Jump to content


Photo

A checkup please


  • This topic is locked This topic is locked
19 replies to this topic

#1 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 26 August 2012 - 05:38 PM

Hello trusted friends :)

When I turned on my netbook this morning I was greeted with this pop up screen:

Posted Image

I've never seen this before on my netbook, so I immediately decided to run scans and make sure I wasn't infected with anything. I ran Malwarebytes Anti-Malware first and I did that in safe mode. The scan came up clean.

I don't download anything suspicious ever and I'm very careful on websites as well as keeping my pc up to date with Windows updates, browser updates, plugin checks etc.... I use Microsoft Security Essentials for my antivirus. I also keep up to date and use regularly Malwarebytes Anti-Malware & Spyware Blaster. I also have Outpost Free Firewall as well. All the scans I did came up clean with no infections of any kind found. But, I figure, better safe than sorry :thumbup: This netbook is running Microsoft Windows XP Home Edition SP3 and I was not experiencing any problems before this popped up. I did however recently do a defrag on the C drive though.

I have completed several scans and have results for inspection. I know you all are busy here and will check my logs just as soon as you can. So, I'll take my place in line and await any further instruction. I've been a member here for quite some time & know the drill :)

Thanks in advance for the checkup!
Beth

-----------------------------------------------------------------------------
Here is my report from Malwarebytes Anti-Malware:

Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.08.26.04

Windows XP Service Pack 3 x86 NTFS (Safe Mode)
Internet Explorer 8.0.6001.18702
Beth Stokes :: STOKESEEEPC [administrator]

8/26/2012 9:56:40 AM
mbam-log-2012-08-26 (09-56-40).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 253022
Time elapsed: 30 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

-----------------------------------------------------------------------


I then ran DDS, here is the text log for that: (the attach.txt doc is attached here as well)Attached File  attach.txt   22.77KB   172 downloads

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.5.1
Run by Beth Stokes at 14:51:27 on 2012-08-26
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1015.485 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
FW: Outpost Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
svchost.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dumprep.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\WINDOWS\system32\rundll32.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.att.net/
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
uRun: [Eee Docking] c:\program files\asus\eee docking\Eee Docking.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [AsusACPIServer] c:\program files\eeepc\acpi\AsAcpiSvr.exe
mRun: [AsusEPCMonitor] c:\program files\eeepc\acpi\AsEPCMon.exe
mRun: [AsusTray] c:\program files\eeepc\acpi\AsTray.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [SynAsusAcpi] c:\program files\synaptics\syntp\SynAsusAcpi.exe
mRun: [LiveUpdate] c:\program files\asus\liveupdate\LiveUpdate.exe auto
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [OutpostMonitor] c:\progra~1\agnitum\outpos~1\op_mon.exe /tray /noservice
mRun: [OutpostFeedBack] "c:\program files\agnitum\outpost firewall\feedback.exe" /dump:os_startup
mRun: [RTHDCPL] RTHDCPL.EXE
mRun: [EvtMgr6] c:\program files\logitech\setpointp\SetPoint.exe /launchGaming
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\superh~1.lnk - c:\program files\asus\eeepc\super hybrid engine\SuperHybridEngine.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Send to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send To Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1341078181750
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} - hxxp://games.bigfishgames.com/en_burger-shop/online/GoBitGamesPlayer_v4.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{D4410EFB-731D-41EA-8878-719FE726342B} : DhcpNameServer = 192.168.1.254
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: igfxcui - igfxdev.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\beth stokes\application data\mozilla\firefox\profiles\loifx4w7.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.att.net/
FF - component: c:\program files\avg\avg9\firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\beth stokes\application data\move networks\plugins\npqmp071701000002.dll
FF - plugin: c:\documents and settings\beth stokes\application data\mozilla\firefox\profiles\loifx4w7.default\extensions\{1bc9ba34-1eed-42ca-a505-6d2f1a935bbb}\plugins\npietab2.dll
FF - plugin: c:\documents and settings\beth stokes\application data\mozilla\firefox\profiles\loifx4w7.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}\plugins\npqscan.dll
FF - plugin: c:\documents and settings\beth stokes\application data\mozilla\firefox\profiles\loifx4w7.default\extensions\devicedetection@logitech.com\plugins\npLogitechDeviceDetection.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: c:\program files\microsoft\office live\npOLW.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npOGAPlugin.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_3_300_268.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
.
---- FIREFOX POLICIES ----
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
============= SERVICES / DRIVERS ===============
.
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2011-4-18 171064]
R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2010-6-1 11448]
R1 SandBox;SandBox;c:\windows\system32\drivers\SandBox.sys [2010-2-11 704384]
R2 acssrv;Agnitum Client Security Service;c:\progra~1\agnitum\outpos~1\acs.exe [2010-2-11 1195008]
R2 FlipShareServer;FlipShare Server;c:\program files\flip video\flipshareserver\FlipShareServer.exe [2011-5-6 1085440]
R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-8-11 54760]
R2 LBeepKE;Logitech Beep Suppression Driver;c:\windows\system32\drivers\LBeepKE.sys [2010-6-28 10448]
R2 lxcy_device;lxcy_device;c:\windows\system32\lxcycoms.exe -service --> c:\windows\system32\lxcycoms.exe -service [?]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-2-1 655944]
R3 afw;Agnitum firewall driver;c:\windows\system32\drivers\afw.sys [2010-2-11 31128]
R3 afwcore;afwcore;c:\windows\system32\drivers\afwcore.sys [2010-2-11 257432]
R3 L1c;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller;c:\windows\system32\drivers\l1c51x86.sys [2009-4-27 38912]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-1 22344]
R3 uvclf;uvclf;c:\windows\system32\drivers\uvclf.sys [2009-4-28 39040]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-8-11 1684736]
S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\amustor.sys --> c:\windows\system32\drivers\AmUStor.SYS [?]
S3 cpudrv;cpudrv;c:\program files\systemrequirementslab\cpudrv.sys [2009-12-18 11336]
S3 fsssvc;Windows Live Family Safety Service;c:\program files\windows live\family safety\fsssvc.exe [2010-4-28 704872]
S3 RT80x86;Ralink 802.11n Wireless Driver;c:\windows\system32\drivers\rt2860.sys [2009-8-20 1015424]
.
=============== Created Last 30 ================
.
2012-08-26 18:13:06 7023536 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{7b848b4e-216c-4861-9f3e-c5bb64586a3e}\mpengine.dll
2012-08-25 15:28:43 7023536 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2012-08-11 14:59:02 244416 ----a-w- c:\windows\system32\Msflxgrd.ocx
2012-08-11 14:59:02 209192 ----a-w- c:\windows\system32\TABCTL32.OCX
2012-08-11 14:59:02 203976 ----a-w- c:\windows\system32\RICHTX32.OCX
2012-08-11 14:59:02 140288 ----a-w- c:\windows\system32\comdlg32.ocx
2012-08-11 14:57:20 -------- d-----w- c:\documents and settings\beth stokes\application data\pchc
2012-07-30 23:45:15 -------- d-----w- c:\program files\Mozilla Maintenance Service
2012-07-28 01:10:57 -------- d-----w- c:\program files\Oracle
.
==================== Find3M ====================
.
2012-08-05 12:29:05 952 --sha-w- c:\windows\system32\KGyGaAvL.sys
2012-07-27 00:49:42 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-27 00:49:42 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-07-06 13:58:51 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-06 02:07:08 143872 ----a-w- c:\windows\system32\javacpl.cpl
2012-07-06 02:06:30 772544 ----a-w- c:\windows\system32\npDeployJava1.dll
2012-07-06 02:06:20 687544 ----a-w- c:\windows\system32\deployJava1.dll
2012-07-04 14:05:18 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys
2012-07-03 17:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-07-03 13:40:15 1866112 ----a-w- c:\windows\system32\win32k.sys
2012-07-02 17:49:33 916992 ----a-w- c:\windows\system32\wininet.dll
2012-07-02 17:49:32 43520 ----a-w- c:\windows\system32\licmgr10.dll
2012-07-02 17:49:32 1469440 ----a-w- c:\windows\system32\inetcpl.cpl
2012-07-02 12:05:43 385024 ----a-w- c:\windows\system32\html.iec
2012-06-07 00:59:42 1070152 ----a-w- c:\windows\system32\MSCOMCTL.OCX
2012-06-05 15:50:25 1372672 ----a-w- c:\windows\system32\msxml6.dll
2012-06-05 15:50:25 1172480 ----a-w- c:\windows\system32\msxml3.dll
2012-06-04 21:35:26 222448 ----a-w- c:\windows\system32\muweb.dll
2012-06-04 04:32:08 152576 ----a-w- c:\windows\system32\schannel.dll
2012-06-02 19:19:44 22040 ----a-w- c:\windows\system32\wucltui.dll.mui
2012-06-02 19:19:38 219160 ----a-w- c:\windows\system32\wuaucpl.cpl
2012-06-02 19:19:38 15384 ----a-w- c:\windows\system32\wuaucpl.cpl.mui
2012-06-02 19:19:34 15384 ----a-w- c:\windows\system32\wuapi.dll.mui
2012-06-02 19:19:30 17944 ----a-w- c:\windows\system32\wuaueng.dll.mui
2012-06-02 19:18:58 275696 ----a-w- c:\windows\system32\mucltui.dll
2012-06-02 19:18:58 17136 ----a-w- c:\windows\system32\mucltui.dll.mui
2012-05-31 13:22:09 599040 ----a-w- c:\windows\system32\crypt32.dll
.
============= FINISH: 14:54:07.45 ===============

----------------------------------------------------------------------------------------

Results from Screen317 scan:

Results of screen317's Security Check version 0.99.46
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
Outpost Firewall 2009
Microsoft Security Essentials
`````````Anti-malware/Other Utilities Check:`````````
SpywareBlaster 4.6
Malwarebytes Anti-Malware version 1.62.0.1300
JavaFX 2.1.1
Java™ 6 Update 31
Java™ 7 Update 5
Java version out of Date!
Adobe Flash Player 11.3.300.268
Mozilla Firefox (14.0.1)
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 0%
````````````````````End of Log``````````````````````

--------------------------------------------------------------------------------------------------

And lastly, my Hijack This log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:43:16 PM, on 8/26/2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
C:\Program Files\EeePC\ACPI\AsEPCMon.exe
C:\Program Files\EeePC\ACPI\AsTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\dumprep.exe
C:\Program Files\ASUS\EeePC\Super Hybrid Engine\SuperHybridEngine.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.att.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AsusACPIServer] C:\Program Files\EeePC\ACPI\AsAcpiSvr.exe
O4 - HKLM\..\Run: [AsusEPCMonitor] C:\Program Files\EeePC\ACPI\AsEPCMon.exe
O4 - HKLM\..\Run: [AsusTray] C:\Program Files\EeePC\ACPI\AsTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe
O4 - HKLM\..\Run: [LiveUpdate] C:\Program Files\Asus\LiveUpdate\LiveUpdate.exe auto
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice
O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [Eee Docking] C:\Program Files\ASUS\Eee Docking\Eee Docking.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [DWQueuedReporting] "C:\PROGRA~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" -t (User 'Default user')
O4 - Global Startup: SuperHybridEngine.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus....k_sys_ctrl3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitd...can8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1341078181750
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab
O16 - DPF: {B516CA4E-A5BA-405C-AFCF-A97F08CC7429} (GoBit Games Player) - http://games.bigfish...esPlayer_v4.cab
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} (WRC Class) - http://trial.trymicr...osoft/wrc32.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: FlipShare Server (FlipShareServer) - Unknown owner - C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

--
End of file - 9332 bytes
------------------------------------------------------------------------

Additionally, I ran 3 online scans as well. I ran Bit Defender which came up clean. Then I ran ESET, again, clean. And third I ran Kaspersky full scan. Once again, clean of infections. No Malware found. It did mention 1 system protection vulnerability, which was antivirus but I believe that was because I turned off MSE while I ran the scan. It also said there were 5 vulnerabilities, but I don't know what they were exactly because I didn't get details. It also said 11 "other issues" but again, I wasn't able to get details of what it was. When I clicked on it all it did was take me to a page to purchase one of Kaspersky's 3 products.

So, there are my results and I will await further instructions! :rolleyes:

EDIT: Please note: most of our helpers will not download files that they did not specifically request that you attach... As you might guess, we have no way of knowing what might be in a downloaded file... We allow plenty of room in a post to copy/paste your logs, so please use it rather than attaching a file unless asked... If the attached log is the supplement to DDS, it is probably not needed... I removed one of the two copies you attached... Please read the instructions at the top of each forum... Thank you...

Edited by Budfred, 26 August 2012 - 06:34 PM.

" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#2 SWI Support Robot

SWI Support Robot

    Helper robot

  • SWI Bot
  • PipPipPipPipPip
  • 23,532 posts

Posted 29 August 2012 - 06:01 AM

Welcome to SWI. We apologize for the delay; our helpers have been very busy.

If you have not received help after 3 days, please CLICK HERE, and post a link to your log and the date it was originally posted.

Thank you for your patience.


[this is an automated reply]
This is an automated message. It does not count as help.

#3 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 29 August 2012 - 08:55 PM

Hello hayleyscomett. I'm sorry you've had to wait.

No obvious malware in your logs - are you still gettig that message?

Please scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
Please let me know if any problems remain.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#4 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 31 August 2012 - 07:24 PM

Hello Mother Lion,

No need to apologize for the wait, I'm a patient person and know you all are busy.

Glad to know I have no obvious malware, that's a relief. No, I have not had that message pop again after that first initial one. I clicked "close message" on it and I think it sent an error report and it's never come up again.

I already did one ESET scan right before posting my initial message, but will go ahead and follow your instructions and scan again.

Results to follow, thank you!

Beth
" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#5 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 31 August 2012 - 07:38 PM

After you do that, please update your Java. It's important to remove old versions.

Updating Java:
  • Go here and download the latest version of Java:
  • Go to Start -> Control Panel -> Add or Remove Programs.
  • Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    They should have this icon next to any that are there: Posted Image
    Select any found and choose Uninstall.
  • Then install the version you downloaded earlier.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#6 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 01 September 2012 - 07:19 AM

Mother Lion,

ESET finished with no infections found. So there were no files to export and save to show you. :thumbup:

Posted Image


Also, I updated my Java right after my initial post here when I noticed it was out of date. I am running Java version 7, update 7, which I believe is the latest?? I did go into add/remove programs anyway, but didn't have any J2SE Runtime Environment to remove.

Posted Image

That's all I had listed for Java in add/remove. So, all good there??


While I was in add/remove programs, I did notice this:

Posted Image
Necessary to have all those .NET Frameworks???? :think:


My netbook appears to be running fine without any notable problems. I guess I'm still curious why I got that DEP screen pop up in the first place. ??

Thanks,
Beth








" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#7 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 01 September 2012 - 12:09 PM

Important: You need to uninstall the obsolete Java version Java 6 update 31. Old versions present on your PC are a vulnerability.

ESET shows PC is clean - great.

I believe all those .NET frameworks are necessary.

I guess I'm still curious why I got that DEP screen pop up in the first place. ??

I don't know. However you mention that Kaspersky full scan reported some vulnerabilities etc.
Please delete your present copy of TDSSKiller, if any (right-click on it => "Delete").

Please download tdsskiller.exe and save it to your Desktop. Go here for information.

  • Double-click on TDSSKiller.exe to run the application.
  • Click on the Start Scan button and wait for the scan and disinfection process to be over.
  • If an infected file is detected, the default action will be Cure, click on Continue
  • If a suspicious file is detected, the default action will be Skip, click on Continue
  • If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file in your next reply.
  • If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.

Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#8 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 04 September 2012 - 06:28 AM

Will implement the tdsskiller today after work. I have removed the old java update. Keep you posted, thanks!
" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#9 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 06 September 2012 - 11:26 AM

Waiting for TDSSKiller results - no hurry, though.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#10 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 08 September 2012 - 10:33 AM

Sorry to be so long with the results, was distracted for a day or so....

Have run the TDSSKiller, no threats found. Here is the report:

12:29:56.0343 0516 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
12:29:56.0750 0516 ============================================================
12:29:56.0750 0516 Current date / time: 2012/09/08 12:29:56.0750
12:29:56.0750 0516 SystemInfo:
12:29:56.0750 0516
12:29:56.0750 0516 OS Version: 5.1.2600 ServicePack: 3.0
12:29:56.0750 0516 Product type: Workstation
12:29:56.0750 0516 ComputerName: STOKESEEEPC
12:29:56.0750 0516 UserName: Beth Stokes
12:29:56.0750 0516 Windows directory: C:\WINDOWS
12:29:56.0750 0516 System windows directory: C:\WINDOWS
12:29:56.0750 0516 Processor architecture: Intel x86
12:29:56.0750 0516 Number of processors: 2
12:29:56.0750 0516 Page size: 0x1000
12:29:56.0750 0516 Boot type: Normal boot
12:29:56.0750 0516 ============================================================
12:29:57.0890 0516 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
12:29:57.0890 0516 ============================================================
12:29:57.0890 0516 \Device\Harddisk0\DR0:
12:29:57.0890 0516 MBR partitions:
12:29:57.0890 0516 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1203EBBF
12:29:57.0890 0516 ============================================================
12:29:57.0953 0516 C: <-> \Device\Harddisk0\DR0\Partition1
12:29:57.0953 0516 ============================================================
12:29:57.0953 0516 Initialize success
12:29:57.0953 0516 ============================================================
12:30:12.0656 0492 ============================================================
12:30:12.0656 0492 Scan started
12:30:12.0656 0492 Mode: Manual;
12:30:12.0656 0492 ============================================================
12:30:13.0718 0492 ================ Scan system memory ========================
12:30:13.0734 0492 System memory - ok
12:30:13.0734 0492 ================ Scan services =============================
12:30:13.0921 0492 Abiosdsk - ok
12:30:13.0937 0492 abp480n5 - ok
12:30:14.0015 0492 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:30:14.0031 0492 ACPI - ok
12:30:14.0062 0492 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\DRIVERS\ACPIEC.sys
12:30:14.0062 0492 ACPIEC - ok
12:30:14.0234 0492 [ 8E294ACAE2B6FB3C75F55913829B359E ] acssrv C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe
12:30:14.0265 0492 acssrv - ok
12:30:14.0390 0492 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
12:30:14.0390 0492 AdobeFlashPlayerUpdateSvc - ok
12:30:14.0406 0492 adpu160m - ok
12:30:14.0468 0492 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
12:30:14.0484 0492 aec - ok
12:30:14.0546 0492 [ 1E44BC1E83D8FD2305F8D452DB109CF9 ] AFD C:\WINDOWS\System32\drivers\afd.sys
12:30:14.0546 0492 AFD - ok
12:30:14.0625 0492 [ F85E257CAE6133FCDA85332FA52B455E ] afw C:\WINDOWS\system32\DRIVERS\afw.sys
12:30:14.0625 0492 afw - ok
12:30:14.0671 0492 [ 90B57BF63271CD3DF6BB264F91E0BE35 ] afwcore C:\WINDOWS\system32\drivers\afwcore.sys
12:30:14.0687 0492 afwcore - ok
12:30:14.0703 0492 Aha154x - ok
12:30:14.0734 0492 aic78u2 - ok
12:30:14.0765 0492 aic78xx - ok
12:30:14.0796 0492 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
12:30:14.0812 0492 Alerter - ok
12:30:14.0859 0492 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
12:30:14.0859 0492 ALG - ok
12:30:14.0875 0492 AliIde - ok
12:30:15.0000 0492 [ F6AF59D6EEE5E1C304F7F73706AD11D8 ] Ambfilt C:\WINDOWS\system32\drivers\Ambfilt.sys
12:30:15.0062 0492 Ambfilt - ok
12:30:15.0093 0492 amsint - ok
12:30:15.0109 0492 AmUStor - ok
12:30:15.0125 0492 AppMgmt - ok
12:30:15.0250 0492 [ E0EE769D14128014965E03B433F5F46E ] AR5416 C:\WINDOWS\system32\DRIVERS\athw.sys
12:30:15.0281 0492 AR5416 - ok
12:30:15.0296 0492 asc - ok
12:30:15.0312 0492 asc3350p - ok
12:30:15.0328 0492 asc3550 - ok
12:30:15.0500 0492 [ 0E5E4957549056E2BF2C49F4F6B601AD ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
12:30:15.0515 0492 aspnet_state - ok
12:30:15.0562 0492 [ E67493490466B5F04B58C22D2590E8CA ] AsUpIO C:\WINDOWS\system32\drivers\AsUpIO.sys
12:30:15.0562 0492 AsUpIO - ok
12:30:15.0625 0492 [ 12415A4B61DED200FE9932B47A35FA42 ] AsusACPI C:\WINDOWS\system32\DRIVERS\ASUSACPI.sys
12:30:15.0625 0492 AsusACPI - ok
12:30:15.0671 0492 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:30:15.0687 0492 AsyncMac - ok
12:30:15.0734 0492 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
12:30:15.0734 0492 atapi - ok
12:30:15.0765 0492 Atdisk - ok
12:30:15.0812 0492 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:30:15.0812 0492 Atmarpc - ok
12:30:15.0859 0492 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
12:30:15.0875 0492 AudioSrv - ok
12:30:15.0937 0492 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
12:30:15.0937 0492 audstub - ok
12:30:16.0000 0492 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:30:16.0000 0492 Beep - ok
12:30:16.0078 0492 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
12:30:16.0140 0492 BITS - ok
12:30:16.0218 0492 [ CFD4E51402DA9838B5A04AE680AF54A0 ] Browser C:\WINDOWS\System32\browser.dll
12:30:16.0218 0492 Browser - ok
12:30:16.0234 0492 btaudio - ok
12:30:16.0265 0492 BTDriver - ok
12:30:16.0296 0492 BTWDNDIS - ok
12:30:16.0312 0492 btwhid - ok
12:30:16.0343 0492 BTWUSB - ok
12:30:16.0687 0492 catchme - ok
12:30:16.0718 0492 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
12:30:16.0718 0492 cbidf2k - ok
12:30:16.0765 0492 [ 0BE5AEF125BE881C4F854C554F2B025C ] CCDECODE C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:30:16.0765 0492 CCDECODE - ok
12:30:16.0781 0492 cd20xrnt - ok
12:30:16.0828 0492 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
12:30:16.0828 0492 Cdaudio - ok
12:30:16.0875 0492 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
12:30:16.0875 0492 Cdfs - ok
12:30:16.0906 0492 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:30:16.0906 0492 Cdrom - ok
12:30:16.0921 0492 Changer - ok
12:30:16.0968 0492 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
12:30:16.0968 0492 CiSvc - ok
12:30:17.0015 0492 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
12:30:17.0015 0492 ClipSrv - ok
12:30:17.0093 0492 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:30:17.0156 0492 clr_optimization_v2.0.50727_32 - ok
12:30:17.0234 0492 [ 0F6C187D38D98F8DF904589A5F94D411 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
12:30:17.0250 0492 CmBatt - ok
12:30:17.0265 0492 CmdIde - ok
12:30:17.0296 0492 [ 6E4C9F21F0FAE8940661144F41B13203 ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
12:30:17.0296 0492 Compbatt - ok
12:30:17.0328 0492 COMSysApp - ok
12:30:17.0390 0492 Cpqarray - ok
12:30:17.0453 0492 [ D01F685F8B4598D144B0CCE9FF95D8D5 ] cpudrv C:\Program Files\SystemRequirementsLab\cpudrv.sys
12:30:17.0453 0492 cpudrv - ok
12:30:17.0500 0492 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
12:30:17.0515 0492 CryptSvc - ok
12:30:17.0515 0492 dac2w2k - ok
12:30:17.0546 0492 dac960nt - ok
12:30:17.0609 0492 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:30:17.0625 0492 DcomLaunch - ok
12:30:17.0687 0492 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
12:30:17.0687 0492 Dhcp - ok
12:30:17.0718 0492 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
12:30:17.0718 0492 Disk - ok
12:30:17.0734 0492 dmadmin - ok
12:30:17.0812 0492 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
12:30:17.0828 0492 dmboot - ok
12:30:17.0859 0492 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
12:30:17.0859 0492 dmio - ok
12:30:17.0937 0492 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
12:30:17.0937 0492 dmload - ok
12:30:17.0984 0492 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
12:30:17.0984 0492 dmserver - ok
12:30:18.0031 0492 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
12:30:18.0031 0492 DMusic - ok
12:30:18.0093 0492 [ 5F7E24FA9EAB896051FFB87F840730D2 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:30:18.0093 0492 Dnscache - ok
12:30:18.0156 0492 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
12:30:18.0156 0492 Dot3svc - ok
12:30:18.0171 0492 dpti2o - ok
12:30:18.0203 0492 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:30:18.0218 0492 drmkaud - ok
12:30:18.0265 0492 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
12:30:18.0265 0492 EapHost - ok
12:30:18.0328 0492 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
12:30:18.0328 0492 ERSvc - ok
12:30:18.0375 0492 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
12:30:18.0375 0492 Eventlog - ok
12:30:18.0421 0492 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
12:30:18.0421 0492 EventSystem - ok
12:30:18.0453 0492 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
12:30:18.0468 0492 Fastfat - ok
12:30:18.0515 0492 [ 99BC0B50F511924348BE19C7C7313BBF ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
12:30:18.0515 0492 FastUserSwitchingCompatibility - ok
12:30:18.0578 0492 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\drivers\Fdc.sys
12:30:18.0578 0492 Fdc - ok
12:30:18.0593 0492 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
12:30:18.0593 0492 Fips - ok
12:30:18.0718 0492 [ B8602C90D3C427D8A86CE60437615CF5 ] FlipShare Service C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
12:30:18.0734 0492 FlipShare Service - ok
12:30:19.0031 0492 [ AC5FB7094F31534594CAE48306972CBD ] FlipShareServer C:\Program Files\Flip Video\FlipShareServer\FlipShareServer.exe
12:30:19.0078 0492 FlipShareServer - ok
12:30:19.0140 0492 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\drivers\Flpydisk.sys
12:30:19.0140 0492 Flpydisk - ok
12:30:19.0203 0492 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:30:19.0218 0492 FltMgr - ok
12:30:19.0281 0492 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
12:30:19.0281 0492 FontCache3.0.0.0 - ok
12:30:19.0359 0492 [ E0087225B137E57239FF40F8AE82059B ] fssfltr C:\WINDOWS\system32\DRIVERS\fssfltr_tdi.sys
12:30:19.0375 0492 fssfltr - ok
12:30:19.0500 0492 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files\Windows Live\Family Safety\fsssvc.exe
12:30:19.0515 0492 fsssvc - ok
12:30:19.0578 0492 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:30:19.0578 0492 Fs_Rec - ok
12:30:19.0640 0492 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:30:19.0656 0492 Ftdisk - ok
12:30:19.0718 0492 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:30:19.0718 0492 Gpc - ok
12:30:19.0796 0492 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
12:30:19.0796 0492 HDAudBus - ok
12:30:19.0875 0492 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
12:30:19.0875 0492 helpsvc - ok
12:30:19.0937 0492 [ DEB04DA35CC871B6D309B77E1443C796 ] HidServ C:\WINDOWS\System32\hidserv.dll
12:30:19.0937 0492 HidServ - ok
12:30:20.0015 0492 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:30:20.0015 0492 HidUsb - ok
12:30:20.0062 0492 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
12:30:20.0078 0492 hkmsvc - ok
12:30:20.0093 0492 hpn - ok
12:30:20.0156 0492 [ F80A415EF82CD06FFAF0D971528EAD38 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
12:30:20.0171 0492 HTTP - ok
12:30:20.0218 0492 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
12:30:20.0234 0492 HTTPFilter - ok
12:30:20.0250 0492 i2omgmt - ok
12:30:20.0281 0492 i2omp - ok
12:30:20.0359 0492 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
12:30:20.0359 0492 i8042prt - ok
12:30:20.0781 0492 [ 48846B31BE5A4FA662CCFDE7A1BA86B9 ] ialm C:\WINDOWS\system32\DRIVERS\igxpmp32.sys
12:30:21.0062 0492 ialm - ok
12:30:21.0171 0492 [ 8EF427C54497C5F8A7A645990E4278C7 ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
12:30:21.0187 0492 iaStor - ok
12:30:21.0265 0492 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
12:30:21.0281 0492 idsvc - ok
12:30:21.0343 0492 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
12:30:21.0343 0492 Imapi - ok
12:30:21.0390 0492 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
12:30:21.0390 0492 ImapiService - ok
12:30:21.0406 0492 ini910u - ok
12:30:21.0671 0492 [ 1AE3CFF80017EF89DA959350724C7194 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RtkHDAud.sys
12:30:21.0890 0492 IntcAzAudAddService - ok
12:30:21.0906 0492 IntelIde - ok
12:30:22.0000 0492 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:30:22.0000 0492 intelppm - ok
12:30:22.0046 0492 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:30:22.0046 0492 Ip6Fw - ok
12:30:22.0078 0492 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:30:22.0078 0492 IpFilterDriver - ok
12:30:22.0109 0492 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:30:22.0109 0492 IpInIp - ok
12:30:22.0125 0492 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:30:22.0125 0492 IpNat - ok
12:30:22.0171 0492 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:30:22.0171 0492 IPSec - ok
12:30:22.0218 0492 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
12:30:22.0234 0492 IRENUM - ok
12:30:22.0296 0492 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:30:22.0296 0492 isapnp - ok
12:30:22.0468 0492 [ 80F08F50D248EEEEB9256F6522891D40 ] JavaQuickStarterService C:\Program Files\Java\jre7\bin\jqs.exe
12:30:22.0468 0492 JavaQuickStarterService - ok
12:30:22.0531 0492 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:30:22.0531 0492 Kbdclass - ok
12:30:22.0593 0492 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
12:30:22.0593 0492 kmixer - ok
12:30:22.0640 0492 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
12:30:22.0640 0492 KSecDD - ok
12:30:22.0718 0492 [ E47FFCA0909871AC1BFF0D446FF63CA9 ] KSS C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
12:30:22.0734 0492 KSS - ok
12:30:22.0796 0492 [ 6C8658587E91EA25B0FD2E71781AD228 ] L1c C:\WINDOWS\system32\DRIVERS\l1c51x86.sys
12:30:22.0796 0492 L1c - ok
12:30:22.0859 0492 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527 ] LanmanServer C:\WINDOWS\System32\srvsvc.dll
12:30:22.0859 0492 LanmanServer - ok
12:30:22.0937 0492 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
12:30:22.0937 0492 lanmanworkstation - ok
12:30:23.0015 0492 [ CA63FE81705AD660E482BEF210BF2C73 ] LBeepKE C:\WINDOWS\system32\Drivers\LBeepKE.sys
12:30:23.0015 0492 LBeepKE - ok
12:30:23.0031 0492 lbrtfdc - ok
12:30:23.0140 0492 [ AB097D0F93B30A6D79D430422AC6A7E8 ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
12:30:23.0156 0492 LBTServ - ok
12:30:23.0218 0492 [ B68309F25C5787385DA842EB5B496958 ] LHidFilt C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
12:30:23.0218 0492 LHidFilt - ok
12:30:23.0281 0492 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
12:30:23.0281 0492 LmHosts - ok
12:30:23.0296 0492 [ 63D3B1D3CD267FCC186A0146B80D453B ] LMouFilt C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
12:30:23.0296 0492 LMouFilt - ok
12:30:23.0312 0492 lxcy_device - ok
12:30:23.0359 0492 [ 6DFE7F2E8E8A337263AA5C92A215F161 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
12:30:23.0359 0492 MBAMProtector - ok
12:30:23.0453 0492 [ 43683E970F008C93C9429EF428147A54 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
12:30:23.0468 0492 MBAMService - ok
12:30:23.0515 0492 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
12:30:23.0515 0492 Messenger - ok
12:30:23.0546 0492 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
12:30:23.0562 0492 mnmdd - ok
12:30:23.0609 0492 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
12:30:23.0609 0492 mnmsrvc - ok
12:30:23.0656 0492 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
12:30:23.0656 0492 Modem - ok
12:30:23.0734 0492 [ 9FA7207D1B1ADEAD88AE8EED9CDBBAA5 ] Monfilt C:\WINDOWS\system32\drivers\Monfilt.sys
12:30:23.0765 0492 Monfilt - ok
12:30:23.0796 0492 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:30:23.0796 0492 Mouclass - ok
12:30:23.0828 0492 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:30:23.0828 0492 mouhid - ok
12:30:23.0843 0492 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
12:30:23.0843 0492 MountMgr - ok
12:30:23.0890 0492 [ D993BEA500E7382DC4E760BF4F35EFCB ] MpFilter C:\WINDOWS\system32\DRIVERS\MpFilter.sys
12:30:23.0890 0492 MpFilter - ok
12:30:23.0906 0492 mraid35x - ok
12:30:23.0937 0492 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:30:23.0953 0492 MRxDAV - ok
12:30:24.0015 0492 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:30:24.0031 0492 MRxSmb - ok
12:30:24.0062 0492 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
12:30:24.0062 0492 MSDTC - ok
12:30:24.0109 0492 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:30:24.0109 0492 Msfs - ok
12:30:24.0125 0492 MSIServer - ok
12:30:24.0156 0492 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:30:24.0171 0492 MSKSSRV - ok
12:30:24.0281 0492 [ 24516BF4E12A46CB67302E2CDCB8CDDF ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
12:30:24.0296 0492 MsMpSvc - ok
12:30:24.0328 0492 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:30:24.0328 0492 MSPCLOCK - ok
12:30:24.0343 0492 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:30:24.0343 0492 MSPQM - ok
12:30:24.0390 0492 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:30:24.0390 0492 mssmbios - ok
12:30:24.0421 0492 [ E53736A9E30C45FA9E7B5EAC55056D1D ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:30:24.0421 0492 MSTEE - ok
12:30:24.0484 0492 [ DE6A75F5C270E756C5508D94B6CF68F5 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
12:30:24.0484 0492 Mup - ok
12:30:24.0515 0492 [ 5B50F1B2A2ED47D560577B221DA734DB ] NABTSFEC C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:30:24.0531 0492 NABTSFEC - ok
12:30:24.0562 0492 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
12:30:24.0578 0492 napagent - ok
12:30:24.0625 0492 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
12:30:24.0640 0492 NDIS - ok
12:30:24.0671 0492 [ 7FF1F1FD8609C149AA432F95A8163D97 ] NdisIP C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:30:24.0671 0492 NdisIP - ok
12:30:24.0718 0492 [ 0109C4F3850DFBAB279542515386AE22 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:30:24.0718 0492 NdisTapi - ok
12:30:24.0781 0492 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:30:24.0781 0492 Ndisuio - ok
12:30:24.0796 0492 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:30:24.0796 0492 NdisWan - ok
12:30:24.0843 0492 [ 9282BD12DFB069D3889EB3FCC1000A9B ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:30:24.0843 0492 NDProxy - ok
12:30:24.0875 0492 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:30:24.0875 0492 NetBIOS - ok
12:30:24.0906 0492 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:30:24.0906 0492 NetBT - ok
12:30:24.0953 0492 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
12:30:24.0953 0492 NetDDE - ok
12:30:24.0968 0492 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
12:30:24.0968 0492 NetDDEdsdm - ok
12:30:25.0046 0492 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:30:25.0046 0492 Netlogon - ok
12:30:25.0078 0492 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
12:30:25.0078 0492 Netman - ok
12:30:25.0125 0492 [ D34612C5D02D026535B3095D620626AE ] NetTcpPortSharing c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:30:25.0125 0492 NetTcpPortSharing - ok
12:30:25.0187 0492 [ 943337D786A56729263071623BBB9DE5 ] Nla C:\WINDOWS\System32\mswsock.dll
12:30:25.0203 0492 Nla - ok
12:30:25.0250 0492 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:30:25.0250 0492 Npfs - ok
12:30:25.0328 0492 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:30:25.0343 0492 Ntfs - ok
12:30:25.0359 0492 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
12:30:25.0375 0492 NtLmSsp - ok
12:30:25.0406 0492 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
12:30:25.0421 0492 NtmsSvc - ok
12:30:25.0468 0492 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
12:30:25.0468 0492 Null - ok
12:30:25.0500 0492 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:30:25.0500 0492 NwlnkFlt - ok
12:30:25.0531 0492 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:30:25.0531 0492 NwlnkFwd - ok
12:30:25.0656 0492 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:30:25.0671 0492 odserv - ok
12:30:25.0750 0492 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:30:25.0750 0492 ose - ok
12:30:25.0765 0492 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\drivers\Parport.sys
12:30:25.0781 0492 Parport - ok
12:30:25.0828 0492 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
12:30:25.0828 0492 PartMgr - ok
12:30:25.0875 0492 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
12:30:25.0875 0492 ParVdm - ok
12:30:25.0921 0492 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
12:30:25.0921 0492 PCI - ok
12:30:25.0937 0492 PCIDump - ok
12:30:25.0953 0492 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
12:30:25.0953 0492 PCIIde - ok
12:30:26.0031 0492 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
12:30:26.0031 0492 Pcmcia - ok
12:30:26.0046 0492 PDCOMP - ok
12:30:26.0062 0492 PDFRAME - ok
12:30:26.0078 0492 PDRELI - ok
12:30:26.0093 0492 PDRFRAME - ok
12:30:26.0109 0492 perc2 - ok
12:30:26.0125 0492 perc2hib - ok
12:30:26.0187 0492 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
12:30:26.0187 0492 PlugPlay - ok
12:30:26.0218 0492 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
12:30:26.0218 0492 PolicyAgent - ok
12:30:26.0281 0492 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:30:26.0281 0492 PptpMiniport - ok
12:30:26.0296 0492 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
12:30:26.0296 0492 ProtectedStorage - ok
12:30:26.0312 0492 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
12:30:26.0328 0492 PSched - ok
12:30:26.0328 0492 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:30:26.0328 0492 Ptilink - ok
12:30:26.0343 0492 ql1080 - ok
12:30:26.0359 0492 Ql10wnt - ok
12:30:26.0390 0492 ql12160 - ok
12:30:26.0406 0492 ql1240 - ok
12:30:26.0421 0492 ql1280 - ok
12:30:26.0453 0492 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:30:26.0453 0492 RasAcd - ok
12:30:26.0484 0492 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:30:26.0500 0492 RasAuto - ok
12:30:26.0531 0492 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:30:26.0531 0492 Rasl2tp - ok
12:30:26.0562 0492 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:30:26.0562 0492 RasMan - ok
12:30:26.0578 0492 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:30:26.0578 0492 RasPppoe - ok
12:30:26.0593 0492 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
12:30:26.0593 0492 Raspti - ok
12:30:26.0640 0492 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:30:26.0640 0492 Rdbss - ok
12:30:26.0687 0492 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:30:26.0687 0492 RDPCDD - ok
12:30:26.0734 0492 [ 43AF5212BD8FB5BA6EED9754358BD8F7 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
12:30:26.0734 0492 RDPWD - ok
12:30:26.0781 0492 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
12:30:26.0796 0492 RDSessMgr - ok
12:30:26.0828 0492 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
12:30:26.0843 0492 redbook - ok
12:30:26.0875 0492 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:30:26.0890 0492 RemoteAccess - ok
12:30:26.0921 0492 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
12:30:26.0937 0492 RpcLocator - ok
12:30:26.0984 0492 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
12:30:27.0000 0492 RpcSs - ok
12:30:27.0046 0492 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
12:30:27.0046 0492 RSVP - ok
12:30:27.0140 0492 [ 97B59CE2CFBB0884A16DDD8F1781812B ] RT80x86 C:\WINDOWS\system32\DRIVERS\RT2860.sys
12:30:27.0156 0492 RT80x86 - ok
12:30:27.0203 0492 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
12:30:27.0203 0492 SamSs - ok
12:30:27.0296 0492 [ 57EF0A92BADA411C563384C08A4A25CD ] SandBox C:\WINDOWS\system32\drivers\SandBox.sys
12:30:27.0312 0492 SandBox - ok
12:30:27.0359 0492 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
12:30:27.0359 0492 SCardSvr - ok
12:30:27.0406 0492 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:30:27.0421 0492 Schedule - ok
12:30:27.0484 0492 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:30:27.0484 0492 Secdrv - ok
12:30:27.0531 0492 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
12:30:27.0531 0492 seclogon - ok
12:30:27.0562 0492 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
12:30:27.0578 0492 SENS - ok
12:30:27.0625 0492 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\drivers\Serial.sys
12:30:27.0625 0492 Serial - ok
12:30:27.0703 0492 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
12:30:27.0718 0492 Sfloppy - ok
12:30:27.0765 0492 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:30:27.0781 0492 SharedAccess - ok
12:30:27.0843 0492 [ 99BC0B50F511924348BE19C7C7313BBF ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:30:27.0859 0492 ShellHWDetection - ok
12:30:27.0875 0492 Simbad - ok
12:30:28.0015 0492 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
12:30:28.0015 0492 SkypeUpdate - ok
12:30:28.0062 0492 [ 866D538EBE33709A5C9F5C62B73B7D14 ] SLIP C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:30:28.0062 0492 SLIP - ok
12:30:28.0187 0492 [ 473F35E2A378B854731E67C377A3BEA7 ] SNP2UVC C:\WINDOWS\system32\DRIVERS\snp2uvc.sys
12:30:28.0234 0492 SNP2UVC - ok
12:30:28.0250 0492 Sparrow - ok
12:30:28.0296 0492 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
12:30:28.0312 0492 splitter - ok
12:30:28.0359 0492 [ 60784F891563FB1B767F70117FC2428F ] Spooler C:\WINDOWS\system32\spoolsv.exe
12:30:28.0359 0492 Spooler - ok
12:30:28.0437 0492 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
12:30:28.0453 0492 sr - ok
12:30:28.0484 0492 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
12:30:28.0500 0492 srservice - ok
12:30:28.0531 0492 [ 47DDFC2F003F7F9F0592C6874962A2E7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:30:28.0546 0492 Srv - ok
12:30:28.0625 0492 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:30:28.0640 0492 SSDPSRV - ok
12:30:28.0687 0492 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
12:30:28.0703 0492 stisvc - ok
12:30:28.0734 0492 [ 77813007BA6265C4B6098187E6ED79D2 ] streamip C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:30:28.0734 0492 streamip - ok
12:30:28.0781 0492 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
12:30:28.0796 0492 swenum - ok
12:30:28.0843 0492 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
12:30:28.0843 0492 swmidi - ok
12:30:28.0859 0492 SwPrv - ok
12:30:28.0890 0492 symc810 - ok
12:30:28.0937 0492 symc8xx - ok
12:30:28.0968 0492 sym_hi - ok
12:30:28.0984 0492 sym_u3 - ok
12:30:29.0125 0492 [ 8E25A1DBB8527B2074AF9B682F818768 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
12:30:29.0140 0492 SynTP - ok
12:30:29.0156 0492 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
12:30:29.0156 0492 sysaudio - ok
12:30:29.0218 0492 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
12:30:29.0218 0492 SysmonLog - ok
12:30:29.0265 0492 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:30:29.0281 0492 TapiSrv - ok
12:30:29.0343 0492 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:30:29.0359 0492 Tcpip - ok
12:30:29.0406 0492 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
12:30:29.0406 0492 TDPIPE - ok
12:30:29.0421 0492 [ C56B6D0402371CF3700EB322EF3AAF61 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
12:30:29.0421 0492 TDTCP - ok
12:30:29.0453 0492 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
12:30:29.0453 0492 TermDD - ok
12:30:29.0484 0492 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
12:30:29.0500 0492 TermService - ok
12:30:29.0531 0492 [ 99BC0B50F511924348BE19C7C7313BBF ] Themes C:\WINDOWS\System32\shsvcs.dll
12:30:29.0531 0492 Themes - ok
12:30:29.0546 0492 TosIde - ok
12:30:29.0625 0492 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
12:30:29.0625 0492 TrkWks - ok
12:30:29.0703 0492 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
12:30:29.0703 0492 Udfs - ok
12:30:29.0718 0492 ultra - ok
12:30:29.0796 0492 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
12:30:29.0812 0492 Update - ok
12:30:29.0875 0492 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:30:29.0890 0492 upnphost - ok
12:30:29.0921 0492 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
12:30:29.0937 0492 UPS - ok
12:30:29.0984 0492 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:30:29.0984 0492 usbccgp - ok
12:30:30.0062 0492 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:30:30.0062 0492 usbehci - ok
12:30:30.0125 0492 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:30:30.0125 0492 usbhub - ok
12:30:30.0171 0492 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:30:30.0171 0492 usbscan - ok
12:30:30.0218 0492 [ A32426D9B14A089EAA1D922E0C5801A9 ] usbstor C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:30:30.0218 0492 usbstor - ok
12:30:30.0296 0492 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:30:30.0296 0492 usbuhci - ok
12:30:30.0359 0492 [ 63BBFCA7F390F4C49ED4B96BFB1633E0 ] usbvideo C:\WINDOWS\system32\Drivers\usbvideo.sys
12:30:30.0359 0492 usbvideo - ok
12:30:30.0390 0492 [ C019889035CDC1A06F2FEBC93CBB6897 ] uvclf C:\WINDOWS\system32\DRIVERS\uvclf.sys
12:30:30.0390 0492 uvclf - ok
12:30:30.0421 0492 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
12:30:30.0421 0492 VgaSave - ok
12:30:30.0437 0492 ViaIde - ok
12:30:30.0500 0492 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
12:30:30.0500 0492 VolSnap - ok
12:30:30.0546 0492 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
12:30:30.0562 0492 VSS - ok
12:30:30.0609 0492 [ 54AF4B1D5459500EF0937F6D33B1914F ] W32Time C:\WINDOWS\system32\w32time.dll
12:30:30.0609 0492 W32Time - ok
12:30:30.0640 0492 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:30:30.0640 0492 Wanarp - ok
12:30:30.0718 0492 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
12:30:30.0734 0492 Wdf01000 - ok
12:30:30.0750 0492 WDICA - ok
12:30:30.0781 0492 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
12:30:30.0781 0492 wdmaud - ok
12:30:30.0843 0492 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
12:30:30.0859 0492 WebClient - ok
12:30:31.0000 0492 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:30:31.0000 0492 winmgmt - ok
12:30:31.0062 0492 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
12:30:31.0062 0492 WmdmPmSN - ok
12:30:31.0109 0492 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
12:30:31.0125 0492 WmiApSrv - ok
12:30:31.0218 0492 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
12:30:31.0250 0492 WMPNetworkSvc - ok
12:30:31.0296 0492 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
12:30:31.0296 0492 WS2IFSL - ok
12:30:31.0328 0492 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
12:30:31.0328 0492 wscsvc - ok
12:30:31.0359 0492 [ C98B39829C2BBD34E454150633C62C78 ] WSTCODEC C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:30:31.0359 0492 WSTCODEC - ok
12:30:31.0406 0492 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
12:30:31.0406 0492 wuauserv - ok
12:30:31.0453 0492 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:30:31.0453 0492 WudfPf - ok
12:30:31.0484 0492 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:30:31.0484 0492 WudfRd - ok
12:30:31.0500 0492 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
12:30:31.0500 0492 WudfSvc - ok
12:30:31.0578 0492 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
12:30:31.0593 0492 WZCSVC - ok
12:30:31.0640 0492 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
12:30:31.0640 0492 xmlprov - ok
12:30:31.0656 0492 ================ Scan global ===============================
12:30:31.0703 0492 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
12:30:31.0781 0492 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:30:31.0796 0492 [ 8C7DCA4B158BF16894120786A7A5F366 ] C:\WINDOWS\system32\winsrv.dll
12:30:31.0828 0492 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
12:30:31.0828 0492 [Global] - ok
12:30:31.0828 0492 ================ Scan MBR ==================================
12:30:31.0859 0492 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
12:30:32.0171 0492 \Device\Harddisk0\DR0 - ok
12:30:32.0171 0492 ================ Scan VBR ==================================
12:30:32.0218 0492 [ 279136233F49F3A3CED3A023ACBD0625 ] \Device\Harddisk0\DR0\Partition1
12:30:32.0218 0492 \Device\Harddisk0\DR0\Partition1 - ok
12:30:32.0218 0492 ============================================================
12:30:32.0218 0492 Scan finished
12:30:32.0218 0492 ============================================================
12:30:32.0250 3480 Detected object count: 0
12:30:32.0250 3480 Actual detected object count: 0
" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#11 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 08 September 2012 - 10:47 AM

Looks good. If you get the DEP again let me know..
I believe your PC is clean and adequately protected.

Cleanup time!
Please delete DDS files, Security Check, and TDSSKiller from your Desktop. Uninstall ESET.


Advice for malware prevention:

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.

Keep MalwareBytes Anti-Malware updated and run it whenever you suspect a problem.

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here:

http://www.systemloo...p?type=filename

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different from the rogues mentioned above.

For much more old but still useful information, read Tony Klein's excellent article: How did I get infected in the first place
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#12 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 09 September 2012 - 09:12 AM

Hello Mother Lion :)

Looks good. If you get the DEP again let me know..
I believe your PC is clean and adequately protected.


Thanks!! Glad to know all is well, and I've not had that DEP pop up since the first initial one.
I'm hoping "adequately protected" means well protected?? I did learn the hard way a few computers back, so I'm now much more aware of what to do and not do online and how to keep things up to date and less vulnerable. And, of course whenever I'm in doubt, I come here ;)

Please delete DDS files, Security Check, and TDSSKiller from your Desktop. Uninstall ESET.


Done! :thumbup:

Configure Windows to do automatic updates or get into the habit of checking Windows Update regularly. They usually have security updates every month. You can set Windows to notify you of Updates so that you can choose, but only do this if you believe you are able to understand which ones are needed. This is a crucial security measure.


No problem there, mine is set to auto update, plus I do check periodically myself. I also keep Firefox up to date and after any updates to FF I follow up with a FF Plugin Check as well.

The free FileHippo Update Checker makes it easy to keep all your programs up to date - run it every few weeks.


Oooh, I didn't know about this one, thanks!! I will check into that and use it as well :thumbup:

Note that there are a lot of rogue programs out there that want to scare you into giving them your money and some malware actually claims to be security programs. If you get a popup for a security program that you did not install yourself, do NOT click on it and ask for help immediately. It is very important to run an antivirus and firewall, but you can't always rely on reviews and ads for information. Ask in a security forum that you trust if you are not sure. If you are unsure and looking for anti-spyware programs, you may be able to find out if it is a rogue here:


I have read about these before, and I'm very wary of them. I usually come in here to read up on threads that others post about possible threats or known rogue programs. I think I've actually been to the site you listed for system lookup, I believe I have it bookmarked.

A similar category of programs is now called "scareware." Scareware programs are active infections that will pop-up on your computer and tell you that you are infected. If you look closely, it will usually have a name that looks like it might be legitimate, but it is NOT one of the programs you installed. It tells you to click and install it right away. If you click on any part of it, including the 'X' to close it, you may actually help it infect your computer further. Keeping protection updated and running resident protection can help prevent these infections. If it happens anyway, get offline as quickly as you can. Pull the internet connection cable or shut down the computer if you have to. Contact someone to help by using another computer if possible. These programs are also sometimes called 'rogues', but they are different from the rogues mentioned above.


Oh, this I know all too well unfortunately! That is what happened to this very netbook about a month after I got it!! That was about 3, maybe 4 years ago. I came here immediately and received help and eventually a clean bill of health. Ever since then, I'm very cautious and careful.

I've read Tony Klein's article. And, have recommended it to others before.

If I may ask you since you've been so kind to help me out with this. I had the Kaspersky Security Scan run and mentioned it before to you here. Well, it ran again and I was greeted this morning with this screen shot below. I'm not terribly concerned about what the vulnerabilities it found are, but I can't get it to tell me what the details are! So this is more frustrating then anything!! If I click the 'details' button, I get an hour glass for a split second and nothing pops up, or does anything. If I click 'Fix Now' all that does is take me to a page where I can decide which of their 3 products to purchase. All I want to do is SEE what 'other issues' and 'vulnerabilities' are. Any suggestions??


Posted Image
" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#13 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 09 September 2012 - 10:55 AM

That security scan seems like a nuisance designed to get you to buy a Kaspersky product, and you do not need it.
Follow these directions: Uninstall Kaspersky Security Scan


I'm hoping "adequately protected" means well protected??


Optional suggestion: Avast is much more powerful protection than Microsoft Security Essentials - it has 8 real time shields and very frequent automatic updates.
The free version is all you need: free Avast
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#14 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 09 September 2012 - 06:18 PM

Thank you Mother Lion :)

I will go and uninstall that Kaspersky nuisance and uninstall MSE and go get AVAST then. Weird, I thought I had got MSE because I had read on here somewhere that it was the best. But, I will take your word :good: T

Is Outpost Free Firewall still a good firewall to have?? I get annoyed by all the pop ups asking me if I should allow something or block it all the time. I mean, I know it's a good thing to have a firewall monitor such things and all, but it gets annoying at times. Seems every time there's an update to FF plugins or updates to other things, I have to read the smart adviser with Outpost and either allow it or block or select auto learn. Any advice for firewall protection?? Or, should I get the pay version of AVast Internet Security, or Pro Version, they're both on sale. Do you buy them one time, or do you have to pay year after year?

Thanks again for all of your assistance, most appreciated!

Beth

Edited by hayleyscomett, 09 September 2012 - 06:34 PM.

" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#15 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 09 September 2012 - 06:38 PM

Outpost Firewall is a good one; it hasn't been updated since 2009 but there is little reason to modify a firewall.

However if you choose to install Avast it has firewall-like protection against malware and you could get by with just the Win XP firewall. The usual criticism of the Win XP firewall is that it doesn't guard against outgoing internet activity but Avast pretty much takes care of that.

I should warn you, though, that Avast will pop up every time you run something for the first time - but it remembers your decision.

There is nothing wrong with MSE. The three excellent free antivirus we recommend are Avast, Avira, and MSE. I personally use Avast and that's why I made the suggestion. I happen to like being asked if new programs are OK. You could give Avast a try and see if it suits you - not everyone likes it.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#16 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 16 September 2012 - 10:28 AM

So, if I give AVAST a go, then I wouldn't keep Outpost then?? Just checking to be sure before I do anything :)

Thanks so much for all your help! Much appreciated!
Beth
" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#17 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 16 September 2012 - 10:46 AM

That's optional and up to you. If you like it, then keep it. If it continues to annoy you, remove it and enable the XP firewall.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#18 hayleyscomett

hayleyscomett

    Advanced Member

  • Full Member
  • PipPipPip
  • 199 posts

Posted 16 September 2012 - 11:19 AM

Okay, thanks!!! :thumbup:
" If we all can't live together, then we're going to die alone. " ~ Jack Shephard ~ LOST ~ The best show on television!

#19 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 16 September 2012 - 08:46 PM

I'll keep this thread open for a day or two in case you have any questions or problems.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE

#20 cnm

cnm

    Mother Lion of SWI

  • Retired Staff
  • PipPipPipPipPip
  • 25,317 posts

Posted 21 September 2012 - 06:39 PM

Glad we could help. :)

If you need this topic reopened, please tell the moderating team by replying here with the address of the thread. This applies only to the original topic starter. Everyone else please begin a New Topic.
Microsoft MVP Windows Security 2005-2006
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE




Member of UNITE
Support SpywareInfo Forum - click the button