Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

tijawani.DLL, zibipudo.DLL,govezamu.DLL. bogging down GF's dell i


  • This topic is locked This topic is locked

#16
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
There is only one user and guest account. Main user has administrator privileges. So run as administrator didn't work so I just opened and ran it. It didn't ask me for additional options?
  • 0

Advertisements


#17
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume2
Install Date: 1/30/2009 12:30:11 PM
System Uptime: 9/10/2014 8:46:20 AM (1 hours ago)
.
Motherboard: Dell Computer Corporation |  |       
Processor:         Intel® Pentium® M processor 1.70GHz | Microprocessor | 1693/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 70 GiB total, 47.957 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP154: 9/8/2014 1:01:57 AM - System Checkpoint
RP155: 9/8/2014 8:42:00 AM - Removed MyWay Search Assistant
RP156: 9/9/2014 7:20:04 AM - Software Distribution Service 3.0
.
==== Installed Programs ======================
.
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 7.0
ALPS Touch Pad Driver
AOLIcon
ATI Control Panel
ATI Display Driver
Banctec Service Agreement
Broadcom Management Programs 2
Conexant D480 MDC V.9x Modem
Consumer Complete Care Services Agreement
Corel Photo Album 6
Dasher
Dell Digital Jukebox Driver
Dell Driver Reset Tool
Dell Game Console
Dell Media Experience
Dell System Restore
DellSupport
Digital Content Portal
Digital Line Detect
EducateU
Google Chrome
Google Update Helper
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
Hotfix for Windows XP (KB970653-v3)
Hotfix for Windows XP (KB981793)
hp deskjet 5800
HP Photo and Imaging 2.0 - Deskjet Series
Intel® PROSet/Wireless Software
Internal Network Card Power Management
Internet Explorer Default Page
Java 2 Runtime Environment, SE v1.4.2_03
Learn2 Player (Uninstall Only)
LiveUpdate 3.3 (Symantec Corporation)
Macromedia Flash Player
mCore
MCU
mDrWiFi
mHlpDell
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Digital Image Library 9 - Blocker
Microsoft Encarta Encyclopedia Standard 2005
Microsoft Money 2005
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Picture It! Library 10
Microsoft Picture It! Premium 10
Microsoft Plus! Digital Media Edition Installer
Microsoft Plus! Photo Story 2 LE
Microsoft Software Update for Web Folders  (English) 12
Microsoft Streets and Trips 2005
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft Works 2005 Setup Launcher
Microsoft Works Suite Add-in for Microsoft Word
mIWA
mIWCA
mLogView
mMHouse
Modem Helper
Mozilla Firefox (3.0.19)
mPfMgr
mPfWiz
mProSafe
mSSO
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
mToolkit
mWlsSafe
mXML
mZConfig
NetWaiting
NetZeroInstallers
Photo Click
PokerStars
PowerDVD 5.5
PrintScreen
QuickBooks Simple Start Special Edition
QuickSet
QuickTime
RealPlayer Basic
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Security Update for Microsoft Windows (KB2564958)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904-v2)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player (KB954155)
Security Update for Windows Media Player (KB968816)
Security Update for Windows Media Player (KB973540)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2491683)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2510581)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219-v2)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135-v2)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2847311)
Security Update for Windows XP (KB2850869)
Security Update for Windows XP (KB2859537)
Security Update for Windows XP (KB2862152)
Security Update for Windows XP (KB2862330)
Security Update for Windows XP (KB2862335)
Security Update for Windows XP (KB2864063)
Security Update for Windows XP (KB2868038)
Security Update for Windows XP (KB2868626)
Security Update for Windows XP (KB2876217)
Security Update for Windows XP (KB2876331)
Security Update for Windows XP (KB2892075)
Security Update for Windows XP (KB2893294)
Security Update for Windows XP (KB2898715)
Security Update for Windows XP (KB2900986)
Security Update for Windows XP (KB2909212)
Security Update for Windows XP (KB2914368)
Security Update for Windows XP (KB2916036)
Security Update for Windows XP (KB2922229)
Security Update for Windows XP (KB2929961)
Security Update for Windows XP (KB2930275)
Security Update for Windows XP (KB2936068)
Security Update for Windows XP (KB2964358)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464-v2)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956844)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958869)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB960859)
Security Update for Windows XP (KB961371-v2)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969059)
Security Update for Windows XP (KB969947)
Security Update for Windows XP (KB970238)
Security Update for Windows XP (KB970430)
Security Update for Windows XP (KB971468)
Security Update for Windows XP (KB971486)
Security Update for Windows XP (KB971557)
Security Update for Windows XP (KB971633)
Security Update for Windows XP (KB971657)
Security Update for Windows XP (KB972260)
Security Update for Windows XP (KB972270)
Security Update for Windows XP (KB973346)
Security Update for Windows XP (KB973354)
Security Update for Windows XP (KB973507)
Security Update for Windows XP (KB973525)
Security Update for Windows XP (KB973869)
Security Update for Windows XP (KB973904)
Security Update for Windows XP (KB974112)
Security Update for Windows XP (KB974318)
Security Update for Windows XP (KB974392)
Security Update for Windows XP (KB974455)
Security Update for Windows XP (KB974571)
Security Update for Windows XP (KB975025)
Security Update for Windows XP (KB975467)
Security Update for Windows XP (KB975560)
Security Update for Windows XP (KB975561)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB975713)
Security Update for Windows XP (KB977816)
Security Update for Windows XP (KB977914)
Security Update for Windows XP (KB978037)
Security Update for Windows XP (KB978338)
Security Update for Windows XP (KB978542)
Security Update for Windows XP (KB978601)
Security Update for Windows XP (KB978706)
Security Update for Windows XP (KB979309)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979683)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980232)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982381)
Security Update for Windows XP (KB982665)
Shockwave
Sonic DLA
Sonic MyDVD LE
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Symantec Endpoint Protection
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition
Update for Windows XP (KB2345886)
Update for Windows XP (KB2749655)
Update for Windows XP (KB2904266)
Update for Windows XP (KB2934207)
Update for Windows XP (KB951978)
Update for Windows XP (KB955759)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Update for Windows XP (KB968389)
Update for Windows XP (KB971029)
Update for Windows XP (KB971737)
Update for Windows XP (KB973687)
Update for Windows XP (KB973815)
Update for Windows XP (KB976749)
WebCyberCoach 3.2 Dell
WebFldrs XP
WildTangent Web Driver
Windows Genuine Advantage Notifications (KB905474)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows XP Service Pack 3
Works Upgrade
Yahoo! BrowserPlus 2.9.8
Yahoo! Messenger
Yahoo! Software Update
Yahoo! Toolbar
.
==== End Of File ===========================


  • 0

#18
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts

There is only one user and guest account. Main user has administrator privileges. So run as administrator didn't work so I just opened and ran it. It didn't ask me for additional options?


My apologies, as this is an XP rig, you'll just need to click on the TDSSKiller.exe file to run the program. Please click the link below and follow the instructions in Post #15, but click on TDSSKiller to begin running it.

http://www.geekstogo...m/#entry2436486

Also, what browser is giving you issues with redirects?
  • 0

#19
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
It is Mozilla . I bet a real old version. I downloaded chrome but it opens in a bare minimum !looking mode.

It does show the geek page then goes white and stays there says transferring in Lower left. It might say idsync.xx.xx. or something. I have to hit back button then stop it just right. Or goto my content and open this thread seems to give my more time before it jumps to hyper space.
  • 0

#20
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Your browser probably does need upgrading, but we'll deal with that in due course. Please post the TDSSKiller log at your convenience. :)
  • 0

#21
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

05:31:24.0260 0x072c  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
05:31:31.0521 0x072c  ============================================================
05:31:31.0521 0x072c  Current date / time: 2014/09/12 05:31:31.0521
05:31:31.0521 0x072c  SystemInfo:
05:31:31.0521 0x072c  
05:31:31.0521 0x072c  OS Version: 5.1.2600 ServicePack: 3.0
05:31:31.0521 0x072c  Product type: Workstation
05:31:31.0521 0x072c  ComputerName: EKHMART
05:31:31.0561 0x072c  UserName: enkhmart
05:31:31.0561 0x072c  Windows directory: C:\WINDOWS
05:31:31.0561 0x072c  System windows directory: C:\WINDOWS
05:31:31.0561 0x072c  Processor architecture: Intel x86
05:31:31.0561 0x072c  Number of processors: 1
05:31:31.0561 0x072c  Page size: 0x1000
05:31:31.0561 0x072c  Boot type: Normal boot
05:31:31.0561 0x072c  ============================================================
05:31:52.0842 0x072c  KLMD registered as C:\WINDOWS\system32\drivers\72610822.sys
05:32:07.0903 0x072c  System UUID: {31D6846E-AD3B-BE02-CA7B-4023E031205A}
05:32:26.0881 0x072c  Drive \Device\Harddisk0\DR0 - Size: 0x12A1F16000 ( 74.53 Gb ), SectorSize: 0x200, Cylinders: 0x2601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
05:32:27.0041 0x072c  ============================================================
05:32:27.0041 0x072c  \Device\Harddisk0\DR0:
05:32:27.0041 0x072c  MBR partitions:
05:32:27.0041 0x072c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x8C8D856
05:32:27.0041 0x072c  ============================================================
05:32:27.0211 0x072c  C: <-> \Device\Harddisk0\DR0\Partition1
05:32:27.0211 0x072c  ============================================================
05:32:27.0211 0x072c  Initialize success
05:32:27.0211 0x072c  ============================================================
05:32:50.0454 0x0dcc  ============================================================
05:32:50.0454 0x0dcc  Scan started
05:32:50.0454 0x0dcc  Mode: Manual; SigCheck; TDLFS;
05:32:50.0454 0x0dcc  ============================================================
05:32:50.0454 0x0dcc  KSN ping started
05:33:00.0809 0x0dcc  KSN ping finished: true
05:33:19.0867 0x0dcc  ================ Scan system memory ========================
05:33:31.0654 0x0dcc  System memory - ok
05:33:31.0664 0x0dcc  ================ Scan services =============================
05:33:36.0721 0x0dcc  Abiosdsk - ok
05:33:36.0991 0x0dcc  [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E3FFE1B4B4CF843 ] abp480n5        C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
05:34:05.0713 0x0dcc  abp480n5 - ok
05:34:08.0376 0x0dcc  [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE803914C572B1DCC43C ] ACPI            C:\WINDOWS\system32\DRIVERS\ACPI.sys
05:34:11.0721 0x0dcc  ACPI - ok
05:34:23.0178 0x0dcc  [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3F78EA8558B90AF ] ACPIEC          C:\WINDOWS\system32\drivers\ACPIEC.sys
05:34:24.0840 0x0dcc  ACPIEC - ok
05:34:25.0020 0x0dcc  [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173E3219CD31500C4 ] adpu160m        C:\WINDOWS\system32\DRIVERS\adpu160m.sys
05:34:44.0058 0x0dcc  adpu160m - ok
05:34:58.0408 0x0dcc  [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D880491F5CE33D0 ] aec             C:\WINDOWS\system32\drivers\aec.sys
05:34:59.0480 0x0dcc  aec - ok
05:35:11.0677 0x0dcc  [ 076394A345EE5E9E3911FC0F058F4F38, A9541E8AA04110DCAA9B44DD5200B8E04DEC87E6628864970C5B0FA3367F8E34 ] AegisP          C:\WINDOWS\system32\DRIVERS\AegisP.sys
05:35:12.0358 0x0dcc  AegisP - detected UnsignedFile.Multi.Generic ( 1 )
05:35:16.0034 0x0dcc  Detect skipped due to KSN trusted
05:35:16.0034 0x0dcc  AegisP - ok
05:35:17.0065 0x0dcc  [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C13FFE49063B02C8 ] AFD             C:\WINDOWS\System32\drivers\afd.sys
05:35:22.0603 0x0dcc  AFD - ok
05:35:24.0466 0x0dcc  [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D0AD4959D5AF5E7 ] agp440          C:\WINDOWS\system32\DRIVERS\agp440.sys
05:35:25.0147 0x0dcc  agp440 - ok
05:35:25.0487 0x0dcc  [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0F713AD18C413ED ] agpCPQ          C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
05:35:26.0138 0x0dcc  agpCPQ - ok
05:35:26.0168 0x0dcc  [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED6DC51A46671F0B ] Aha154x         C:\WINDOWS\system32\DRIVERS\aha154x.sys
05:35:26.0839 0x0dcc  Aha154x - ok
05:35:27.0040 0x0dcc  [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B46A841F56FFDCF ] aic78u2         C:\WINDOWS\system32\DRIVERS\aic78u2.sys
05:35:29.0233 0x0dcc  aic78u2 - ok
05:35:29.0693 0x0dcc  [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2FA40C24200FBE0 ] aic78xx         C:\WINDOWS\system32\DRIVERS\aic78xx.sys
05:35:33.0198 0x0dcc  aic78xx - ok
05:35:33.0709 0x0dcc  [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C441A0202FE83FAB4 ] Alerter         C:\WINDOWS\system32\alrsvc.dll
05:35:34.0040 0x0dcc  Alerter - ok
05:35:34.0560 0x0dcc  [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC55220C75C4FFD596DC ] ALG             C:\WINDOWS\System32\alg.exe
05:35:34.0791 0x0dcc  ALG - ok
05:35:35.0221 0x0dcc  [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D26FD681D45608E ] AliIde          C:\WINDOWS\system32\DRIVERS\aliide.sys
05:35:35.0902 0x0dcc  AliIde - ok
05:35:36.0093 0x0dcc  [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C0728CDDA1D8DCBF2A ] alim1541        C:\WINDOWS\system32\DRIVERS\alim1541.sys
05:35:38.0977 0x0dcc  alim1541 - ok
05:35:42.0742 0x0dcc  [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81256A350EEDCBC1 ] amdagp          C:\WINDOWS\system32\DRIVERS\amdagp.sys
05:35:43.0583 0x0dcc  amdagp - ok
05:35:43.0673 0x0dcc  [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE06586F0D258164C81 ] amsint          C:\WINDOWS\system32\DRIVERS\amsint.sys
05:35:47.0379 0x0dcc  amsint - ok
05:35:47.0970 0x0dcc  [ AEB775A2BAE0F392BA6ADC0BB706233A, 4D2F12AE674C0D8C256CAF3C45D03598A8C74E4E2B99E9674072D43D5A39804A ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
05:35:50.0123 0x0dcc  ApfiltrService - ok
05:36:02.0771 0x0dcc  [ EC94E05B76D033B74394E7B2175103CF, 4F0993951B72478D87AD15A6FC33D3D18FEFAF2A08698CFC63BBD1EDB784B0FE ] APPDRV          C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
05:36:02.0991 0x0dcc  APPDRV - detected UnsignedFile.Multi.Generic ( 1 )
05:36:05.0595 0x0dcc  Detect skipped due to KSN trusted
05:36:05.0595 0x0dcc  APPDRV - ok
05:36:21.0949 0x0dcc  [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB4900F17E59C9CA ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
05:36:22.0329 0x0dcc  AppMgmt - ok
05:36:22.0429 0x0dcc  [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF269087FA460757 ] asc             C:\WINDOWS\system32\DRIVERS\asc.sys
05:36:22.0990 0x0dcc  asc - ok
05:36:23.0040 0x0dcc  [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2755125DF5D6BB6 ] asc3350p        C:\WINDOWS\system32\DRIVERS\asc3350p.sys
05:36:23.0451 0x0dcc  asc3350p - ok
05:36:23.0481 0x0dcc  [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE040E996B605CA9E8 ] asc3550         C:\WINDOWS\system32\DRIVERS\asc3550.sys
05:36:24.0612 0x0dcc  asc3550 - ok
05:36:24.0993 0x0dcc  [ D880831279ED91F9A4190A2DB9539EA9, EAF7D48E026C99EE9C4BC838A3004966517F948051B39DA5B5072F6DE81165AB ] ASCTRM          C:\WINDOWS\system32\drivers\ASCTRM.sys
05:36:25.0043 0x0dcc  ASCTRM - detected UnsignedFile.Multi.Generic ( 1 )
05:36:27.0847 0x0dcc  Detect skipped due to KSN trusted
05:36:27.0847 0x0dcc  ASCTRM - ok
05:36:28.0538 0x0dcc  [ E1A1206A4FB19B675E947B29CCD25FBA, A9855FAB141E327DBC05B845939304749175B78F883B7FEC24552D96DA15609F ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
05:36:28.0999 0x0dcc  aspnet_state - detected UnsignedFile.Multi.Generic ( 1 )
05:36:31.0683 0x0dcc  Detect skipped due to KSN trusted
05:36:31.0683 0x0dcc  aspnet_state - ok
05:36:31.0903 0x0dcc  [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B04778042E5CC959 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
05:36:32.0223 0x0dcc  AsyncMac - ok
05:36:32.0293 0x0dcc  [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0F59228A0CF70B9 ] atapi           C:\WINDOWS\system32\DRIVERS\atapi.sys
05:36:32.0594 0x0dcc  atapi - ok
05:36:32.0604 0x0dcc  Atdisk - ok
05:36:32.0884 0x0dcc  [ 435BE6AAAE8FD058B5221E87E020DC89, 9A4EC0EA35C0B242703E94164E6714833FEC812031ACD09644962EDEBADF0E04 ] Ati HotKey Poller C:\WINDOWS\system32\Ati2evxx.exe
05:36:33.0235 0x0dcc  Ati HotKey Poller - ok
05:36:34.0306 0x0dcc  [ E7B57742D0DB9D8C33E956B1F2256557, 4EDBC3E7137D569B7976C9F704EA7FCD4518DD9CE531EF6F879A21127D2CC258 ] ati2mtag        C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
05:36:34.0977 0x0dcc  ati2mtag - ok
05:36:35.0047 0x0dcc  [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9A10F9EE05115A1 ] Atmarpc         C:\WINDOWS\system32\DRIVERS\atmarpc.sys
05:36:35.0448 0x0dcc  Atmarpc - ok
05:36:35.0678 0x0dcc  [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7EB43D49E3276F8 ] AudioSrv        C:\WINDOWS\System32\audiosrv.dll
05:36:35.0879 0x0dcc  AudioSrv - ok
05:36:36.0259 0x0dcc  [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB3546651CEB303111695 ] audstub         C:\WINDOWS\system32\DRIVERS\audstub.sys
05:36:36.0439 0x0dcc  audstub - ok
05:36:36.0880 0x0dcc  [ 78123F44BE9E4768852A3A017E02D637, 498959D0C11847B70CA3E69361763B250F0B2C74394849C09B671854E71BF123 ] bcm4sbxp        C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
05:36:37.0200 0x0dcc  bcm4sbxp - ok
05:36:37.0301 0x0dcc  [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC1111D84B7BAD5610D ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
05:36:37.0681 0x0dcc  Beep - ok
05:36:38.0222 0x0dcc  [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F299CA7BBAA3D1B4 ] BITS            C:\WINDOWS\system32\qmgr.dll
05:36:38.0773 0x0dcc  BITS - ok
05:36:38.0893 0x0dcc  [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241F26EA82B149FE1 ] Browser         C:\WINDOWS\System32\browser.dll
05:36:39.0414 0x0dcc  Browser - ok
05:36:39.0424 0x0dcc  bvrp_pci - ok
05:36:39.0554 0x0dcc  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf           C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
05:36:40.0235 0x0dcc  cbidf - ok
05:36:40.0475 0x0dcc  [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C78A6A10CBB3EBE ] cbidf2k         C:\WINDOWS\system32\drivers\cbidf2k.sys
05:36:40.0726 0x0dcc  cbidf2k - ok
05:36:41.0467 0x0dcc  [ F3E5C6CEEC35C3F65221100B00AFB5F9, 3BE64A27FF42992634C171A5DB7BBC6F89712B99C7AB5E6FA7C1A2E095A14EEA ] ccEvtMgr        C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:36:41.0487 0x0dcc  ccEvtMgr - ok
05:36:41.0847 0x0dcc  [ F3E5C6CEEC35C3F65221100B00AFB5F9, 3BE64A27FF42992634C171A5DB7BBC6F89712B99C7AB5E6FA7C1A2E095A14EEA ] ccSetMgr        C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
05:36:41.0867 0x0dcc  ccSetMgr - ok
05:36:41.0977 0x0dcc  [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A68BAA8CB78E85DD ] cd20xrnt        C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
05:36:42.0608 0x0dcc  cd20xrnt - ok
05:36:42.0678 0x0dcc  [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E7136480410F347 ] Cdaudio         C:\WINDOWS\system32\drivers\Cdaudio.sys
05:36:42.0899 0x0dcc  Cdaudio - ok
05:36:42.0979 0x0dcc  [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B391CD563B121DB ] Cdfs            C:\WINDOWS\system32\drivers\Cdfs.sys
05:36:43.0299 0x0dcc  Cdfs - ok
05:36:43.0459 0x0dcc  [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286AF674979098D1D ] Cdrom           C:\WINDOWS\system32\DRIVERS\cdrom.sys
05:36:43.0700 0x0dcc  Cdrom - ok
05:36:43.0710 0x0dcc  Changer - ok
05:36:43.0780 0x0dcc  [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7AC9D07319F1726 ] CiSvc           C:\WINDOWS\system32\cisvc.exe
05:36:44.0030 0x0dcc  CiSvc - ok
05:36:44.0140 0x0dcc  [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA8628CD4572CC9A43 ] ClipSrv         C:\WINDOWS\system32\clipsrv.exe
05:36:44.0391 0x0dcc  ClipSrv - ok
05:36:44.0481 0x0dcc  [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730285DAB64F6ED28 ] CmBatt          C:\WINDOWS\system32\DRIVERS\CmBatt.sys
05:36:44.0751 0x0dcc  CmBatt - ok
05:36:44.0912 0x0dcc  [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA748F34F11057E0 ] CmdIde          C:\WINDOWS\system32\DRIVERS\cmdide.sys
05:36:45.0352 0x0dcc  CmdIde - ok
05:36:45.0452 0x0dcc  [ 6186B6B953BDC884F0F379B84B3E3A98, 679DC67B74DA3615D3AC88FCF8C9B5144B66EE69710B21B005B57198108C2BFC ] COH_Mon         C:\WINDOWS\system32\Drivers\COH_Mon.sys
05:36:45.0482 0x0dcc  COH_Mon - ok
05:36:45.0573 0x0dcc  [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882F913B18A971F1C ] Compbatt        C:\WINDOWS\system32\DRIVERS\compbatt.sys
05:36:45.0793 0x0dcc  Compbatt - ok
05:36:45.0803 0x0dcc  COMSysApp - ok
05:36:45.0843 0x0dcc  [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA830639ED3E9903 ] Cpqarray        C:\WINDOWS\system32\DRIVERS\cpqarray.sys
05:36:46.0864 0x0dcc  Cpqarray - ok
05:36:46.0954 0x0dcc  [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F210FAF49E7086383 ] CryptSvc        C:\WINDOWS\System32\cryptsvc.dll
05:36:47.0205 0x0dcc  CryptSvc - ok
05:36:47.0485 0x0dcc  [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9F8F12135EDD88C ] dac2w2k         C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
05:36:49.0108 0x0dcc  dac2w2k - ok
05:36:49.0168 0x0dcc  [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CAD0BF0E2D86D510 ] dac960nt        C:\WINDOWS\system32\DRIVERS\dac960nt.sys
05:36:50.0099 0x0dcc  dac960nt - ok
05:36:50.0630 0x0dcc  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
05:36:51.0461 0x0dcc  DcomLaunch - ok
05:36:51.0801 0x0dcc  [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111DEAD6A92E42AB8D ] Dhcp            C:\WINDOWS\System32\dhcpcsvc.dll
05:36:52.0232 0x0dcc  Dhcp - ok
05:36:52.0613 0x0dcc  [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F7AAD26352DD689 ] Disk            C:\WINDOWS\system32\DRIVERS\disk.sys
05:36:52.0883 0x0dcc  Disk - ok
05:36:52.0893 0x0dcc  dmadmin - ok
05:36:53.0945 0x0dcc  [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B5714AA045545C9B99 ] dmboot          C:\WINDOWS\system32\drivers\dmboot.sys
05:36:58.0852 0x0dcc  dmboot - ok
05:36:58.0932 0x0dcc  [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C57AB73DAED8CCDE ] dmio            C:\WINDOWS\system32\drivers\dmio.sys
05:36:59.0112 0x0dcc  dmio - ok
05:36:59.0152 0x0dcc  [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC950CB450FF77CF7 ] dmload          C:\WINDOWS\system32\drivers\dmload.sys
05:36:59.0543 0x0dcc  dmload - ok
05:36:59.0603 0x0dcc  [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F704709293656600F ] dmserver        C:\WINDOWS\System32\dmserver.dll
05:36:59.0893 0x0dcc  dmserver - ok
05:37:00.0143 0x0dcc  [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84313CC68178D54F ] DMusic          C:\WINDOWS\system32\drivers\DMusic.sys
05:37:00.0374 0x0dcc  DMusic - ok
05:37:00.0434 0x0dcc  [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D09B84031E9FC7A ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
05:37:01.0015 0x0dcc  Dnscache - ok
05:37:01.0135 0x0dcc  [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D4928DA710F8BFBA3 ] Dot3svc         C:\WINDOWS\System32\dot3svc.dll
05:37:01.0325 0x0dcc  Dot3svc - ok
05:37:01.0415 0x0dcc  [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C787606C3F21243DB ] dpti2o          C:\WINDOWS\system32\DRIVERS\dpti2o.sys
05:37:02.0527 0x0dcc  dpti2o - ok
05:37:02.0567 0x0dcc  [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692ED7A8F58399AD5 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
05:37:02.0747 0x0dcc  drmkaud - ok
05:37:03.0458 0x0dcc  [ E814854E6B246CCF498874839AB64D77, D7BD17AD9709DA8305FF58710EE5EAA14BA5857F4B64C1CBDD21751625BFF2A3 ] drvmcdb         C:\WINDOWS\system32\drivers\drvmcdb.sys
05:37:03.0759 0x0dcc  drvmcdb - detected UnsignedFile.Multi.Generic ( 1 )
05:37:06.0402 0x0dcc  Detect skipped due to KSN trusted
05:37:06.0402 0x0dcc  drvmcdb - ok
05:37:07.0995 0x0dcc  [ EE83A4EBAE70BC93CF14879D062F548B, CCA423C19BC8A6807EE29DA7FA9F545FDF2D0AAA8D4556E13B864ED6F6683827 ] drvnddm         C:\WINDOWS\system32\drivers\drvnddm.sys
05:37:08.0245 0x0dcc  drvnddm - detected UnsignedFile.Multi.Generic ( 1 )
05:37:10.0689 0x0dcc  Detect skipped due to KSN trusted
05:37:10.0689 0x0dcc  drvnddm - ok
05:37:26.0792 0x0dcc  [ FE80901578E7E3DA70299A5AEB2B7FBD, E68E8BAAA37AE26318BE8C084CFDD9040E97714C75EAA64B9720AB41FB1C9EF5 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
05:37:29.0105 0x0dcc  DSBrokerService - ok
05:37:29.0506 0x0dcc  [ 413F2D5F9D802688242C23B38F767ECB, 6D5B6B8FC6E8E45555C444D3E881D3E44DE4C6F2602ADBB4D0E8E9F834089827 ] DSproct         C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
05:37:29.0696 0x0dcc  DSproct - detected UnsignedFile.Multi.Generic ( 1 )
05:37:32.0139 0x0dcc  Detect skipped due to KSN trusted
05:37:32.0139 0x0dcc  DSproct - ok
05:37:33.0531 0x0dcc  [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18DB46F49859D1C7 ] dsunidrv        C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
05:37:34.0172 0x0dcc  dsunidrv - ok
05:37:34.0232 0x0dcc  [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262AD754E5CE457C59 ] E100B           C:\WINDOWS\system32\DRIVERS\e100b325.sys
05:37:47.0962 0x0dcc  E100B - ok
05:37:48.0112 0x0dcc  [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B143A253CF2508CFD ] EapHost         C:\WINDOWS\System32\eapsvc.dll
05:37:48.0473 0x0dcc  EapHost - ok
05:37:48.0884 0x0dcc  [ 08EE8892FD19A6A951F40254E97F6EF3, 76F19B49DDC7B1CD7839BF0DF6A417F2DD756C924931F39291BC1D25A3C6077D ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
05:37:53.0140 0x0dcc  eeCtrl - ok
05:37:53.0921 0x0dcc  [ 050D136C61DBCF36C257206ADBBEC009, 0FD13A4B43534ABF84B637F0749AED30CAF8EB2A50C0ABE70B76608AEE925A30 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
05:37:54.0041 0x0dcc  EraserUtilRebootDrv - ok
05:37:54.0161 0x0dcc  [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D579D9507F4B1C23 ] ERSvc           C:\WINDOWS\System32\ersvc.dll
05:37:54.0532 0x0dcc  ERSvc - ok
05:37:54.0642 0x0dcc  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] Eventlog        C:\WINDOWS\system32\services.exe
05:37:54.0882 0x0dcc  Eventlog - ok
05:37:54.0992 0x0dcc  [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6ED319742CCCCD2 ] EventSystem     C:\WINDOWS\system32\es.dll
05:37:55.0623 0x0dcc  EventSystem - ok
05:37:55.0783 0x0dcc  [ D335183519E6814DFAB4ED3DD806A943, 6DF5AC4FF6C18EC38F74FAC94D846A5335FC552828BF8BFCF30AA3C5F77ED0BB ] EvtEng          C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
05:37:55.0874 0x0dcc  EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
05:37:58.0618 0x0dcc  Detect skipped due to KSN trusted
05:37:58.0618 0x0dcc  EvtEng - ok
05:37:58.0798 0x0dcc  [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AABFE934FCE268F6 ] Fastfat         C:\WINDOWS\system32\drivers\Fastfat.sys
05:37:59.0739 0x0dcc  Fastfat - ok
05:37:59.0879 0x0dcc  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
05:38:00.0420 0x0dcc  FastUserSwitchingCompatibility - ok
05:38:00.0620 0x0dcc  [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B60196336A5CBEB ] Fax             C:\WINDOWS\system32\fxssvc.exe
05:38:01.0141 0x0dcc  Fax - ok
05:38:01.0171 0x0dcc  [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E4F281D8578A1F5 ] Fdc             C:\WINDOWS\system32\DRIVERS\fdc.sys
05:38:01.0722 0x0dcc  Fdc - ok
05:38:01.0792 0x0dcc  [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA2531427A5E63DBD280DA ] Fips            C:\WINDOWS\system32\drivers\Fips.sys
05:38:02.0173 0x0dcc  Fips - ok
05:38:02.0203 0x0dcc  [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C0D13F4E82D8805 ] Flpydisk        C:\WINDOWS\system32\DRIVERS\flpydisk.sys
05:38:02.0583 0x0dcc  Flpydisk - ok
05:38:02.0733 0x0dcc  [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B7041957E33B36845D ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
05:38:03.0034 0x0dcc  FltMgr - ok
05:38:03.0054 0x0dcc  [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70660D114CC877E0 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
05:38:03.0444 0x0dcc  Fs_Rec - ok
05:38:03.0545 0x0dcc  [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B7639668E6999BAE3 ] Ftdisk          C:\WINDOWS\system32\DRIVERS\ftdisk.sys
05:38:03.0905 0x0dcc  Ftdisk - ok
05:38:04.0015 0x0dcc  [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA11BA65A80E7E50 ] Gpc             C:\WINDOWS\system32\DRIVERS\msgpc.sys
05:38:04.0366 0x0dcc  Gpc - ok
05:38:04.0586 0x0dcc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
05:38:04.0646 0x0dcc  gupdate - ok
05:38:04.0666 0x0dcc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
05:38:05.0668 0x0dcc  gupdatem - ok
05:38:05.0828 0x0dcc  [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8ADEAB8144E2C80A ] helpsvc         C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
05:38:06.0168 0x0dcc  helpsvc - ok
05:38:06.0269 0x0dcc  [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB53644211DBD3D2F32 ] HidServ         C:\WINDOWS\System32\hidserv.dll
05:38:06.0489 0x0dcc  HidServ - ok
05:38:06.0569 0x0dcc  [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EEAA6335D6A126EC ] HidUsb          C:\WINDOWS\system32\DRIVERS\hidusb.sys
05:38:07.0020 0x0dcc  HidUsb - ok
05:38:07.0110 0x0dcc  [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B7922AD946597E2 ] hkmsvc          C:\WINDOWS\System32\kmsvc.dll
05:38:07.0450 0x0dcc  hkmsvc - ok
05:38:07.0490 0x0dcc  [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB9F15A0D2684C8B ] hpn             C:\WINDOWS\system32\DRIVERS\hpn.sys
05:38:07.0941 0x0dcc  hpn - ok
05:38:08.0011 0x0dcc  [ C2A7D9109B7F10A455D13B2432837B16, 6F4B3F18DAD27201D1AFE44D583CB1C5CEFC9BB68B093932CE8220D0E831C4B5 ] HSFHWICH        C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys
05:38:08.0422 0x0dcc  HSFHWICH - ok
05:38:08.0872 0x0dcc  [ 9A0D0C461EF2B3D80CB7875B4B995E47, 457A6EA4EE69351B6660B5C782BF777C9259CB18A268503101E9832E1766B050 ] HSF_DP          C:\WINDOWS\system32\DRIVERS\HSF_DP.sys
05:38:09.0583 0x0dcc  HSF_DP - ok
05:38:09.0794 0x0dcc  [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89CF75F4B7A1FDF3 ] HTTP            C:\WINDOWS\system32\Drivers\HTTP.sys
05:38:10.0204 0x0dcc  HTTP - ok
05:38:10.0354 0x0dcc  [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A5732390EE5426E4AF6C9 ] HTTPFilter      C:\WINDOWS\System32\w3ssl.dll
05:38:10.0595 0x0dcc  HTTPFilter - ok
05:38:10.0655 0x0dcc  [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F75377434830536899734B6EE ] i2omgmt         C:\WINDOWS\system32\drivers\i2omgmt.sys
05:38:11.0246 0x0dcc  i2omgmt - ok
05:38:11.0446 0x0dcc  [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467144370851F1615 ] i2omp           C:\WINDOWS\system32\DRIVERS\i2omp.sys
05:38:12.0087 0x0dcc  i2omp - ok
05:38:12.0167 0x0dcc  [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5B8F70416863918 ] i8042prt        C:\WINDOWS\system32\DRIVERS\i8042prt.sys
05:38:12.0518 0x0dcc  i8042prt - ok
05:38:12.0598 0x0dcc  [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D18F2269F78B31F4 ] Imapi           C:\WINDOWS\system32\DRIVERS\imapi.sys
05:38:12.0938 0x0dcc  Imapi - ok
05:38:13.0229 0x0dcc  [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E84AC0263B43EE0D ] ImapiService    C:\WINDOWS\system32\imapi.exe
05:38:13.0609 0x0dcc  ImapiService - ok
05:38:13.0669 0x0dcc  [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342FF7D21A17AF437 ] ini910u         C:\WINDOWS\system32\DRIVERS\ini910u.sys
05:38:15.0412 0x0dcc  ini910u - ok
05:38:15.0482 0x0dcc  [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7AB488F7CA8D339E ] IntelIde        C:\WINDOWS\system32\DRIVERS\intelide.sys
05:38:15.0702 0x0dcc  IntelIde - ok
05:38:15.0882 0x0dcc  [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000F31ECE4EBC25E6 ] intelppm        C:\WINDOWS\system32\DRIVERS\intelppm.sys
05:38:16.0463 0x0dcc  intelppm - ok
05:38:16.0663 0x0dcc  [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C18445B5F0D8B16 ] Ip6Fw           C:\WINDOWS\system32\drivers\ip6fw.sys
05:38:17.0044 0x0dcc  Ip6Fw - ok
05:38:17.0134 0x0dcc  [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213CFA11970811848 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
05:38:17.0575 0x0dcc  IpFilterDriver - ok
05:38:17.0735 0x0dcc  [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F60D1523FAF319A ] IpInIp          C:\WINDOWS\system32\DRIVERS\ipinip.sys
05:38:18.0366 0x0dcc  IpInIp - ok
05:38:18.0526 0x0dcc  [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5DB629C186C439E0 ] IpNat           C:\WINDOWS\system32\DRIVERS\ipnat.sys
05:38:18.0997 0x0dcc  IpNat - ok
05:38:19.0047 0x0dcc  [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9E3363863AEDFDC ] IPSec           C:\WINDOWS\system32\DRIVERS\ipsec.sys
05:38:19.0237 0x0dcc  IPSec - ok
05:38:19.0277 0x0dcc  [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228AB70DB7D20544A ] IRENUM          C:\WINDOWS\system32\DRIVERS\irenum.sys
05:38:19.0818 0x0dcc  IRENUM - ok
05:38:19.0918 0x0dcc  [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B3586917166C2DC ] isapnp          C:\WINDOWS\system32\DRIVERS\isapnp.sys
05:38:20.0118 0x0dcc  isapnp - ok
05:38:20.0259 0x0dcc  [ 872D090CA5C306F62D1982BCE6302376, 8735DD681433349E10888D512CDC3500A1E407D303ED283A013AF72D05890770 ] IWCA            C:\WINDOWS\system32\DRIVERS\iwca.sys
05:38:21.0160 0x0dcc  IWCA - ok
05:38:21.0230 0x0dcc  [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE20310602D7FC27A3A7 ] Kbdclass        C:\WINDOWS\system32\DRIVERS\kbdclass.sys
05:38:21.0581 0x0dcc  Kbdclass - ok
05:38:21.0601 0x0dcc  [ 9EF487A186DEA361AA06913A75B3FA99, B94EBA4EC6D85E11C81AF9927E9EF0AF2E6FE134CFF1FDB0535B7C5A794B4261 ] kbdhid          C:\WINDOWS\system32\DRIVERS\kbdhid.sys
05:38:21.0821 0x0dcc  kbdhid - ok
05:38:21.0931 0x0dcc  [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B38CEFA9E41D67DC ] kmixer          C:\WINDOWS\system32\drivers\kmixer.sys
05:38:22.0522 0x0dcc  kmixer - ok
05:38:22.0702 0x0dcc  [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131FAF0FBA748219E ] KSecDD          C:\WINDOWS\system32\drivers\KSecDD.sys
05:38:23.0834 0x0dcc  KSecDD - ok
05:38:23.0964 0x0dcc  [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F79D4DC40ACD6EE0 ] lanmanserver    C:\WINDOWS\System32\srvsvc.dll
05:38:24.0465 0x0dcc  lanmanserver - ok
05:38:24.0715 0x0dcc  [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E74D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
05:38:25.0196 0x0dcc  lanmanworkstation - ok
05:38:25.0396 0x0dcc  lbrtfdc - ok
05:38:28.0050 0x0dcc  [ 6ABE9ECAAB7DD0CC6F46EC830E0FE8FC, 0A5822CC6D0A73E5C462749020EE737D909CF6C930C0BF80506E4E758425D37C ] LiveUpdate      C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
05:38:32.0396 0x0dcc  LiveUpdate - ok
05:38:32.0486 0x0dcc  [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF062D9DCFB75ACF ] LmHosts         C:\WINDOWS\System32\lmhsvc.dll
05:38:32.0666 0x0dcc  LmHosts - ok
05:38:32.0697 0x0dcc  [ EEAEA6514BA7C9D273B5E87C4E1AAB30, 3B724C6A8867B1B7A45D832150E0CFAC1004D3B972A2A7BFDD2ADDDB2488BB1E ] mdmxsdk         C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
05:38:32.0837 0x0dcc  mdmxsdk - ok
05:38:32.0957 0x0dcc  [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793E8DCCC73F55340 ] Messenger       C:\WINDOWS\System32\msgsvc.dll
05:38:33.0247 0x0dcc  Messenger - ok
05:38:33.0818 0x0dcc  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
05:38:34.0409 0x0dcc  Microsoft Office Groove Audit Service - ok
05:38:34.0499 0x0dcc  [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A38C11D8DBFE68BC ] mnmdd           C:\WINDOWS\system32\drivers\mnmdd.sys
05:38:34.0830 0x0dcc  mnmdd - ok
05:38:34.0890 0x0dcc  [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608EED0F50AF070D4 ] mnmsrvc         C:\WINDOWS\system32\mnmsrvc.exe
05:38:35.0070 0x0dcc  mnmsrvc - ok
05:38:35.0140 0x0dcc  [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F6768AB857B719E97B ] Modem           C:\WINDOWS\system32\drivers\Modem.sys
05:38:35.0360 0x0dcc  Modem - ok
05:38:35.0400 0x0dcc  [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E04782957690B69530DB39 ] Mouclass        C:\WINDOWS\system32\DRIVERS\mouclass.sys
05:38:35.0661 0x0dcc  Mouclass - ok
05:38:35.0811 0x0dcc  [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B15190BBD66E7153 ] mouhid          C:\WINDOWS\system32\DRIVERS\mouhid.sys
05:38:36.0242 0x0dcc  mouhid - ok
05:38:36.0272 0x0dcc  [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422561F4D269C012F ] MountMgr        C:\WINDOWS\system32\drivers\MountMgr.sys
05:38:36.0682 0x0dcc  MountMgr - ok
05:38:36.0832 0x0dcc  [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F70905ADC7A44EA7DAD ] mraid35x        C:\WINDOWS\system32\DRIVERS\mraid35x.sys
05:38:38.0204 0x0dcc  mraid35x - ok
05:38:38.0335 0x0dcc  [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE52554765C2B1A22 ] MRxDAV          C:\WINDOWS\system32\DRIVERS\mrxdav.sys
05:38:38.0635 0x0dcc  MRxDAV - ok
05:38:38.0915 0x0dcc  [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6CB1C22840ED170 ] MRxSmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
05:38:39.0346 0x0dcc  MRxSmb - ok
05:38:39.0416 0x0dcc  [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F616301B30B858C724E8 ] MSDTC           C:\WINDOWS\system32\msdtc.exe
05:38:39.0797 0x0dcc  MSDTC - ok
05:38:39.0857 0x0dcc  [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD3222948CD49BBD ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
05:38:40.0077 0x0dcc  Msfs - ok
05:38:40.0087 0x0dcc  MSIServer - ok
05:38:40.0127 0x0dcc  [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE675D7BCF0B176A ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
05:38:40.0688 0x0dcc  MSKSSRV - ok
05:38:40.0738 0x0dcc  [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE83DB1183B0CEE91 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
05:38:41.0139 0x0dcc  MSPCLOCK - ok
05:38:41.0199 0x0dcc  [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243EDDDEB33F9816C ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
05:38:41.0569 0x0dcc  MSPQM - ok
05:38:41.0649 0x0dcc  [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A5F98176FAC1520 ] mssmbios        C:\WINDOWS\system32\DRIVERS\mssmbios.sys
05:38:42.0000 0x0dcc  mssmbios - ok
05:38:42.0070 0x0dcc  [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E0FDF901D2F9261 ] Mup             C:\WINDOWS\system32\drivers\Mup.sys
05:38:42.0380 0x0dcc  Mup - ok
05:38:42.0641 0x0dcc  [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F6785DFAABF339B09 ] napagent        C:\WINDOWS\System32\qagentrt.dll
05:38:43.0031 0x0dcc  napagent - ok
05:38:43.0332 0x0dcc  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20140304.018\NAVENG.SYS
05:38:43.0412 0x0dcc  NAVENG - ok
05:38:44.0293 0x0dcc  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20140304.018\NAVEX15.SYS
05:38:45.0074 0x0dcc  NAVEX15 - ok
05:38:45.0215 0x0dcc  [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5FE2FF34CFD713F9 ] NDIS            C:\WINDOWS\system32\drivers\NDIS.sys
05:38:45.0605 0x0dcc  NDIS - ok
05:38:45.0675 0x0dcc  [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59A9236CB46729B2 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
05:38:45.0845 0x0dcc  NdisTapi - ok
05:38:45.0916 0x0dcc  [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA4AB58455962BEE ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
05:38:46.0106 0x0dcc  Ndisuio - ok
05:38:46.0126 0x0dcc  [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F9633EC4D383E06097 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
05:38:46.0496 0x0dcc  NdisWan - ok
05:38:46.0546 0x0dcc  [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC006652E21FE02AC ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
05:38:46.0737 0x0dcc  NDProxy - ok
05:38:46.0767 0x0dcc  [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C1AB140D0B2CC0C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
05:38:47.0087 0x0dcc  NetBIOS - ok
05:38:47.0177 0x0dcc  [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F4358837B75640A82 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
05:38:47.0618 0x0dcc  NetBT - ok
05:38:47.0938 0x0dcc  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDE          C:\WINDOWS\system32\netdde.exe
05:38:48.0179 0x0dcc  NetDDE - ok
05:38:48.0209 0x0dcc  [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9CDE99F1C6B0F4C ] NetDDEdsdm      C:\WINDOWS\system32\netdde.exe
05:38:48.0349 0x0dcc  NetDDEdsdm - ok
05:38:49.0120 0x0dcc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] Netlogon        C:\WINDOWS\system32\lsass.exe
05:38:49.0320 0x0dcc  Netlogon - ok
05:38:50.0352 0x0dcc  [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C136027A098B2E1C6166 ] Netman          C:\WINDOWS\System32\netman.dll
05:38:50.0642 0x0dcc  Netman - ok
05:38:52.0906 0x0dcc  [ 23EEB337BF684589D261F2359E19C72C, 0721BD22A9D5375BD03D4CFB2A1D34BAA46CF800D33C714A5D8CFBE836C3D315 ] NICCONFIGSVC    C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
05:38:53.0036 0x0dcc  NICCONFIGSVC - detected UnsignedFile.Multi.Generic ( 1 )
05:38:55.0770 0x0dcc  Detect skipped due to KSN trusted
05:38:55.0770 0x0dcc  NICCONFIGSVC - ok
05:38:55.0940 0x0dcc  [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8602636FEE7AFD4 ] Nla             C:\WINDOWS\System32\mswsock.dll
05:38:56.0180 0x0dcc  Nla - ok
05:38:56.0230 0x0dcc  [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130D1CA919406CF19 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
05:38:56.0621 0x0dcc  Npfs - ok
05:38:57.0022 0x0dcc  [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66CF6B40B60C8F3DA ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
05:38:57.0442 0x0dcc  Ntfs - ok
05:38:57.0492 0x0dcc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] NtLmSsp         C:\WINDOWS\system32\lsass.exe
05:38:57.0813 0x0dcc  NtLmSsp - ok
05:38:57.0953 0x0dcc  [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84F83FC3043FA9CD ] NtmsSvc         C:\WINDOWS\system32\ntmssvc.dll
05:38:58.0924 0x0dcc  NtmsSvc - ok
05:38:58.0974 0x0dcc  [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7AA55D0F0EB08D4 ] Null            C:\WINDOWS\system32\drivers\Null.sys
05:38:59.0395 0x0dcc  Null - ok
05:39:00.0106 0x0dcc  [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954286F8A246F5592 ] nv              C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
05:39:01.0107 0x0dcc  nv - ok
05:39:01.0127 0x0dcc  [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8ED72A367720464 ] NwlnkFlt        C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
05:39:01.0458 0x0dcc  NwlnkFlt - ok
05:39:01.0548 0x0dcc  [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09A67337A4E73F55 ] NwlnkFwd        C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
05:39:02.0439 0x0dcc  NwlnkFwd - ok
05:39:02.0509 0x0dcc  [ F06D9977A75213888804EAA9CEB8598B, 1EB3E1C61BE1A7DC2D024AEB35CC189B5E7A14EF51A220A42A3E4B6A87B59A78 ] O2SCBUS         C:\WINDOWS\system32\DRIVERS\ozscr.sys
05:39:02.0930 0x0dcc  O2SCBUS - ok
05:39:03.0311 0x0dcc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
05:39:03.0921 0x0dcc  odserv - ok
05:39:03.0982 0x0dcc  [ B17228142CEC9B3C222239FD935A37CA, 862498084CBF4579FCC12807F30BACDAAC16115CC6DB56274B7C49796B62A5CC ] omci            C:\WINDOWS\system32\DRIVERS\omci.sys
05:39:04.0042 0x0dcc  omci - detected UnsignedFile.Multi.Generic ( 1 )
05:39:06.0816 0x0dcc  Detect skipped due to KSN trusted
05:39:06.0816 0x0dcc  omci - ok
05:39:06.0946 0x0dcc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
05:39:07.0637 0x0dcc  ose - ok
05:39:07.0687 0x0dcc  [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB47AEAE8D344D3B ] Parport         C:\WINDOWS\system32\DRIVERS\parport.sys
05:39:07.0837 0x0dcc  Parport - ok
05:39:07.0907 0x0dcc  [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80AE828BF97E5A5CA ] PartMgr         C:\WINDOWS\system32\drivers\PartMgr.sys
05:39:08.0077 0x0dcc  PartMgr - ok
05:39:08.0148 0x0dcc  [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD110B001AFC22A1 ] ParVdm          C:\WINDOWS\system32\drivers\ParVdm.sys
05:39:08.0358 0x0dcc  ParVdm - ok
05:39:08.0408 0x0dcc  [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B22984804CEC269 ] PCI             C:\WINDOWS\system32\DRIVERS\pci.sys
05:39:08.0668 0x0dcc  PCI - ok
05:39:08.0668 0x0dcc  PCIDump - ok
05:39:08.0738 0x0dcc  [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020198724042C9257 ] PCIIde          C:\WINDOWS\system32\DRIVERS\pciide.sys
05:39:08.0959 0x0dcc  PCIIde - ok
05:39:08.0979 0x0dcc  [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FCFEC1C8C987F617 ] Pcmcia          C:\WINDOWS\system32\DRIVERS\pcmcia.sys
05:39:10.0942 0x0dcc  Pcmcia - ok
05:39:10.0962 0x0dcc  PDCOMP - ok
05:39:10.0982 0x0dcc  PDFRAME - ok
05:39:11.0002 0x0dcc  PDRELI - ok
05:39:11.0012 0x0dcc  PDRFRAME - ok
05:39:11.0072 0x0dcc  [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E4A8AC1F8A13B26 ] perc2           C:\WINDOWS\system32\DRIVERS\perc2.sys
05:39:11.0843 0x0dcc  perc2 - ok
05:39:11.0873 0x0dcc  [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC429A3AB6C663D5 ] perc2hib        C:\WINDOWS\system32\DRIVERS\perc2hib.sys
05:39:12.0273 0x0dcc  perc2hib - ok
05:39:12.0324 0x0dcc  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] PlugPlay        C:\WINDOWS\system32\services.exe
05:39:12.0434 0x0dcc  PlugPlay - ok
05:39:12.0484 0x0dcc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] PolicyAgent     C:\WINDOWS\system32\lsass.exe
05:39:12.0684 0x0dcc  PolicyAgent - ok
05:39:12.0754 0x0dcc  [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5BE413AAE968EFF1 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
05:39:12.0984 0x0dcc  PptpMiniport - ok
05:39:12.0994 0x0dcc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
05:39:13.0185 0x0dcc  ProtectedStorage - ok
05:39:13.0235 0x0dcc  [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A14BF1E361AC6AC3 ] PSched          C:\WINDOWS\system32\DRIVERS\psched.sys
05:39:13.0415 0x0dcc  PSched - ok
05:39:13.0445 0x0dcc  [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6063FB14AF7F12C ] Ptilink         C:\WINDOWS\system32\DRIVERS\ptilink.sys
05:39:13.0605 0x0dcc  Ptilink - ok
05:39:13.0695 0x0dcc  [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9EAB818A46FB8C18 ] PxHelp20        C:\WINDOWS\system32\Drivers\PxHelp20.sys
05:39:13.0726 0x0dcc  PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
05:39:16.0199 0x0dcc  Detect skipped due to KSN trusted
05:39:16.0199 0x0dcc  PxHelp20 - ok
05:39:16.0249 0x0dcc  [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD188E9913BADAB0EF ] ql1080          C:\WINDOWS\system32\DRIVERS\ql1080.sys
05:39:16.0750 0x0dcc  ql1080 - ok
05:39:16.0780 0x0dcc  [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F26FCA2E6F2E05A6 ] Ql10wnt         C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
05:39:17.0671 0x0dcc  Ql10wnt - ok
05:39:17.0731 0x0dcc  [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB859DA5C9B2586A ] ql12160         C:\WINDOWS\system32\DRIVERS\ql12160.sys
05:39:19.0093 0x0dcc  ql12160 - ok
05:39:19.0133 0x0dcc  [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6DBAFE0F117603D6 ] ql1240          C:\WINDOWS\system32\DRIVERS\ql1240.sys
05:39:19.0474 0x0dcc  ql1240 - ok
05:39:19.0504 0x0dcc  [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C316A38E4781A6152 ] ql1280          C:\WINDOWS\system32\DRIVERS\ql1280.sys
05:39:19.0774 0x0dcc  ql1280 - ok
05:39:19.0794 0x0dcc  [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6265F4650470692 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
05:39:19.0944 0x0dcc  RasAcd - ok
05:39:19.0985 0x0dcc  [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F31862656E96E2B20C ] RasAuto         C:\WINDOWS\System32\rasauto.dll
05:39:20.0165 0x0dcc  RasAuto - ok
05:39:20.0215 0x0dcc  [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9051745F63FF5AD ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
05:39:20.0375 0x0dcc  Rasl2tp - ok
05:39:20.0485 0x0dcc  [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7585DB6EB978EC8 ] RasMan          C:\WINDOWS\System32\rasmans.dll
05:39:20.0666 0x0dcc  RasMan - ok
05:39:20.0706 0x0dcc  [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D6979289CA651B8 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
05:39:20.0906 0x0dcc  RasPppoe - ok
05:39:20.0936 0x0dcc  [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E52E508E47444DB ] Raspti          C:\WINDOWS\system32\DRIVERS\raspti.sys
05:39:21.0106 0x0dcc  Raspti - ok
05:39:21.0206 0x0dcc  [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264CD8CB8D108EC801 ] Rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
05:39:21.0557 0x0dcc  Rdbss - ok
05:39:21.0567 0x0dcc  [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986E67AF767F373BB ] RDPCDD          C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
05:39:21.0737 0x0dcc  RDPCDD - ok
05:39:21.0787 0x0dcc  [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129BA9E85F1DF723E ] rdpdr           C:\WINDOWS\system32\DRIVERS\rdpdr.sys
05:39:21.0987 0x0dcc  rdpdr - ok
05:39:22.0088 0x0dcc  [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE50701381D665122D7356D ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
05:39:22.0268 0x0dcc  RDPWD - ok
05:39:22.0358 0x0dcc  [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944333039375AC08C ] RDSessMgr       C:\WINDOWS\system32\sessmgr.exe
05:39:22.0588 0x0dcc  RDSessMgr - ok
05:39:22.0638 0x0dcc  [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CAE8812EFF106ECF ] redbook         C:\WINDOWS\system32\DRIVERS\redbook.sys
05:39:22.0869 0x0dcc  redbook - ok
05:39:22.0949 0x0dcc  [ 15BA3BCEEB32C4279B27F5C3389E4847, 8EC495A33C939F55E6B1873975722FB788B41946A145952012C2712A928AB4AE ] RegSrvc         C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
05:39:22.0989 0x0dcc  RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
05:39:25.0623 0x0dcc  Detect skipped due to KSN trusted
05:39:25.0623 0x0dcc  RegSrvc - ok
05:39:25.0653 0x0dcc  [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F689A1E45200FFE4 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
05:39:26.0634 0x0dcc  RemoteAccess - ok
05:39:26.0664 0x0dcc  [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6E87FDE8C6C14B0 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
05:39:27.0055 0x0dcc  RemoteRegistry - ok
05:39:27.0115 0x0dcc  [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC343561DC5EF9A360 ] RpcLocator      C:\WINDOWS\system32\locator.exe
05:39:27.0315 0x0dcc  RpcLocator - ok
05:39:27.0395 0x0dcc  [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006CE8CF30E826CFD ] RpcSs           C:\WINDOWS\system32\rpcss.dll
05:39:27.0535 0x0dcc  RpcSs - ok
05:39:27.0626 0x0dcc  [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7AED86A13FE8623 ] RSVP            C:\WINDOWS\system32\rsvp.exe
05:39:27.0846 0x0dcc  RSVP - ok
05:39:27.0946 0x0dcc  [ 79A647519CA3E700E9738153F788FB7D, 2E59918FB25A0958108875C0A1F99C07E9BF75642DAC11D18595BECB42F6A6EB ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
05:39:28.0066 0x0dcc  S24EventMonitor - detected UnsignedFile.Multi.Generic ( 1 )
05:39:30.0560 0x0dcc  Detect skipped due to KSN trusted
05:39:30.0560 0x0dcc  S24EventMonitor - ok
05:39:30.0590 0x0dcc  [ 81AA6F0D6A2BE1C550F814B036215888, 215193B265A8812A9360176E93E27DE62F75EABFC1E4B736F37A281B967F2BE3 ] s24trans        C:\WINDOWS\system32\DRIVERS\s24trans.sys
05:39:30.0670 0x0dcc  s24trans - detected UnsignedFile.Multi.Generic ( 1 )
05:39:33.0123 0x0dcc  Detect skipped due to KSN trusted
05:39:33.0123 0x0dcc  s24trans - ok
05:39:33.0153 0x0dcc  [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799CF941C682AB501 ] SamSs           C:\WINDOWS\system32\lsass.exe
05:39:33.0474 0x0dcc  SamSs - ok
05:39:33.0574 0x0dcc  [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F45DD054EEA04C7 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.exe
05:39:33.0744 0x0dcc  SCardSvr - ok
05:39:33.0885 0x0dcc  [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E6F28217C3FB605 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
05:39:34.0075 0x0dcc  Schedule - ok
05:39:34.0175 0x0dcc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] Secdrv          C:\WINDOWS\system32\DRIVERS\secdrv.sys
05:39:34.0465 0x0dcc  Secdrv - ok
05:39:34.0525 0x0dcc  [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35D2B1CF867E9D96 ] seclogon        C:\WINDOWS\System32\seclogon.dll
05:39:34.0806 0x0dcc  seclogon - ok
05:39:34.0856 0x0dcc  [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E29FD5247A5DCA6 ] SENS            C:\WINDOWS\system32\sens.dll
05:39:35.0767 0x0dcc  SENS - ok
05:39:35.0807 0x0dcc  [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E5F52394F87C6A5 ] serenum         C:\WINDOWS\system32\DRIVERS\serenum.sys
05:39:36.0108 0x0dcc  serenum - ok
05:39:36.0118 0x0dcc  [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1D29F3FF2DD8D6C ] Serial          C:\WINDOWS\system32\DRIVERS\serial.sys
05:39:36.0268 0x0dcc  Serial - ok
05:39:36.0328 0x0dcc  [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C878604C9277FC77959F ] Sfloppy         C:\WINDOWS\system32\drivers\Sfloppy.sys
05:39:36.0538 0x0dcc  Sfloppy - ok
05:39:36.0699 0x0dcc  [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E51F1FC37E9D4DD7 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
05:39:37.0069 0x0dcc  SharedAccess - ok
05:39:37.0129 0x0dcc  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
05:39:37.0229 0x0dcc  ShellHWDetection - ok
05:39:37.0239 0x0dcc  Simbad - ok
05:39:37.0329 0x0dcc  [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C893148EF6322D2FABE ] sisagp          C:\WINDOWS\system32\DRIVERS\sisagp.sys
05:39:37.0510 0x0dcc  sisagp - ok
05:39:38.0081 0x0dcc  [ 8317AD0C7E640411C746D5664EB7957A, 1C45F12401ACEC9DD1CC861A882C75C1D20C53455EA5CD3EA4DFAC6B59560B87 ] SmcService      C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
05:39:38.0782 0x0dcc  SmcService - ok
05:39:39.0032 0x0dcc  [ 95293A76341B1DB125EE125474657728, 21A85E83909EBD28375B93DCDFABA4400F48286CFDF7E1B3859110381E984000 ] SNAC            C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE
05:39:39.0583 0x0dcc  SNAC - ok
05:39:39.0633 0x0dcc  [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B1477C51D2D609D2E ] Sparrow         C:\WINDOWS\system32\DRIVERS\sparrow.sys
05:39:39.0763 0x0dcc  Sparrow - ok
05:39:39.0903 0x0dcc  [ E87CF104F12C92401C4D33C50A3D5DC8, AFC0360F7588EBDD072465B1AD1F54C673DCF65BB1B8DBF40576AA47D7218C71 ] SPBBCDrv        C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
05:39:40.0154 0x0dcc  SPBBCDrv - ok
05:39:40.0234 0x0dcc  [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C3B1FFDF7481D9E ] splitter        C:\WINDOWS\system32\drivers\splitter.sys
05:39:40.0524 0x0dcc  splitter - ok
05:39:40.0604 0x0dcc  [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE0213DF7B74D742F1F ] Spooler         C:\WINDOWS\system32\spoolsv.exe
05:39:40.0704 0x0dcc  Spooler - ok
05:39:40.0794 0x0dcc  [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2CA532336CD2DFA ] sr              C:\WINDOWS\system32\DRIVERS\sr.sys
05:39:41.0135 0x0dcc  sr - ok
05:39:41.0305 0x0dcc  [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB58139CBB358A88F6F3 ] srservice       C:\WINDOWS\system32\srsvc.dll
05:39:41.0465 0x0dcc  srservice - ok
05:39:41.0636 0x0dcc  [ B36F8D6A02FF2B3A53E250A629782F29, 4E648175AD96FC48EC69F85C6C8DDA3218D875602166198D48516BAF6E2FD37B ] SRTSP           C:\WINDOWS\system32\Drivers\SRTSP.SYS
05:39:41.0916 0x0dcc  SRTSP - ok
05:39:42.0767 0x0dcc  [ E99BD98AC171A29FC1BA9376BE87AE73, 3CB61281FC549D669677C47529D47F2337F42290E28C42CF3B2AA533C76D5D6E ] SRTSPL          C:\WINDOWS\system32\Drivers\SRTSPL.SYS
05:39:43.0308 0x0dcc  SRTSPL - ok
05:39:43.0378 0x0dcc  [ 1AF34729898063E9B7DF8D149D767E07, A12E03ECE1275B968D690F5F3E79EF4D4044111DF24933AE3C77E42CBBB97FB0 ] SRTSPX          C:\WINDOWS\system32\Drivers\SRTSPX.SYS
05:39:43.0418 0x0dcc  SRTSPX - ok
05:39:43.0629 0x0dcc  [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A702CDBD98E1BDD7 ] Srv             C:\WINDOWS\system32\DRIVERS\srv.sys
05:39:43.0939 0x0dcc  Srv - ok
05:39:44.0039 0x0dcc  [ D7968049BE0ADBB6A57CEE3960320911, 6FB6D7BE384324211DAEDCCD80BA983E32183D08DF6C5B5B5453773DCC0F4D5B ] sscdbhk5        C:\WINDOWS\system32\drivers\sscdbhk5.sys
05:39:44.0129 0x0dcc  sscdbhk5 - detected UnsignedFile.Multi.Generic ( 1 )
05:39:46.0683 0x0dcc  Detect skipped due to KSN trusted
05:39:46.0683 0x0dcc  sscdbhk5 - ok
05:39:46.0733 0x0dcc  [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C18558A737E57E5FA8 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
05:39:47.0073 0x0dcc  SSDPSRV - ok
05:39:47.0124 0x0dcc  [ C3FFD65ABFB6441E7606CF74F1155273, EFA481D5075A9C0490CEBA5F8223BE322EB3811465F41A1FB3386E30E8C81714 ] ssrtln          C:\WINDOWS\system32\drivers\ssrtln.sys
05:39:47.0194 0x0dcc  ssrtln - detected UnsignedFile.Multi.Generic ( 1 )
05:39:49.0627 0x0dcc  Detect skipped due to KSN trusted
05:39:49.0627 0x0dcc  ssrtln - ok
05:39:53.0763 0x0dcc  [ 5813D453EF8CE49D607C255CF128ACEB, F7A5A8D768B6712082DA21A5D2D4E0D884AB3CFE7BEC95B5BF73140506C6958E ] STAC97          C:\WINDOWS\system32\drivers\stac97.sys
05:39:53.0893 0x0dcc  STAC97 - ok
05:39:53.0973 0x0dcc  [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246FCA3384BBA2305 ] stisvc          C:\WINDOWS\system32\wiaservc.dll
05:39:54.0214 0x0dcc  stisvc - ok
05:39:54.0294 0x0dcc  [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A6334E886BCE638B51 ] swenum          C:\WINDOWS\system32\DRIVERS\swenum.sys
05:39:54.0524 0x0dcc  swenum - ok
05:39:54.0885 0x0dcc  [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42C4948AE5A23A3B ] swmidi          C:\WINDOWS\system32\drivers\swmidi.sys
05:39:55.0025 0x0dcc  swmidi - ok
05:39:55.0025 0x0dcc  SwPrv - ok
05:39:55.0265 0x0dcc  [ 4402CF4959A30CB6A008099ABA8F22A9, 237DFBDF297E64B4B2AAC2D92DE881C933C9A3896A7F6FDCC2ABE1202BA840B0 ] Symantec AntiVirus C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
05:39:55.0766 0x0dcc  Symantec AntiVirus - ok
05:39:55.0816 0x0dcc  [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410BB46C4D96C96BB ] symc810         C:\WINDOWS\system32\DRIVERS\symc810.sys
05:39:56.0197 0x0dcc  symc810 - ok
05:39:56.0237 0x0dcc  [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F9216931704A6D8 ] symc8xx         C:\WINDOWS\system32\DRIVERS\symc8xx.sys
05:39:56.0717 0x0dcc  symc8xx - ok
05:39:56.0767 0x0dcc  [ E42A34E6F5CA71A84D4C2DE620AAD13D, 91CA59A9F060ACD6373524D3C1CE10FD12594E7B502D44B827BDE426BF36D96E ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
05:39:56.0787 0x0dcc  SymEvent - ok
05:39:56.0848 0x0dcc  [ 394B2368212114D538316812AF60FDDD, 74DAC801C692DD858EF2A410D99D9E0DE565599436A8F80D7B39818F062B943F ] SYMREDRV        C:\WINDOWS\System32\Drivers\SYMREDRV.SYS
05:39:56.0868 0x0dcc  SYMREDRV - ok
05:39:56.0898 0x0dcc  [ D46676BB414C7531BDFFE637A33F5033, BDF9792FB05455B7B5600063CFC783802F7948ABF614AD74D20CDB0BAAC86D11 ] SYMTDI          C:\WINDOWS\System32\Drivers\SYMTDI.SYS
05:39:56.0918 0x0dcc  SYMTDI - ok
05:39:56.0948 0x0dcc  [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E815D9BBE174432 ] sym_hi          C:\WINDOWS\system32\DRIVERS\sym_hi.sys
05:39:57.0208 0x0dcc  sym_hi - ok
05:39:57.0218 0x0dcc  [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF98267C7BE809D853B ] sym_u3          C:\WINDOWS\system32\DRIVERS\sym_u3.sys
05:39:57.0529 0x0dcc  sym_u3 - ok
05:39:57.0599 0x0dcc  [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8DCD148F3F36A2DA ] sysaudio        C:\WINDOWS\system32\drivers\sysaudio.sys
05:39:57.0819 0x0dcc  sysaudio - ok
05:39:57.0889 0x0dcc  [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57DEADAADE18535B ] SysmonLog       C:\WINDOWS\system32\smlogsvc.exe
05:39:58.0099 0x0dcc  SysmonLog - ok
05:39:58.0199 0x0dcc  [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802794F62B72FD255 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
05:39:58.0440 0x0dcc  TapiSrv - ok
05:39:58.0560 0x0dcc  [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C7020CFF8A44552 ] Tcpip           C:\WINDOWS\system32\DRIVERS\tcpip.sys
05:39:58.0690 0x0dcc  Tcpip - ok
05:39:58.0760 0x0dcc  [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D99A320B8A53A5A ] TDPIPE          C:\WINDOWS\system32\drivers\TDPIPE.sys
05:39:58.0991 0x0dcc  TDPIPE - ok
05:39:59.0031 0x0dcc  [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E38E7AE1EE93F2F ] TDTCP           C:\WINDOWS\system32\drivers\TDTCP.sys
05:39:59.0341 0x0dcc  TDTCP - ok
05:39:59.0381 0x0dcc  [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D99DF0D49AC34B3B ] TermDD          C:\WINDOWS\system32\DRIVERS\termdd.sys
05:39:59.0652 0x0dcc  TermDD - ok
05:39:59.0742 0x0dcc  [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A248C43A1CE5202 ] TermService     C:\WINDOWS\System32\termsrv.dll
05:39:59.0912 0x0dcc  TermService - ok
05:40:00.0012 0x0dcc  [ 30698355067D07DA5F9EB81132C9FDD6, 80457F8DBB089FFF23ED220924F5C872D896707F4B31E9C77DAB78421B9B2F6D ] tfsnboio        C:\WINDOWS\system32\dla\tfsnboio.sys
05:40:00.0032 0x0dcc  tfsnboio - detected UnsignedFile.Multi.Generic ( 1 )
05:40:02.0476 0x0dcc  Detect skipped due to KSN trusted
05:40:02.0476 0x0dcc  tfsnboio - ok
05:40:02.0836 0x0dcc  [ FB9D825BB4A2ABDF24600F7505050E2B, A7A11366525C4DEAD588822F4C57C7ED5D6F3578F2DB2124BF0441133B3169B9 ] tfsncofs        C:\WINDOWS\system32\dla\tfsncofs.sys
05:40:02.0856 0x0dcc  tfsncofs - detected UnsignedFile.Multi.Generic ( 1 )
05:40:07.0202 0x0dcc  Detect skipped due to KSN trusted
05:40:07.0202 0x0dcc  tfsncofs - ok
05:40:07.0503 0x0dcc  [ CAFD8CCA11AA1E8B6D2EA1BA8F70EC33, AA5BDE527B67A14654D930252894FEDB8976EAE1F33C2BC0E7747D2B4EB93C4E ] tfsndrct        C:\WINDOWS\system32\dla\tfsndrct.sys
05:40:07.0543 0x0dcc  tfsndrct - detected UnsignedFile.Multi.Generic ( 1 )
05:40:09.0986 0x0dcc  Detect skipped due to KSN trusted
05:40:09.0986 0x0dcc  tfsndrct - ok
05:40:10.0357 0x0dcc  [ 8DB1E78FBF7C426D8EC3D8F1A33D6485, FF437EFD667EFE00729188B18C7E17E8C15D06A2C1F58A0F79E22DFADCECF969 ] tfsndres        C:\WINDOWS\system32\dla\tfsndres.sys
05:40:10.0387 0x0dcc  tfsndres - detected UnsignedFile.Multi.Generic ( 1 )
05:40:13.0091 0x0dcc  Detect skipped due to KSN trusted
05:40:13.0091 0x0dcc  tfsndres - ok
05:40:13.0401 0x0dcc  [ B92F67A71CC8176F331B8AA8D9F555AD, F59E8464E44E08C18C3C7D32408D7661923F30FDD35390082DC7F2C02DCC40A3 ] tfsnifs         C:\WINDOWS\system32\dla\tfsnifs.sys
05:40:13.0441 0x0dcc  tfsnifs - detected UnsignedFile.Multi.Generic ( 1 )
05:40:15.0895 0x0dcc  Detect skipped due to KSN trusted
05:40:15.0895 0x0dcc  tfsnifs - ok
05:40:15.0935 0x0dcc  [ 85985FAA9A71E2358FCC2EDEFC2A3C5C, 9ADD1077C3B34E0EFA85EC4762822330D85F43EB4557C9ED015D8D1575E52885 ] tfsnopio        C:\WINDOWS\system32\dla\tfsnopio.sys
05:40:15.0965 0x0dcc  tfsnopio - detected UnsignedFile.Multi.Generic ( 1 )
05:40:18.0409 0x0dcc  Detect skipped due to KSN trusted
05:40:18.0409 0x0dcc  tfsnopio - ok
05:40:18.0709 0x0dcc  [ BBA22094F0F7C210567EFDAF11F64495, C55D3F3628C73FFA776C9B61BA735CB24DEE9F80F6E74A2F9BD70CFFB863BA57 ] tfsnpool        C:\WINDOWS\system32\dla\tfsnpool.sys
05:40:18.0739 0x0dcc  tfsnpool - detected UnsignedFile.Multi.Generic ( 1 )
05:40:21.0183 0x0dcc  Detect skipped due to KSN trusted
05:40:21.0183 0x0dcc  tfsnpool - ok
05:40:21.0513 0x0dcc  [ 81340BEF80B9811E98CE64611E67E3FF, CD6679A4D1A7932CD64F1F6AACF09CEC2D8E7DD001F812CC49756D8F582D907A ] tfsnudf         C:\WINDOWS\system32\dla\tfsnudf.sys
05:40:21.0583 0x0dcc  tfsnudf - detected UnsignedFile.Multi.Generic ( 1 )
05:40:24.0127 0x0dcc  Detect skipped due to KSN trusted
05:40:24.0127 0x0dcc  tfsnudf - ok
05:40:24.0157 0x0dcc  [ C035FD116224CCC8325F384776B6A8BB, CB97AD56288F916DE2AF5B1EC9D04AF3A1C2A2FA0A738282DA3763036DD18F12 ] tfsnudfa        C:\WINDOWS\system32\dla\tfsnudfa.sys
05:40:24.0467 0x0dcc  tfsnudfa - detected UnsignedFile.Multi.Generic ( 1 )
05:40:27.0181 0x0dcc  Detect skipped due to KSN trusted
05:40:27.0181 0x0dcc  tfsnudfa - ok
05:40:27.0522 0x0dcc  [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE410D404E344444B ] Themes          C:\WINDOWS\System32\shsvcs.dll
05:40:27.0622 0x0dcc  Themes - ok
05:40:27.0672 0x0dcc  [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A687BA601BF0A802 ] TlntSvr         C:\WINDOWS\system32\tlntsvr.exe
05:40:27.0972 0x0dcc  TlntSvr - ok
05:40:27.0992 0x0dcc  [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9F166ECC164630C ] TosIde          C:\WINDOWS\system32\DRIVERS\toside.sys
05:40:28.0153 0x0dcc  TosIde - ok
05:40:28.0213 0x0dcc  [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F46516878F53A7F4186C38 ] TrkWks          C:\WINDOWS\system32\trkwks.dll
05:40:28.0383 0x0dcc  TrkWks - ok
05:40:28.0433 0x0dcc  [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE5246306447E46C ] Udfs            C:\WINDOWS\system32\drivers\Udfs.sys
05:40:28.0593 0x0dcc  Udfs - ok
05:40:28.0603 0x0dcc  [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FAF1244F206DFB4F ] ultra           C:\WINDOWS\system32\DRIVERS\ultra.sys
05:40:28.0824 0x0dcc  ultra - ok
05:40:28.0914 0x0dcc  [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D24193AE5665C6F3 ] Update          C:\WINDOWS\system32\DRIVERS\update.sys
05:40:29.0134 0x0dcc  Update - ok
05:40:29.0194 0x0dcc  [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946DD04AC85D983DF ] upnphost        C:\WINDOWS\System32\upnphost.dll
05:40:29.0444 0x0dcc  upnphost - ok
05:40:29.0464 0x0dcc  [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F94AD9F9717D77D ] UPS             C:\WINDOWS\System32\ups.exe
05:40:29.0675 0x0dcc  UPS - ok
05:40:29.0715 0x0dcc  [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5A916293356B846 ] usbccgp         C:\WINDOWS\system32\DRIVERS\usbccgp.sys
05:40:29.0805 0x0dcc  usbccgp - ok
05:40:29.0865 0x0dcc  [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01C7D9383E6402A4 ] usbehci         C:\WINDOWS\system32\DRIVERS\usbehci.sys
05:40:29.0905 0x0dcc  usbehci - ok
05:40:29.0935 0x0dcc  [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DBF78740FFB300FE ] usbhub          C:\WINDOWS\system32\DRIVERS\usbhub.sys
05:40:30.0065 0x0dcc  usbhub - ok
05:40:30.0105 0x0dcc  [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C3E62A181DF1E0A ] usbprint        C:\WINDOWS\system32\DRIVERS\usbprint.sys
05:40:30.0256 0x0dcc  usbprint - ok
05:40:30.0286 0x0dcc  [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C5947DCE6CF7A9817 ] USBSTOR         C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
05:40:30.0466 0x0dcc  USBSTOR - ok
05:40:30.0506 0x0dcc  [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A6B738F21D523DA ] usbuhci         C:\WINDOWS\system32\DRIVERS\usbuhci.sys
05:40:30.0666 0x0dcc  usbuhci - ok
05:40:30.0696 0x0dcc  [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769BABDC4370D065E ] VgaSave         C:\WINDOWS\System32\drivers\vga.sys
05:40:30.0866 0x0dcc  VgaSave - ok
05:40:30.0897 0x0dcc  [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495F66ABF5FACB86C ] viaagp          C:\WINDOWS\system32\DRIVERS\viaagp.sys
05:40:31.0107 0x0dcc  viaagp - ok
05:40:31.0137 0x0dcc  [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2BCDD739CA58CA9 ] ViaIde          C:\WINDOWS\system32\DRIVERS\viaide.sys
05:40:31.0367 0x0dcc  ViaIde - ok
05:40:31.0407 0x0dcc  [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E49BC33AAA18BFA4 ] VolSnap         C:\WINDOWS\system32\drivers\VolSnap.sys
05:40:31.0587 0x0dcc  VolSnap - ok
05:40:31.0648 0x0dcc  [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7B2B7BE7D4752C5 ] VSS             C:\WINDOWS\System32\vssvc.exe
05:40:31.0788 0x0dcc  VSS - ok
05:40:32.0819 0x0dcc  [ F0F902220910C4FBE42A51964BD33599, 05E1EE5E143C1E3B1E3F51C133B64B5C1FEABBA89B7E3326D34A5A9DCD6E2539 ] w29n51          C:\WINDOWS\system32\DRIVERS\w29n51.sys
05:40:33.0550 0x0dcc  w29n51 - ok
05:40:33.0590 0x0dcc  [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618FA0919490FCDDB9 ] w32time         C:\WINDOWS\system32\w32time.dll
05:40:33.0741 0x0dcc  w32time - ok
05:40:33.0771 0x0dcc  [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5CDA7CBFBC445E5 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
05:40:33.0951 0x0dcc  Wanarp - ok
05:40:33.0951 0x0dcc  wanatw - ok
05:40:33.0971 0x0dcc  WDICA - ok
05:40:33.0991 0x0dcc  [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD3F92003D3230A5 ] wdmaud          C:\WINDOWS\system32\drivers\wdmaud.sys
05:40:34.0121 0x0dcc  wdmaud - ok
05:40:34.0181 0x0dcc  [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B40A72EABBC2DFE ] WebClient       C:\WINDOWS\System32\webclnt.dll
05:40:34.0341 0x0dcc  WebClient - ok
05:40:34.0492 0x0dcc  [ CE545A84BF3411E7516FA8DA51AD9D93, 394C8040AE6BE8FB816F65065670CB517A7EAA4266BFB16014BFEAB5B743B893 ] winachsf        C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
05:40:34.0652 0x0dcc  winachsf - ok
05:40:34.0792 0x0dcc  [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B367A52FACF69BF8 ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
05:40:34.0992 0x0dcc  winmgmt - ok
05:40:35.0073 0x0dcc  [ 43ED73F10DE96E0A23244BD9CF04F5C2, 90985E177AFA8D94B82204C2C29A4BF80F13F46954BC7A2408EA0315DF0875DE ] WLANKEEPER      C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
05:40:35.0143 0x0dcc  WLANKEEPER - detected UnsignedFile.Multi.Generic ( 1 )
05:40:37.0636 0x0dcc  Detect skipped due to KSN trusted
05:40:37.0636 0x0dcc  WLANKEEPER - ok
05:40:37.0816 0x0dcc  [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16F394D300AB25DE ] WmdmPmSN        C:\WINDOWS\system32\MsPMSNSv.dll
05:40:38.0037 0x0dcc  WmdmPmSN - ok
05:40:38.0247 0x0dcc  [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0B49F588FAFE3A0 ] Wmi             C:\WINDOWS\System32\advapi32.dll
05:40:39.0038 0x0dcc  Wmi - ok
05:40:39.0148 0x0dcc  [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7EF5DE607A785DDC ] WmiApSrv        C:\WINDOWS\system32\wbem\wmiapsrv.exe
05:40:39.0589 0x0dcc  WmiApSrv - ok
05:40:40.0050 0x0dcc  [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E09C9A014526066 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\WMPNetwk.exe
05:40:40.0520 0x0dcc  WMPNetworkSvc - ok
05:40:40.0600 0x0dcc  [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D4476F57867FCC12A ] wscsvc          C:\WINDOWS\system32\wscsvc.dll
05:40:40.0971 0x0dcc  wscsvc - ok
05:40:41.0041 0x0dcc  [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E27B161F9FFD4CD ] wuauserv        C:\WINDOWS\system32\wuauserv.dll
05:40:41.0181 0x0dcc  wuauserv - ok
05:40:41.0231 0x0dcc  [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B62954038B5FFB32471 ] WudfPf          C:\WINDOWS\system32\DRIVERS\WudfPf.sys
05:40:41.0452 0x0dcc  WudfPf - ok
05:40:41.0472 0x0dcc  [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE60E873DFBE3C3F4 ] WudfRd          C:\WINDOWS\system32\DRIVERS\wudfrd.sys
05:40:41.0592 0x0dcc  WudfRd - ok
05:40:41.0642 0x0dcc  [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F69D38E357FCC3D ] WudfSvc         C:\WINDOWS\System32\WUDFSvc.dll
05:40:41.0702 0x0dcc  WudfSvc - ok
05:40:41.0822 0x0dcc  [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8AAEA1C042E63940 ] WZCSVC          C:\WINDOWS\System32\wzcsvc.dll
05:40:42.0243 0x0dcc  WZCSVC - ok
05:40:42.0593 0x0dcc  [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B5201D1080203B0BBC ] xmlprov         C:\WINDOWS\System32\xmlprov.dll
05:40:42.0964 0x0dcc  xmlprov - ok
05:40:43.0435 0x0dcc  [ DD0042F0C3B606A6A8B92D49AFB18AD6, 8D3BE4C93D02AF5F42EC46AF598D6DA40C61D467CB2FEE5E222F9C1E7A84B852 ] YahooAUService  C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
05:40:43.0565 0x0dcc  YahooAUService - ok
05:40:43.0595 0x0dcc  ================ Scan global ===============================
05:40:43.0685 0x0dcc  [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA991DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
05:40:43.0795 0x0dcc  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
05:40:43.0915 0x0dcc  [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
05:40:43.0985 0x0dcc  [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
05:40:44.0005 0x0dcc  [ Global ] - ok
05:40:44.0005 0x0dcc  ================ Scan MBR ==================================
05:40:44.0045 0x0dcc  [ A03E065717CB65F3034AD33AD58B6BBA ] \Device\Harddisk0\DR0
05:40:44.0566 0x0dcc  \Device\Harddisk0\DR0 - ok
05:40:44.0566 0x0dcc  ================ Scan VBR ==================================
05:40:44.0576 0x0dcc  [ 94690A40DA4E24CD11ED0EE708B481FD ] \Device\Harddisk0\DR0\Partition1
05:40:44.0586 0x0dcc  \Device\Harddisk0\DR0\Partition1 - ok
05:40:44.0586 0x0dcc  ================ Scan generic autorun ======================
05:40:44.0676 0x0dcc  [ A0B4823C28AD825728550796042C68A4, 1FCA79ADCE89E37D85FC1BF23BC56C2B5150C417513E4ED1A7EC1AA94095DE7E ] C:\Program Files\Apoint\Apoint.exe
05:40:44.0796 0x0dcc  Apoint - ok
05:40:44.0897 0x0dcc  [ ED85B344E6EDC30C1BC57EC1A2A56BF3, 82FF39BE3E9CB5A627FAB75847B164FB48FAC7AA377DED3FEC1C3CA7B9823E66 ] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
05:40:44.0927 0x0dcc  SunJavaUpdateSched - detected UnsignedFile.Multi.Generic ( 1 )
05:40:47.0370 0x0dcc  Detect skipped due to KSN trusted
05:40:47.0370 0x0dcc  SunJavaUpdateSched - ok
05:40:47.0731 0x0dcc  [ C2DCBCE29ECB74F8BFE89BFF149A4D97, 3AA9E650255D4F71184A15B7A8A657537A73D30811DDE0B4B95E0D02E6B9F8FF ] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
05:40:47.0871 0x0dcc  IntelWireless - detected UnsignedFile.Multi.Generic ( 1 )
05:40:50.0525 0x0dcc  Detect skipped due to KSN trusted
05:40:50.0525 0x0dcc  IntelWireless - ok
05:40:50.0935 0x0dcc  [ E3288BBD172F6B5803B0CB7C4CDC5D1E, 032AFE457D5EA48EABA920C6B72D065D6A8B34CD6E2B5B07D20ED2432E3C692C ] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
05:40:51.0076 0x0dcc  ATIPTA - detected UnsignedFile.Multi.Generic ( 1 )
05:40:53.0529 0x0dcc  Detect skipped due to KSN trusted
05:40:53.0529 0x0dcc  ATIPTA - ok
05:40:53.0960 0x0dcc  [ 918BC1E0D5C85CA3E3FF85A428AE3844, D5BD006E0CB0A3C08AAD1FD0212F431210FF8337D5B3731F6523A8977F94BCB6 ] C:\Program Files\Dell\QuickSet\quickset.exe
05:40:54.0140 0x0dcc  Dell QuickSet - detected UnsignedFile.Multi.Generic ( 1 )
05:40:56.0774 0x0dcc  Detect skipped due to KSN trusted
05:40:56.0774 0x0dcc  Dell QuickSet - ok
05:40:56.0874 0x0dcc  [ B3E3C57FD22E71CE20389372D972C6DC, 846996C47292E8AFA553C4792F2C3DC4ABBB2396E4EB71499408DAE1C72F682A ] C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
05:40:56.0904 0x0dcc  DVDLauncher - detected UnsignedFile.Multi.Generic ( 1 )
05:40:59.0618 0x0dcc  Detect skipped due to KSN trusted
05:40:59.0618 0x0dcc  DVDLauncher - ok
05:40:59.0888 0x0dcc  [ 849D97FE4CC09CFC2772D10F641E1BAF, 409E2D2613DE9662C141EBC17F3ECF92828B549BBB7AAB3908FFBC46DA5DD853 ] C:\Program Files\Real\RealPlayer\RealPlay.exe
05:40:59.0918 0x0dcc  RealTray - detected UnsignedFile.Multi.Generic ( 1 )
05:41:02.0862 0x0dcc  Detect skipped due to KSN trusted
05:41:02.0862 0x0dcc  RealTray - ok
05:41:03.0273 0x0dcc  [ C341CCFBE98BC7DF6E0B856BB9FC265A, 7EA0A5407591EC8D97A9658DBEB7CB57550E143C526C3502E73F12FEF46F778C ] C:\Program Files\QuickTime\qttask.exe
05:41:03.0313 0x0dcc  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
05:41:05.0827 0x0dcc  Detect skipped due to KSN trusted
05:41:05.0827 0x0dcc  QuickTime Task - ok
05:41:05.0907 0x0dcc  [ 2CA827BA68D0CDB5437C40C6F53D7F20, 2727C5BA23C106E0531E9820CD9682039A6CC1DDF94DF571C62E96F99E88740C ] C:\WINDOWS\system32\dla\tfswctrl.exe
05:41:05.0957 0x0dcc  dla - detected UnsignedFile.Multi.Generic ( 1 )
05:41:08.0410 0x0dcc  Detect skipped due to KSN trusted
05:41:08.0410 0x0dcc  dla - ok
05:41:09.0202 0x0dcc  [ 9E109B03018763FDCB075CE74547BE22, 7321873E646F24B63B7C88B6BC9F4BE5D4DAB60284A9C2E9F0EB895A9E90231B ] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
05:41:09.0262 0x0dcc  ISUSPM Startup - detected UnsignedFile.Multi.Generic ( 1 )
05:41:11.0695 0x0dcc  Detect skipped due to KSN trusted
05:41:11.0695 0x0dcc  ISUSPM Startup - ok
05:41:11.0885 0x0dcc  [ 583B7D111304BE63D7D9CB65482D2187, BD9618C9EFED73BC0EB1029502FE0AE0AECD8B0ABA506797C78327E71FF0FC0F ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
05:41:11.0956 0x0dcc  ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
05:41:14.0589 0x0dcc  Detect skipped due to KSN trusted
05:41:14.0589 0x0dcc  ISUSScheduler - ok
05:41:14.0910 0x0dcc  [ 526874EFE8D1F0EC1B7BBB87D5C433E6, 1F4EA90C74EAEABA632F3528884D670AAA1D58F0B14F5A30C7D5BDCE4E76422C ] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
05:41:14.0950 0x0dcc  DMXLauncher - detected UnsignedFile.Multi.Generic ( 1 )
05:41:17.0574 0x0dcc  Detect skipped due to KSN trusted
05:41:17.0574 0x0dcc  DMXLauncher - ok
05:41:17.0914 0x0dcc  [ A14DB520786FAD113401495D93DEBBF3, 851FCFD7C61E0291F0A541534517EB5E48FCECE7F83096606171293FC0B39CB0 ] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
05:41:17.0944 0x0dcc  Corel Photo Downloader - detected UnsignedFile.Multi.Generic ( 1 )
05:41:20.0648 0x0dcc  Detect skipped due to KSN trusted
05:41:20.0648 0x0dcc  Corel Photo Downloader - ok
05:41:20.0918 0x0dcc  [ 2CB0983B92749B86396587A73DD1890E, D105F13DA56793273A9202BDE88E3AB9AE3F78DE06EADD9F7D719EF4F7A98CEC ] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
05:41:20.0969 0x0dcc  ccApp - ok
05:41:21.0039 0x0dcc  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
05:41:21.0079 0x0dcc  GrooveMonitor - ok
05:41:21.0189 0x0dcc  [ 360C474BD80A6A19729AFFDE7C4A6C78, FF7FA5AF056C7D521B233004B8F41A93BFC66824492FA1E39B4170F4C2867295 ] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
05:41:21.0389 0x0dcc  HPDJ Taskbar Utility - ok
05:41:21.0569 0x0dcc  [ 4575C69BC34B111C99A5DFBE8AF10EBB, 0D366778ED5B34C843469E7818CB63074443A959E2F60DDDB848B83F1712D2B7 ] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
05:41:21.0599 0x0dcc  HP Software Update - detected UnsignedFile.Multi.Generic ( 1 )
05:41:24.0213 0x0dcc  Detect skipped due to KSN trusted
05:41:24.0213 0x0dcc  HP Software Update - ok
05:41:24.0654 0x0dcc  [ 7EEF9E578D2AA3D562D074BFDFE56825, 25B62EE16E44F863D8A0A7F15267071B39910A01505C59C1A26F1CB267E213BD ] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
05:41:24.0694 0x0dcc  DeviceDiscovery - detected UnsignedFile.Multi.Generic ( 1 )
05:41:27.0157 0x0dcc  Detect skipped due to KSN trusted
05:41:27.0157 0x0dcc  DeviceDiscovery - ok
05:41:27.0308 0x0dcc  [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E5672B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
05:41:27.0638 0x0dcc  ctfmon.exe - ok
05:41:27.0708 0x0dcc  [ B75FDBF14073D72C50624CC8338DD534, 953C7E16B56597ABCCD805A379769B0FD76298669DDE6E1172C728F410371CE8 ] C:\Program Files\DellSupport\DSAgnt.exe
05:41:27.0748 0x0dcc  DellSupport - ok
05:41:28.0519 0x0dcc  [ C0D12E6C85FC6DD7FF1DBB04F2DC933B, 06D3C060ABC986EE4DED0991AEAFD88367E7922D1364F23948FE98923445BCFD ] C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe
05:41:29.0541 0x0dcc  Messenger (Yahoo!) - ok
05:41:29.0661 0x0dcc  [ B75FDBF14073D72C50624CC8338DD534, 953C7E16B56597ABCCD805A379769B0FD76298669DDE6E1172C728F410371CE8 ] C:\Program Files\DellSupport\DSAgnt.exe
05:41:29.0691 0x0dcc  DellSupport - ok
05:41:29.0691 0x0dcc  Waiting for KSN requests completion. In queue: 4
05:41:30.0692 0x0dcc  Waiting for KSN requests completion. In queue: 4
05:41:31.0694 0x0dcc  Waiting for KSN requests completion. In queue: 4
05:41:34.0077 0x0dcc  AV detected via SS1: Symantec Endpoint Protection, 11.0.6200.513, enabled, outofdate
05:41:34.0177 0x0dcc  Win FW state via NFM: disabled
05:41:36.0691 0x0dcc  ============================================================
05:41:36.0691 0x0dcc  Scan finished
05:41:36.0691 0x0dcc  ============================================================
05:41:36.0992 0x0f08  Detected object count: 0
05:41:37.0002 0x0f08  Actual detected object count: 0


  • 0

#22
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Ok, the TDSSKiller log is clean. Let's see if we can get a scan with FRST again.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Place a check in the box marked Addition.txt

    farbarmainpanel_zps77bf9e25.jpg
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
Things I need to see in your next post:

Please post each of these logs as a separate reply in this thread.

FRST Log

Addition.txt Log

  • 0

#23
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 10-09-2014
Ran by enkhmart at 2014-09-12 08:14:28
Running from C:\Documents and Settings\enkhmart\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Symantec Endpoint Protection (Disabled - Up to date) {FB06448E-52B8-493A-90F3-E43226D3305C}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
ALPS Touch Pad Driver (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - )
AOLIcon (Version: 1.00.0000 - Dell) Hidden
ATI Control Panel (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5120 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.052-040831a-019378C-Dell - )
Banctec Service Agreement (HKLM\...\{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}) (Version: 1.10.0000 - Dell)
Broadcom Management Programs 2 (HKLM\...\InstallShield_{64A77F14-0E08-4A97-A859-E93CFF428756}) (Version: 7.82.01 - Broadcom)
Broadcom Management Programs 2 (Version: 7.82.01 - Broadcom) Hidden
Conexant D480 MDC V.9x Modem (HKLM\...\CNXT_MODEM_PCI_VEN_8086&DEV_24x6&SUBSYS_542214F1) (Version:  - )
Consumer Complete Care Services Agreement (HKLM\...\{E8C06CB3-5DB2-4689-B1DC-4A0220DEA96C}) (Version: 1.10.0000 - Dell)
Corel Photo Album 6 (HKLM\...\{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.)
Dasher (HKLM\...\DASHER) (Version:  - )
Dell Digital Jukebox Driver (HKLM\...\Dell Digital Jukebox Driver) (Version:  - )
Dell Driver Reset Tool (HKLM\...\{5905F42D-3F5F-4916-ADA6-94A3646AEE76}) (Version: 1.02.0000 - Dell Inc.)
Dell Game Console (HKLM\...\Dell Game Console) (Version:  - WildTangent)
Dell Media Experience (HKLM\...\{AC0EE5B0-A8FB-4D0A-AF03-2EDC518F841B}) (Version: 3.00 - Dell)
Dell System Restore (HKLM\...\{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM\...\{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Digital Content Portal (HKLM\...\{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.10 - BVRP Software, Inc)
EducateU (HKLM\...\{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
hp deskjet 5800 (HKLM\...\{783CC691-222D-4DA8-880C-EFC3D2A510AF}) (Version: 2.00.0000 - Hewlett-Packard)
HP Photo and Imaging 2.0 - Deskjet Series (HKLM\...\{E0828692-FD9D-459F-9312-C645C3CA6650}) (Version: 2.00.0001 - {&Tahoma8}Hewlett-Packard)
Intel® PROSet/Wireless Software (HKLM\...\ProInst) (Version: 9.00.0000 - Intel Corporation)
Internal Network Card Power Management (HKLM\...\{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.1 - )
Internet Explorer Default Page (Version: 1.00.03 - Dell Inc.) Hidden
Java 2 Runtime Environment, SE v1.4.2_03 (HKLM\...\{7148F0A8-6813-11D6-A77B-00B0D0142030}) (Version: 1.4.2_03 - Sun Microsystems, Inc.)
Learn2 Player (Uninstall Only) (HKLM\...\StreetPlugin) (Version:  - )
LiveUpdate 3.3 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 3.3.0.99 - Symantec Corporation)
Macromedia Flash Player (HKLM\...\{0456ebd7-5f67-4ab6-852e-63781e3f389c}) (Version: 7.0.19.0 - Macromedia, Inc.)
mCore (Version: 1.19.0000 - Intel Corporation) Hidden
MCU (Version: 1.00.0000 - Dell) Hidden
mDrWiFi (Version: 1.19.0000 - Intel Corporation) Hidden
mHlpDell (Version: 1.19.0000 - Intel) Hidden
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Digital Image Library 9 - Blocker (Version: 9.00.0000 - Microsoft Corporation) Hidden
Microsoft Encarta Encyclopedia Standard 2005 (HKLM\...\{05410044-64A6-4248-A026-9745C1E9E159}) (Version: 2005 - Microsoft Corporation)
Microsoft Money 2005 (HKLM\...\Money2005b) (Version: 14 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Picture It! Library 10 (Version: 10.0.0612 - Microsoft Corporation) Hidden
Microsoft Picture It! Premium 10 (HKLM\...\PictureItPrem_v10) (Version: 10.0.0612 - Microsoft Corporation)
Microsoft Picture It! Premium 10 (Version: 10.0.0612 - Microsoft Corporation) Hidden
Microsoft Plus! Digital Media Edition Installer (HKLM\...\{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM\...\{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft Software Update for Web Folders  (English) 12 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Streets and Trips 2005 (HKLM\...\{67E4EE98-59F4-4210-89A6-A20AF5BEC689}) (Version: 12.00.07.1200 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM\...\Wudf01000) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Works (HKLM\...\{416D80BA-6F6D-4672-B7CF-F54DA2F80B44}) (Version: 08.04.0623 - Microsoft Corporation)
Microsoft Works 2005 Setup Launcher (HKLM\...\Works2005Setup) (Version:  - )
Microsoft Works Suite Add-in for Microsoft Word (HKLM\...\{CB54ABA8-D67F-47AD-A76C-2631BADA9FE5}) (Version: 8.0.0.0000 - Microsoft Corporation)
mIWA (Version: 1.19.0000 - Intel Corporation) Hidden
mIWCA (Version: 1.19.0000 - Intel Corporation) Hidden
mLogView (Version: 1.19.0000 - Intel Corporation) Hidden
mMHouse (Version: 1.19.0000 - Intel Corporation) Hidden
Modem Helper (HKLM\...\{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 2.31 - BVRP Software)
Mozilla Firefox (3.0.19) (HKLM\...\Mozilla Firefox (3.0.19)) (Version: 3.0.19 (en-US) - Mozilla)
mPfMgr (Version: 1.19.0000 - Intel Corporation) Hidden
mPfWiz (Version: 1.19.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
mSSO (Version: 1.19.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
mToolkit (Version: 1.19.0000 - Intel Corporation) Hidden
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mXML (Version: 1.19.0000 - Intel Corporation) Hidden
mZConfig (Version: 1.19.0000 - Intel Corporation) Hidden
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.15 - BVRP Software, Inc)
NetZeroInstallers (HKLM\...\{352310C3-E46B-42D3-8F32-54721FDD72D9}) (Version: 1.0.0 - NetZero, Inc.)
Photo Click (HKLM\...\{6E179C77-7335-458D-9537-4F4EAC0181ED}) (Version: 1.0.0 - Photo Click)
PokerStars (HKLM\...\PokerStars) (Version:  - PokerStars)
PowerDVD 5.5 (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
PrintScreen (HKLM\...\{CFD1B282-555D-494d-8231-4175C2AF08C2}) (Version: 5.30.0.131 - Hewlett-Packard)
QuickBooks Simple Start Special Edition (HKLM\...\{14374619-0900-4056-BA06-C87C900AF9E6}) (Version:  - )
QuickSet (HKLM\...\{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 5.8.0 - )
QuickTime (HKLM\...\QuickTime) (Version:  - )
RealPlayer Basic (HKLM\...\RealPlayer 6.0) (Version:  - )
Shockwave (HKLM\...\Shockwave) (Version:  - )
Sonic DLA (HKLM\...\{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic MyDVD LE (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.1.1 - Sonic Solutions)
Sonic RecordNow Audio (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Symantec Endpoint Protection (HKLM\...\{84B70C16-7032-41EE-965C-3C8D9D566CBB}) (Version: 11.0.6200.754 - Symantec Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{620E77C0-CDFE-4C14-AAEB-830ABB65864C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{8153EC80-C988-4336-8DAF-6D99C0D26E0C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB2934207) (HKLM\...\KB2934207) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
Update for Windows XP (KB976749) (HKLM\...\KB976749) (Version: 1 - Microsoft Corporation)
WebCyberCoach 3.2 Dell (HKLM\...\WebCyberCoach_wtrb) (Version:  - )
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WildTangent Web Driver (HKLM\...\WildTangent CDA) (Version:  - )
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\KB892130) (Version:  - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM\...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Format 11 runtime (Version:  - Microsoft Corporation) Hidden
Windows Media Player 10 (Version: 9.00.3636 - Microsoft Corporation) Hidden
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows Media Player 11 (Version:  - Microsoft Corporation) Hidden
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
Works Upgrade (Version: 8.0.0.0000 - Microsoft Corporation) Hidden
Yahoo! BrowserPlus 2.9.8 (HKCU\...\Yahoo! BrowserPlus) (Version:  - Yahoo! Inc.)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2987564195-3664300104-303828230-1005_Classes\CLSID\{6CE4B8A6-4DB5-4F63-8013-1197503692EF}\InprocServer32 -> C:\Documents and Settings\enkhmart\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\YBPAddon_2.9.8.dll (Yahoo! Inc.)
CustomCLSID: HKU\S-1-5-21-2987564195-3664300104-303828230-1005_Classes\CLSID\{AC7B8464-A896-4A6E-993D-1A816A56C541}\InprocServer32 -> C:\Program Files\Hewlett-Packard\webreg\bin\hpqconn.dll ()
CustomCLSID: HKU\S-1-5-21-2987564195-3664300104-303828230-1005_Classes\CLSID\{DAEF8078-EA44-4338-B4A0-67E957601676}\InprocServer32 -> C:\Program Files\Hewlett-Packard\HP Software Update\HPWUIOCli.dll (Hewlett-Packard)

==================== Restore Points  =========================

08-09-2014 06:01:57 System Checkpoint
08-09-2014 13:42:00 Removed MyWay Search Assistant
09-09-2014 12:20:04 Software Distribution Service 3.0
10-09-2014 14:46:34 System Checkpoint
10-09-2014 16:20:40 Software Distribution Service 3.0
12-09-2014 09:26:21 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2004-08-11 18:00 - 2014-09-08 08:56 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2005-11-25 21:09 - 2005-01-31 17:43 - 00086016 _____ () C:\WINDOWS\system32\Ati2evxx.dll
2005-11-25 21:09 - 2005-01-31 17:43 - 00389120 _____ () C:\WINDOWS\system32\Ati2evxx.exe
2004-09-07 17:03 - 2004-09-07 17:03 - 00073728 _____ () C:\Program Files\Intel\Wireless\Bin\D8021Xps.DLL
2005-11-25 21:34 - 2005-07-26 19:46 - 00069632 _____ () C:\Program Files\Dell\QuickSet\dadkeyb.dll
2003-11-19 18:48 - 2003-11-19 18:48 - 00032881 _____ () C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
2005-11-25 21:34 - 2005-09-01 18:24 - 00684032 _____ () C:\Program Files\Dell\QuickSet\quickset.exe
2005-11-25 21:34 - 2005-06-29 13:44 - 00090223 _____ () C:\Program Files\Dell\QuickSet\preflibcl.dll
2005-01-27 02:02 - 2005-01-27 02:02 - 00086016 _____ () C:\Program Files\Dell\Media Experience\DMXLauncher.exe
2010-12-04 09:49 - 2010-06-01 11:17 - 00929792 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Symantec Antvirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccEvtMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ccSetMgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antivirus => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Symantec Antvirus => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/09/2014 07:18:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WINWORD.EXE, version 12.0.6545.5000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/09/2014 07:18:36 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application WINWORD.EXE, version 12.0.6545.5000, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (09/08/2014 09:00:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 6.9.2014.0, faulting module frst.exe, version 6.9.2014.0, fault address 0x0001f405.
Processing media-specific event for [frst.exe!ws!]

Error: (09/08/2014 08:06:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 6.9.2014.0, faulting module frst.exe, version 6.9.2014.0, fault address 0x0001f09e.
Processing media-specific event for [frst.exe!ws!]

Error: (09/08/2014 08:02:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 6.9.2014.0, faulting module frst.exe, version 6.9.2014.0, fault address 0x0001f3d4.
Processing media-specific event for [frst.exe!ws!]

Error: (09/08/2014 07:37:13 PM) (Source: Symantec AntiVirus) (EventID: 45) (User: EKHMART)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target:  C:\Program Files\Symantec\Symantec Endpoint Protection\SavUI.exe
Event Info:  Terminate Process
Action Taken:  Logged
Actor Process:  C:\Documents and Settings\enkhmart\Desktop\AdwCleaner.exe (PID 7164)
Time:  Monday, September 08, 2014  7:37:13 PM

Error: (09/08/2014 07:37:13 PM) (Source: Symantec AntiVirus) (EventID: 45) (User: EKHMART)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target:  C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
Event Info:  Terminate Process
Action Taken:  Logged
Actor Process:  C:\Documents and Settings\enkhmart\Desktop\AdwCleaner.exe (PID 7164)
Time:  Monday, September 08, 2014  7:37:13 PM

Error: (09/08/2014 07:37:03 PM) (Source: Symantec AntiVirus) (EventID: 45) (User: EKHMART)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target:  C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
Event Info:  Terminate Process
Action Taken:  Logged
Actor Process:  C:\Documents and Settings\enkhmart\Desktop\AdwCleaner.exe (PID 7164)
Time:  Monday, September 08, 2014  7:37:03 PM

Error: (09/08/2014 07:37:03 PM) (Source: Symantec AntiVirus) (EventID: 45) (User: EKHMART)
Description: SYMANTEC TAMPER PROTECTION ALERT

Target:  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
Event Info:  Terminate Process
Action Taken:  Logged
Actor Process:  C:\Documents and Settings\enkhmart\Desktop\AdwCleaner.exe (PID 7164)
Time:  Monday, September 08, 2014  7:37:02 PM

Error: (07/26/2012 06:07:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application mshta.exe, version 6.0.2900.2180, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (09/07/2014 11:59:17 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.


Microsoft Office Sessions:
=========================
Error: (12/06/2009 09:21:45 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/28/2009 06:38:32 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (10/19/2009 04:44:19 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6331.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 1290 seconds with 900 seconds of active time.  This session ended with a crash.

Error: (08/11/2009 05:11:00 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1673 seconds with 1440 seconds of active time.  This session ended with a crash.

Error: (07/05/2009 08:44:49 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2037 seconds with 1740 seconds of active time.  This session ended with a crash.

Error: (06/14/2009 03:31:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 1786 seconds with 1260 seconds of active time.  This session ended with a crash.

Error: (03/04/2009 04:35:52 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 82 seconds with 0 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor:  Intel® Pentium® M processor 1.70GHz
Percentage of memory in use: 79%
Total physical RAM: 511.23 MB
Available physical RAM: 105.31 MB
Total Pagefile: 1249.29 MB
Available Pagefile: 803.51 MB
Total Virtual: 2047.88 MB
Available Virtual: 1957.95 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:70.28 GB) (Free:47.95 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 74.5 GB) (Disk ID: 41AB2316)
Partition 1: (Not Active) - (Size=55 MB) - (Type=DE)Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 10-09-2014
Ran by enkhmart (administrator) on EKHMART on 12-09-2014 08:13:41
Running from C:\Documents and Settings\enkhmart\Desktop
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\WINDOWS\system32\ati2evxx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Intel® Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Dell Inc.) C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe
(Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
() C:\WINDOWS\system32\ati2evxx.exe
(Intel) C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
(Symantec Corporation) C:\Program Files\Symantec\Symantec Endpoint Protection\SmcGui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
() C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(ATI Technologies, Inc.) C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
() C:\Program Files\Dell\QuickSet\quickset.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\realplay.exe
(Sonic Solutions) C:\WINDOWS\system32\dla\tfswctrl.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
() C:\Program Files\Dell\Media Experience\DMXLauncher.exe
(Corel, Inc.) C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
(Symantec Corporation) C:\Program Files\Common Files\Symantec Shared\ccApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Software Update\hpwuSchd.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Gteko Ltd.) C:\Program Files\DellSupport\DSAgnt.exe
(BVRP Software) C:\Program Files\Digital Line Detect\DLG.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Yahoo! Inc.) C:\PROGRA~1\Yahoo!\Messenger\Ymsgr_tray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [155648 2005-01-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe [32881 2003-11-19] ()
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [385024 2004-10-30] (Intel Corporation)
HKLM\...\Run: [ATIPTA] => C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [339968 2004-08-31] (ATI Technologies, Inc.)
HKLM\...\Run: [Dell QuickSet] => C:\Program Files\Dell\QuickSet\quickset.exe [684032 2005-09-01] ()
HKLM\...\Run: [DVDLauncher] => C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [53248 2005-02-23] (CyberLink Corp.)
HKLM\...\Run: [RealTray] => C:\Program Files\Real\RealPlayer\RealPlay.exe [26112 2005-11-25] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2005-11-25] (Apple Computer, Inc.)
HKLM\...\Run: [dla] => C:\WINDOWS\system32\dla\tfswctrl.exe [127035 2004-12-06] (Sonic Solutions)
HKLM\...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM\...\Run: [DMXLauncher] => C:\Program Files\Dell\Media Experience\DMXLauncher.exe [86016 2005-01-27] ()
HKLM\...\Run: [Corel Photo Downloader] => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [106496 2005-08-31] (Corel, Inc.)
HKLM\...\Run: [ccApp] => C:\Program Files\Common Files\Symantec Shared\ccApp.exe [115560 2011-05-13] (Symantec Corporation)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [HPDJ Taskbar Utility] => C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe [188416 2003-06-26] (HP)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe [49152 2003-06-25] (Hewlett-Packard)
HKLM\...\Run: [DeviceDiscovery] => C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [229437 2003-05-21] (Hewlett-Packard)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll ()
Winlogon\Notify\IntelWireless: C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
HKU\S-1-5-21-2987564195-3664300104-303828230-1005\...\Run: [DellSupport] => C:\Program Files\DellSupport\DSAgnt.exe [460784 2007-03-15] (Gteko Ltd.)
HKU\S-1-5-21-2987564195-3664300104-303828230-1005\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [5252408 2010-06-01] (Yahoo! Inc.)
HKU\S-1-5-21-2987564195-3664300104-303828230-1005\...\MountPoints2: {1f31f940-e85b-11d9-8f1b-0013ce554ee3} - E:\AboutYourMINI.exe
Lsa: [Notification Packages] scecli C:\WINDOWS\system32\bopedisu.dll
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
ShortcutTarget: Adobe Reader Speed Launch.lnk -> C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe (Adobe Systems Incorporated)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\QuickBooks Update Agent.lnk
ShortcutTarget: QuickBooks Update Agent.lnk -> C:\Program Files\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe (Intuit, Inc.)
Startup: C:\Documents and Settings\enkhmart\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell4me.com/myway
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.c...//www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.c...//www.yahoo.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.c...rch/search.html
SearchScopes: HKCU - {2381E4B7-5C04-459E-9D46-2F9AC1608B66} URL = http://search.yahoo....ei=utf-8&fr=ysp
BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
BHO: AcroIEHlprObj Class -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: DriveLetterAccess -> {5CA3D70E-1895-11CF-8E15-001234567890} -> C:\WINDOWS\system32\dla\tfswshx.dll (Sonic Solutions)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: SingleInstance Class -> {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} -> C:\Program Files\Yahoo!\Companion\Installs\cpn3\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\yt.dll (Yahoo! Inc.)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
DPF: {4D2D3A17-9B46-483C-A5F4-1DC471080009} https://nac3.app.byu.../auth/taweb.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.micros...b?1250442847704
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\enkhmart\Application Data\Mozilla\Firefox\Profiles\b0lwfx3t.default
FF DefaultSearchEngine: Yahoo
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com/
FF Keyword.URL: hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-msgr&p=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: [email protected]/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files\Mozilla Firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF Plugin HKCU: @yahoo.com/BrowserPlus,version=2.9.8 -> C:\Documents and Settings\enkhmart\Local Settings\Application Data\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll (Yahoo! Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npyaxmpb.dll (Yahoo! Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml

Chrome:
=======
CHR HomePage: Default -> 0DFC6E712A9625EF60D8AF666DAE86F8E224E046AC45A7449E28972895D1A942
CHR DefaultSearchKeyword: Default -> 0EEDAC7B6B35DE4D002E40A8C9D8E05DB9D0C7100A5A2D613663A245C923792D
CHR DefaultSearchProvider: Default -> 23728026CA4620F9A7AE0386B18A184CA607481F234B5127547A29EF092FACB6
CHR DefaultSearchURL: Default -> AEC4DA69CC19CA345FFBD7E8DE93FCC85F6DC2B8A58A785220124DBF50186553
CHR CustomProfile: C:\Documents and Settings\enkhmart\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Documents and Settings\enkhmart\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2006-07-07]
CHR Extension: (Google Drive) - C:\Documents and Settings\enkhmart\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2006-07-07]
CHR Extension: (YouTube) - C:\Documents and Settings\enkhmart\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2006-07-07]
CHR Extension: (Google Search) - C:\Documents and Settings\enkhmart\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2006-07-07]
CHR Extension: (Gmail) - C:\Documents and Settings\enkhmart\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2006-07-07]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 aspnet_state; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [32768 2004-07-15] (Microsoft Corporation) [File not signed]
R2 Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [389120 2005-01-31] ()
R2 ccEvtMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-05-13] (Symantec Corporation)
R2 ccSetMgr; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [108392 2011-05-13] (Symantec Corporation)
S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [86016 2004-09-07] (Intel Corporation) [File not signed]
S3 LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE [3093880 2010-09-07] (Symantec Corporation)
R2 NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [356352 2005-06-09] (Dell Inc.) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [139264 2004-09-07] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [360521 2004-09-07] (Intel Corporation ) [File not signed]
R2 SmcService; C:\Program Files\Symantec\Symantec Endpoint Protection\Smc.exe [1893728 2011-05-13] (Symantec Corporation)
S4 SNAC; C:\Program Files\Symantec\Symantec Endpoint Protection\SNAC.EXE [357744 2011-05-13] (Symantec Corporation)
R2 Symantec AntiVirus; C:\Program Files\Symantec\Symantec Endpoint Protection\Rtvscan.exe [1839776 2011-05-13] (Symantec Corporation)
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [225353 2004-09-07] (Intel® Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [17056 2005-11-25] (Meetinghouse Data Communications) [File not signed]
R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-03] (Dell Inc) [File not signed]
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2005-11-25] (Windows ® 2000 DDK provider) [File not signed]
S3 COH_Mon; C:\WINDOWS\system32\Drivers\COH_Mon.sys [23888 2008-07-30] (Symantec Corporation)
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
R3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2006-01-02] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2006-01-02] (Symantec Corporation)
R3 HSFHWICH; C:\WINDOWS\System32\DRIVERS\HSFHWICH.sys [197120 2003-11-14] (Conexant Systems, Inc.)
R3 IWCA; C:\WINDOWS\System32\DRIVERS\iwca.sys [234496 2004-08-12] (Intel Corporation)
R3 NAVENG; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20140304.018\NAVENG.SYS [93272 2006-01-02] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Common Files\Symantec Shared\VirusDefs\20140304.018\NAVEX15.SYS [1612376 2006-01-02] (Symantec Corporation)
R3 O2SCBUS; C:\WINDOWS\System32\DRIVERS\ozscr.sys [91823 2005-01-29] (O2Micro)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17153 2004-02-13] (Dell Inc) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [11354 2004-08-31] (Intel Corporation) [File not signed]
R1 SPBBCDrv; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [421424 2011-05-13] (Symantec Corporation)
R1 SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [284720 2011-05-13] (Symantec Corporation)
S3 SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [320944 2011-05-13] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [43696 2011-05-13] (Symantec Corporation)
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STAC97; C:\WINDOWS\System32\drivers\stac97.sys [264440 2005-01-31] (SigmaTel, Inc.)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [125488 2011-05-13] (Symantec Corporation)
R3 SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [26416 2011-05-13] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [188080 2011-05-13] (Symantec Corporation)
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
R3 w29n51; C:\WINDOWS\System32\DRIVERS\w29n51.sys [3210496 2004-10-21] (Intel® Corporation)
S3 bvrp_pci; No ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S3 wanatw; system32\DRIVERS\wanatw4.sys [X]
U1 WS2IFSL; No ImagePath

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2099-12-31 63384:162 - 2009-04-01 13:13 - 00006456 ____H () C:\WINDOWS\system32\verizizo
2014-09-12 08:07 - 2014-09-12 08:07 - 00000000 ____D () C:\Documents and Settings\enkhmart\Desktop\FRST-OlderVersion
2014-09-10 10:07 - 2014-09-10 10:07 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\enkhmart\Desktop\tdsskiller.exe
2014-09-10 09:13 - 2014-09-10 09:13 - 00014341 _____ () C:\Documents and Settings\enkhmart\Desktop\attach.txt
2014-09-10 09:13 - 2014-09-10 09:13 - 00013376 _____ () C:\Documents and Settings\enkhmart\Desktop\dds.txt
2014-09-10 09:10 - 2014-09-10 09:10 - 00688992 ____R (Swearware) C:\Documents and Settings\enkhmart\Desktop\dds.scr
2014-09-10 09:03 - 2014-09-10 09:03 - 00000416 _____ () C:\Documents and Settings\enkhmart\Desktop\Shortcut to Wireless Network Connection.lnk
2014-09-10 08:48 - 2014-09-10 08:48 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-09-09 09:21 - 2014-09-09 09:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-09-09 09:20 - 2014-09-09 09:20 - 00046217 _____ () C:\WINDOWS\KB2387149.log
2014-09-09 09:20 - 2014-09-09 09:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-09-09 09:20 - 2014-09-09 09:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-09-09 09:20 - 2014-09-09 09:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-09-09 09:17 - 2014-09-09 09:17 - 00043300 _____ () C:\WINDOWS\KB2659262.log
2014-09-09 09:17 - 2014-09-09 09:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-09-09 09:17 - 2014-09-09 09:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-09-09 09:16 - 2014-09-09 09:17 - 00043067 _____ () C:\WINDOWS\KB2564958.log
2014-09-09 09:16 - 2014-09-09 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-09-09 09:10 - 2014-09-09 09:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-09 09:06 - 2014-09-09 09:06 - 00041068 _____ () C:\WINDOWS\KB2934207.log
2014-09-09 09:06 - 2014-09-09 09:06 - 00040599 _____ () C:\WINDOWS\KB2834886.log
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-09-09 09:05 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2491683$
2014-09-09 09:05 - 2014-09-09 09:05 - 00043187 _____ () C:\WINDOWS\KB2536276-v2.log
2014-09-09 09:05 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-09-09 09:05 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-09-09 09:05 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-09-09 09:05 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-09-09 09:04 - 2014-09-09 09:05 - 00040207 _____ () C:\WINDOWS\KB2296011.log
2014-09-09 09:04 - 2014-09-09 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-09-09 09:04 - 2014-09-09 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-09-09 09:03 - 2014-09-09 09:03 - 00039560 _____ () C:\WINDOWS\KB2900986.log
2014-09-09 09:03 - 2014-09-09 09:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-09-09 09:02 - 2014-09-09 09:02 - 00041637 _____ () C:\WINDOWS\KB975558.log
2014-09-09 09:02 - 2014-09-09 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-09-09 09:02 - 2014-09-09 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-09-09 09:02 - 2014-09-09 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-09-09 09:00 - 2014-09-09 09:00 - 00041261 _____ () C:\WINDOWS\KB2378111.log
2014-09-09 09:00 - 2014-09-09 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-09-09 09:00 - 2014-09-09 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-09-09 09:00 - 2014-09-09 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-09-09 08:59 - 2014-09-09 08:59 - 00041135 _____ () C:\WINDOWS\KB2485663.log
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-09-09 08:58 - 2014-09-09 08:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-09-09 08:57 - 2014-09-09 08:57 - 00041214 _____ () C:\WINDOWS\KB2686509.log
2014-09-09 08:57 - 2014-09-09 08:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-09-09 08:57 - 2014-09-09 08:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-09-09 08:56 - 2014-09-09 08:56 - 00039602 _____ () C:\WINDOWS\KB2862335.log
2014-09-09 08:56 - 2014-09-09 08:56 - 00037355 _____ () C:\WINDOWS\KB2834904-v2.log
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-09-09 08:55 - 2014-09-09 08:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-09-09 08:53 - 2014-09-09 08:53 - 00038485 _____ () C:\WINDOWS\KB2904266.log
2014-09-09 08:53 - 2014-09-09 08:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-09-09 08:53 - 2014-09-09 08:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-09-09 08:53 - 2014-09-09 08:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-09-09 08:53 - 2014-09-09 08:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-09-09 08:52 - 2014-09-09 08:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-09-09 08:52 - 2014-09-09 08:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-09-09 08:50 - 2014-09-09 08:51 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-09-09 08:50 - 2014-09-09 08:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-09-09 08:50 - 2014-09-09 08:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-09-09 08:50 - 2014-09-09 08:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-09-09 08:49 - 2014-09-09 08:50 - 00035142 _____ () C:\WINDOWS\KB2592799.log
2014-09-09 08:49 - 2014-09-09 08:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-09-09 08:48 - 2014-09-09 08:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-09-09 08:47 - 2014-09-09 08:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-09-09 08:46 - 2014-09-09 08:47 - 00034961 _____ () C:\WINDOWS\KB2535512.log
2014-09-09 08:45 - 2014-09-09 08:45 - 00033213 _____ () C:\WINDOWS\KB2964358.log
2014-09-09 08:45 - 2014-09-09 08:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-09-09 08:45 - 2014-09-09 08:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-09-09 08:45 - 2014-09-09 08:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-09-09 08:43 - 2014-09-09 08:43 - 00034329 _____ () C:\WINDOWS\KB2807986.log
2014-09-09 08:43 - 2014-09-09 08:43 - 00033890 _____ () C:\WINDOWS\KB2570947.log
2014-09-09 08:43 - 2014-09-09 08:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-09-09 08:43 - 2014-09-09 08:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-09-09 08:43 - 2014-09-09 08:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-09-09 08:41 - 2014-09-09 08:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-09-09 08:40 - 2014-09-09 08:41 - 00032950 _____ () C:\WINDOWS\KB2868038.log
2014-09-09 08:40 - 2014-09-09 08:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-09-09 08:38 - 2014-09-09 08:38 - 00033140 _____ () C:\WINDOWS\KB2603381.log
2014-09-09 08:38 - 2014-09-09 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-09-09 08:38 - 2014-09-09 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-09-09 08:38 - 2014-09-09 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-09-09 08:37 - 2014-09-09 08:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-09-09 08:37 - 2014-09-09 08:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-09-09 08:36 - 2014-09-09 08:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-09-09 08:35 - 2014-09-09 08:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-09-09 08:35 - 2014-09-09 08:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-09-09 08:33 - 2014-09-09 08:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-09-09 08:19 - 2014-09-09 08:19 - 00017667 _____ () C:\WINDOWS\KB2698365.log
2014-09-09 08:19 - 2014-09-09 08:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-09-09 08:19 - 2014-09-09 08:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-09-09 08:19 - 2014-09-09 08:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-09-09 08:19 - 2014-09-09 08:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-09-09 08:18 - 2014-09-09 08:18 - 00015697 _____ () C:\WINDOWS\KB2723135-v2.log
2014-09-09 08:18 - 2014-09-09 08:18 - 00015086 _____ () C:\WINDOWS\KB981997.log
2014-09-09 08:18 - 2014-09-09 08:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-09-09 08:18 - 2014-09-09 08:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-09-09 08:18 - 2014-09-09 08:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-09-09 08:17 - 2014-09-09 08:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-09-09 08:15 - 2014-09-09 08:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-09-09 08:12 - 2014-09-10 08:46 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-09-09 07:42 - 2014-09-09 07:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-09-09 07:42 - 2014-09-09 07:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-09-09 07:39 - 2014-09-09 07:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-09-09 07:39 - 2014-09-09 07:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-09-09 07:39 - 2014-09-09 07:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-09-09 07:38 - 2014-09-09 07:39 - 00012465 _____ () C:\WINDOWS\KB2393802.log
2014-09-09 07:34 - 2014-09-09 07:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-09-09 07:30 - 2014-09-09 07:40 - 00000000 ____D () C:\Documents and Settings\enkhmart\Desktop\DESKTOP FILES
2014-09-09 07:24 - 2014-09-09 07:24 - 00009935 _____ () C:\WINDOWS\KB2566454.log
2014-09-09 07:24 - 2014-09-09 07:24 - 00009725 _____ () C:\WINDOWS\KB2661637.log
2014-09-09 07:24 - 2014-09-09 07:24 - 00007875 _____ () C:\WINDOWS\KB2914368.log
2014-09-09 07:24 - 2014-09-09 07:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-09-09 07:24 - 2014-09-09 07:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-09-09 07:24 - 2014-09-09 07:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-09-09 07:23 - 2014-09-09 07:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-09-09 07:23 - 2014-09-09 07:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-09-09 07:22 - 2014-09-09 07:23 - 00009964 _____ () C:\WINDOWS\KB2423089.log
2014-09-08 19:58 - 2014-09-08 19:58 - 00000592 _____ () C:\Documents and Settings\enkhmart\Desktop\JRT.txt
2014-09-08 19:41 - 2014-09-08 19:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-08 19:23 - 2014-09-08 19:37 - 00000000 ____D () C:\AdwCleaner
2014-09-08 19:22 - 2014-09-08 19:22 - 01370467 _____ () C:\Documents and Settings\enkhmart\Desktop\AdwCleaner.exe
2014-09-08 10:01 - 2014-09-08 10:01 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-08 10:00 - 2014-09-08 10:00 - 01016261 _____ (Thisisu) C:\Documents and Settings\enkhmart\Desktop\JRT.exe
2014-09-08 05:01 - 2014-09-08 05:01 - 00000548 _____ () C:\Documents and Settings\enkhmart\Desktop\aswMBR.txt
2014-09-08 04:51 - 2014-09-08 04:52 - 05185536 _____ (AVAST Software) C:\Documents and Settings\enkhmart\Desktop\aswmbr.exe
2014-09-08 04:48 - 2014-09-08 04:49 - 00027462 _____ () C:\Documents and Settings\enkhmart\Desktop\Addition.txt
2014-09-08 04:47 - 2014-09-12 08:14 - 00020679 _____ () C:\Documents and Settings\enkhmart\Desktop\FRST.txt
2014-09-08 04:45 - 2014-09-12 08:13 - 00000000 ____D () C:\FRST
2014-09-08 04:44 - 2014-09-12 08:07 - 01097728 _____ (Farbar) C:\Documents and Settings\enkhmart\Desktop\FRST.exe
2014-09-08 00:38 - 2014-09-09 09:21 - 00054349 _____ () C:\WINDOWS\KB2868626.log
2014-09-08 00:38 - 2014-09-09 09:20 - 00056157 _____ () C:\WINDOWS\KB2712808.log
2014-09-08 00:38 - 2014-09-09 09:20 - 00053549 _____ () C:\WINDOWS\KB2922229.log
2014-09-08 00:38 - 2014-09-09 09:17 - 00055054 _____ () C:\WINDOWS\KB2479943.log
2014-09-08 00:38 - 2014-09-09 09:06 - 00051610 _____ () C:\WINDOWS\KB2916036.log
2014-09-08 00:38 - 2014-02-25 20:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\xp_eos.exe
2014-09-08 00:38 - 2014-02-25 20:59 - 00013312 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xp_eos.exe
2014-09-08 00:38 - 2010-09-18 01:53 - 00954368 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40.dll
2014-09-08 00:38 - 2010-09-18 01:53 - 00953856 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mfc40u.dll
2014-09-08 00:37 - 2014-09-09 09:06 - 00053334 _____ () C:\WINDOWS\KB2478971.log
2014-09-08 00:37 - 2014-09-09 09:06 - 00052698 _____ () C:\WINDOWS\KB2544893-v2.log
2014-09-08 00:37 - 2014-09-09 09:06 - 00052589 _____ () C:\WINDOWS\KB2491683.log
2014-09-08 00:37 - 2014-09-09 09:05 - 00052913 _____ () C:\WINDOWS\KB2345886.log
2014-09-08 00:37 - 2014-09-09 09:05 - 00052652 _____ () C:\WINDOWS\KB2585542.log
2014-09-08 00:37 - 2014-09-09 09:05 - 00051694 _____ () C:\WINDOWS\KB2631813.log
2014-09-08 00:37 - 2010-08-23 11:12 - 00617472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\comctl32.dll
2014-09-08 00:36 - 2014-09-09 09:04 - 00052533 _____ () C:\WINDOWS\KB2691442.log
2014-09-08 00:36 - 2014-09-09 09:03 - 00051190 _____ () C:\WINDOWS\KB2115168.log
2014-09-08 00:36 - 2014-09-09 09:02 - 00049274 _____ () C:\WINDOWS\KB2847311.log
2014-09-08 00:36 - 2014-09-09 09:00 - 00052622 _____ () C:\WINDOWS\KB951978.log
2014-09-08 00:35 - 2014-09-09 09:00 - 00051252 _____ () C:\WINDOWS\KB2443105.log
2014-09-08 00:35 - 2014-09-09 08:59 - 00052184 _____ () C:\WINDOWS\KB2481109.log
2014-09-08 00:35 - 2014-09-09 08:59 - 00051562 _____ () C:\WINDOWS\KB2655992.log
2014-09-08 00:35 - 2014-09-09 08:59 - 00050881 _____ () C:\WINDOWS\KB2802968.log
2014-09-08 00:35 - 2014-09-09 08:59 - 00050655 _____ () C:\WINDOWS\KB2598479.log
2014-09-08 00:35 - 2014-09-09 08:59 - 00048926 _____ () C:\WINDOWS\KB2898715.log
2014-09-08 00:35 - 2014-09-09 08:57 - 00047030 _____ () C:\WINDOWS\KB2929961.log
2014-09-08 00:34 - 2014-09-09 08:57 - 00049279 _____ () C:\WINDOWS\KB982132.log
2014-09-08 00:34 - 2014-09-09 08:56 - 00049839 _____ () C:\WINDOWS\KB2780091.log
2014-09-08 00:34 - 2014-09-09 08:56 - 00049419 _____ () C:\WINDOWS\KB2507938.log
2014-09-08 00:34 - 2014-09-09 08:56 - 00047952 _____ () C:\WINDOWS\KB2909212.log
2014-09-08 00:34 - 2014-09-09 08:55 - 00052030 _____ () C:\WINDOWS\KB2510581.log
2014-09-08 00:34 - 2013-07-02 21:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-09-08 00:34 - 2013-07-02 20:59 - 00014976 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbscan.sys
2014-09-08 00:33 - 2014-09-09 08:53 - 00049639 _____ () C:\WINDOWS\KB2483185.log
2014-09-08 00:33 - 2014-09-09 08:53 - 00048608 _____ () C:\WINDOWS\KB979687.log
2014-09-08 00:33 - 2014-09-09 08:53 - 00046888 _____ () C:\WINDOWS\KB2876217.log
2014-09-08 00:33 - 2014-09-09 08:52 - 00045693 _____ () C:\WINDOWS\KB2930275.log
2014-09-08 00:33 - 2014-09-09 08:51 - 00044588 _____ () C:\WINDOWS\KB2864063.log
2014-09-08 00:32 - 2014-09-09 08:50 - 00046472 _____ () C:\WINDOWS\KB2719985.log
2014-09-08 00:32 - 2014-09-09 08:50 - 00045435 _____ () C:\WINDOWS\KB2936068.log
2014-09-08 00:32 - 2014-09-09 08:50 - 00040979 _____ () C:\WINDOWS\KB2862152.log
2014-09-08 00:32 - 2011-04-21 08:37 - 00105472 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mup.sys
2014-09-08 00:31 - 2014-09-09 08:45 - 00040190 _____ () C:\WINDOWS\KB2876331.log
2014-09-08 00:31 - 2014-09-09 08:45 - 00039633 _____ () C:\WINDOWS\KB2850869.log
2014-09-08 00:31 - 2014-09-09 08:44 - 00040974 _____ () C:\WINDOWS\KB2859537.log
2014-09-08 00:31 - 2014-09-09 08:40 - 00042314 _____ () C:\WINDOWS\KB2820917.log
2014-09-08 00:31 - 2013-07-16 19:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-09-08 00:31 - 2013-07-16 19:58 - 00060160 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbaudio.sys
2014-09-08 00:31 - 2013-07-16 19:58 - 00046848 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irbus.sys
2014-09-08 00:31 - 2013-02-11 19:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023x.sys
2014-09-08 00:31 - 2013-02-11 19:32 - 00012928 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usb8023.sys
2014-09-08 00:30 - 2014-09-09 08:38 - 00042636 _____ () C:\WINDOWS\KB2419632.log
2014-09-08 00:30 - 2014-09-09 08:38 - 00041161 _____ () C:\WINDOWS\KB2757638.log
2014-09-08 00:30 - 2014-09-09 08:38 - 00038931 _____ () C:\WINDOWS\KB2893294.log
2014-09-08 00:30 - 2014-09-09 08:37 - 00035802 _____ () C:\WINDOWS\KB2508429.log
2014-09-08 00:30 - 2014-09-09 08:36 - 00034874 _____ () C:\WINDOWS\KB2653956.log
2014-09-08 00:29 - 2014-09-09 08:35 - 00034658 _____ () C:\WINDOWS\KB2749655.log
2014-09-08 00:29 - 2014-09-09 08:35 - 00034172 _____ () C:\WINDOWS\KB971029.log
2014-09-08 00:29 - 2014-09-09 08:33 - 00033769 _____ () C:\WINDOWS\KB2506212.log
2014-09-08 00:29 - 2014-09-09 08:19 - 00023861 _____ () C:\WINDOWS\KB2705219-v2.log
2014-09-08 00:29 - 2014-09-09 08:19 - 00021441 _____ () C:\WINDOWS\KB2892075.log
2014-09-08 00:29 - 2012-05-28 13:16 - 00536576 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msado15.dll
2014-09-08 00:28 - 2014-09-09 08:19 - 00022997 _____ () C:\WINDOWS\KB2619339.log
2014-09-08 00:28 - 2014-09-09 08:18 - 00022040 _____ () C:\WINDOWS\KB2727528.log
2014-09-08 00:28 - 2013-08-08 19:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-09-08 00:28 - 2013-08-08 19:55 - 00032384 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbccgp.sys
2014-09-08 00:28 - 2013-08-08 19:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-09-08 00:28 - 2012-07-04 09:05 - 00139784 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rdpwd.sys
2014-09-08 00:28 - 2009-03-18 06:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-09-08 00:27 - 2014-09-09 08:15 - 00023237 _____ () C:\WINDOWS\KB2813345.log
2014-09-08 00:26 - 2014-09-09 07:42 - 00021672 _____ () C:\WINDOWS\KB2676562.log
2014-09-08 00:26 - 2014-09-09 07:42 - 00020552 _____ () C:\WINDOWS\KB2509553.log
2014-09-08 00:26 - 2014-09-09 07:40 - 00017109 _____ () C:\WINDOWS\KB982665.log
2014-09-08 00:25 - 2014-09-09 07:35 - 00016787 _____ () C:\WINDOWS\KB2620712.log
2014-09-08 00:24 - 2011-07-08 09:02 - 00010496 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndistapi.sys
2014-09-08 00:23 - 2012-01-11 14:06 - 00003072 ____N () C:\WINDOWS\system32\iacenc.dll
2014-09-08 00:23 - 2012-01-11 14:06 - 00003072 ____N () C:\WINDOWS\system32\dllcache\iacenc.dll
2014-09-08 00:22 - 2013-11-27 15:21 - 00040960 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ndproxy.sys
2014-09-08 00:16 - 2014-09-09 07:24 - 00016254 _____ () C:\WINDOWS\KB2584146.log
2014-09-08 00:15 - 2010-10-11 09:59 - 00045568 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wab.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 08:14 - 2014-09-08 04:47 - 00020679 _____ () C:\Documents and Settings\enkhmart\Desktop\FRST.txt
2014-09-12 08:14 - 2009-01-30 13:31 - 00000000 ____D () C:\Documents and Settings\enkhmart\Local Settings\Temp
2014-09-12 08:13 - 2014-09-08 04:45 - 00000000 ____D () C:\FRST
2014-09-12 08:07 - 2014-09-12 08:07 - 00000000 ____D () C:\Documents and Settings\enkhmart\Desktop\FRST-OlderVersion
2014-09-12 08:07 - 2014-09-08 04:44 - 01097728 _____ (Farbar) C:\Documents and Settings\enkhmart\Desktop\FRST.exe
2014-09-12 08:06 - 2004-08-11 18:13 - 01116132 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-12 06:58 - 2006-07-07 13:53 - 00000890 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-12 05:34 - 2009-03-04 16:30 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-12 05:20 - 2009-01-30 13:31 - 00000004 _____ () C:\Documents and Settings\enkhmart\Application Data\QSWWShare
2014-09-12 05:20 - 2004-08-11 18:09 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-12 05:20 - 2004-08-11 18:09 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2014-09-12 05:19 - 2006-07-07 13:53 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 05:19 - 2004-08-11 18:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-12 04:08 - 2004-08-11 18:20 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-10 11:27 - 2009-01-30 14:11 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2014-09-10 10:07 - 2014-09-10 10:07 - 04181856 _____ (Kaspersky Lab ZAO) C:\Documents and Settings\enkhmart\Desktop\tdsskiller.exe
2014-09-10 09:13 - 2014-09-10 09:13 - 00014341 _____ () C:\Documents and Settings\enkhmart\Desktop\attach.txt
2014-09-10 09:13 - 2014-09-10 09:13 - 00013376 _____ () C:\Documents and Settings\enkhmart\Desktop\dds.txt
2014-09-10 09:10 - 2014-09-10 09:10 - 00688992 ____R (Swearware) C:\Documents and Settings\enkhmart\Desktop\dds.scr
2014-09-10 09:03 - 2014-09-10 09:03 - 00000416 _____ () C:\Documents and Settings\enkhmart\Desktop\Shortcut to Wireless Network Connection.lnk
2014-09-10 08:48 - 2014-09-10 08:48 - 00000222 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2014-09-10 08:48 - 2009-08-19 12:19 - 00085151 _____ () C:\WINDOWS\spupdsvc.log
2014-09-10 08:47 - 2004-08-11 18:06 - 00325112 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-10 08:46 - 2014-09-09 08:12 - 00000000 ____D () C:\WINDOWS\SxsCaPendDel
2014-09-09 09:51 - 2009-01-30 13:31 - 00000178 ___SH () C:\Documents and Settings\enkhmart\ntuser.ini
2014-09-09 09:51 - 2009-01-30 13:31 - 00000000 ____D () C:\Documents and Settings\enkhmart
2014-09-09 09:21 - 2014-09-09 09:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-09-09 09:21 - 2014-09-08 00:38 - 00054349 _____ () C:\WINDOWS\KB2868626.log
2014-09-09 09:21 - 2005-11-25 21:31 - 00176417 _____ () C:\WINDOWS\updspapi.log
2014-09-09 09:21 - 2004-08-11 18:07 - 01947083 _____ () C:\WINDOWS\iis6.log
2014-09-09 09:21 - 2004-08-11 18:07 - 01750294 _____ () C:\WINDOWS\FaxSetup.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00851977 _____ () C:\WINDOWS\ocgen.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00803239 _____ () C:\WINDOWS\tsoc.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00543848 _____ () C:\WINDOWS\msmqinst.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00432933 _____ () C:\WINDOWS\comsetup.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00304611 _____ () C:\WINDOWS\netfxocm.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00262705 _____ () C:\WINDOWS\ntdtcsetup.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00120733 _____ () C:\WINDOWS\MedCtrOC.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00087597 _____ () C:\WINDOWS\tabletoc.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00087444 _____ () C:\WINDOWS\msgsocm.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00070532 _____ () C:\WINDOWS\ocmsn.log
2014-09-09 09:21 - 2004-08-11 18:07 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-09-09 09:20 - 2014-09-09 09:20 - 00046217 _____ () C:\WINDOWS\KB2387149.log
2014-09-09 09:20 - 2014-09-09 09:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2922229$
2014-09-09 09:20 - 2014-09-09 09:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2712808$
2014-09-09 09:20 - 2014-09-09 09:20 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2387149$
2014-09-09 09:20 - 2014-09-08 00:38 - 00056157 _____ () C:\WINDOWS\KB2712808.log
2014-09-09 09:20 - 2014-09-08 00:38 - 00053549 _____ () C:\WINDOWS\KB2922229.log
2014-09-09 09:20 - 2005-11-25 21:29 - 00000000 ___HD () C:\WINDOWS\$hf_mig$
2014-09-09 09:20 - 2004-08-11 18:07 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-09-09 09:17 - 2014-09-09 09:17 - 00043300 _____ () C:\WINDOWS\KB2659262.log
2014-09-09 09:17 - 2014-09-09 09:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2659262$
2014-09-09 09:17 - 2014-09-09 09:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2479943$
2014-09-09 09:17 - 2014-09-09 09:16 - 00043067 _____ () C:\WINDOWS\KB2564958.log
2014-09-09 09:17 - 2014-09-08 00:38 - 00055054 _____ () C:\WINDOWS\KB2479943.log
2014-09-09 09:16 - 2014-09-09 09:16 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2564958$
2014-09-09 09:16 - 2014-09-09 09:10 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-09 09:06 - 2014-09-09 09:06 - 00041068 _____ () C:\WINDOWS\KB2934207.log
2014-09-09 09:06 - 2014-09-09 09:06 - 00040599 _____ () C:\WINDOWS\KB2834886.log
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2934207$
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2916036$
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834886$
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2544893-v2$
2014-09-09 09:06 - 2014-09-09 09:06 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478971$
2014-09-09 09:06 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2491683$
2014-09-09 09:06 - 2014-09-08 00:38 - 00051610 _____ () C:\WINDOWS\KB2916036.log
2014-09-09 09:06 - 2014-09-08 00:37 - 00053334 _____ () C:\WINDOWS\KB2478971.log
2014-09-09 09:06 - 2014-09-08 00:37 - 00052698 _____ () C:\WINDOWS\KB2544893-v2.log
2014-09-09 09:06 - 2014-09-08 00:37 - 00052589 _____ () C:\WINDOWS\KB2491683.log
2014-09-09 09:05 - 2014-09-09 09:05 - 00043187 _____ () C:\WINDOWS\KB2536276-v2.log
2014-09-09 09:05 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2631813$
2014-09-09 09:05 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2585542$
2014-09-09 09:05 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2536276-v2$
2014-09-09 09:05 - 2014-09-09 09:05 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2345886$
2014-09-09 09:05 - 2014-09-09 09:04 - 00040207 _____ () C:\WINDOWS\KB2296011.log
2014-09-09 09:05 - 2014-09-08 00:37 - 00052913 _____ () C:\WINDOWS\KB2345886.log
2014-09-09 09:05 - 2014-09-08 00:37 - 00052652 _____ () C:\WINDOWS\KB2585542.log
2014-09-09 09:05 - 2014-09-08 00:37 - 00051694 _____ () C:\WINDOWS\KB2631813.log
2014-09-09 09:04 - 2014-09-09 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2691442$
2014-09-09 09:04 - 2014-09-09 09:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2296011$
2014-09-09 09:04 - 2014-09-08 00:36 - 00052533 _____ () C:\WINDOWS\KB2691442.log
2014-09-09 09:03 - 2014-09-09 09:03 - 00039560 _____ () C:\WINDOWS\KB2900986.log
2014-09-09 09:03 - 2014-09-09 09:03 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-09-09 09:03 - 2014-09-08 00:36 - 00051190 _____ () C:\WINDOWS\KB2115168.log
2014-09-09 09:02 - 2014-09-09 09:02 - 00041637 _____ () C:\WINDOWS\KB975558.log
2014-09-09 09:02 - 2014-09-09 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975558_WM8$
2014-09-09 09:02 - 2014-09-09 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-09-09 09:02 - 2014-09-09 09:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2115168$
2014-09-09 09:02 - 2014-09-08 00:36 - 00049274 _____ () C:\WINDOWS\KB2847311.log
2014-09-09 09:00 - 2014-09-09 09:00 - 00041261 _____ () C:\WINDOWS\KB2378111.log
2014-09-09 09:00 - 2014-09-09 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB951978$
2014-09-09 09:00 - 2014-09-09 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2443105$
2014-09-09 09:00 - 2014-09-09 09:00 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2378111_WM9$
2014-09-09 09:00 - 2014-09-08 00:36 - 00052622 _____ () C:\WINDOWS\KB951978.log
2014-09-09 09:00 - 2014-09-08 00:35 - 00051252 _____ () C:\WINDOWS\KB2443105.log
2014-09-09 09:00 - 2004-08-11 18:11 - 00095584 _____ () C:\WINDOWS\wmsetup.log
2014-09-09 08:59 - 2014-09-09 08:59 - 00041135 _____ () C:\WINDOWS\KB2485663.log
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2802968$
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2655992$
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2485663$
2014-09-09 08:59 - 2014-09-09 08:59 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2481109$
2014-09-09 08:59 - 2014-09-08 00:35 - 00052184 _____ () C:\WINDOWS\KB2481109.log
2014-09-09 08:59 - 2014-09-08 00:35 - 00051562 _____ () C:\WINDOWS\KB2655992.log
2014-09-09 08:59 - 2014-09-08 00:35 - 00050881 _____ () C:\WINDOWS\KB2802968.log
2014-09-09 08:59 - 2014-09-08 00:35 - 00050655 _____ () C:\WINDOWS\KB2598479.log
2014-09-09 08:59 - 2014-09-08 00:35 - 00048926 _____ () C:\WINDOWS\KB2898715.log
2014-09-09 08:58 - 2014-09-09 08:58 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2598479$
2014-09-09 08:57 - 2014-09-09 08:57 - 00041214 _____ () C:\WINDOWS\KB2686509.log
2014-09-09 08:57 - 2014-09-09 08:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2929961$
2014-09-09 08:57 - 2014-09-09 08:57 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2686509$
2014-09-09 08:57 - 2014-09-08 00:35 - 00047030 _____ () C:\WINDOWS\KB2929961.log
2014-09-09 08:57 - 2014-09-08 00:34 - 00049279 _____ () C:\WINDOWS\KB982132.log
2014-09-09 08:56 - 2014-09-09 08:56 - 00039602 _____ () C:\WINDOWS\KB2862335.log
2014-09-09 08:56 - 2014-09-09 08:56 - 00037355 _____ () C:\WINDOWS\KB2834904-v2.log
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982132$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2909212$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2834904-v2_WM11$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2780091$
2014-09-09 08:56 - 2014-09-09 08:56 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2507938$
2014-09-09 08:56 - 2014-09-08 00:34 - 00049839 _____ () C:\WINDOWS\KB2780091.log
2014-09-09 08:56 - 2014-09-08 00:34 - 00049419 _____ () C:\WINDOWS\KB2507938.log
2014-09-09 08:56 - 2014-09-08 00:34 - 00047952 _____ () C:\WINDOWS\KB2909212.log
2014-09-09 08:56 - 2005-11-25 21:16 - 00969973 _____ () C:\WINDOWS\setupapi.log
2014-09-09 08:55 - 2014-09-09 08:55 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2510581$
2014-09-09 08:55 - 2014-09-08 00:34 - 00052030 _____ () C:\WINDOWS\KB2510581.log
2014-09-09 08:53 - 2014-09-09 08:53 - 00038485 _____ () C:\WINDOWS\KB2904266.log
2014-09-09 08:53 - 2014-09-09 08:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-09-09 08:53 - 2014-09-09 08:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-09-09 08:53 - 2014-09-09 08:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2483185$
2014-09-09 08:53 - 2014-09-09 08:53 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2347290$
2014-09-09 08:53 - 2014-09-08 00:33 - 00049639 _____ () C:\WINDOWS\KB2483185.log
2014-09-09 08:53 - 2014-09-08 00:33 - 00048608 _____ () C:\WINDOWS\KB979687.log
2014-09-09 08:53 - 2014-09-08 00:33 - 00046888 _____ () C:\WINDOWS\KB2876217.log
2014-09-09 08:53 - 2009-08-19 12:23 - 00223372 _____ () C:\WINDOWS\system32\TZLog.log
2014-09-09 08:52 - 2014-09-09 08:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB979687$
2014-09-09 08:52 - 2014-09-09 08:52 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2930275$
2014-09-09 08:52 - 2014-09-08 00:33 - 00045693 _____ () C:\WINDOWS\KB2930275.log
2014-09-09 08:51 - 2014-09-09 08:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-09-09 08:51 - 2014-09-08 00:33 - 00044588 _____ () C:\WINDOWS\KB2864063.log
2014-09-09 08:50 - 2014-09-09 08:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2936068$
2014-09-09 08:50 - 2014-09-09 08:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-09-09 08:50 - 2014-09-09 08:50 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2719985$
2014-09-09 08:50 - 2014-09-09 08:49 - 00035142 _____ () C:\WINDOWS\KB2592799.log
2014-09-09 08:50 - 2014-09-08 00:32 - 00046472 _____ () C:\WINDOWS\KB2719985.log
2014-09-09 08:50 - 2014-09-08 00:32 - 00045435 _____ () C:\WINDOWS\KB2936068.log
2014-09-09 08:50 - 2014-09-08 00:32 - 00040979 _____ () C:\WINDOWS\KB2862152.log
2014-09-09 08:49 - 2014-09-09 08:49 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2592799$
2014-09-09 08:48 - 2014-09-09 08:48 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2770660$
2014-09-09 08:47 - 2014-09-09 08:47 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2535512$
2014-09-09 08:47 - 2014-09-09 08:46 - 00034961 _____ () C:\WINDOWS\KB2535512.log
2014-09-09 08:45 - 2014-09-09 08:45 - 00033213 _____ () C:\WINDOWS\KB2964358.log
2014-09-09 08:45 - 2014-09-09 08:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2964358$
2014-09-09 08:45 - 2014-09-09 08:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-09-09 08:45 - 2014-09-09 08:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2850869$
2014-09-09 08:45 - 2014-09-08 00:31 - 00040190 _____ () C:\WINDOWS\KB2876331.log
2014-09-09 08:45 - 2014-09-08 00:31 - 00039633 _____ () C:\WINDOWS\KB2850869.log
2014-09-09 08:44 - 2014-09-08 00:31 - 00040974 _____ () C:\WINDOWS\KB2859537.log
2014-09-09 08:43 - 2014-09-09 08:43 - 00034329 _____ () C:\WINDOWS\KB2807986.log
2014-09-09 08:43 - 2014-09-09 08:43 - 00033890 _____ () C:\WINDOWS\KB2570947.log
2014-09-09 08:43 - 2014-09-09 08:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2859537$
2014-09-09 08:43 - 2014-09-09 08:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2807986$
2014-09-09 08:43 - 2014-09-09 08:43 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2570947$
2014-09-09 08:41 - 2014-09-09 08:41 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-09-09 08:41 - 2014-09-09 08:40 - 00032950 _____ () C:\WINDOWS\KB2868038.log
2014-09-09 08:40 - 2014-09-09 08:40 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2820917$
2014-09-09 08:40 - 2014-09-08 00:31 - 00042314 _____ () C:\WINDOWS\KB2820917.log
2014-09-09 08:38 - 2014-09-09 08:38 - 00033140 _____ () C:\WINDOWS\KB2603381.log
2014-09-09 08:38 - 2014-09-09 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-09-09 08:38 - 2014-09-09 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2757638$
2014-09-09 08:38 - 2014-09-09 08:38 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2603381$
2014-09-09 08:38 - 2014-09-08 00:30 - 00042636 _____ () C:\WINDOWS\KB2419632.log
2014-09-09 08:38 - 2014-09-08 00:30 - 00041161 _____ () C:\WINDOWS\KB2757638.log
2014-09-09 08:38 - 2014-09-08 00:30 - 00038931 _____ () C:\WINDOWS\KB2893294.log
2014-09-09 08:37 - 2014-09-09 08:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2508429$
2014-09-09 08:37 - 2014-09-09 08:37 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2419632$
2014-09-09 08:37 - 2014-09-08 00:30 - 00035802 _____ () C:\WINDOWS\KB2508429.log
2014-09-09 08:36 - 2014-09-09 08:36 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2653956$
2014-09-09 08:36 - 2014-09-08 00:30 - 00034874 _____ () C:\WINDOWS\KB2653956.log
2014-09-09 08:35 - 2014-09-09 08:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB971029$
2014-09-09 08:35 - 2014-09-09 08:35 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2749655$
2014-09-09 08:35 - 2014-09-08 00:29 - 00034658 _____ () C:\WINDOWS\KB2749655.log
2014-09-09 08:35 - 2014-09-08 00:29 - 00034172 _____ () C:\WINDOWS\KB971029.log
2014-09-09 08:33 - 2014-09-09 08:33 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2506212$
2014-09-09 08:33 - 2014-09-08 00:29 - 00033769 _____ () C:\WINDOWS\KB2506212.log
2014-09-09 08:22 - 2004-08-11 18:00 - 00000582 _____ () C:\WINDOWS\win.ini
2014-09-09 08:19 - 2014-09-09 08:19 - 00017667 _____ () C:\WINDOWS\KB2698365.log
2014-09-09 08:19 - 2014-09-09 08:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-09-09 08:19 - 2014-09-09 08:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2705219-v2$
2014-09-09 08:19 - 2014-09-09 08:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2698365$
2014-09-09 08:19 - 2014-09-09 08:19 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2619339$
2014-09-09 08:19 - 2014-09-08 00:29 - 00023861 _____ () C:\WINDOWS\KB2705219-v2.log
2014-09-09 08:19 - 2014-09-08 00:29 - 00021441 _____ () C:\WINDOWS\KB2892075.log
2014-09-09 08:19 - 2014-09-08 00:28 - 00022997 _____ () C:\WINDOWS\KB2619339.log
2014-09-09 08:18 - 2014-09-09 08:18 - 00015697 _____ () C:\WINDOWS\KB2723135-v2.log
2014-09-09 08:18 - 2014-09-09 08:18 - 00015086 _____ () C:\WINDOWS\KB981997.log
2014-09-09 08:18 - 2014-09-09 08:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB981997$
2014-09-09 08:18 - 2014-09-09 08:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2727528$
2014-09-09 08:18 - 2014-09-09 08:18 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2723135-v2$
2014-09-09 08:18 - 2014-09-08 00:28 - 00022040 _____ () C:\WINDOWS\KB2727528.log
2014-09-09 08:18 - 2004-08-11 18:12 - 00000000 ____D () C:\Program Files\Movie Maker
2014-09-09 08:17 - 2014-09-09 08:17 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-09-09 08:15 - 2014-09-09 08:15 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2813345$
2014-09-09 08:15 - 2014-09-08 00:27 - 00023237 _____ () C:\WINDOWS\KB2813345.log
2014-09-09 08:13 - 2004-08-11 18:07 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-09 07:42 - 2014-09-09 07:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2676562$
2014-09-09 07:42 - 2014-09-09 07:42 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2509553$
2014-09-09 07:42 - 2014-09-08 00:26 - 00021672 _____ () C:\WINDOWS\KB2676562.log
2014-09-09 07:42 - 2014-09-08 00:26 - 00020552 _____ () C:\WINDOWS\KB2509553.log
2014-09-09 07:40 - 2014-09-09 07:30 - 00000000 ____D () C:\Documents and Settings\enkhmart\Desktop\DESKTOP FILES
2014-09-09 07:40 - 2014-09-08 00:26 - 00017109 _____ () C:\WINDOWS\KB982665.log
2014-09-09 07:39 - 2014-09-09 07:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB982665$
2014-09-09 07:39 - 2014-09-09 07:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2478960$
2014-09-09 07:39 - 2014-09-09 07:39 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2393802$
2014-09-09 07:39 - 2014-09-09 07:38 - 00012465 _____ () C:\WINDOWS\KB2393802.log
2014-09-09 07:35 - 2014-09-08 00:25 - 00016787 _____ () C:\WINDOWS\KB2620712.log
2014-09-09 07:34 - 2014-09-09 07:34 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2620712$
2014-09-09 07:24 - 2014-09-09 07:24 - 00009935 _____ () C:\WINDOWS\KB2566454.log
2014-09-09 07:24 - 2014-09-09 07:24 - 00009725 _____ () C:\WINDOWS\KB2661637.log
2014-09-09 07:24 - 2014-09-09 07:24 - 00007875 _____ () C:\WINDOWS\KB2914368.log
2014-09-09 07:24 - 2014-09-09 07:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-09-09 07:24 - 2014-09-09 07:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2661637$
2014-09-09 07:24 - 2014-09-09 07:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2566454$
2014-09-09 07:24 - 2014-09-08 00:16 - 00016254 _____ () C:\WINDOWS\KB2584146.log
2014-09-09 07:23 - 2014-09-09 07:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2584146$
2014-09-09 07:23 - 2014-09-09 07:23 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2423089$
2014-09-09 07:23 - 2014-09-09 07:22 - 00009964 _____ () C:\WINDOWS\KB2423089.log
2014-09-09 07:23 - 2004-08-11 18:12 - 00000000 ____D () C:\Program Files\Outlook Express
2014-09-08 20:57 - 2004-08-11 18:20 - 00032594 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-08 19:58 - 2014-09-08 19:58 - 00000592 _____ () C:\Documents and Settings\enkhmart\Desktop\JRT.txt
2014-09-08 19:58 - 2009-02-03 14:00 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2014-09-08 19:41 - 2014-09-08 19:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-08 19:37 - 2014-09-08 19:23 - 00000000 ____D () C:\AdwCleaner
2014-09-08 19:22 - 2014-09-08 19:22 - 01370467 _____ () C:\Documents and Settings\enkhmart\Desktop\AdwCleaner.exe
2014-09-08 10:01 - 2014-09-08 10:01 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-08 10:00 - 2014-09-08 10:00 - 01016261 _____ (Thisisu) C:\Documents and Settings\enkhmart\Desktop\JRT.exe
2014-09-08 09:49 - 2004-08-11 18:20 - 00000000 ____D () C:\Documents and Settings\LocalService\Local Settings\Temp
2014-09-08 08:40 - 2009-02-03 14:00 - 00000000 ____D () C:\Documents and Settings\enkhmart\Application Data\Yahoo!
2014-09-08 08:40 - 2009-02-03 13:59 - 00000000 ____D () C:\Program Files\Yahoo!
2014-09-08 08:40 - 2009-02-03 13:59 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Yahoo!
2014-09-08 05:01 - 2014-09-08 05:01 - 00000548 _____ () C:\Documents and Settings\enkhmart\Desktop\aswMBR.txt
2014-09-08 04:52 - 2014-09-08 04:51 - 05185536 _____ (AVAST Software) C:\Documents and Settings\enkhmart\Desktop\aswmbr.exe
2014-09-08 04:49 - 2014-09-08 04:48 - 00027462 _____ () C:\Documents and Settings\enkhmart\Desktop\Addition.txt
2014-09-07 23:59 - 2004-08-11 18:02 - 00000000 ____D () C:\WINDOWS\Help

Some content of TEMP:
====================
C:\Documents and Settings\enkhmart\Local Settings\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
Partition 2: (Active) - (Size=70.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.2 GB) - (Type=DB)

==================== End Of Log ============================


  • 0

#24
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
I'm not seeing anything in the logs. How is the machine running?
  • 0

#25
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
It boots up slow. Opening geeks to go always has issue? It opens Then page goes blank and it says transferring date from Idsync.rdl.com in lower left corner.
Other websites seem to work.

Pokerstars won't connect to server?

Just seems slow
  • 0

Advertisements


#26
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
Maybe I should just install
All 122 Microsoft updates and update Mozilla and see.
  • 0

#27
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Before you do that, I'd like to take a look for any remnants and out of date programs that may be lurking.


Hi, let's run a sweep for remnants and check for any out of date programs on your machine. :)

Please disable your antivirus for the duration of my instructions. Don't forget to re-enable them after you have completed the steps.

Step 1: Scan with Malwarebytes


Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

MBAMsettings_zpsb6b9ada0.jpg

Go back to the Dashboard and select Scan Now

MBAMScan_zps8ba7d192.jpg

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

MBAMReboot_zps9089ab30.jpg

MBAMLog_zpsade07f42.jpg

On completion of the scan (or after the reboot), start MBAM,

Click History, then Application Logs, then check the Select box by the first Scan Log in the list.

Click View, then click Export, select text file and save to the desktop as MBAM.txt and post in your next reply.



Step 2: ESET Online Virus Scan

Please note: You can use Internet Explorer or Firefox for this step.

If you use Firefox, you will be prompted to download esetsmartinstaller_enu.exe. Please do so, then double click it to install it.

Please click on this link and then click the ESET Online Scanner bar ---->esetbar_zps93905f48.jpg
  • Select the option YES, I accept the Terms of Use then click on Start
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
  • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
  • Now click on Start
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.
Step 3: SecurityCheck Scan


Download Security Checksecuritycheck_zpsb7736812.jpg by screen317 from here or here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Things I need to see in your next post:
  • ESET Scan Log
  • MBAM Log
  • SecurityCheck Log

  • 0

#28
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
Oops, last night I went ahead and let the ms updates install. And I'm setting up chrome. . should I still follow your last post?
  • 0

#29
pystryker

pystryker

    Trusted Helper

  • Malware Removal
  • 3,912 posts
Yes, please. :)
  • 0

#30
elkski

elkski

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 193 posts
OK started mbam. But forgot to turn off security center but it appears it did itself.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP