
05:52:29.0656 1000 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:52:29.0906 1000 IpInIp - ok
05:52:29.0953 1000 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:52:30.0250 1000 IpNat - ok
05:52:30.0281 1000 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:52:30.0468 1000 IPSec - ok
05:52:30.0484 1000 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
05:52:30.0640 1000 IRENUM - ok
05:52:30.0703 1000 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:52:30.0921 1000 isapnp - ok
05:52:31.0078 1000 [ B591E761161D1EF547D76EF236EAA6A5 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
05:52:31.0109 1000 JavaQuickStarterService - ok
05:52:31.0156 1000 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:52:31.0390 1000 Kbdclass - ok
05:52:31.0406 1000 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05:52:31.0609 1000 kbdhid - ok
05:52:31.0687 1000 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
05:52:31.0875 1000 kmixer - ok
05:52:31.0921 1000 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
05:52:31.0984 1000 KSecDD - ok
05:52:32.0031 1000 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
05:52:32.0140 1000 LanmanServer - ok
05:52:32.0187 1000 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:52:32.0265 1000 lanmanworkstation - ok
05:52:32.0281 1000 lbrtfdc - ok
05:52:32.0343 1000 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
05:52:32.0625 1000 LmHosts - ok
05:52:32.0687 1000 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
05:52:32.0906 1000 Messenger - ok
05:52:32.0968 1000 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
05:52:33.0156 1000 mnmdd - ok
05:52:33.0203 1000 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
05:52:33.0421 1000 mnmsrvc - ok
05:52:33.0468 1000 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
05:52:33.0703 1000 Modem - ok
05:52:33.0750 1000 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:52:33.0937 1000 Mouclass - ok
05:52:33.0984 1000 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
05:52:34.0234 1000 mouhid - ok
05:52:34.0250 1000 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
05:52:34.0468 1000 MountMgr - ok
05:52:34.0546 1000 [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
05:52:34.0656 1000 MozillaMaintenance - ok
05:52:34.0718 1000 [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
05:52:34.0765 1000 MpFilter - ok
05:52:35.0000 1000 [ A69630D039C38018689190234F866D77 ] MpKsl94caba3e c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D63DE6F-BA01-4056-A38E-4FF69FB43873}\MpKsl94caba3e.sys
05:52:35.0031 1000 MpKsl94caba3e - ok
05:52:35.0031 1000 mraid35x - ok
05:52:35.0062 1000 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:52:35.0250 1000 MRxDAV - ok
05:52:35.0328 1000 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:52:35.0421 1000 MRxSmb - ok
05:52:35.0468 1000 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
05:52:35.0656 1000 MSDTC - ok
05:52:35.0671 1000 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
05:52:35.0843 1000 Msfs - ok
05:52:35.0859 1000 MSIServer - ok
05:52:35.0890 1000 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:52:36.0093 1000 MSKSSRV - ok
05:52:36.0156 1000 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
05:52:36.0187 1000 MsMpSvc - ok
05:52:36.0218 1000 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:52:36.0375 1000 MSPCLOCK - ok
05:52:36.0406 1000 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
05:52:36.0546 1000 MSPQM - ok
05:52:36.0609 1000 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:52:36.0765 1000 mssmbios - ok
05:52:36.0796 1000 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
05:52:36.0843 1000 Mup - ok
05:52:36.0890 1000 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
05:52:37.0078 1000 napagent - ok
05:52:37.0093 1000 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
05:52:37.0281 1000 NDIS - ok
05:52:37.0328 1000 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:52:37.0390 1000 NdisTapi - ok
05:52:37.0421 1000 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:52:37.0593 1000 Ndisuio - ok
05:52:37.0609 1000 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:52:37.0796 1000 NdisWan - ok
05:52:37.0859 1000 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
05:52:37.0937 1000 NDProxy - ok
05:52:38.0000 1000 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
05:52:38.0156 1000 NetBIOS - ok
05:52:38.0187 1000 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
05:52:38.0406 1000 NetBT - ok
05:52:38.0421 1000 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
05:52:38.0640 1000 NetDDE - ok
05:52:38.0671 1000 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
05:52:38.0828 1000 NetDDEdsdm - ok
05:52:38.0859 1000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
05:52:39.0031 1000 Netlogon - ok
05:52:39.0093 1000 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
05:52:39.0281 1000 Netman - ok
05:52:39.0421 1000 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
05:52:39.0453 1000 NetTcpPortSharing - ok
05:52:39.0531 1000 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
05:52:39.0578 1000 Nla - ok
05:52:39.0640 1000 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
05:52:39.0859 1000 Npfs - ok
05:52:40.0046 1000 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
05:52:40.0312 1000 Ntfs - ok
05:52:40.0359 1000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
05:52:40.0515 1000 NtLmSsp - ok
05:52:40.0562 1000 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
05:52:40.0781 1000 NtmsSvc - ok
05:52:40.0828 1000 [ CF7E041663119E09D2E118521ADA9300 ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
05:52:40.0859 1000 NuidFltr - ok
05:52:40.0906 1000 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
05:52:41.0093 1000 Null - ok
05:52:41.0125 1000 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:52:41.0312 1000 NwlnkFlt - ok
05:52:41.0328 1000 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:52:41.0500 1000 NwlnkFwd - ok
05:52:41.0640 1000 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:52:41.0687 1000 ose - ok
05:52:41.0750 1000 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
05:52:41.0937 1000 Parport - ok
05:52:41.0968 1000 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
05:52:42.0828 1000 PartMgr - ok
05:52:42.0921 1000 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
05:52:43.0125 1000 ParVdm - ok
05:52:43.0171 1000 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
05:52:43.0359 1000 PCI - ok
05:52:43.0375 1000 PCIDump - ok
05:52:43.0390 1000 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
05:52:43.0562 1000 PCIIde - ok
05:52:43.0703 1000 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
05:52:43.0921 1000 Pcmcia - ok
05:52:43.0937 1000 PDCOMP - ok
05:52:43.0937 1000 PDFRAME - ok
05:52:43.0953 1000 PDRELI - ok
05:52:43.0953 1000 PDRFRAME - ok
05:52:43.0968 1000 perc2 - ok
05:52:43.0984 1000 perc2hib - ok
05:52:44.0046 1000 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
05:52:44.0109 1000 PlugPlay - ok
05:52:44.0125 1000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
05:52:44.0265 1000 PolicyAgent - ok
05:52:44.0312 1000 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:52:44.0500 1000 PptpMiniport - ok
05:52:44.0515 1000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:52:44.0687 1000 ProtectedStorage - ok
05:52:44.0796 1000 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
05:52:45.0000 1000 PSched - ok
05:52:45.0046 1000 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:52:45.0234 1000 Ptilink - ok
05:52:45.0234 1000 ql1080 - ok
05:52:45.0250 1000 Ql10wnt - ok
05:52:45.0250 1000 ql12160 - ok
05:52:45.0265 1000 ql1240 - ok
05:52:45.0281 1000 ql1280 - ok
05:52:45.0312 1000 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:52:45.0500 1000 RasAcd - ok
05:52:45.0562 1000 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
05:52:45.0734 1000 RasAuto - ok
05:52:45.0765 1000 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:52:45.0953 1000 Rasl2tp - ok
05:52:46.0109 1000 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
05:52:46.0296 1000 RasMan - ok
05:52:46.0343 1000 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:52:46.0515 1000 RasPppoe - ok
05:52:46.0578 1000 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
05:52:46.0750 1000 Raspti - ok
05:52:46.0796 1000 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:52:47.0078 1000 Rdbss - ok
05:52:47.0171 1000 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:52:47.0343 1000 RDPCDD - ok
05:52:47.0468 1000 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
05:52:47.0671 1000 rdpdr - ok
05:52:47.0734 1000 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
05:52:47.0843 1000 RDPWD - ok
05:52:47.0921 1000 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
05:52:48.0125 1000 RDSessMgr - ok
05:52:48.0156 1000 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
05:52:48.0359 1000 redbook - ok
05:52:48.0453 1000 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
05:52:48.0640 1000 RemoteAccess - ok
05:52:48.0703 1000 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
05:52:48.0906 1000 RemoteRegistry - ok
05:52:48.0937 1000 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
05:52:49.0140 1000 RpcLocator - ok
05:52:49.0156 1000 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\system32\rpcss.dll
05:52:49.0265 1000 RpcSs - ok
05:52:49.0375 1000 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
05:52:49.0562 1000 RSVP - ok
05:52:49.0593 1000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
05:52:49.0750 1000 SamSs - ok
05:52:49.0812 1000 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
05:52:49.0984 1000 SCardSvr - ok
05:52:50.0046 1000 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
05:52:50.0234 1000 Schedule - ok
05:52:50.0265 1000 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:52:50.0375 1000 Secdrv - ok
05:52:50.0406 1000 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
05:52:50.0578 1000 seclogon - ok
05:52:50.0765 1000 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] senfilt C:\WINDOWS\system32\drivers\senfilt.sys
05:52:51.0093 1000 senfilt - ok
05:52:51.0187 1000 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
05:52:51.0375 1000 SENS - ok
05:52:51.0390 1000 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
05:52:51.0578 1000 serenum - ok
05:52:51.0625 1000 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
05:52:51.0812 1000 Serial - ok
05:52:51.0875 1000 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
05:52:52.0046 1000 Sfloppy - ok
05:52:52.0125 1000 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
05:52:52.0343 1000 SharedAccess - ok
05:52:52.0375 1000 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:52:52.0437 1000 ShellHWDetection - ok
05:52:52.0437 1000 Simbad - ok
05:52:52.0500 1000 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] smwdm C:\WINDOWS\system32\drivers\smwdm.sys
05:52:52.0609 1000 smwdm - ok
05:52:52.0609 1000 Sparrow - ok
05:52:52.0656 1000 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
05:52:52.0875 1000 splitter - ok
05:52:52.0937 1000 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
05:52:53.0046 1000 Spooler - ok
05:52:53.0109 1000 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
05:52:53.0203 1000 sr - ok
05:52:53.0234 1000 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
05:52:53.0343 1000 srservice - ok
05:52:53.0406 1000 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
05:52:53.0531 1000 Srv - ok
05:52:53.0562 1000 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
05:52:53.0687 1000 SSDPSRV - ok
05:52:53.0796 1000 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
05:52:54.0015 1000 stisvc - ok
05:52:54.0062 1000 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
05:52:54.0265 1000 swenum - ok
05:52:54.0281 1000 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
05:52:54.0468 1000 swmidi - ok
05:52:54.0484 1000 SwPrv - ok
05:52:54.0484 1000 symc810 - ok
05:52:54.0500 1000 symc8xx - ok
05:52:54.0515 1000 sym_hi - ok
05:52:54.0515 1000 sym_u3 - ok
05:52:54.0546 1000 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
05:52:54.0765 1000 sysaudio - ok
05:52:54.0828 1000 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
05:52:55.0031 1000 SysmonLog - ok
05:52:55.0078 1000 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
05:52:55.0437 1000 TapiSrv - ok
05:52:55.0484 1000 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:52:55.0625 1000 Tcpip - ok
05:52:55.0671 1000 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
05:52:56.0015 1000 TDPIPE - ok
05:52:56.0031 1000 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
05:52:56.0312 1000 TDTCP - ok
05:52:56.0343 1000 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
05:52:56.0593 1000 TermDD - ok
05:52:56.0687 1000 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
05:52:56.0968 1000 TermService - ok
05:52:57.0015 1000 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
05:52:57.0046 1000 Themes - ok
05:52:57.0093 1000 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
05:52:57.0250 1000 TlntSvr - ok
05:52:57.0250 1000 TosIde - ok
05:52:57.0281 1000 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
05:52:57.0515 1000 TrkWks - ok
05:52:57.0546 1000 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
05:52:57.0750 1000 Udfs - ok
05:52:57.0750 1000 ultra - ok
05:52:57.0828 1000 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
05:52:58.0031 1000 Update - ok
05:52:58.0062 1000 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
05:52:58.0171 1000 upnphost - ok
05:52:58.0203 1000 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
05:52:58.0390 1000 UPS - ok
05:52:58.0406 1000 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:52:58.0593 1000 usbccgp - ok
05:52:58.0640 1000 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:52:58.0843 1000 usbehci - ok
05:52:58.0890 1000 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:52:59.0093 1000 usbhub - ok
05:52:59.0125 1000 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
05:52:59.0375 1000 usbprint - ok
05:52:59.0437 1000 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
05:52:59.0656 1000 usbscan - ok
05:52:59.0718 1000 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:52:59.0921 1000 usbuhci - ok
05:53:00.0031 1000 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
05:53:00.0234 1000 VgaSave - ok
05:53:00.0234 1000 ViaIde - ok
05:53:00.0296 1000 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
05:53:00.0484 1000 VolSnap - ok
05:53:00.0609 1000 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
05:53:00.0750 1000 VSS - ok
05:53:01.0359 1000 [ 7DB85B78309C05C9F06F469ED976DC9E ] vToolbarUpdater13.2.0 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
05:53:01.0500 1000 vToolbarUpdater13.2.0 - ok
05:53:01.0546 1000 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
05:53:01.0828 1000 W32Time - ok
05:53:01.0859 1000 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:53:02.0031 1000 Wanarp - ok
05:53:02.0140 1000 [ FD47474BD21794508AF449D9D91AF6E6 ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
05:53:02.0281 1000 Wdf01000 - ok
05:53:02.0281 1000 WDICA - ok
05:53:02.0312 1000 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
05:53:02.0531 1000 wdmaud - ok
05:53:02.0593 1000 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
05:53:02.0843 1000 WebClient - ok
05:53:03.0046 1000 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
05:53:03.0203 1000 winmgmt - ok
05:53:03.0234 1000 [ C7E39EA41233E9F5B86C8DA3A9F1E4A8 ] WmdmPmSN C:\WINDOWS\system32\mspmsnsv.dll
05:53:03.0453 1000 WmdmPmSN - ok
05:53:03.0640 1000 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
05:53:03.0890 1000 Wmi - ok
05:53:04.0000 1000 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
05:53:04.0250 1000 WmiApSrv - ok
05:53:04.0312 1000 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
05:53:04.0531 1000 wscsvc - ok
05:53:04.0593 1000 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
05:53:04.0796 1000 wuauserv - ok
05:53:04.0859 1000 [ BE0B3774113713059527FCF071CCDBFE ] wwEngineSvc C:\Program Files\Webroot\Washer\WasherSvc.exe
05:53:04.0968 1000 wwEngineSvc - ok
05:53:05.0031 1000 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
05:53:05.0406 1000 WZCSVC - ok
05:53:05.0421 1000 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
05:53:05.0781 1000 xmlprov - ok
05:53:05.0781 1000 ================ Scan global ===============================
05:53:05.0828 1000 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
05:53:05.0890 1000 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:53:05.0921 1000 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:53:05.0953 1000 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
05:53:05.0968 1000 [Global] - ok
05:53:05.0968 1000 ================ Scan MBR ==================================
05:53:05.0968 1000 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
05:53:05.0968 1000 Suspicious mbr (Forged): \Device\Harddisk0\DR0
05:53:05.0984 1000 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - infected
05:53:05.0984 1000 \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.c (0)
05:53:06.0015 1000 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
05:53:06.0015 1000 \Device\Harddisk0\DR0 - detected TDSS File System (1)
05:53:06.0015 1000 ================ Scan VBR ==================================
05:53:06.0046 1000 [ 15B1276ADEEE6C9286D7B7625E6C9F83 ] \Device\Harddisk0\DR0\Partition1
05:53:06.0046 1000 \Device\Harddisk0\DR0\Partition1 - ok
05:53:06.0046 1000 ================ Scan active images ========================
05:53:06.0062 1000 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
05:53:06.0062 1000 C:\WINDOWS\system32\drivers\intelppm.sys - ok
05:53:06.0078 1000 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
05:53:06.0078 1000 C:\WINDOWS\system32\drivers\videoprt.sys - ok
05:53:06.0078 1000 [ 0F0194C4B635C10C3F785E4FEE52D641 ] C:\WINDOWS\system32\drivers\ialmnt5.sys
05:53:06.0078 1000 C:\WINDOWS\system32\drivers\ialmnt5.sys - ok
05:53:06.0093 1000 [ 3A3A82FFD268BCFB7AE6A48CECF00AD9 ] C:\WINDOWS\system32\drivers\b57xp32.sys
05:53:06.0093 1000 C:\WINDOWS\system32\drivers\b57xp32.sys - ok
05:53:06.0093 1000 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
05:53:06.0093 1000 C:\WINDOWS\system32\drivers\usbport.sys - ok
05:53:06.0109 1000 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
05:53:06.0109 1000 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
05:53:06.0125 1000 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
05:53:06.0125 1000 C:\WINDOWS\system32\drivers\ks.sys - ok
05:53:06.0125 1000 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
05:53:06.0125 1000 C:\WINDOWS\system32\drivers\usbehci.sys - ok
05:53:06.0140 1000 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
05:53:06.0140 1000 C:\WINDOWS\system32\drivers\drmk.sys - ok
05:53:06.0156 1000 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
05:53:06.0156 1000 C:\WINDOWS\system32\drivers\portcls.sys - ok
05:53:06.0156 1000 [ 0066FF77AEB4AE70066F7E94D5A6D866 ] C:\WINDOWS\system32\drivers\smwdm.sys
05:53:06.0156 1000 C:\WINDOWS\system32\drivers\smwdm.sys - ok
05:53:06.0171 1000 [ B9C7617C1E8AB6FDFF75D3C8DAFCB4C8 ] C:\WINDOWS\system32\drivers\senfilt.sys
05:53:06.0171 1000 C:\WINDOWS\system32\drivers\senfilt.sys - ok
05:53:06.0187 1000 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] C:\WINDOWS\system32\drivers\fdc.sys
05:53:06.0187 1000 C:\WINDOWS\system32\drivers\fdc.sys - ok
05:53:06.0203 1000 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
05:53:06.0203 1000 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
05:53:06.0203 1000 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
05:53:06.0203 1000 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
05:53:06.0218 1000 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
05:53:06.0218 1000 C:\WINDOWS\system32\drivers\mouclass.sys - ok
05:53:06.0234 1000 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
05:53:06.0234 1000 C:\WINDOWS\system32\drivers\cdrom.sys - ok
05:53:06.0234 1000 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
05:53:06.0234 1000 C:\WINDOWS\system32\drivers\parport.sys - ok
05:53:06.0250 1000 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
05:53:06.0250 1000 C:\WINDOWS\system32\drivers\serenum.sys - ok
05:53:06.0265 1000 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
05:53:06.0265 1000 C:\WINDOWS\system32\drivers\serial.sys - ok
05:53:06.0265 1000 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
05:53:06.0265 1000 C:\WINDOWS\system32\drivers\audstub.sys - ok
05:53:06.0281 1000 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
05:53:06.0281 1000 C:\WINDOWS\system32\drivers\imapi.sys - ok
05:53:06.0281 1000 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
05:53:06.0281 1000 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
05:53:06.0296 1000 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
05:53:06.0296 1000 C:\WINDOWS\system32\drivers\redbook.sys - ok
05:53:06.0296 1000 [ 0109C4F3850DFBAB279542515386AE22 ] C:\WINDOWS\system32\drivers\ndistapi.sys
05:53:06.0296 1000 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
05:53:06.0312 1000 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
05:53:06.0312 1000 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
05:53:06.0312 1000 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
05:53:06.0312 1000 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
05:53:06.0312 1000 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
05:53:06.0312 1000 C:\WINDOWS\system32\drivers\tdi.sys - ok
05:53:06.0328 1000 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
05:53:06.0328 1000 C:\WINDOWS\system32\drivers\msgpc.sys - ok
05:53:06.0343 1000 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
05:53:06.0343 1000 C:\WINDOWS\system32\drivers\psched.sys - ok
05:53:06.0343 1000 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
05:53:06.0343 1000 C:\WINDOWS\system32\drivers\raspptp.sys - ok
05:53:06.0359 1000 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
05:53:06.0359 1000 C:\WINDOWS\system32\drivers\ptilink.sys - ok
05:53:06.0359 1000 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
05:53:06.0359 1000 C:\WINDOWS\system32\drivers\raspti.sys - ok
05:53:06.0359 1000 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
05:53:06.0359 1000 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
05:53:06.0375 1000 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
05:53:06.0375 1000 C:\WINDOWS\system32\drivers\termdd.sys - ok
05:53:06.0375 1000 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
05:53:06.0375 1000 C:\WINDOWS\system32\drivers\swenum.sys - ok
05:53:06.0390 1000 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
05:53:06.0390 1000 C:\WINDOWS\system32\drivers\update.sys - ok
05:53:06.0390 1000 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
05:53:06.0390 1000 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
05:53:06.0406 1000 [ 9282BD12DFB069D3889EB3FCC1000A9B ] C:\WINDOWS\system32\drivers\ndproxy.sys
05:53:06.0406 1000 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
05:53:06.0406 1000 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
05:53:06.0406 1000 C:\WINDOWS\system32\drivers\usbd.sys - ok
05:53:06.0421 1000 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
05:53:06.0421 1000 C:\WINDOWS\system32\drivers\usbhub.sys - ok
05:53:06.0421 1000 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] C:\WINDOWS\system32\drivers\flpydisk.sys
05:53:06.0421 1000 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
05:53:06.0421 1000 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
05:53:06.0437 1000 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
05:53:06.0437 1000 [ 8E6B8C671615D126FDC553D1E2DE5562 ] C:\WINDOWS\system32\drivers\sfloppy.sys
05:53:06.0437 1000 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
05:53:06.0453 1000 [ 34F335FEC0D7A7A4D329390B7C7B59B8 ] C:\WINDOWS\system32\drivers\avgtpx86.sys
05:53:06.0453 1000 C:\WINDOWS\system32\drivers\avgtpx86.sys - ok
05:53:06.0468 1000 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
05:53:06.0468 1000 C:\WINDOWS\system32\drivers\beep.sys - ok
05:53:06.0468 1000 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
05:53:06.0468 1000 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
05:53:06.0484 1000 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
05:53:06.0484 1000 C:\WINDOWS\system32\drivers\hidparse.sys - ok
05:53:06.0484 1000 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
05:53:06.0484 1000 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
05:53:06.0500 1000 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
05:53:06.0500 1000 C:\WINDOWS\system32\drivers\null.sys - ok
05:53:06.0500 1000 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
05:53:06.0500 1000 C:\WINDOWS\system32\drivers\vga.sys - ok
05:53:06.0515 1000 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
05:53:06.0515 1000 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
05:53:06.0515 1000 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
05:53:06.0515 1000 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
05:53:06.0531 1000 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
05:53:06.0531 1000 C:\WINDOWS\system32\drivers\msfs.sys - ok
05:53:06.0531 1000 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
05:53:06.0531 1000 C:\WINDOWS\system32\drivers\ipsec.sys - ok
05:53:06.0546 1000 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
05:53:06.0546 1000 C:\WINDOWS\system32\drivers\npfs.sys - ok
05:53:06.0546 1000 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
05:53:06.0546 1000 C:\WINDOWS\system32\drivers\rasacd.sys - ok
05:53:06.0562 1000 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
05:53:06.0562 1000 C:\WINDOWS\system32\drivers\tcpip.sys - ok
05:53:06.0578 1000 [ E3E73B2B73A4DFADFDDF557192C4B08A ] C:\WINDOWS\system32\drivers\aswTdi.sys
05:53:06.0578 1000 C:\WINDOWS\system32\drivers\aswTdi.sys - ok
05:53:06.0578 1000 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
05:53:06.0578 1000 C:\WINDOWS\system32\drivers\ipnat.sys - ok
05:53:06.0593 1000 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
05:53:06.0593 1000 C:\WINDOWS\system32\drivers\netbt.sys - ok
05:53:06.0593 1000 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
05:53:06.0593 1000 C:\WINDOWS\system32\drivers\wanarp.sys - ok
05:53:06.0609 1000 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] C:\WINDOWS\system32\drivers\afd.sys
05:53:06.0609 1000 C:\WINDOWS\system32\drivers\afd.sys - ok
05:53:06.0609 1000 [ 7C9F0A2AB17D52261A9252A2EB320884 ] C:\WINDOWS\system32\drivers\aswRdr.sys
05:53:06.0609 1000 C:\WINDOWS\system32\drivers\aswRdr.sys - ok
05:53:06.0625 1000 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
05:53:06.0625 1000 C:\WINDOWS\system32\drivers\netbios.sys - ok
05:53:06.0625 1000 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
05:53:06.0625 1000 C:\WINDOWS\system32\drivers\rdbss.sys - ok
05:53:06.0640 1000 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
05:53:06.0640 1000 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
05:53:06.0656 1000 [ 67B558895695545FB0568B7541F3BCA7 ] C:\WINDOWS\system32\drivers\aswSP.sys
05:53:06.0656 1000 C:\WINDOWS\system32\drivers\aswSP.sys - ok
05:53:06.0656 1000 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
05:53:06.0656 1000 C:\WINDOWS\system32\drivers\fips.sys - ok
05:53:06.0656 1000 [ B32E9AD44A1DBB3E8095E80F8DF32B03 ] C:\WINDOWS\system32\drivers\aswSnx.sys
05:53:06.0656 1000 C:\WINDOWS\system32\drivers\aswSnx.sys - ok
05:53:06.0671 1000 [ 149A8F7ADF9742554DC323E290551E3E ] C:\WINDOWS\system32\drivers\aavmker4.sys
05:53:06.0671 1000 C:\WINDOWS\system32\drivers\aavmker4.sys - ok
05:53:06.0671 1000 [ F8F0D25CA553E39DDE485D8FC7FCCE89 ] C:\WINDOWS\system32\ntdll.dll
05:53:06.0671 1000 C:\WINDOWS\system32\ntdll.dll - ok
05:53:06.0687 1000 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
05:53:06.0687 1000 C:\WINDOWS\system32\smss.exe - ok
05:53:06.0687 1000 [ 173F317CE0DB8E21322E71B7E60A27E8 ] C:\WINDOWS\system32\drivers\usbccgp.sys
05:53:06.0687 1000 C:\WINDOWS\system32\drivers\usbccgp.sys - ok
05:53:06.0703 1000 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
05:53:06.0703 1000 C:\WINDOWS\system32\autochk.exe - ok
05:53:06.0703 1000 [ 544D486301588C8199187C9AB5778B4B ] C:\PROGRA~1\AVG\AVG2013\avgrsx.exe
05:53:06.0703 1000 C:\PROGRA~1\AVG\AVG2013\avgrsx.exe - ok
05:53:06.0718 1000 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
05:53:06.0718 1000 C:\WINDOWS\system32\sfcfiles.dll - ok
05:53:06.0718 1000 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
05:53:06.0718 1000 C:\WINDOWS\system32\drivers\cdfs.sys - ok
05:53:06.0734 1000 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
05:53:06.0734 1000 C:\WINDOWS\system32\drivers\hidclass.sys - ok
05:53:06.0734 1000 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
05:53:06.0734 1000 C:\WINDOWS\system32\drivers\hidusb.sys - ok
05:53:06.0750 1000 [ A717C8721046828520C9EDF31288FC00 ] C:\WINDOWS\system32\drivers\usbprint.sys
05:53:06.0750 1000 C:\WINDOWS\system32\drivers\usbprint.sys - ok
05:53:06.0750 1000 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] C:\WINDOWS\system32\drivers\usbscan.sys
05:53:06.0750 1000 C:\WINDOWS\system32\drivers\usbscan.sys - ok
05:53:06.0765 1000 [ CF7E041663119E09D2E118521ADA9300 ] C:\WINDOWS\system32\drivers\nuidfltr.sys
05:53:06.0765 1000 C:\WINDOWS\system32\drivers\nuidfltr.sys - ok
05:53:06.0765 1000 [ FD47474BD21794508AF449D9D91AF6E6 ] C:\WINDOWS\system32\drivers\wdf01000.sys
05:53:06.0765 1000 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
05:53:06.0781 1000 [ DED98A3E466251CCAB93D579144B048C ] C:\WINDOWS\system32\drivers\wdfldr.sys
05:53:06.0781 1000 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
05:53:06.0781 1000 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
05:53:06.0781 1000 C:\WINDOWS\system32\drivers\mouhid.sys - ok
05:53:06.0796 1000 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
05:53:06.0796 1000 C:\WINDOWS\system32\drivers\wmilib.sys - ok
05:53:06.0796 1000 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] C:\WINDOWS\system32\drivers\atapi.sys
05:53:06.0796 1000 C:\WINDOWS\system32\drivers\atapi.sys - ok
05:53:06.0812 1000 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
05:53:06.0812 1000 C:\WINDOWS\system32\drivers\dxapi.sys - ok
05:53:06.0812 1000 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
05:53:06.0812 1000 C:\WINDOWS\system32\watchdog.sys - ok
05:53:06.0828 1000 [ 9A5E4D7820FF9A55B4639B32420B10EC ] C:\WINDOWS\system32\win32k.sys
05:53:06.0828 1000 C:\WINDOWS\system32\win32k.sys - ok
05:53:06.0828 1000 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
05:53:06.0828 1000 C:\WINDOWS\system32\csrss.exe - ok
05:53:06.0843 1000 [ DD40363ABAD230A84C5E2178B11EFA88 ] C:\WINDOWS\system32\csrsrv.dll
05:53:06.0843 1000 C:\WINDOWS\system32\csrsrv.dll - ok
05:53:06.0843 1000 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
05:53:06.0843 1000 C:\WINDOWS\system32\basesrv.dll - ok
05:53:06.0859 1000 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
05:53:06.0859 1000 C:\WINDOWS\system32\winsrv.dll - ok
05:53:06.0859 1000 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
05:53:06.0859 1000 C:\WINDOWS\system32\gdi32.dll - ok
05:53:06.0859 1000 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
05:53:06.0859 1000 C:\WINDOWS\system32\kernel32.dll - ok
05:53:06.0875 1000 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
05:53:06.0875 1000 C:\WINDOWS\system32\user32.dll - ok
05:53:06.0875 1000 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
05:53:06.0875 1000 C:\WINDOWS\system32\drivers\dxg.sys - ok
05:53:06.0890 1000 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
05:53:06.0890 1000 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
05:53:06.0890 1000 [ 586519871167D5D3D41EF32E61E492BF ] C:\WINDOWS\system32\ialmdnt5.dll
05:53:06.0890 1000 C:\WINDOWS\system32\ialmdnt5.dll - ok
05:53:06.0906 1000 [ 6826E1E4D27C3E88777C9AD273A2FFB9 ] C:\WINDOWS\system32\ialmrnt5.dll
05:53:06.0906 1000 C:\WINDOWS\system32\ialmrnt5.dll - ok
05:53:06.0906 1000 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
05:53:06.0906 1000 C:\WINDOWS\system32\vga.dll - ok
05:53:06.0921 1000 [ A9846CC8B3DFEBEEEF4D73ED6476D984 ] C:\WINDOWS\system32\ialmdev5.dll
05:53:06.0921 1000 C:\WINDOWS\system32\ialmdev5.dll - ok
05:53:06.0921 1000 [ EDB09E9C4D9D83A178059392CCE49FEA ] C:\WINDOWS\system32\ialmdd5.dll
05:53:06.0921 1000 C:\WINDOWS\system32\ialmdd5.dll - ok
05:53:06.0937 1000 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
05:53:06.0937 1000 C:\WINDOWS\system32\winlogon.exe - ok
05:53:06.0937 1000 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
05:53:06.0937 1000 C:\WINDOWS\system32\advapi32.dll - ok
05:53:06.0953 1000 [ D4502F124289A31976130CCCB014C9AA ] C:\WINDOWS\system32\rpcrt4.dll
05:53:06.0953 1000 C:\WINDOWS\system32\rpcrt4.dll - ok
05:53:06.0953 1000 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
05:53:06.0953 1000 C:\WINDOWS\system32\secur32.dll - ok
05:53:06.0968 1000 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
05:53:06.0968 1000 C:\WINDOWS\system32\authz.dll - ok
05:53:06.0968 1000 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
05:53:06.0968 1000 C:\WINDOWS\system32\msvcrt.dll - ok
05:53:06.0984 1000 [ 6BEE5D4EFF0A0341BCC4A462D81CCFC1 ] C:\WINDOWS\system32\crypt32.dll
05:53:06.0984 1000 C:\WINDOWS\system32\crypt32.dll - ok
05:53:06.0984 1000 [ 04D898830DF96A17A20FD35D7590F87E ] C:\WINDOWS\system32\msasn1.dll
05:53:06.0984 1000 C:\WINDOWS\system32\msasn1.dll - ok
05:53:06.0984 1000 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
05:53:06.0984 1000 C:\WINDOWS\system32\nddeapi.dll - ok
05:53:07.0000 1000 [ CAC752BF84DB4666ED3CE0948E6EA937 ] C:\WINDOWS\system32\netapi32.dll
05:53:07.0000 1000 C:\WINDOWS\system32\netapi32.dll - ok
05:53:07.0000 1000 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
05:53:07.0000 1000 C:\WINDOWS\system32\profmap.dll - ok
05:53:07.0015 1000 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
05:53:07.0015 1000 C:\WINDOWS\system32\userenv.dll - ok
05:53:07.0015 1000 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
05:53:07.0015 1000 C:\WINDOWS\system32\psapi.dll - ok
05:53:07.0031 1000 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
05:53:07.0031 1000 C:\WINDOWS\system32\regapi.dll - ok
05:53:07.0031 1000 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
05:53:07.0031 1000 C:\WINDOWS\system32\setupapi.dll - ok
05:53:07.0046 1000 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
05:53:07.0046 1000 C:\WINDOWS\system32\version.dll - ok
05:53:07.0046 1000 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
05:53:07.0046 1000 C:\WINDOWS\system32\winsta.dll - ok
05:53:07.0062 1000 [ D458B738B4C2CE33174CFB2CE12412DB ] C:\WINDOWS\system32\wintrust.dll
05:53:07.0062 1000 C:\WINDOWS\system32\wintrust.dll - ok
05:53:07.0062 1000 [ FFC01A72D1C25CCB39F61B202CE60819 ] C:\WINDOWS\system32\imagehlp.dll
05:53:07.0062 1000 C:\WINDOWS\system32\imagehlp.dll - ok
05:53:07.0078 1000 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
05:53:07.0078 1000 C:\WINDOWS\system32\ws2help.dll - ok
05:53:07.0078 1000 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
05:53:07.0078 1000 C:\WINDOWS\system32\ws2_32.dll - ok
05:53:07.0093 1000 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
05:53:07.0093 1000 C:\WINDOWS\system32\imm32.dll - ok
05:53:07.0093 1000 [ C448A248B743F5FB935C787A5D97268B ] C:\WINDOWS\system32\shlwapi.dll
05:53:07.0093 1000 C:\WINDOWS\system32\shlwapi.dll - ok
05:53:07.0109 1000 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
05:53:07.0109 1000 C:\WINDOWS\system32\atl.dll - ok
05:53:07.0109 1000 [ 6CE32F7778061CCC5814D5E0F282D369 ] C:\WINDOWS\system32\wininet.dll
05:53:07.0109 1000 C:\WINDOWS\system32\wininet.dll - ok
05:53:07.0109 1000 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
05:53:07.0109 1000 C:\WINDOWS\system32\normaliz.dll - ok
05:53:07.0125 1000 [ 05642AE6A7BDAA7541A7451F5A4C6512 ] C:\WINDOWS\system32\urlmon.dll
05:53:07.0125 1000 C:\WINDOWS\system32\urlmon.dll - ok
05:53:07.0140 1000 [ 6BAD1BED9872E62049E487FB91AE2F3A ] C:\WINDOWS\system32\ole32.dll
05:53:07.0140 1000 C:\WINDOWS\system32\ole32.dll - ok
05:53:07.0140 1000 [ 1B2BE5777F69A71778F52FFEE1C798D6 ] C:\WINDOWS\system32\oleaut32.dll
05:53:07.0140 1000 C:\WINDOWS\system32\oleaut32.dll - ok
05:53:07.0140 1000 [ 58BD4689E1DCD40A903721D7EF45F2EC ] C:\WINDOWS\system32\iertutil.dll
05:53:07.0140 1000 C:\WINDOWS\system32\iertutil.dll - ok
05:53:07.0156 1000 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
05:53:07.0156 1000 C:\WINDOWS\system32\sxs.dll - ok
05:53:07.0156 1000 [ 736B12B725AEB2B07F0241A9F680CB10 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
05:53:07.0156 1000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll - ok
05:53:07.0171 1000 [ 4A953F13942867BA8FB41F141EC1B80C ] C:\WINDOWS\system32\winmm.dll
05:53:07.0171 1000 C:\WINDOWS\system32\winmm.dll - ok
05:53:07.0171 1000 [ 6843D54BC4A40CC8C5741AF750233D10 ] C:\WINDOWS\system32\shell32.dll
05:53:07.0171 1000 C:\WINDOWS\system32\shell32.dll - ok
05:53:07.0187 1000 [ 93AFB83FBC1F9443CAC722FCA63D73BF ] C:\WINDOWS\system32\comctl32.dll
05:53:07.0187 1000 C:\WINDOWS\system32\comctl32.dll - ok
05:53:07.0187 1000 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
05:53:07.0187 1000 C:\WINDOWS\system32\kbdus.dll - ok
05:53:07.0203 1000 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
05:53:07.0203 1000 C:\WINDOWS\system32\msgina.dll - ok
05:53:07.0203 1000 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
05:53:07.0203 1000 C:\WINDOWS\system32\comdlg32.dll - ok
05:53:07.0218 1000 [ 40B0F98BAD16AD5DEF894E88C3EF8014 ] C:\WINDOWS\system32\odbc32.dll
05:53:07.0218 1000 C:\WINDOWS\system32\odbc32.dll - ok
05:53:07.0218 1000 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
05:53:07.0218 1000 C:\WINDOWS\system32\odbcint.dll - ok
05:53:07.0234 1000 [ 99BC0B50F511924348BE19C7C7313BBF ] C:\WINDOWS\system32\shsvcs.dll
05:53:07.0234 1000 C:\WINDOWS\system32\shsvcs.dll - ok
05:53:07.0234 1000 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
05:53:07.0234 1000 C:\WINDOWS\system32\sfc.dll - ok
05:53:07.0250 1000 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
05:53:07.0250 1000 C:\WINDOWS\system32\sfc_os.dll - ok
05:53:07.0250 1000 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
05:53:07.0250 1000 C:\WINDOWS\system32\apphelp.dll - ok
05:53:07.0265 1000 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
05:53:07.0265 1000 C:\WINDOWS\system32\lsass.exe - ok
05:53:07.0265 1000 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
05:53:07.0265 1000 C:\WINDOWS\system32\services.exe - ok
05:53:07.0281 1000 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
05:53:07.0281 1000 C:\WINDOWS\system32\msvcp60.dll - ok
05:53:07.0281 1000 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
05:53:07.0281 1000 C:\WINDOWS\system32\ncobjapi.dll - ok
05:53:07.0296 1000 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
05:53:07.0296 1000 C:\WINDOWS\system32\scesrv.dll - ok
05:53:07.0296 1000 [ BD31DC6DBE9333C4FBD4BDF0899F2160 ] C:\WINDOWS\system32\lsasrv.dll
05:53:07.0296 1000 C:\WINDOWS\system32\lsasrv.dll - ok
05:53:07.0312 1000 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
05:53:07.0312 1000 C:\WINDOWS\system32\umpnpmgr.dll - ok
05:53:07.0312 1000 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
05:53:07.0312 1000 C:\WINDOWS\system32\shimeng.dll - ok
05:53:07.0328 1000 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\AcAdProc.dll
05:53:07.0328 1000 C:\WINDOWS\AppPatch\AcAdProc.dll - ok
05:53:07.0328 1000 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
05:53:07.0328 1000 C:\WINDOWS\system32\mpr.dll - ok
05:53:07.0343 1000 [ 389496118B3B03C2328024AF320132AC ] C:\WINDOWS\system32\dnsapi.dll
05:53:07.0343 1000 C:\WINDOWS\system32\dnsapi.dll - ok
05:53:07.0343 1000 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
05:53:07.0343 1000 C:\WINDOWS\system32\ntdsapi.dll - ok
05:53:07.0359 1000 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
05:53:07.0359 1000 C:\WINDOWS\system32\wldap32.dll - ok
05:53:07.0359 1000 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
05:53:07.0359 1000 C:\WINDOWS\system32\samlib.dll - ok
05:53:07.0375 1000 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
05:53:07.0375 1000 C:\WINDOWS\system32\samsrv.dll - ok
05:53:07.0375 1000 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\AcGenral.dll
05:53:07.0375 1000 C:\WINDOWS\AppPatch\AcGenral.dll - ok
05:53:07.0390 1000 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
05:53:07.0390 1000 C:\WINDOWS\system32\cryptdll.dll - ok
05:53:07.0390 1000 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
05:53:07.0390 1000 C:\WINDOWS\system32\msacm32.dll - ok
05:53:07.0406 1000 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
05:53:07.0406 1000 C:\WINDOWS\system32\uxtheme.dll - ok
05:53:07.0406 1000 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
05:53:07.0406 1000 C:\WINDOWS\system32\msapsspc.dll - ok
05:53:07.0421 1000 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
05:53:07.0421 1000 C:\WINDOWS\system32\msvcrt40.dll - ok
05:53:07.0421 1000 [ 0F64207B49390C8063C36AE7CBF9C2DB ] C:\WINDOWS\system32\schannel.dll
05:53:07.0421 1000 C:\WINDOWS\system32\schannel.dll - ok
05:53:07.0437 1000 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
05:53:07.0437 1000 C:\WINDOWS\system32\digest.dll - ok
05:53:07.0437 1000 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
05:53:07.0437 1000 C:\WINDOWS\system32\msnsspc.dll - ok
05:53:07.0453 1000 [ A525C96C51D55111FDF3BEA9FFFFC7AE ] C:\WINDOWS\system32\kerberos.dll
05:53:07.0453 1000 C:\WINDOWS\system32\kerberos.dll - ok
05:53:07.0453 1000 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\MSCTFIME.IME
05:53:07.0453 1000 C:\WINDOWS\system32\MSCTFIME.IME - ok
05:53:07.0468 1000 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
05:53:07.0468 1000 C:\WINDOWS\system32\msprivs.dll - ok
05:53:07.0468 1000 [ 517561A1113B04E51D936CD018DE1C1F ] C:\WINDOWS\system32\msv1_0.dll
05:53:07.0468 1000 C:\WINDOWS\system32\msv1_0.dll - ok
05:53:07.0484 1000 [ 1E644E3533DCE2B580A663AE1ACBD539 ] C:\WINDOWS\system32\atmfd.dll
05:53:07.0484 1000 C:\WINDOWS\system32\atmfd.dll - ok
05:53:07.0484 1000 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
05:53:07.0484 1000 C:\WINDOWS\system32\iphlpapi.dll - ok
05:53:07.0484 1000 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
05:53:07.0484 1000 C:\WINDOWS\system32\netlogon.dll - ok
05:53:07.0500 1000 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
05:53:07.0500 1000 C:\WINDOWS\system32\w32time.dll - ok
05:53:07.0500 1000 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
05:53:07.0500 1000 C:\WINDOWS\system32\wdigest.dll - ok
05:53:07.0515 1000 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
05:53:07.0515 1000 C:\WINDOWS\system32\rsaenh.dll - ok
05:53:07.0515 1000 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
05:53:07.0515 1000 C:\WINDOWS\system32\winscard.dll - ok
05:53:07.0531 1000 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
05:53:07.0531 1000 C:\WINDOWS\system32\wtsapi32.dll - ok
05:53:07.0546 1000 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
05:53:07.0546 1000 C:\WINDOWS\system32\scecli.dll - ok
05:53:07.0546 1000 [ DE6ED95AEF259979B2830450072A627B ] C:\WINDOWS\system32\drivers\aswFsBlk.sys
05:53:07.0546 1000 C:\WINDOWS\system32\drivers\aswFsBlk.sys - ok
05:53:07.0562 1000 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
05:53:07.0562 1000 C:\WINDOWS\system32\svchost.exe - ok
05:53:07.0562 1000 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
05:53:07.0562 1000 C:\WINDOWS\system32\ntmarta.dll - ok
05:53:07.0578 1000 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
05:53:07.0578 1000 C:\WINDOWS\system32\rpcss.dll - ok
05:53:07.0578 1000 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
05:53:07.0578 1000 C:\WINDOWS\system32\xpsp2res.dll - ok
05:53:07.0593 1000 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
05:53:07.0593 1000 C:\WINDOWS\system32\eventlog.dll - ok
05:53:07.0593 1000 [ 943337D786A56729263071623BBB9DE5 ] C:\WINDOWS\system32\mswsock.dll
05:53:07.0593 1000 C:\WINDOWS\system32\mswsock.dll - ok
05:53:07.0609 1000 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
05:53:07.0609 1000 C:\WINDOWS\system32\hnetcfg.dll - ok
05:53:07.0609 1000 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
05:53:07.0609 1000 C:\WINDOWS\system32\wshtcpip.dll - ok
05:53:07.0625 1000 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
05:53:07.0625 1000 C:\WINDOWS\system32\winrnr.dll - ok
05:53:07.0625 1000 [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
05:53:07.0625 1000 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
05:53:07.0640 1000 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
05:53:07.0640 1000 C:\WINDOWS\system32\rasadhlp.dll - ok
05:53:07.0640 1000 [ 9AC7F31404F784753C4C04296E48CFAB ] C:\Program Files\Microsoft Security Client\MpSvc.dll
05:53:07.0640 1000 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
05:53:07.0656 1000 [ 84204FDA617A3611D510A1DCBAE64004 ] C:\Program Files\Microsoft Security Client\MpClient.dll
05:53:07.0656 1000 C:\Program Files\Microsoft Security Client\MpClient.dll - ok
05:53:07.0656 1000 [ 2081A5B5E4ABA206A0A8A1A97DF0FB23 ] C:\WINDOWS\system32\logonui.exe
05:53:07.0656 1000 C:\WINDOWS\system32\logonui.exe - ok
05:53:07.0671 1000 [ 7C29BC74635524E13FAA556A5FD48968 ] C:\Program Files\Microsoft Security Client\MpRTP.dll
05:53:07.0671 1000 C:\Program Files\Microsoft Security Client\MpRTP.dll - ok
05:53:07.0671 1000 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
05:53:07.0671 1000 C:\WINDOWS\system32\fltlib.dll - ok
05:53:07.0671 1000 [ 11F06C27DAD83CD5E907D664CA591805 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D63DE6F-BA01-4056-A38E-4FF69FB43873}\mpengine.dll
05:53:07.0671 1000 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D63DE6F-BA01-4056-A38E-4FF69FB43873}\mpengine.dll - ok
05:53:07.0687 1000 [ 3D41A9326F0376FC73AF961DD23B1FB1 ] C:\WINDOWS\system32\duser.dll
05:53:07.0687 1000 C:\WINDOWS\system32\duser.dll - ok
05:53:07.0703 1000 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
05:53:07.0703 1000 C:\WINDOWS\system32\dsound.dll - ok
05:53:07.0703 1000 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
05:53:07.0703 1000 C:\WINDOWS\system32\msimg32.dll - ok
05:53:07.0718 1000 [ 20200EE3CFE10E9F0C028D8653BE11C6 ] C:\WINDOWS\system32\oleacc.dll
05:53:07.0718 1000 C:\WINDOWS\system32\oleacc.dll - ok
05:53:07.0718 1000 [ F927A4434C5028758A842943EF1A3849 ] C:\WINDOWS\system32\drivers\ndisuio.sys
05:53:07.0718 1000 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
05:53:07.0734 1000 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
05:53:07.0734 1000 C:\WINDOWS\system32\dhcpcsvc.dll - ok
05:53:07.0734 1000 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
05:53:07.0734 1000 C:\WINDOWS\system32\cscdll.dll - ok
05:53:07.0750 1000 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
05:53:07.0750 1000 C:\WINDOWS\system32\clbcatq.dll - ok
05:53:07.0750 1000 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
05:53:07.0750 1000 C:\WINDOWS\system32\dimsntfy.dll - ok
05:53:07.0765 1000 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
05:53:07.0765 1000 C:\WINDOWS\system32\wlnotify.dll - ok
05:53:07.0765 1000 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
05:53:07.0765 1000 C:\WINDOWS\system32\winspool.drv - ok
05:53:07.0781 1000 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
05:53:07.0781 1000 C:\WINDOWS\system32\comres.dll - ok
05:53:07.0781 1000 [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
05:53:07.0781 1000 C:\WINDOWS\system32\WgaLogon.dll - ok
05:53:07.0781 1000 [ E5EDBD51476DB5001ABF5C82AE5C3DD1 ] C:\WINDOWS\system32\shgina.dll
05:53:07.0781 1000 C:\WINDOWS\system32\shgina.dll - ok
05:53:07.0796 1000 [ ACFEE2392503DD5E457363A0510B8BCB ] C:\WINDOWS\system32\msxml3.dll
05:53:07.0796 1000 C:\WINDOWS\system32\msxml3.dll - ok
05:53:07.0796 1000 [ 5F7E24FA9EAB896051FFB87F840730D2 ] C:\WINDOWS\system32\dnsrslvr.dll
05:53:07.0796 1000 C:\WINDOWS\system32\dnsrslvr.dll - ok
05:53:07.0812 1000 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
05:53:07.0812 1000 C:\WINDOWS\system32\cscui.dll - ok
05:53:07.0812 1000 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
05:53:07.0812 1000 C:\WINDOWS\system32\powrprof.dll - ok
05:53:07.0828 1000 [ 2BC7128348265CABA9BBC058729A8B7B ] C:\WINDOWS\system32\dpcdll.dll
05:53:07.0828 1000 C:\WINDOWS\system32\dpcdll.dll - ok
05:53:07.0828 1000 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
05:53:07.0828 1000 C:\WINDOWS\system32\lmhsvc.dll - ok
05:53:07.0843 1000 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
05:53:07.0843 1000 C:\WINDOWS\system32\wzcsvc.dll - ok
05:53:07.0859 1000 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
05:53:07.0859 1000 C:\WINDOWS\system32\userinit.exe - ok
05:53:07.0859 1000 [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
05:53:07.0859 1000 C:\WINDOWS\system32\WgaTray.exe - ok
05:53:07.0859 1000 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
05:53:07.0859 1000 C:\WINDOWS\system32\rtutils.dll - ok
05:53:07.0875 1000 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
05:53:07.0875 1000 C:\WINDOWS\system32\wmi.dll - ok
05:53:07.0875 1000 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
05:53:07.0875 1000 C:\WINDOWS\system32\eapolqec.dll - ok
05:53:07.0890 1000 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
05:53:07.0890 1000 C:\WINDOWS\system32\qutil.dll - ok
05:53:07.0890 1000 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
05:53:07.0890 1000 C:\WINDOWS\system32\dot3api.dll - ok
05:53:07.0906 1000 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
05:53:07.0906 1000 C:\WINDOWS\system32\esent.dll - ok
05:53:07.0906 1000 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
05:53:07.0906 1000 C:\WINDOWS\explorer.exe - ok
05:53:07.0906 1000 [ 84F0BE324EE111338589F448C3E8BAB2 ] C:\WINDOWS\system32\drivers\aswmon2.sys
05:53:07.0906 1000 C:\WINDOWS\system32\drivers\aswmon2.sys - ok
05:53:07.0921 1000 [ A39BE37C9237DB5F1990D61B268EA555 ] C:\WINDOWS\system32\rastls.dll
05:53:07.0921 1000 C:\WINDOWS\system32\rastls.dll - ok
05:53:07.0921 1000 [ 8FA553E9AE69808D99C164733A0F9590 ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
05:53:07.0921 1000 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
05:53:07.0937 1000 [ F1ABAB991229965F9150E41D9DEE8428 ] C:\WINDOWS\system32\browseui.dll
05:53:07.0937 1000 C:\WINDOWS\system32\browseui.dll - ok
05:53:07.0937 1000 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
05:53:07.0937 1000 C:\WINDOWS\system32\cryptui.dll - ok
05:53:07.0953 1000 [ EB398DED91CFF2F425610EAA2CCF2A23 ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
05:53:07.0953 1000 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
05:53:07.0953 1000 [ BABE99A18A382A5E2F99B48E0BC3E0D4 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
05:53:07.0953 1000 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
05:53:07.0968 1000 [ 178B51198B7B46CD3C5E744474459A63 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
05:53:07.0968 1000 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
05:53:07.0968 1000 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
05:53:07.0968 1000 C:\WINDOWS\system32\cryptnet.dll - ok
05:53:07.0984 1000 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
05:53:07.0984 1000 C:\WINDOWS\system32\sensapi.dll - ok
05:53:07.0984 1000 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
05:53:07.0984 1000 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
05:53:08.0000 1000 [ 400A67E55C3D54A1993EB4C7241B8ABB ] C:\WINDOWS\system32\shdocvw.dll
05:53:08.0000 1000 C:\WINDOWS\system32\shdocvw.dll - ok
05:53:08.0000 1000 [ 684559A03CBC1D05BA120A18B0D8BA5D ] C:\WINDOWS\system32\winhttp.dll
05:53:08.0000 1000 C:\WINDOWS\system32\winhttp.dll - ok
05:53:08.0015 1000 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
05:53:08.0015 1000 C:\WINDOWS\system32\mprapi.dll - ok
05:53:08.0015 1000 [ CC26451A90025F6C55F64146C333DEA5 ] C:\WINDOWS\system32\LegitCheckControl.dll
05:53:08.0015 1000 C:\WINDOWS\system32\LegitCheckControl.dll - ok
05:53:08.0031 1000 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
05:53:08.0031 1000 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
05:53:08.0031 1000 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
05:53:08.0031 1000 C:\WINDOWS\system32\activeds.dll - ok
05:53:08.0046 1000 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
05:53:08.0046 1000 C:\WINDOWS\system32\adsldpc.dll - ok
05:53:08.0046 1000 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
05:53:08.0046 1000 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
05:53:08.0046 1000 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
05:53:08.0062 1000 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
05:53:08.0062 1000 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
05:53:08.0062 1000 C:\WINDOWS\system32\rasapi32.dll - ok
05:53:08.0078 1000 [ 55AFA63F5F2A6CED0C09E2AFE57ECA8D ] C:\Program Files\AVAST Software\Avast\ashBase.dll
05:53:08.0078 1000 C:\Program Files\AVAST Software\Avast\ashBase.dll - ok
05:53:08.0078 1000 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
05:53:08.0078 1000 C:\WINDOWS\system32\wsock32.dll - ok
05:53:08.0093 1000 [ C515CAEC6B3C6970007954C0250A124C ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
05:53:08.0093 1000 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
05:53:08.0093 1000 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
05:53:08.0093 1000 C:\WINDOWS\system32\rasman.dll - ok
05:53:08.0109 1000 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
05:53:08.0109 1000 C:\WINDOWS\system32\riched20.dll - ok
05:53:08.0109 1000 [ B6E6F3F5B63053D5DC1F4EE32992492F ] C:\WINDOWS\system32\dbghelp.dll
05:53:08.0109 1000 C:\WINDOWS\system32\dbghelp.dll - ok
05:53:08.0109 1000 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
05:53:08.0109 1000 C:\WINDOWS\system32\tapi32.dll - ok
05:53:08.0125 1000 [ 4D153BDE01AA3FD33414199052051549 ] C:\Program Files\AVAST Software\Avast\ashShell.dll
05:53:08.0125 1000 C:\Program Files\AVAST Software\Avast\ashShell.dll - ok
05:53:08.0125 1000 [ B316906B4A04DD39985350D29DE31068 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
05:53:08.0125 1000 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
05:53:08.0140 1000 [ D3F72D50DE53F9F1F55240115AF4D42E ] C:\WINDOWS\system32\msi.dll
05:53:08.0140 1000 C:\WINDOWS\system32\msi.dll - ok
05:53:08.0140 1000 [ 977C54291BFA6FEE7FF865630E51757B ] C:\Program Files\AVAST Software\Avast\ashServ.dll
05:53:08.0140 1000 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
05:53:08.0156 1000 [ 045EE3DC56B12B404DC07848D8597C66 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
05:53:08.0156 1000 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
05:53:08.0156 1000 [ 16CE3ED063923253905341C9AF850FE7 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
05:53:08.0156 1000 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
05:53:08.0156 1000 [ 4FF19AC422B7709D786DE58B385C9647 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
05:53:08.0156 1000 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
05:53:08.0171 1000 [ FCA9CC8611654B790DD6242BF862B7F5 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
05:53:08.0171 1000 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
05:53:08.0187 1000 [ F186897E0A3B9D0784041221D0265069 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
05:53:08.0187 1000 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
05:53:08.0187 1000 [ 12B9869E74F9E698F550F04F8989C591 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
05:53:08.0187 1000 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
05:53:08.0187 1000 [ 6F367A9B88CFDD46F42C1D11E5CB7964 ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
05:53:08.0187 1000 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
05:53:08.0203 1000 [ C2434DEA392826C1687D9BD7FA4845BC ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
05:53:08.0203 1000 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
05:53:08.0203 1000 [ 902F670F58193A2BC30AA342B11B2C7B ] C:\Program Files\AVAST Software\Avast\aswIdle.dll
05:53:08.0203 1000 C:\Program Files\AVAST Software\Avast\aswIdle.dll - ok
05:53:08.0218 1000 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
05:53:08.0218 1000 C:\WINDOWS\system32\desk.cpl - ok
05:53:08.0218 1000 [ 264B5D8F4C70A26749FF2CEDDE06BA30 ] C:\Program Files\AVAST Software\Avast\aswDld.dll
05:53:08.0218 1000 C:\Program Files\AVAST Software\Avast\aswDld.dll - ok
05:53:08.0234 1000 [ 273FD83FC8C4E12F8C55381674F92A44 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
05:53:08.0234 1000 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
05:53:08.0234 1000 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
05:53:08.0234 1000 C:\WINDOWS\system32\themeui.dll - ok
05:53:08.0250 1000 [ 07875861B582427B8B97D720DB5EAF39 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswEngin.dll
05:53:08.0250 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswEngin.dll - ok
05:53:08.0250 1000 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] C:\WINDOWS\system32\schedsvc.dll
05:53:08.0250 1000 C:\WINDOWS\system32\schedsvc.dll - ok
05:53:08.0265 1000 [ A94AF354E4EA9C835DCF3E60EC75911C ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnOS.dll
05:53:08.0265 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnOS.dll - ok
05:53:08.0265 1000 [ F8AC522C1DAEED05BDA7C0E4E394BCD7 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnIS.dll
05:53:08.0265 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnIS.dll - ok
05:53:08.0281 1000 [ 56CE97FF94B7662A300D359CD6F4D601 ] C:\WINDOWS\system32\raschap.dll
05:53:08.0281 1000 C:\WINDOWS\system32\raschap.dll - ok
05:53:08.0281 1000 [ 1E7EAFF858538C516D7358C360605E3A ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnBS.dll
05:53:08.0281 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswCmnBS.dll - ok
05:53:08.0296 1000 [ 2E929D6CF669AEF225552EEA9BE7E150 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswScan.dll
05:53:08.0296 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswScan.dll - ok
05:53:08.0296 1000 [ 1752EE915B9003E1FD1FFB4DE63E538B ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswRep.dll
05:53:08.0296 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswRep.dll - ok
05:53:08.0312 1000 [ CE7828A0EA430338BBCFFC6914462BAA ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswFiDb.dll
05:53:08.0312 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswFiDb.dll - ok
05:53:08.0312 1000 [ D025E95247353BA8ADB53CFF3A4E5BBB ] C:\Program Files\AVAST Software\Avast\Setup\setiface.dll
05:53:08.0312 1000 C:\Program Files\AVAST Software\Avast\Setup\setiface.dll - ok
05:53:08.0328 1000 [ 2BD243BA4CD50EC05146317B7093FE6D ] C:\Program Files\AVAST Software\Avast\defs\12121000\algo.dll
05:53:08.0328 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\algo.dll - ok
05:53:08.0328 1000 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
05:53:08.0328 1000 C:\WINDOWS\system32\netman.dll - ok
05:53:08.0343 1000 [ FC5372FD2DEB28E847C8394C58BC76FA ] C:\Program Files\Microsoft Security Client\MpCmdRun.exe
05:53:08.0343 1000 C:\Program Files\Microsoft Security Client\MpCmdRun.exe - ok
05:53:08.0359 1000 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
05:53:08.0359 1000 C:\WINDOWS\system32\netshell.dll - ok
05:53:08.0359 1000 [ 60784F891563FB1B767F70117FC2428F ] C:\WINDOWS\system32\spoolsv.exe
05:53:08.0359 1000 C:\WINDOWS\system32\spoolsv.exe - ok
05:53:08.0359 1000 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
05:53:08.0359 1000 C:\WINDOWS\system32\credui.dll - ok
05:53:08.0375 1000 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
05:53:08.0375 1000 C:\WINDOWS\system32\dot3dlg.dll - ok
05:53:08.0375 1000 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
05:53:08.0375 1000 C:\WINDOWS\system32\onex.dll - ok
05:53:08.0390 1000 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
05:53:08.0390 1000 C:\WINDOWS\system32\eappcfg.dll - ok
05:53:08.0390 1000 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
05:53:08.0390 1000 C:\WINDOWS\system32\eappprxy.dll - ok
05:53:08.0406 1000 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
05:53:08.0406 1000 C:\WINDOWS\system32\wzcsapi.dll - ok
05:53:08.0421 1000 [ E47E364C96467FD54FA44D59F927C3AB ] C:\WINDOWS\system32\msidle.dll
05:53:08.0421 1000 C:\WINDOWS\system32\msidle.dll - ok
05:53:08.0421 1000 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
05:53:08.0421 1000 C:\WINDOWS\system32\audiosrv.dll - ok
05:53:08.0421 1000 [ 729DA5D23A9AD20A6AA353156A126420 ] C:\WINDOWS\system32\ieframe.dll
05:53:08.0421 1000 C:\WINDOWS\system32\ieframe.dll - ok
05:53:08.0437 1000 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
05:53:08.0437 1000 C:\WINDOWS\system32\cabinet.dll - ok
05:53:08.0453 1000 [ 3B47E60E1012B23873ED2E4A9B4F2310 ] C:\Program Files\Microsoft Security Client\MsseWat.dll
05:53:08.0453 1000 C:\Program Files\Microsoft Security Client\MsseWat.dll - ok
05:53:08.0453 1000 [ A26E0A6A7EBB45815A3583E170C27031 ] C:\Program Files\Microsoft Security Client\LegitLib.dll
05:53:08.0453 1000 C:\Program Files\Microsoft Security Client\LegitLib.dll - ok
05:53:08.0468 1000 [ 9C09AF87AC7351985AB5FFBA3FC52575 ] C:\Program Files\AVAST Software\Avast\AhResBhv.dll
05:53:08.0468 1000 C:\Program Files\AVAST Software\Avast\AhResBhv.dll - ok
05:53:08.0468 1000 [ E844C96552989FA1ECA95778583A904C ] C:\Program Files\AVAST Software\Avast\AhResJs.dll
05:53:08.0468 1000 C:\Program Files\AVAST Software\Avast\AhResJs.dll - ok
05:53:08.0484 1000 [ 17F5861A03516864A5F4CC04C7324278 ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
05:53:08.0484 1000 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
05:53:08.0484 1000 [ 8BEC10C53E927CD5E442FE332804F1AC ] C:\Program Files\AVAST Software\Avast\AhResMes.dll
05:53:08.0484 1000 C:\Program Files\AVAST Software\Avast\AhResMes.dll - ok
05:53:08.0500 1000 [ 9B2F20ECF609EDF54FEC43E792028261 ] C:\Program Files\AVAST Software\Avast\AhResNS.dll
05:53:08.0500 1000 C:\Program Files\AVAST Software\Avast\AhResNS.dll - ok
05:53:08.0500 1000 [ 7F19838AC317C34FCED020BE529AF71E ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
05:53:08.0500 1000 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
05:53:08.0515 1000 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
05:53:08.0515 1000 C:\WINDOWS\system32\actxprxy.dll - ok
05:53:08.0515 1000 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
05:53:08.0515 1000 C:\WINDOWS\system32\wkssvc.dll - ok
05:53:08.0515 1000 [ 857661F2E5A677CFB6D3B2CF6E428227 ] C:\Program Files\AVAST Software\Avast\AhResP2P.dll
05:53:08.0531 1000 C:\Program Files\AVAST Software\Avast\AhResP2P.dll - ok
05:53:08.0531 1000 [ 2466ED58B8EFB3320BCA73ACF8179D24 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
05:53:08.0531 1000 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
05:53:08.0531 1000 [ 5D9550E02D981B92B133E5F8F7BDF8D2 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
05:53:08.0531 1000 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
05:53:08.0546 1000 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
05:53:08.0546 1000 C:\WINDOWS\system32\cmd.exe - ok
05:53:08.0562 1000 [ 72A7C1EC4D3BF38CB115395AD721AE3C ] C:\Program Files\AVAST Software\Avast\defs\12121000\ArPot.dll
05:53:08.0562 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\ArPot.dll - ok
05:53:08.0562 1000 [ 1ABFFB6ABE8B70EDA4206F0F3D3D72F4 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
05:53:08.0562 1000 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
05:53:08.0578 1000 [ CFB3EEDF620E7F32464A3091BA76D5E8 ] C:\Program Files\AVAST Software\Avast\defs\12121000\exts.dll
05:53:08.0578 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\exts.dll - ok
05:53:08.0578 1000 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
05:53:08.0578 1000 C:\WINDOWS\system32\wdmaud.drv - ok
05:53:08.0593 1000 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
05:53:08.0593 1000 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
05:53:08.0593 1000 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
05:53:08.0593 1000 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
05:53:08.0609 1000 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
05:53:08.0609 1000 C:\WINDOWS\system32\drivers\splitter.sys - ok
05:53:08.0609 1000 [ 39EADCAA61372C038BCFED96DF5323DA ] C:\Program Files\AVAST Software\Avast\ashWebSv.dll
05:53:08.0609 1000 C:\Program Files\AVAST Software\Avast\ashWebSv.dll - ok
05:53:08.0609 1000 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
05:53:08.0609 1000 C:\WINDOWS\system32\drivers\aec.sys - ok
05:53:08.0625 1000 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
05:53:08.0625 1000 C:\WINDOWS\system32\drivers\swmidi.sys - ok
05:53:08.0625 1000 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\DMusic.sys
05:53:08.0625 1000 C:\WINDOWS\system32\drivers\DMusic.sys - ok
05:53:08.0640 1000 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
05:53:08.0640 1000 C:\WINDOWS\system32\drivers\kmixer.sys - ok
05:53:08.0640 1000 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
05:53:08.0640 1000 C:\WINDOWS\system32\security.dll - ok
05:53:08.0656 1000 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
05:53:08.0656 1000 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
05:53:08.0656 1000 [ 96386E75BCFED6F339BE01359D6CBFAF ] C:\Program Files\AVAST Software\Avast\ashWsFtr.dll
05:53:08.0656 1000 C:\Program Files\AVAST Software\Avast\ashWsFtr.dll - ok
05:53:08.0671 1000 [ 26BA928D3FBA2A12589A8A9B1A47FB08 ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswAR.dll
05:53:08.0671 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswAR.dll - ok
05:53:08.0671 1000 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
05:53:08.0671 1000 C:\WINDOWS\system32\spoolss.dll - ok
05:53:08.0687 1000 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
05:53:08.0687 1000 C:\WINDOWS\system32\msacm32.drv - ok
05:53:08.0687 1000 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
05:53:08.0687 1000 C:\WINDOWS\system32\midimap.dll - ok
05:53:08.0703 1000 [ 0D0FA4434A9434641AB0A6332AC5560A ] C:\Program Files\AVAST Software\Avast\defs\12121000\aswRawFS.dll
05:53:08.0703 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\aswRawFS.dll - ok
05:53:08.0703 1000 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
05:53:08.0703 1000 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
05:53:08.0718 1000 [ 893F8E81D1117C48CB9D6E9E5F64BAB1 ] C:\Program Files\AVAST Software\Avast\Setup\avast.setup
05:53:08.0718 1000 C:\Program Files\AVAST Software\Avast\Setup\avast.setup - ok
05:53:08.0718 1000 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
05:53:08.0734 1000 C:\WINDOWS\system32\es.dll - ok
05:53:08.0734 1000 [ D79D3EABD4730970770EFA530D094E0F ] C:\Program Files\AVAST Software\Avast\snxhk.dll
05:53:08.0734 1000 C:\Program Files\AVAST Software\Avast\snxhk.dll - ok
05:53:08.0750 1000 [ 5677DFE438EC1F009273FC84FEED6B10 ] C:\WINDOWS\system32\localspl.dll
05:53:08.0750 1000 C:\WINDOWS\system32\localspl.dll - ok
05:53:08.0750 1000 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
05:53:08.0750 1000 C:\WINDOWS\system32\cnbjmon.dll - ok
05:53:08.0765 1000 [ 0B467F470CC9918FDCEEDCFD7DC4D697 ] C:\WINDOWS\system32\oledlg.dll
05:53:08.0765 1000 C:\WINDOWS\system32\oledlg.dll - ok
05:53:08.0765 1000 [ 8A43F48D1FE0FA3F762A72D6D48E81AE ] C:\WINDOWS\system32\CNMLM8Z.DLL
05:53:08.0765 1000 C:\WINDOWS\system32\CNMLM8Z.DLL - ok
05:53:08.0781 1000 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
05:53:08.0781 1000 C:\WINDOWS\system32\pjlmon.dll - ok
05:53:08.0781 1000 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
05:53:08.0781 1000 C:\WINDOWS\system32\tcpmon.dll - ok
05:53:08.0796 1000 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
05:53:08.0796 1000 C:\WINDOWS\system32\usbmon.dll - ok
05:53:08.0796 1000 [ 21E3BD7693DBEC620075B8DA77E148B2 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8Z.DLL
05:53:08.0796 1000 C:\WINDOWS\system32\spool\prtprocs\w32x86\CNMPD8Z.DLL - ok
05:53:08.0796 1000 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
05:53:08.0796 1000 C:\WINDOWS\system32\webclnt.dll - ok
05:53:08.0812 1000 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
05:53:08.0812 1000 C:\WINDOWS\system32\drivers\parvdm.sys - ok
05:53:08.0828 1000 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
05:53:08.0828 1000 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
05:53:08.0828 1000 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
05:53:08.0828 1000 C:\WINDOWS\system32\qmgr.dll - ok
05:53:08.0843 1000 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
05:53:08.0843 1000 C:\WINDOWS\system32\win32spl.dll - ok
05:53:08.0843 1000 [ B591E761161D1EF547D76EF236EAA6A5 ] C:\Program Files\Java\jre7\bin\jqs.exe
05:53:08.0843 1000 C:\Program Files\Java\jre7\bin\jqs.exe - ok
05:53:08.0859 1000 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
05:53:08.0859 1000 C:\WINDOWS\system32\netrap.dll - ok
05:53:08.0859 1000 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
05:53:08.0859 1000 C:\WINDOWS\system32\inetpp.dll - ok
05:53:08.0859 1000 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
05:53:08.0859 1000 C:\WINDOWS\system32\shfolder.dll - ok
05:53:08.0875 1000 [ DEB04DA35CC871B6D309B77E1443C796 ] C:\WINDOWS\system32\hidserv.dll
05:53:08.0875 1000 C:\WINDOWS\system32\hidserv.dll - ok
05:53:08.0875 1000 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
05:53:08.0875 1000 C:\WINDOWS\system32\hid.dll - ok
05:53:08.0890 1000 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
05:53:08.0890 1000 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
05:53:08.0890 1000 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
05:53:08.0890 1000 C:\WINDOWS\system32\ersvc.dll - ok
05:53:08.0906 1000 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
05:53:08.0906 1000 C:\WINDOWS\system32\dmserver.dll - ok
05:53:08.0906 1000 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
05:53:08.0906 1000 C:\WINDOWS\system32\cryptsvc.dll - ok
05:53:08.0921 1000 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
05:53:08.0921 1000 C:\WINDOWS\system32\certcli.dll - ok
05:53:08.0921 1000 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Java\jre7\bin\msvcr100.dll
05:53:08.0921 1000 C:\Program Files\Java\jre7\bin\msvcr100.dll - ok
05:53:08.0937 1000 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
05:53:08.0937 1000 C:\WINDOWS\system32\pdh.dll - ok
05:53:08.0937 1000 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
05:53:08.0937 1000 C:\WINDOWS\system32\odbcbcp.dll - ok
05:53:08.0953 1000 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
05:53:08.0953 1000 C:\WINDOWS\system32\ipsecsvc.dll - ok
05:53:08.0953 1000 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\system32\drivers\secdrv.sys
05:53:08.0953 1000 C:\WINDOWS\system32\drivers\secdrv.sys - ok
05:53:08.0968 1000 [ 5B19B557B0C188210A56A6B699D90B8F ] C:\WINDOWS\system32\regsvc.dll
05:53:08.0968 1000 C:\WINDOWS\system32\regsvc.dll - ok
05:53:08.0968 1000 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] C:\WINDOWS\system32\srvsvc.dll
05:53:08.0968 1000 C:\WINDOWS\system32\srvsvc.dll - ok
05:53:08.0984 1000 [ C5FF8682EADA5B3B27A865F1C3EF9270 ] C:\WINDOWS\system32\oakley.dll
05:53:08.0984 1000 C:\WINDOWS\system32\oakley.dll - ok
05:53:08.0984 1000 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
05:53:08.0984 1000 C:\WINDOWS\system32\srsvc.dll - ok
05:53:09.0000 1000 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
05:53:09.0000 1000 C:\WINDOWS\system32\winipsec.dll - ok
05:53:09.0000 1000 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
05:53:09.0000 1000 C:\WINDOWS\system32\pstorsvc.dll - ok
05:53:09.0015 1000 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
05:53:09.0015 1000 C:\WINDOWS\system32\psbase.dll - ok
05:53:09.0031 1000 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
05:53:09.0031 1000 C:\WINDOWS\system32\dssenh.dll - ok
05:53:09.0031 1000 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
05:53:09.0031 1000 C:\WINDOWS\system32\wiaservc.dll - ok
05:53:09.0046 1000 [ 7DB85B78309C05C9F06F469ED976DC9E ] C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
05:53:09.0046 1000 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe - ok
05:53:09.0046 1000 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
05:53:09.0046 1000 C:\WINDOWS\system32\perfos.dll - ok
05:53:09.0046 1000 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
05:53:09.0046 1000 C:\WINDOWS\system32\cfgmgr32.dll - ok
05:53:09.0062 1000 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
05:53:09.0062 1000 C:\WINDOWS\system32\netmsg.dll - ok
05:53:09.0062 1000 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
05:53:09.0062 1000 C:\WINDOWS\system32\mscms.dll - ok
05:53:09.0078 1000 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
05:53:09.0078 1000 C:\WINDOWS\system32\perfdisk.dll - ok
05:53:09.0078 1000 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
05:53:09.0078 1000 C:\WINDOWS\system32\sens.dll - ok
05:53:09.0093 1000 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
05:53:09.0093 1000 C:\WINDOWS\system32\seclogon.dll - ok
05:53:09.0093 1000 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
05:53:09.0093 1000 C:\WINDOWS\system32\trkwks.dll - ok
05:53:09.0109 1000 [ 137B36FFED1BE31BA64BF7872460B5D4 ] C:\WINDOWS\system32\CNC310C.DLL
05:53:09.0109 1000 C:\WINDOWS\system32\CNC310C.DLL - ok
05:53:09.0109 1000 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] C:\WINDOWS\system32\drivers\srv.sys
05:53:09.0109 1000 C:\WINDOWS\system32\drivers\srv.sys - ok
05:53:09.0109 1000 [ BE0B3774113713059527FCF071CCDBFE ] C:\Program Files\Webroot\Washer\WasherSvc.exe
05:53:09.0109 1000 C:\Program Files\Webroot\Washer\WasherSvc.exe - ok
05:53:09.0125 1000 [ 9E3260C2BC4FF728B52D3BC5E9D28F12 ] C:\WINDOWS\system32\CNC310L.DLL
05:53:09.0125 1000 C:\WINDOWS\system32\CNC310L.DLL - ok
05:53:09.0125 1000 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
05:53:09.0125 1000 C:\WINDOWS\system32\wuauserv.dll - ok
05:53:09.0140 1000 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
05:53:09.0140 1000 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
05:53:09.0140 1000 [ 28DAFF4640FE4AB37BA90A91AB4CB51E ] C:\WINDOWS\twain_32\MX310 series\USDRESUS.DLL
05:53:09.0140 1000 C:\WINDOWS\twain_32\MX310 series\USDRESUS.DLL - ok
05:53:09.0156 1000 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
05:53:09.0156 1000 C:\WINDOWS\system32\vssapi.dll - ok
05:53:09.0156 1000 [ FC3EC24FCE372C89423E015A2AC1A31E ] C:\WINDOWS\system32\wuaueng.dll
05:53:09.0156 1000 C:\WINDOWS\system32\wuaueng.dll - ok
05:53:09.0171 1000 [ 5652F6CE1D9E9D8068B9D29BC21B5409 ] C:\WINDOWS\system32\olepro32.dll
05:53:09.0171 1000 C:\WINDOWS\system32\olepro32.dll - ok
05:53:09.0171 1000 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
05:53:09.0171 1000 C:\WINDOWS\system32\mspatcha.dll - ok
05:53:09.0187 1000 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
05:53:09.0187 1000 C:\WINDOWS\system32\wscsvc.dll - ok
05:53:09.0187 1000 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
05:53:09.0187 1000 C:\WINDOWS\system32\ipnathlp.dll - ok
05:53:09.0203 1000 [ 3458EDA96E30FBD0477A2800D3FB1909 ] C:\WINDOWS\system32\wups.dll
05:53:09.0203 1000 C:\WINDOWS\system32\wups.dll - ok
05:53:09.0203 1000 [ CFD4E51402DA9838B5A04AE680AF54A0 ] C:\WINDOWS\system32\browser.dll
05:53:09.0203 1000 C:\WINDOWS\system32\browser.dll - ok
05:53:09.0218 1000 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
05:53:09.0218 1000 C:\WINDOWS\system32\comsvcs.dll - ok
05:53:09.0218 1000 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
05:53:09.0218 1000 C:\WINDOWS\system32\colbact.dll - ok
05:53:09.0234 1000 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
05:53:09.0234 1000 C:\WINDOWS\system32\mtxclu.dll - ok
05:53:09.0234 1000 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
05:53:09.0234 1000 C:\WINDOWS\system32\clusapi.dll - ok
05:53:09.0250 1000 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
05:53:09.0250 1000 C:\WINDOWS\system32\resutils.dll - ok
05:53:09.0250 1000 [ BDC0C99E472176C8C2C853A68ADC5073 ] C:\WINDOWS\system32\wups2.dll
05:53:09.0250 1000 C:\WINDOWS\system32\wups2.dll - ok
05:53:09.0265 1000 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
05:53:09.0265 1000 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
05:53:09.0265 1000 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
05:53:09.0265 1000 C:\WINDOWS\system32\wbem\esscli.dll - ok
05:53:09.0281 1000 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
05:53:09.0281 1000 C:\WINDOWS\system32\wbem\fastprox.dll - ok
05:53:09.0281 1000 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
05:53:09.0281 1000 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
05:53:09.0296 1000 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
05:53:09.0296 1000 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
05:53:09.0296 1000 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
05:53:09.0296 1000 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
05:53:09.0296 1000 [ 2E0B0A051FFAA86E358465BB0880D453 ] C:\WINDOWS\system32\wuauclt.exe
05:53:09.0296 1000 C:\WINDOWS\system32\wuauclt.exe - ok
05:53:09.0312 1000 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
05:53:09.0312 1000 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
05:53:09.0312 1000 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
05:53:09.0312 1000 C:\WINDOWS\system32\wbem\wbemess.dll - ok
05:53:09.0328 1000 [ 1A617835452EEE5060976C9B9F5FE635 ] C:\WINDOWS\system32\wuapi.dll
05:53:09.0328 1000 C:\WINDOWS\system32\wuapi.dll - ok
05:53:09.0328 1000 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
05:53:09.0328 1000 C:\WINDOWS\system32\wbem\ncprov.dll - ok
05:53:09.0343 1000 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
05:53:09.0343 1000 C:\WINDOWS\system32\termsrv.dll - ok
05:53:09.0343 1000 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
05:53:09.0343 1000 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
05:53:09.0359 1000 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
05:53:09.0359 1000 C:\WINDOWS\system32\icaapi.dll - ok
05:53:09.0359 1000 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
05:53:09.0359 1000 C:\WINDOWS\system32\mstlsapi.dll - ok
05:53:09.0375 1000 [ 037B1E7798960E0420003D05BB577EE6 ] C:\WINDOWS\system32\rundll32.exe
05:53:09.0375 1000 C:\WINDOWS\system32\rundll32.exe - ok
05:53:09.0375 1000 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
05:53:09.0375 1000 C:\WINDOWS\system32\tapisrv.dll - ok
05:53:09.0390 1000 [ 03C76895F47A1339A697269000675266 ] C:\WINDOWS\system32\newdev.dll
05:53:09.0390 1000 C:\WINDOWS\system32\newdev.dll - ok
05:53:09.0390 1000 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
05:53:09.0390 1000 C:\WINDOWS\system32\rasmans.dll - ok
05:53:09.0406 1000 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
05:53:09.0406 1000 C:\WINDOWS\system32\netcfgx.dll - ok
05:53:09.0406 1000 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
05:53:09.0406 1000 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
05:53:09.0421 1000 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
05:53:09.0421 1000 C:\WINDOWS\system32\rastapi.dll - ok
05:53:09.0421 1000 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
05:53:09.0421 1000 C:\WINDOWS\system32\alg.exe - ok
05:53:09.0437 1000 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
05:53:09.0437 1000 C:\WINDOWS\system32\unimdm.tsp - ok
05:53:09.0437 1000 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
05:53:09.0437 1000 C:\WINDOWS\system32\uniplat.dll - ok
05:53:09.0453 1000 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
05:53:09.0453 1000 C:\WINDOWS\system32\licwmi.dll - ok
05:53:09.0453 1000 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
05:53:09.0453 1000 C:\WINDOWS\system32\wbem\framedyn.dll - ok
05:53:09.0468 1000 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
05:53:09.0468 1000 C:\WINDOWS\system32\licdll.dll - ok
05:53:09.0468 1000 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
05:53:09.0468 1000 C:\WINDOWS\system32\kmddsp.tsp - ok
05:53:09.0484 1000 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
05:53:09.0484 1000 C:\WINDOWS\system32\ndptsp.tsp - ok
05:53:09.0484 1000 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
05:53:09.0484 1000 C:\WINDOWS\system32\ipconf.tsp - ok
05:53:09.0500 1000 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
05:53:09.0500 1000 C:\WINDOWS\system32\h323.tsp - ok
05:53:09.0500 1000 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
05:53:09.0500 1000 C:\WINDOWS\system32\hidphone.tsp - ok
05:53:09.0515 1000 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
05:53:09.0515 1000 C:\WINDOWS\system32\rasppp.dll - ok
05:53:09.0515 1000 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
05:53:09.0515 1000 C:\WINDOWS\system32\ntlsapi.dll - ok
05:53:09.0531 1000 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
05:53:09.0531 1000 C:\WINDOWS\system32\rasqec.dll - ok
05:53:09.0531 1000 [ A0AE7F043497C9971E9D7FE291099D40 ] C:\WINDOWS\system32\msxml6.dll
05:53:09.0531 1000 C:\WINDOWS\system32\msxml6.dll - ok
05:53:09.0546 1000 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
05:53:09.0546 1000 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
05:53:09.0546 1000 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
05:53:09.0546 1000 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
05:53:09.0562 1000 [ A21C2A8E47D40FCC40A2B1573E666A53 ] C:\Program Files\Java\jre7\bin\awt.dll
05:53:09.0562 1000 C:\Program Files\Java\jre7\bin\awt.dll - ok
05:53:09.0562 1000 [ 966CD21542A62F9AB237D84C451CC137 ] C:\Program Files\Java\jre7\bin\client\jvm.dll
05:53:09.0562 1000 C:\Program Files\Java\jre7\bin\client\jvm.dll - ok
05:53:09.0578 1000 [ 90760987BCCCF34D05EF6093EC278A96 ] C:\Program Files\Java\jre7\bin\dcpr.dll
05:53:09.0578 1000 C:\Program Files\Java\jre7\bin\dcpr.dll - ok
05:53:09.0578 1000 [ D2D31D7A394A70040FCAC5F54A130FBA ] C:\Program Files\Java\jre7\bin\deploy.dll
05:53:09.0578 1000 C:\Program Files\Java\jre7\bin\deploy.dll - ok
05:53:09.0593 1000 [ C09775FEB73BDF16BB87A509C5FF12AD ] C:\Program Files\Java\jre7\bin\fontmanager.dll
05:53:09.0593 1000 C:\Program Files\Java\jre7\bin\fontmanager.dll - ok
05:53:09.0593 1000 [ B98F28229D292B99FF449FF3647F31BA ] C:\Program Files\Java\jre7\bin\java.dll
05:53:09.0593 1000 C:\Program Files\Java\jre7\bin\java.dll - ok
05:53:09.0609 1000 [ 23C84DBECF3BD95687623F23BCD66441 ] C:\Program Files\Java\jre7\bin\javaw.exe
05:53:09.0609 1000 C:\Program Files\Java\jre7\bin\javaw.exe - ok
05:53:09.0609 1000 [ 0384126B913AC2E090804C642302945E ] C:\Program Files\Java\jre7\bin\jp2native.dll
05:53:09.0609 1000 C:\Program Files\Java\jre7\bin\jp2native.dll - ok
05:53:09.0625 1000 [ CB91CCFA95601066772A004550B55A85 ] C:\Program Files\Java\jre7\bin\jpeg.dll
05:53:09.0625 1000 C:\Program Files\Java\jre7\bin\jpeg.dll - ok
05:53:09.0625 1000 [ 2E4A927544CDA0279501AA757FFFB538 ] C:\Program Files\Java\jre7\bin\net.dll
05:53:09.0625 1000 C:\Program Files\Java\jre7\bin\net.dll - ok
05:53:09.0640 1000 [ 805766A11E747A44C7C5FBD7F26E9001 ] C:\Program Files\Java\jre7\bin\nio.dll
05:53:09.0640 1000 C:\Program Files\Java\jre7\bin\nio.dll - ok
05:53:09.0640 1000 [ 2D168A9627CFCE9C5AC20A90E54D66D4 ] C:\Program Files\Java\jre7\bin\verify.dll
05:53:09.0640 1000 C:\Program Files\Java\jre7\bin\verify.dll - ok
05:53:09.0656 1000 [ 9D54D4A8C18081F398FEC0D839340542 ] C:\Program Files\Java\jre7\bin\zip.dll
05:53:09.0656 1000 C:\Program Files\Java\jre7\bin\zip.dll - ok
05:53:09.0656 1000 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\DOCUME~1\user1\LOCALS~1\Temp\A72B4536-A8D1-4268-B348-6FEDD9B6B3B0.exe
05:53:09.0656 1000 C:\DOCUME~1\user1\LOCALS~1\Temp\A72B4536-A8D1-4268-B348-6FEDD9B6B3B0.exe - ok
05:53:09.0671 1000 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
05:53:09.0671 1000 C:\WINDOWS\system32\msutb.dll - ok
05:53:09.0671 1000 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\MSCTF.dll
05:53:09.0671 1000 C:\WINDOWS\system32\MSCTF.dll - ok
05:53:09.0687 1000 [ 91790D6749EBED90E2C40479C0A91879 ] C:\WINDOWS\system32\verclsid.exe
05:53:09.0687 1000 C:\WINDOWS\system32\verclsid.exe - ok
05:53:09.0687 1000 [ 10247C15D999CC116C87DA36BD0AD64D ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
05:53:09.0687 1000 C:\Program Files\Analog Devices\Core\smax4pnp.exe - ok
05:53:09.0703 1000 [ 54F1F98C4AD8F99BBBE8FBB62B38733F ] C:\WINDOWS\system32\igfxtray.exe
05:53:09.0703 1000 C:\WINDOWS\system32\igfxtray.exe - ok
05:53:09.0703 1000 [ D9F3DB62D1B361D82CD82A347EA6218D ] C:\WINDOWS\system32\hkcmd.exe
05:53:09.0703 1000 C:\WINDOWS\system32\hkcmd.exe - ok
05:53:09.0718 1000 [ 32FB9368F485A7FE944EB6678B61734B ] C:\WINDOWS\system32\igfxpers.exe
05:53:09.0718 1000 C:\WINDOWS\system32\igfxpers.exe - ok
05:53:09.0718 1000 [ B63E5C7807334A3A8F731062F15462CC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
05:53:09.0718 1000 C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
05:53:09.0734 1000 [ 12916E0642E92561C98B18A2A2D01B14 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
05:53:09.0734 1000 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
05:53:09.0734 1000 [ B9DA7B8CA4601625CA9264CD846AC576 ] C:\WINDOWS\system32\hccutils.dll
05:53:09.0734 1000 C:\WINDOWS\system32\hccutils.dll - ok
05:53:09.0750 1000 [ 1D2B51E5291448DA123644A41250F6D6 ] C:\Program Files\AVG\AVG2013\avgui.exe
05:53:09.0750 1000 C:\Program Files\AVG\AVG2013\avgui.exe - ok
05:53:09.0750 1000 [ A19FB41891F493DBF60221F6D0DACF44 ] C:\Program Files\Analog Devices\Core\smwdmif.dll
05:53:09.0750 1000 C:\Program Files\Analog Devices\Core\smwdmif.dll - ok
05:53:09.0765 1000 [ C25602103B927A359B3ED9307EB37ED6 ] C:\Program Files\AVG Secure Search\vprot.exe
05:53:09.0765 1000 C:\Program Files\AVG Secure Search\vprot.exe - ok
05:53:09.0765 1000 [ B9D2D59FF389A8C824308A08665C97F2 ] C:\WINDOWS\system32\Edcrypt.dll
05:53:09.0765 1000 C:\WINDOWS\system32\Edcrypt.dll - ok
05:53:09.0781 1000 [ 86E3E5C69AF0354B9CC0ED86D1D17F11 ] C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe
05:53:09.0781 1000 C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe - ok
05:53:09.0781 1000 [ 7E1B0C85B7347D9391FE60F6DADFDDF0 ] C:\Program Files\Microsoft Security Client\msseces.exe
05:53:09.0781 1000 C:\Program Files\Microsoft Security Client\msseces.exe - ok
05:53:09.0796 1000 [ 083649EF692A066880C9326020915AFE ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
05:53:09.0796 1000 C:\Program Files\AVAST Software\Avast\AvastUI.exe - ok
05:53:09.0796 1000 [ 76848CB1AA5818DB47D5F5986E0A7485 ] C:\WINDOWS\system32\mfc42.dll
05:53:09.0796 1000 C:\WINDOWS\system32\mfc42.dll - ok
05:53:09.0812 1000 [ 42836D10270B1940F9A2FF77AE679537 ] C:\Program Files\AVG\AVG2013\avgntopensslx.dll
05:53:09.0812 1000 C:\Program Files\AVG\AVG2013\avgntopensslx.dll - ok
05:53:09.0812 1000 [ 40D70FDA37369916B6078EC4DF4BE49F ] C:\Program Files\AVG\AVG2013\avgsysx.dll
05:53:09.0812 1000 C:\Program Files\AVG\AVG2013\avgsysx.dll - ok
05:53:09.0828 1000 [ 0E37FBFA79D349D672456923EC5FBBE3 ] C:\WINDOWS\system32\msvcr100.dll
05:53:09.0828 1000 C:\WINDOWS\system32\msvcr100.dll - ok
05:53:09.0828 1000 [ F3DE10AABD5C7A1A186C9966F037D0C0 ] C:\WINDOWS\system32\mfc100u.dll
05:53:09.0828 1000 C:\WINDOWS\system32\mfc100u.dll - ok
05:53:09.0828 1000 [ 80776884E7A05D6DA5040926F82B0273 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll
05:53:09.0828 1000 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.6002.22791_x-ww_c8dff154\GdiPlus.dll - ok
05:53:09.0843 1000 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
05:53:09.0843 1000 C:\WINDOWS\system32\webcheck.dll - ok
05:53:09.0843 1000 [ 5B5FEA463340EE5DCE98F1A44E368E5A ] C:\Program Files\Webroot\Washer\wwDisp.exe
05:53:09.0843 1000 C:\Program Files\Webroot\Washer\wwDisp.exe - ok
05:53:09.0859 1000 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\87181190.sys
05:53:09.0859 1000 C:\WINDOWS\system32\drivers\87181190.sys - ok
05:53:09.0859 1000 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
05:53:09.0859 1000 C:\WINDOWS\system32\mlang.dll - ok
05:53:09.0875 1000 [ 179EED57FED3C7422A559633641032BA ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
05:53:09.0875 1000 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
05:53:09.0875 1000 [ 23DAA38F8FF3F0B76F41463A49C65B5E ] C:\WINDOWS\system32\igfxsrvc.exe
05:53:09.0875 1000 C:\WINDOWS\system32\igfxsrvc.exe - ok
05:53:09.0890 1000 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
05:53:09.0890 1000 C:\WINDOWS\system32\stobject.dll - ok
05:53:09.0890 1000 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
05:53:09.0890 1000 C:\WINDOWS\system32\upnp.dll - ok
05:53:09.0906 1000 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
05:53:09.0906 1000 C:\WINDOWS\system32\batmeter.dll - ok
05:53:09.0906 1000 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
05:53:09.0906 1000 C:\WINDOWS\system32\ssdpapi.dll - ok
05:53:09.0921 1000 [ 506708142BC63DABA64F2D3AD1DCD5BF ] C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
05:53:09.0921 1000 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe - ok
05:53:09.0921 1000 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
05:53:09.0921 1000 C:\WINDOWS\system32\imapi.exe - ok
05:53:09.0937 1000 [ 423069307FB726E51E2A66F1C3F738FE ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
05:53:09.0937 1000 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - ok
05:53:09.0937 1000 [ 2A2C442F00B45E01D4C882EEA69A01BC ] C:\WINDOWS\system32\mfc100enu.dll
05:53:09.0937 1000 C:\WINDOWS\system32\mfc100enu.dll - ok
05:53:09.0953 1000 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
05:53:09.0953 1000 C:\WINDOWS\system32\ctfmon.exe - ok
05:53:09.0953 1000 [ 1C2E1FC9F8ED794CC191E92F27D1391C ] C:\Program Files\AVG\AVG2013\avglogx.dll
05:53:09.0953 1000 C:\Program Files\AVG\AVG2013\avglogx.dll - ok
05:53:09.0968 1000 [ 3E930C641079443D4DE036167A69CAA2 ] C:\Program Files\Messenger\msmsgs.exe
05:53:09.0968 1000 C:\Program Files\Messenger\msmsgs.exe - ok
05:53:09.0968 1000 [ EC8771B7E50FEF948A57A1C065AC944B ] C:\Program Files\AVG\AVG2013\avgkrnlapix.dll
05:53:09.0968 1000 C:\Program Files\AVG\AVG2013\avgkrnlapix.dll - ok
05:53:09.0984 1000 [ 2A632A95433E9719F37AE06BA00543AC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
05:53:09.0984 1000 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - ok
05:53:09.0984 1000 [ F59BEDB7C098DAE90DC5C9EB5296621A ] C:\Program Files\AVG\AVG2013\avgcfgx.dll
05:53:09.0984 1000 C:\Program Files\AVG\AVG2013\avgcfgx.dll - ok
05:53:10.0000 1000 [ 13790C4FB6311ECE6D6763A7EC2313FB ] C:\Program Files\AVAST Software\Avast\aswAra.dll
05:53:10.0000 1000 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
05:53:10.0000 1000 [ A6251155B7017D4B4A77A3531A8DA6D8 ] C:\Program Files\AVG\AVG2013\avgcommx.dll
05:53:10.0000 1000 C:\Program Files\AVG\AVG2013\avgcommx.dll - ok
05:53:10.0015 1000 [ 3C6FA2F4D58611579B21798E0568F548 ] C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
05:53:10.0015 1000 C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe - ok
05:53:10.0015 1000 [ F0E7DEC6F7A3610949BDED0CA8CCB3EA ] C:\Program Files\AVAST Software\Avast\aswData.dll
05:53:10.0015 1000 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
05:53:10.0031 1000 [ 562750567E899AC3C8D25A4B704F75AD ] C:\Program Files\Webroot\Washer\Languages\English.dll
05:53:10.0031 1000 C:\Program Files\Webroot\Washer\Languages\English.dll - ok
05:53:10.0031 1000 [ F80A415EF82CD06FFAF0D971528EAD38 ] C:\WINDOWS\system32\drivers\http.sys
05:53:10.0031 1000 C:\WINDOWS\system32\drivers\http.sys - ok
05:53:10.0046 1000 [ DFDF919265139FF792D42DEC0899397E ] C:\Program Files\AVG\AVG2013\avgdiagex.exe
05:53:10.0046 1000 C:\Program Files\AVG\AVG2013\avgdiagex.exe - ok
05:53:10.0046 1000 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
05:53:10.0046 1000 C:\WINDOWS\system32\ssdpsrv.dll - ok
05:53:10.0062 1000 [ 9FF47CD8A3787C8FD3CDFE40441C722E ] C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\1.3.21.123\goopdate.dll
05:53:10.0062 1000 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\1.3.21.123\goopdate.dll - ok
05:53:10.0062 1000 [ AB6E3DF509C6BD59062F685A40395C23 ] C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll
05:53:10.0062 1000 C:\Program Files\AVAST Software\Avast\1033\uiLangRes.dll - ok
05:53:10.0078 1000 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
05:53:10.0078 1000 C:\WINDOWS\system32\riched32.dll - ok
05:53:10.0078 1000 [ AB04C6CE5DF23819B914F822E9AA0EDF ] C:\Program Files\AVAST Software\Avast\CommonRes.dll
05:53:10.0078 1000 C:\Program Files\AVAST Software\Avast\CommonRes.dll - ok
05:53:10.0093 1000 [ 7FACB452456EF5C053AF3EE4B228FE0D ] C:\WINDOWS\system32\xpob2res.dll
05:53:10.0093 1000 C:\WINDOWS\system32\xpob2res.dll - ok
05:53:10.0093 1000 [ A69630D039C38018689190234F866D77 ] C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D63DE6F-BA01-4056-A38E-4FF69FB43873}\MpKsl94caba3e.sys
05:53:10.0093 1000 C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{1D63DE6F-BA01-4056-A38E-4FF69FB43873}\MpKsl94caba3e.sys - ok
05:53:10.0109 1000 [ C433258ECAF73A302E016FC80186F94D ] C:\WINDOWS\system32\igfxsrvc.dll
05:53:10.0109 1000 C:\WINDOWS\system32\igfxsrvc.dll - ok
05:53:10.0109 1000 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\SPTIP.dll
05:53:10.0109 1000 C:\WINDOWS\ime\SPTIP.dll - ok
05:53:10.0125 1000 [ 0DBEE38060475A4C3E04D3B908AEC0B9 ] C:\Program Files\Microsoft Security Client\EppManifest.dll
05:53:10.0125 1000 C:\Program Files\Microsoft Security Client\EppManifest.dll - ok
05:53:10.0125 1000 [ A58241451A149929A679C82FA934EF81 ] C:\WINDOWS\system32\igfxdev.dll
05:53:10.0125 1000 C:\WINDOWS\system32\igfxdev.dll - ok
05:53:10.0140 1000 [ 070E5936DA5DF779E446A56C3BAE7C0E ] C:\WINDOWS\system32\igfxres.dll
05:53:10.0140 1000 C:\WINDOWS\system32\igfxres.dll - ok
05:53:10.0140 1000 [ 855F6333E3A4DFC6F3C8B0520C261FCD ] C:\WINDOWS\system32\msftedit.dll
05:53:10.0140 1000 C:\WINDOWS\system32\msftedit.dll - ok
05:53:10.0156 1000 [ AE5A69F44C1F97EDC83237FC0B29B6FB ] C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\1.3.21.123\GoogleCrashHandler.exe
05:53:10.0156 1000 C:\Documents and Settings\user1\Local Settings\Application Data\Google\Update\1.3.21.123\GoogleCrashHandler.exe - ok
05:53:10.0156 1000 [ 1B2E6F9665DE9FF4A5A1812D397BE473 ] C:\Program Files\AVAST Software\Avast\defs\12121000\uiext.dll
05:53:10.0156 1000 C:\Program Files\AVAST Software\Avast\defs\12121000\uiext.dll - ok
05:53:10.0171 1000 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042 ] C:\Program Files\Microsoft Security Client\SqmApi.dll
05:53:10.0171 1000 C:\Program Files\Microsoft Security Client\SqmApi.dll - ok
05:53:10.0171 1000 [ 4044E880593FE1AC9942190FCE414BE7 ] C:\WINDOWS\system32\mstask.dll
05:53:10.0171 1000 C:\WINDOWS\system32\mstask.dll - ok
05:53:10.0171 1000 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
05:53:10.0187 1000 C:\WINDOWS\system32\ksuser.dll - ok
05:53:10.0187 1000 [ E0884B2C39ECCF9E7D81D4A08BA9DDF5 ] C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll
05:53:10.0187 1000 C:\Program Files\Common Files\AVG Secure Search\DNTInstaller\13.2.0\avgdttbx.dll - ok
05:53:10.0187 1000 [ A6E5210EA52D282011A9A6402DFC8A26 ] C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll
05:53:10.0187 1000 C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\SiteSafety.dll - ok
05:53:10.0203 1000 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
05:53:10.0203 1000 C:\WINDOWS\system32\rasdlg.dll - ok
05:53:10.0203 1000 [ C88C65DF1ED4DFD34CFBD11CDFE519A3 ] C:\WINDOWS\system32\wucltui.dll
05:53:10.0203 1000 C:\WINDOWS\system32\wucltui.dll - ok
05:53:10.0218 1000 [ C31DD4CEC06D2908AE5F212A0B13805B ] C:\WINDOWS\system32\wuaucpl.cpl
05:53:10.0218 1000 C:\WINDOWS\system32\wuaucpl.cpl - ok
05:53:10.0218 1000 [ BBDFDBEAD1B7A1CFD44BFFFD177FB627 ] C:\WINDOWS\system32\mucltui.dll
05:53:10.0218 1000 C:\WINDOWS\system32\mucltui.dll - ok
05:53:10.0234 1000 [ 8FED1E0A491D4990853D23F21C59C730 ] C:\WINDOWS\system32\advpack.dll
05:53:10.0234 1000 C:\WINDOWS\system32\advpack.dll - ok
05:53:10.0234 1000 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
05:53:10.0234 1000 C:\WINDOWS\system32\drprov.dll - ok
05:53:10.0250 1000 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
05:53:10.0250 1000 C:\WINDOWS\system32\ntlanman.dll - ok
05:53:10.0250 1000 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
05:53:10.0250 1000 C:\WINDOWS\system32\netui0.dll - ok
05:53:10.0265 1000 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
05:53:10.0265 1000 C:\WINDOWS\system32\netui1.dll - ok
05:53:10.0265 1000 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
05:53:10.0265 1000 C:\WINDOWS\system32\davclnt.dll - ok
05:53:10.0281 1000 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
05:53:10.0281 1000 C:\WINDOWS\system32\linkinfo.dll - ok
05:53:10.0281 1000 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
05:53:10.0281 1000 C:\WINDOWS\system32\ntshrui.dll - ok
05:53:10.0296 1000 [ 88BEEF09C654252F3E46B6167B7F4ECB ] C:\WINDOWS\system32\msisip.dll
05:53:10.0296 1000 C:\WINDOWS\system32\msisip.dll - ok
05:53:10.0296 1000 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
05:53:10.0296 1000 C:\WINDOWS\system32\wshext.dll - ok
05:53:10.0312 1000 [ 559D9CBFC29DEE2773B28D38851683BA ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
05:53:10.0312 1000 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
05:53:10.0312 1000 [ 5744FFF8E72D105C138DAE9E17BB29FE ] C:\Program Files\Mozilla Firefox\firefox.exe
05:53:10.0312 1000 C:\Program Files\Mozilla Firefox\firefox.exe - ok
05:53:10.0328 1000 [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
05:53:10.0328 1000 C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
05:53:10.0328 1000 [ C2EFE31691B0220BA2D366F6ECD9EEBC ] C:\Program Files\Mozilla Firefox\mozglue.dll
05:53:10.0328 1000 C:\Program Files\Mozilla Firefox\mozglue.dll - ok
05:53:10.0343 1000 [ 4D8CAE21D3617DBC539F0A7ACEB66FAD ] C:\Program Files\Mozilla Firefox\nspr4.dll
05:53:10.0343 1000 C:\Program Files\Mozilla Firefox\nspr4.dll - ok
05:53:10.0343 1000 [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files\Mozilla Firefox\msvcp100.dll
05:53:10.0343 1000 C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
05:53:10.0359 1000 [ 2D64A5315260AAD1D6BEEE65D2681DB3 ] C:\Program Files\Mozilla Firefox\mozjs.dll
05:53:10.0359 1000 C:\Program Files\Mozilla Firefox\mozjs.dll - ok
05:53:10.0359 1000 [ 124715CD10C62A78404F1A3B1048D062 ] C:\Program Files\AVAST Software\Avast\aswJsFlt.dll
05:53:10.0359 1000 C:\Program Files\AVAST Software\Avast\aswJsFlt.dll - ok
05:53:10.0359 1000 [ 6F255F96534FCF5FF4B611B52C1AB813 ] C:\Program Files\Mozilla Firefox\plc4.dll
05:53:10.0359 1000 C:\Program Files\Mozilla Firefox\plc4.dll - ok
05:53:10.0375 1000 [ 6B85D6ADEF244F9077BD7874610574A9 ] C:\Program Files\Mozilla Firefox\plds4.dll
05:53:10.0375 1000 C:\Program Files\Mozilla Firefox\plds4.dll - ok
05:53:10.0390 1000 [ 15A9691C1F00631BC5475CEEF9A6EA62 ] C:\Program Files\Mozilla Firefox\nssutil3.dll
05:53:10.0390 1000 C:\Program Files\Mozilla Firefox\nssutil3.dll - ok
05:53:10.0390 1000 [ 0206166F245BE09DC9C1550AFB2C0B8D ] C:\Program Files\Mozilla Firefox\nss3.dll
05:53:10.0390 1000 C:\Program Files\Mozilla Firefox\nss3.dll - ok
05:53:10.0406 1000 [ 9F135327116E63D522BFEF39F37CB2E6 ] C:\Program Files\Mozilla Firefox\smime3.dll
05:53:10.0406 1000 C:\Program Files\Mozilla Firefox\smime3.dll - ok
05:53:10.0406 1000 [ F5720ED4EEA3D62A3C9AF0950F2B7D23 ] C:\Program Files\Mozilla Firefox\ssl3.dll
05:53:10.0406 1000 C:\Program Files\Mozilla Firefox\ssl3.dll - ok
05:53:10.0421 1000 [ 3D2706E87D3E4433DB929B86207CA928 ] C:\Program Files\Mozilla Firefox\mozsqlite3.dll
05:53:10.0421 1000 C:\Program Files\Mozilla Firefox\mozsqlite3.dll - ok
05:53:10.0421 1000 [ 52652560BCE03F232CE6AF381D82CE5F ] C:\Program Files\Mozilla Firefox\mozalloc.dll
05:53:10.0421 1000 C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
05:53:10.0421 1000 [ A38B82A306CDDA0BB141225F92FC9F85 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
05:53:10.0421 1000 C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
05:53:10.0437 1000 [ 9E03DC5AB51CFD0190541CE2038D819D ] C:\WINDOWS\system32\usp10.dll
05:53:10.0437 1000 C:\WINDOWS\system32\usp10.dll - ok
05:53:10.0437 1000 [ 4C44A99BB7584D6B70507987BE786259 ] C:\Program Files\Mozilla Firefox\xul.dll
05:53:10.0453 1000 C:\Program Files\Mozilla Firefox\xul.dll - ok
05:53:10.0453 1000 [ 4D774B94671141D491CFCB4CA3650EBF ] C:\Program Files\Mozilla Firefox\xpcom.dll
05:53:10.0453 1000 C:\Program Files\Mozilla Firefox\xpcom.dll - ok
05:53:10.0468 1000 [ 520B9EF148145FDE39E4FB77E0C7FC48 ] C:\Program Files\Mozilla Firefox\components\browsercomps.dll
05:53:10.0468 1000 C:\Program Files\Mozilla Firefox\components\browsercomps.dll - ok
05:53:10.0468 1000 [ C3200506FB212A0F4FB736A80E646C40 ] C:\WINDOWS\system32\lz32.dll
05:53:10.0468 1000 C:\WINDOWS\system32\lz32.dll - ok
05:53:10.0484 1000 [ D0049860B63DD87A73A5D165C829C65F ] C:\WINDOWS\system32\t2embed.dll
05:53:10.0484 1000 C:\WINDOWS\system32\t2embed.dll - ok
05:53:10.0484 1000 [ 303A63F4B913AA5D8998161CB77A8CE7 ] C:\WINDOWS\system32\feclient.dll
05:53:10.0484 1000 C:\WINDOWS\system32\feclient.dll - ok
05:53:10.0500 1000 [ 9662E514A77389EB6F7E846DB8B44C4D ] C:\Program Files\Mozilla Firefox\softokn3.dll
05:53:10.0500 1000 C:\Program Files\Mozilla Firefox\softokn3.dll - ok
05:53:10.0500 1000 [ CF7C83513AD0F22070B6795590F6BA68 ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
05:53:10.0500 1000 C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
05:53:10.0500 1000 [ D9FA57CBA32ABA63D5C30B854F660F07 ] C:\Program Files\Mozilla Firefox\freebl3.dll
05:53:10.0500 1000 C:\Program Files\Mozilla Firefox\freebl3.dll - ok
05:53:10.0515 1000 [ 2944201BCD2BCC92897551A95757DDBE ] C:\Program Files\Mozilla Firefox\nssckbi.dll
05:53:10.0515 1000 C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
05:53:10.0515 1000 ============================================================
05:53:10.0515 1000 Scan finished
05:53:10.0515 1000 ============================================================
05:53:10.0656 4092 Detected object count: 2
05:53:10.0656 4092 Actual detected object count: 2
05:53:34.0093 4092 \Device\Harddisk0\DR0\# - copied to quarantine
05:53:34.0109 4092 \Device\Harddisk0\DR0 - copied to quarantine
05:53:34.0156 4092 \Device\Harddisk0\DR0\TDLFS\ldrm - copied to quarantine
05:53:34.0187 4092 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
05:53:34.0390 4092 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
05:53:34.0703 4092 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
05:53:47.0890 4092 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
05:53:48.0125 4092 \Device\Harddisk0\DR0\TDLFS\servers.dat - copied to quarantine
05:53:48.0140 4092 \Device\Harddisk0\DR0\TDLFS\config.ini - copied to quarantine
05:53:48.0171 4092 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
05:53:48.0796 4092 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
05:53:48.0875 4092 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
05:53:48.0921 4092 \Device\Harddisk0\DR0\TDLFS\s - copied to quarantine
05:53:48.0984 4092 \Device\Harddisk0\DR0\TDLFS\u - copied to quarantine
05:53:49.0093 4092 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - will be cured on reboot
05:53:49.0093 4092 \Device\Harddisk0\DR0 - ok
05:53:50.0265 4092 \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.c ) - User select action: Cure
05:53:50.0265 4092 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
05:53:50.0265 4092 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
05:54:03.0031 2744 Deinitialize success


#3

05:57:22.0406 3736 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
05:57:23.0265 3736 ============================================================
05:57:23.0265 3736 Current date / time: 2012/12/11 05:57:23.0265
05:57:23.0265 3736 SystemInfo:
05:57:23.0265 3736
05:57:23.0265 3736 OS Version: 5.1.2600 ServicePack: 3.0
05:57:23.0265 3736 Product type: Workstation
05:57:23.0265 3736 ComputerName: COMPUTER_1
05:57:23.0265 3736 UserName: user1
05:57:23.0265 3736 Windows directory: C:\WINDOWS
05:57:23.0265 3736 System windows directory: C:\WINDOWS
05:57:23.0265 3736 Processor architecture: Intel x86
05:57:23.0265 3736 Number of processors: 2
05:57:23.0265 3736 Page size: 0x1000
05:57:23.0265 3736 Boot type: Normal boot
05:57:23.0265 3736 ============================================================
05:57:28.0765 3736 BG loaded
05:57:29.0609 3736 Drive \Device\Harddisk0\DR0 - Size: 0x12A05F2000 (74.51 Gb), SectorSize: 0x200, Cylinders: 0x25FE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
05:57:29.0625 3736 ============================================================
05:57:29.0625 3736 \Device\Harddisk0\DR0:
05:57:29.0734 3736 MBR partitions:
05:57:29.0750 3736 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x94FE97E
05:57:29.0750 3736 ============================================================
05:57:30.0046 3736 C: <-> \Device\Harddisk0\DR0\Partition1
05:57:30.0046 3736 ============================================================
05:57:30.0046 3736 Initialize success
05:57:30.0046 3736 ============================================================
05:58:13.0375 3648 Deinitialize success
  • 0

#19
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
TDSSKiller did great job. We still have work to do.

Download and Install Combofix

Download ComboFix from one of the following locations:

Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop *

IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply
  • 0

#20
Missemily

Missemily

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
okey dokey - in our latest episode:

I downloaded combofix and figured out how to disable both mse and avast- the link you gave helped :)

I ran combo fix and got the following:

AVG Free 2013 Scanner was still active - clicked ok (didn't know what else to do ?!?!?)

2nd warning that AVG was still enables - tried to x out and combofix ran anyway

Got the message that microsoft recovery console was not installed or needed to be updated - clicked yes to have combofix install it. Installation was successful.

Clicked yes to continue and got the following Log:


ComboFix 12-12-10.01 - user1 12/11/2012 19:51:04.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1014.669 [GMT -6:00]
Running from: c:\documents and settings\user1\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Microsoft Security Essentials *Disabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\Cache
c:\windows\system32\Cache\272512937d9e61a4.fb
c:\windows\system32\Cache\287204568329e189.fb
c:\windows\system32\Cache\28bc8f716fd76a47.fb
c:\windows\system32\Cache\31a0997e9a5b5eb3.fb
c:\windows\system32\Cache\32c84fe32bb74d60.fb
c:\windows\system32\Cache\3917078cb68ec657.fb
c:\windows\system32\Cache\52b4e33f16e0fe11.fb
c:\windows\system32\Cache\590ba23ce359fd0c.fb
c:\windows\system32\Cache\610289e025a3ee9a.fb
c:\windows\system32\Cache\651c5d3cdbfb8bd1.fb
c:\windows\system32\Cache\6c59ac5e7e7a3ad0.fb
c:\windows\system32\Cache\6d03dad1035885d3.fb
c:\windows\system32\Cache\a8556537add6dfc5.fb
c:\windows\system32\Cache\ad10a52aff5e038d.fb
c:\windows\system32\Cache\c1fa887b03019701.fb
c:\windows\system32\Cache\c4d28dca2e7648be.fb
c:\windows\system32\Cache\d201ef9910cd39de.fb
c:\windows\system32\Cache\d2e94710a5708128.fb
c:\windows\system32\Cache\d79b9dfe81484ec4.fb
c:\windows\system32\Cache\f998975c9cc711ee.fb
.
.
((((((((((((((((((((((((( Files Created from 2012-11-12 to 2012-12-12 )))))))))))))))))))))))))))))))
.
.
2012-12-11 12:06 . 2012-11-19 07:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{EA499C25-BFB8-4362-868F-4D9D288265DD}\mpengine.dll
2012-12-11 11:53 . 2012-12-11 11:53 -------- d-----w- C:\TDSSKiller_Quarantine
2012-12-08 02:05 . 2012-12-08 02:07 -------- dc-h--w- c:\windows\ie8
2012-12-08 01:28 . 2012-10-30 23:51 361032 ----a-w- c:\windows\system32\drivers\aswSP.sys
2012-12-08 01:28 . 2012-10-30 23:51 21256 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2012-12-08 01:28 . 2012-10-30 23:51 35928 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2012-12-08 01:28 . 2012-10-30 23:51 54232 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2012-12-08 01:28 . 2012-10-30 23:51 738504 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-12-08 01:28 . 2012-10-30 23:51 97608 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2012-12-08 01:28 . 2012-10-30 23:51 89752 ----a-w- c:\windows\system32\drivers\aswmon.sys
2012-12-08 01:28 . 2012-10-30 23:51 25256 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2012-12-08 01:27 . 2012-10-30 23:51 41224 ----a-w- c:\windows\avastSS.scr
2012-12-08 01:27 . 2012-10-30 23:50 227648 ----a-w- c:\windows\system32\aswBoot.exe
2012-12-08 01:27 . 2012-12-08 01:27 -------- d-----w- c:\program files\AVAST Software
2012-12-08 01:27 . 2012-12-08 01:27 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software
2012-12-08 00:58 . 2012-11-19 07:04 6812136 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2012-12-08 00:57 . 2012-05-31 17:25 237072 ------w- c:\windows\system32\MpSigStub.exe
2012-12-08 00:56 . 2012-12-08 00:56 -------- d-sh--w- c:\documents and settings\NetworkService\IETldCache
2012-12-08 00:55 . 2012-12-08 00:55 -------- d-----w- c:\program files\Microsoft Security Client
2012-12-07 12:29 . 2012-12-07 12:29 -------- d-----w- c:\windows\system32\wbem\Repository
2012-12-07 12:28 . 2012-12-08 02:16 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG Secure Search
2012-12-06 11:35 . 2012-12-06 11:35 -------- d-----w- C:\_OTL
2012-12-06 02:18 . 2012-12-06 02:18 -------- d-----w- c:\documents and settings\user1\Application Data\TuneUp Software
2012-12-06 02:17 . 2012-12-06 02:17 26984 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
2012-12-06 02:00 . 2012-12-06 02:00 -------- d--h--w- c:\documents and settings\All Users\Application Data\Common Files
2012-12-06 02:00 . 2012-12-07 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData
2012-12-06 02:00 . 2012-12-06 02:00 -------- d-----w- c:\documents and settings\user1\Local Settings\Application Data\MFAData
2012-12-06 01:43 . 2012-09-25 05:16 93672 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-08 02:56 . 2012-09-29 03:16 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-12-08 02:56 . 2012-09-29 03:16 697272 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-10-22 08:37 . 2008-04-14 00:00 1866368 ----a-w- c:\windows\system32\win32k.sys
2012-10-02 18:04 . 2008-04-14 04:42 58368 ----a-w- c:\windows\system32\synceng.dll
2012-09-30 01:54 . 2012-10-11 01:44 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-09-30 00:40 . 2012-09-30 00:41 821736 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-09-30 00:40 . 2012-09-30 00:41 746984 ----a-w- c:\windows\system32\deployJava1.dll
2012-09-21 09:46 . 2012-09-21 09:46 177376 ----a-w- c:\windows\system32\drivers\avglogx.sys
2012-12-05 18:36 . 2012-12-05 18:36 262112 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2012-10-30 23:50 121528 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Window Washer"="c:\program files\Webroot\Washer\wwDisp.exe" [2007-11-26 1206600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2004-10-14 1404928]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2006-03-24 94208]
"igfxhkcmd"="c:\windows\system32\hkcmd.exe" [2006-03-24 77824]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2006-03-24 118784]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2012-11-07 3143800]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2012-12-07 997320]
"ROC_roc_ssl_v12"="c:\program files\AVG Secure Search\ROC_roc_ssl_v12.exe" [2012-12-06 1020512]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 947176]
"avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-10-30 4297136]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2013\avgrsx.exe /sync /restart
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\DOOM II\\DOOM II\\DOOM95.EXE"=
"c:\\Program Files\\AVG\\AVG2013\\avgnsx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgdiagex.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgmfapx.exe"=
"c:\\Program Files\\AVG\\AVG2013\\avgemcx.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"28034:UDP"= 28034:UDP:UDP 28034
"29366:TCP"= 29366:TCP:TCP 29366
.
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [9/21/2012 3:46 AM 177376]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [12/7/2012 7:28 PM 738504]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [12/7/2012 7:28 PM 361032]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [12/5/2012 8:17 PM 26984]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [12/7/2012 7:28 PM 21256]
R2 vToolbarUpdater13.2.0;vToolbarUpdater13.2.0;c:\program files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [12/5/2012 8:17 PM 711112]
R2 wwEngineSvc;Window Washer Engine;c:\program files\Webroot\Washer\WasherSvc.exe [4/4/2012 3:34 PM 598856]
S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys --> c:\windows\system32\DRIVERS\avgidshx.sys [?]
S1 AVGIDSShim;AVGIDSShim;c:\windows\system32\DRIVERS\avgidsshimx.sys --> c:\windows\system32\DRIVERS\avgidsshimx.sys [?]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 29846650
*NewlyCreated* - 69209089
*Deregistered* - 29846650
*Deregistered* - 69209089
.
Contents of the 'Scheduled Tasks' folder
.
2012-12-12 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-29 02:56]
.
2012-12-12 c:\windows\Tasks\avast! Emergency Update.job
- c:\program files\AVAST Software\Avast\AvastEmUpdate.exe [2012-12-08 23:50]
.
2012-12-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1958367476-1606980848-1003Core.job
- c:\documents and settings\user1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-30 18:30]
.
2012-12-12 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1202660629-1958367476-1606980848-1003UA.job
- c:\documents and settings\user1\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-08-30 18:30]
.
2012-12-11 c:\windows\Tasks\Microsoft Antimalware Scheduled Scan.job
- c:\program files\Microsoft Security Client\MpCmdRun.exe [2012-09-12 23:25]
.
.
------- Supplementary Scan -------
.
uStart Page =
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
FF - ProfilePath - c:\documents and settings\user1\Application Data\Mozilla\Firefox\Profiles\u7lnonmq.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - about:home
FF - ExtSQL: 2012-12-07 06:33; [email protected]; c:\documents and settings\All Users\Application Data\AVG Secure Search\FireFoxExt\13.2.0.5
FF - ExtSQL: 2012-12-07 18:34; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: 2012-12-07 19:28; [email protected]; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - ORPHANS REMOVED - - - -
.
SafeBoot-10838806.sys
SafeBoot-29846650.sys
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-12-11 19:56
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2012-12-11 19:58:14
ComboFix-quarantined-files.txt 2012-12-12 01:58
.
Pre-Run: 67,622,727,680 bytes free
Post-Run: 67,644,260,352 bytes free
.
WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - E85A099D170E28BEE28EBD1DFAA9E14B
  • 0

#21
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Missemily,

Your logs looks much better now. Problem is three antivirus softwares on your system.

Please run AVG remover one more time and remove AVG from your system.

After that remove another antivirus from your system. Uninstall it from Control Panel. Leave only one antivirus software on your PC.

Restart your system and test it for hour or two. Let me know results.
  • 0

#22
Missemily

Missemily

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Maliprog,

Now I have a REAL problem.... Apparently overnite an automatic update was done requiring my computer to restart. Now it's telling me that my windows is not genuine and I may be using a counterfiet copy!?!?!?!?

I tried resolving the issue and it wants me to pay to upgrade to Windows 7 or enter a product key? This computer was given to us and I've been using it for several months without this problem.... what do I do now?

I'm going to run the avg uninstaller and get rid of MSE and get back to you shortly.
  • 0

#23
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts

Now it's telling me that my windows is not genuine and I may be using a counterfiet copy!?!?!?!?
I tried resolving the issue and it wants me to pay to upgrade to Windows 7 or enter a product key?


If you are sure that your windows is legal then you must resolve this with Microsoft. The easiest way is to try to activate your Windows copy by following steps here:

http://support.microsoft.com/kb/307890

Please try and tell me results.
  • 0

#24
Missemily

Missemily

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Maliprog,

I went to the link you provided and tried the steps to activate it as it said:

"To activate Windows XP by using an Internet connection, follow these steps:

Click Start, point to All Programs, point to Accessories, point to System Tools, and then click Activate Windows.

Or, click the Windows Activation icon in the notification area."

I can get to system tools but there is no "activate windows" to click on. My only other option is to call Microsoft directly with a number that is provided.
  • 0

#25
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Please tell me how is your system now?
  • 0

Advertisements


#26
Missemily

Missemily

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Hi

Except for my Windows Validation problem - everything is running smoothly with no hiccups that I could see.
  • 0

#27
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
After this steps you can open new topic in Windows XP™, 2000, 2003, NT. Give them link to this topic and tell them that your system is clean now.

Your logs and system are clean now. I'm glad we fix up your computer.

Step 1

Please close all running programs and Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :OTL

    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [clearallrestorepoints]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
Step 2

We need to clean up your PC from programs we used.

Please start OTL one more time and click CleanUp button. OTL will restart your system at the end.

In case that any of the software we used in this fix still remains on your system please delete it manually (Right click on it and select Delete).

General recommendations

Here are some recommendations you should follow to minimize infection risk in the future:

1. Something to read

To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?

2. Make Backups of Important Files

Please read this article Home Computer Data Backup.

3. Regularly update your software

To eliminate design flaws and security vulnerabilities, all software needs to be updated to the latest version or the vendor’s patch installed.

You should download Update Checker from here. The program will automaticly check for newer version of software installed on your system.
  • 0

#28
Missemily

Missemily

    Member

  • Topic Starter
  • Member
  • PipPip
  • 45 posts
Thanks for all your help Maliprog - the computer is running much better :) Now, I just have to fix my other little problem and I'll be good to go
  • 0

#29
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP