Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Still Infected (Redirects)


  • This topic is locked This topic is locked
34 replies to this topic

#1 KPE

KPE

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 04 September 2012 - 10:08 AM

For reference....http://www.bleepingcomputer.com/forums/topic464365.html/page__p__2797235#entry2797235

I am still getting redirected on search results. Redirects like "get-results" etc. Any ideas?? Thanks in advance.

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_32
Run by kenneth.edwards at 11:02:06 on 2012-09-04
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2365 [GMT -4:00]
.
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
svchost.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Smith Micro\StuffIt 2010\ArcNameService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [Adobe] rundll32.exe "c:\documents and settings\kenneth.edwards\local settings\application data\autodesk\adobe\hlqsvlsun.dll",StartupW
mRun: [LogMeIn GUI] "c:\program files\logmein\x86\LogMeInSystray.exe"
mRun: [avgnt] "c:\program files\avira\antivir desktop\avgnt.exe" /min
mRun: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
dRun: [Adobe] rundll32.exe "c:\documents and settings\kenneth.edwards\local settings\application data\autodesk\adobe\hlqsvlsun.dll",StartupW
uPolicies-explorer: DisablePersonalDirChange = 1 (0x1)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Open Picture in &Microsoft PhotoDraw - c:\progra~1\micros~2\office\1033\phdintl.dll/phdContext.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {FB858B22-55E2-413f-87F5-30ADC5552151} - c:\program files\plotsoft\pdfill\DownloadPDF.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
Trusted Zone: myspace.com\www
DPF: {01113300-3E00-11D2-8470-0060089874ED} - hxxp://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/sites/production/ieawsdc32.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} - hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} - hxxp://www.sibelius.com/download/software/win/ActiveXPlugin.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_32-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} - hxxp://gfx1.hotmail.com/mail/w4/pr01/photouploadcontrol/MSNPUpld.cab
DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} - hxxps://secure.logmein.com/activex/ractrl.cab?lmi=100
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: LMIinit - LMIinit.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\kenneth.edwards\application data\mozilla\firefox\profiles\evxvvdep.default\
FF - plugin: c:\documents and settings\kenneth edwards\application data\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\documents and settings\kenneth.edwards\local settings\application data\google\update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\common files\research in motion\bbwebsllauncher\NPWebSLLauncher.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\windows\system32\npdeployJava1.dll
FF - plugin: c:\windows\system32\npptools.dll
FF - plugin: c:\windows\system32\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 avgio;avgio;c:\program files\avira\antivir desktop\avgio.sys [2011-1-11 11608]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 66632]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\avira\antivir desktop\sched.exe [2011-1-11 136360]
R2 AntiVirService;Avira AntiVir Guard;c:\program files\avira\antivir desktop\avguard.exe [2011-1-11 269480]
R2 avgntflt;avgntflt;c:\windows\system32\drivers\avgntflt.sys [2011-1-11 66616]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\logmein\x86\LMIGuardianSvc.exe [2011-2-8 374184]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\logmein\x86\rainfo.sys [2008-8-11 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;c:\windows\system32\drivers\LMIRfsDriver.sys [2009-12-23 47640]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R3 CBUSB;MARX CryptoTech LP;c:\windows\system32\drivers\CBUSB.sys [2008-1-7 45136]
S0 Lbd;Lbd;c:\windows\system32\drivers\lbd.sys --> c:\windows\system32\drivers\Lbd.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-7-2 136176]
S3 hitmanpro36;HitmanPro 3.6 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [2012-8-30 27424]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-8-22 113120]
S3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
S4 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\broadcom\asfipmon\AsfIpMon.exe [2007-6-20 79168]
S4 DynDNS Updater;DynDNS Updater;c:\program files\dyndns updater\DynUpSvc.exe [2010-1-20 99704]
S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-7-2 136176]
S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2010-12-6 1238408]
S4 LMIRfsClientNP;LMIRfsClientNP; [x]
S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S4 tvnserver;TightVNC Server;c:\program files\tightvnc\tvnserver.exe [2010-7-8 815704]
.
=============== File Associations ===============
.
.scr=AutoCADScriptFile
.txt=Jobcost5.Document.1
.
=============== Created Last 30 ================
.
2012-09-04 14:56:10 388096 ----a-r- c:\documents and settings\kenneth.edwards\application data\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2012-09-04 14:56:09 -------- d-----w- C:\Trend Micro
2012-09-04 14:55:36 1402880 ----a-w- C:\HiJackThis.msi
2012-08-31 15:06:16 -------- d-----w- c:\windows\DEC1287FA11D41638FA156084BBC6AA0.TMP
2012-08-30 19:10:14 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-08-30 19:10:02 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro
2012-08-30 16:16:10 -------- d-----w- c:\documents and settings\all users\application data\036DFF864133951DAC161CED7B07D287
2012-08-30 14:56:31 98816 ----a-w- c:\windows\sed.exe
2012-08-30 14:56:31 518144 ----a-w- c:\windows\SWREG.exe
2012-08-30 14:56:31 256000 ----a-w- c:\windows\PEV.exe
2012-08-30 14:56:31 208896 ----a-w- c:\windows\MBR.exe
2012-08-16 18:38:33 -------- d-----w- C:\HelpAsst_backup
.
==================== Find3M ====================
.
2012-07-11 13:16:59 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-07-11 13:16:59 52128 ----a-w- c:\windows\system32\spool\prtprocs\w32x86\LMIproc.dll
2012-07-11 13:16:58 87456 ----a-w- c:\windows\system32\LMIinit.dll
2012-07-11 13:16:58 30624 ----a-w- c:\windows\system32\LMIport.dll
2012-07-03 17:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-13 12:14:30 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-06-13 12:14:30 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 11:02:47.96 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 04 September 2012 - 02:52 PM

GMER File

Attached Files

  • Attached File  ark.txt   10.52KB   4 downloads


#3 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:08:09 AM

Posted 06 September 2012 - 06:38 AM

Hi,



Hello KPE ! Welcome to BleepingComputer Forums! :welcome:

My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:
  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.


I see where the problem is...


uRun: [Adobe] rundll32.exe "c:\documents and settings\kenneth.edwards\local settings\application data\autodesk\adobe\hlqsvlsun.dll",StartupW
dRun: [Adobe] rundll32.exe "c:\documents and settings\kenneth.edwards\local settings\application data\autodesk\adobe\hlqsvlsun.dll",StartupW



  • Please download a fresh copy of Combofix from here.
  • Save it to your Desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. Please refer to this link for instructions.
  • Double click it & follow the prompts.
  • If you receive a UAC prompt asking if you want to continue running the program, you should press the Continue button.
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.
  • Note: After running Combofix, you may receive an error about "illegal operation on a registry key that has been marked for deletion." If you receive this error, please reboot and it should disappear.

Do not touch your mouse/keyboard until the ComboFix scan has completed, as this may cause the process to stall or the computer to lock.



Regards,
Georgi

cXfZ4wS.png


#4 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 06 September 2012 - 07:59 AM

ComboFix 12-09-05.02 - kenneth.edwards 09/06/2012 8:33.9.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2234 [GMT -4:00]
Running from: c:\documents and settings\kenneth.edwards\Desktop\ComboFix.exe
AV: AntiVir Desktop *Disabled/Updated* {AD166499-45F9-482A-A743-FDD3350758C7}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\kenneth.edwards\Local Settings\Application Data\Autodesk\Adobe\hlqsvlsun.dll
.
.
((((((((((((((((((((((((( Files Created from 2012-08-06 to 2012-09-06 )))))))))))))))))))))))))))))))
.
.
2012-09-04 14:56 . 2012-09-04 14:56 388096 ----a-r- c:\documents and settings\kenneth.edwards\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2012-09-04 14:56 . 2012-09-04 14:56 -------- d-----w- C:\Trend Micro
2012-09-04 14:55 . 2012-09-04 14:55 1402880 ----a-w- C:\HiJackThis.msi
2012-08-31 15:06 . 2012-08-31 15:06 -------- d-----w- c:\windows\DEC1287FA11D41638FA156084BBC6AA0.TMP
2012-08-30 19:10 . 2012-08-30 19:10 27424 ----a-w- c:\windows\system32\drivers\hitmanpro36.sys
2012-08-30 19:10 . 2012-08-30 19:10 -------- d-----w- c:\documents and settings\All Users\Application Data\HitmanPro
2012-08-30 16:16 . 2012-08-30 16:16 -------- d-----w- c:\documents and settings\All Users\Application Data\036DFF864133951DAC161CED7B07D287
2012-08-16 18:38 . 2012-08-16 18:38 -------- d-----w- C:\HelpAsst_backup
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-07-11 13:16 . 2009-12-23 14:06 83392 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2012-07-11 13:16 . 2009-12-23 14:06 52128 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\LMIproc.dll
2012-07-11 13:16 . 2009-12-23 14:06 30624 ----a-w- c:\windows\system32\LMIport.dll
2012-07-11 13:16 . 2009-12-23 14:06 87456 ----a-w- c:\windows\system32\LMIinit.dll
2012-07-03 17:46 . 2010-03-05 20:25 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-06-13 12:14 . 2012-05-15 15:27 426184 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-06-13 12:14 . 2011-06-08 13:35 70344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-07-14 00:17 . 2012-08-22 20:18 136672 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\MSSOverlay]
@="{b75ab0c8-03d5-4592-9821-a48d54d66b14}"
[HKEY_CLASSES_ROOT\CLSID\{b75ab0c8-03d5-4592-9821-a48d54d66b14}]
2006-05-12 13:12 65536 ----a-w- c:\windows\system32\MssShellExt.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-08-11 63048]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-12-13 281768]
"Synchronization Manager"="c:\windows\system32\mobsync.exe" [2008-04-14 143360]
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DisablePersonalDirChange"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 19:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2012-07-11 13:16 87456 ----a-w- c:\windows\system32\LMIinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro36.sys]
@=""
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Acrobat Assistant.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Acrobat Assistant.lnk
backup=c:\windows\pss\Acrobat Assistant.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=c:\windows\pss\Google Updater.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Network Chat AutoStart.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Network Chat AutoStart.lnk
backup=c:\windows\pss\Network Chat AutoStart.lnkCommon Startup
.
[HKLM\~\startupfolder\C:^Documents and Settings^Kenneth Edwards^Start Menu^Programs^Startup^LimeWire On Startup.lnk]
path=c:\documents and settings\Kenneth Edwards\Start Menu\Programs\Startup\LimeWire On Startup.lnk
backup=c:\windows\pss\LimeWire On Startup.lnkStartup
.
[HKLM\~\startupfolder\C:^Documents and Settings^kenneth.edwards^Start Menu^Programs^Startup^_uninst_11401446.lnk]
path=c:\documents and settings\kenneth.edwards\Start Menu\Programs\Startup\_uninst_11401446.lnk
backup=c:\windows\pss\_uninst_11401446.lnkStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
2012-01-02 14:07 843712 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2012-03-27 12:41 37296 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater6]
2009-01-08 11:36 2521464 ----a-w- c:\program files\Common Files\Adobe\Updater6\Adobe_Updater.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitTorrent DNA]
2009-08-26 12:22 323392 -c--a-w- c:\program files\DNA\btdna.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BlackBerryAutoUpdate]
2009-07-03 20:21 623960 -c--a-w- c:\program files\Common Files\Research In Motion\Auto Update\RIMAutoUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boxoft Tools]
2010-12-15 21:21 514048 ----a-w- c:\documents and settings\All Users\Application Data\Boxtools\Boxofttoolbox.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BuildBU]
2004-02-19 13:23 61440 ----a-w- c:\dell\bldbubg.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ------w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2010-12-08 19:17 1226608 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif]
2007-07-27 01:03 178712 -c--a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
2008-10-24 13:14 206112 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2008-10-24 13:14 206112 -c--a-w- c:\progra~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2008-10-24 13:14 79136 -c--a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui]
2010-12-06 13:31 1910152 ----a-w- c:\program files\LogMeIn Hamachi\hamachi-2-ui.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
2008-10-29 00:45 510416 -c--a-w- c:\program files\Orb Networks\Orb\bin\OrbTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
2006-10-20 23:23 118784 -c----w- c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMBVolumeWatcher]
2010-11-27 04:55 648032 ----a-w- c:\program files\Sony\PMB\PMBVolumeWatcher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PWRISOVM.EXE]
2008-03-14 23:50 233472 -c--a-w- c:\program files\PowerISO\PWRISOVM.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2009-05-26 21:18 413696 ----a-w- c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
2006-08-17 15:00 1116920 -c--a-w- c:\program files\Roxio\Drag-to-Disc\DrgToDsc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxWatchTray]
2009-04-11 18:17 236016 -c--a-w- c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
2007-09-12 00:58 1015808 -c--a-w- c:\program files\Analog Devices\Core\smax4pnp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2012-01-18 18:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2010-02-18 21:40 2012912 ----a-w- c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-05-08 18:39 185896 ----a-w- c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\tvncontrol]
2010-07-08 13:28 815704 ----a-w- c:\program files\TightVNC\tvnserver.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"ose"=3 (0x3)
"odserv"=3 (0x3)
"Avg7UpdSvc"=2 (0x2)
"Avg7Alrt"=2 (0x2)
"stllssvr"=3 (0x3)
"NVSvc"=2 (0x2)
"C-DillaCdaC11BA"=2 (0x2)
"ASFIPmon"=2 (0x2)
"WMPNetworkSvc"=3 (0x3)
"tvnserver"=2 (0x2)
"RoxWatch9"=2 (0x2)
"RoxMediaDB9"=3 (0x3)
"RoxLiveShare9"=2 (0x2)
"Roxio Upnp Server 9"=2 (0x2)
"Roxio UPnP Renderer 9"=3 (0x3)
"npggsvc"=3 (0x3)
"idsvc"=2 (0x2)
"Hamachi2Svc"=2 (0x2)
"gusvc"=2 (0x2)
"gupdate"=2 (0x2)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\Orb.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbTray.exe"=
"c:\\Program Files\\Orb Networks\\Orb\\bin\\OrbStreamerClient.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\WINDOWS\\system32\\fxsclnt.exe"=
"c:\\Program Files\\DNA\\btdna.exe"=
"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"c:\\Program Files\\Google\\Google Earth\\plugin\\geplugin.exe"=
"c:\\Program Files\\Google\\Google Earth\\client\\googleearth.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\TightVNC\\tvnserver.exe"=
"c:\\Program Files\\TightVNC\\vncviewer.exe"=
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1647:TCP"= 1647:TCP:MioNet Storage Device Configuration
"5432:UDP"= 5432:UDP:MioNet Storage Device Discovery
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2/17/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2/17/2010 11:15 AM 66632]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [1/11/2011 12:04 PM 136360]
R2 LMIGuardianSvc;LMIGuardianSvc;c:\program files\LogMeIn\x86\LMIGuardianSvc.exe [2/8/2011 9:38 AM 374184]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [8/11/2008 1:41 PM 12856]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\Sony\PMB\PMBDeviceInfoProvider.exe [11/27/2010 12:55 AM 398176]
S0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys --> c:\windows\system32\DRIVERS\Lbd.sys [?]
S3 CBUSB;MARX CryptoTech LP;c:\windows\system32\drivers\CBUSB.sys [1/7/2008 9:40 AM 45136]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [7/2/2010 8:55 AM 136176]
S3 hitmanpro36;HitmanPro 3.6 Support Driver;c:\windows\system32\drivers\hitmanpro36.sys [8/30/2012 3:10 PM 27424]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [8/22/2012 4:18 PM 113120]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2/17/2010 11:15 AM 12872]
S4 ASFIPmon;Broadcom ASF IP and SMBIOS Mailbox Monitor;c:\program files\Broadcom\ASFIPMon\AsfIpMon.exe [6/20/2007 4:30 PM 79168]
S4 DynDNS Updater;DynDNS Updater;c:\program files\DynDNS Updater\DynUpSvc.exe [1/20/2010 12:13 PM 99704]
S4 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [7/2/2010 8:55 AM 136176]
S4 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files\LogMeIn Hamachi\hamachi-2.exe [12/6/2010 9:31 AM 1238408]
S4 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?]
S4 tvnserver;TightVNC Server;c:\program files\TightVNC\tvnserver.exe [7/8/2010 9:28 AM 815704]
.
Contents of the 'Scheduled Tasks' folder
.
2011-02-15 c:\windows\Tasks\Defraggler Volume C Task.job
- c:\program files\Defraggler\df.exe [2011-01-31 11:03]
.
2012-07-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore1cd60c63f797d1e.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-07-02 12:55]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Open Picture in &Microsoft PhotoDraw - c:\progra~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm
Trusted Zone: myspace.com\www
TCP: DhcpNameServer = 192.168.100.2 208.67.222.222 208.67.220.220
FF - ProfilePath - c:\documents and settings\kenneth.edwards\Application Data\Mozilla\Firefox\Profiles\evxvvdep.default\
.
.
------- File Associations -------
.
.scr=AutoCADScriptFile
.txt=Jobcost5.Document.1
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-Adobe - c:\documents and settings\kenneth.edwards\Local Settings\Application Data\Autodesk\Adobe\hlqsvlsun.dll
HKU-Default-Run-Adobe - c:\documents and settings\kenneth.edwards\Local Settings\Application Data\Autodesk\Adobe\hlqsvlsun.dll
AddRemove-HijackThis - c:\hijackthis\HijackThis.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-09-06 08:47
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-1215647863-1857687135-2556028743-1149\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
[HKEY_USERS\S-1-5-21-1215647863-1857687135-2556028743-1149\Software\Policies\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (S-1-5-21-2220486851-610700523-1866786943-1005)
@Allowed: (Read) (S-1-5-21-2220486851-610700523-1866786943-1005)
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(812)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\system32\LMIinit.dll
c:\windows\system32\LMIRfsClientNP.dll
.
- - - - - - - > 'lsass.exe'(868)
c:\program files\Bonjour\mdnsNSP.dll
.
- - - - - - - > 'explorer.exe'(3372)
c:\windows\system32\WININET.dll
c:\windows\system32\AcSignIcon.dll
c:\windows\system32\MssShellExt.dll
c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\msi.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\UPnPUI.dll
c:\program files\Common Files\Roxio Shared\9.0\DLLShared\FakeAvRenderer.dll
c:\program files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\windows\system32\CDRTC.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Smith Micro\StuffIt 2010\ArcNameService.exe
.
**************************************************************************
.
Completion time: 2012-09-06 08:51:57 - machine was rebooted
ComboFix-quarantined-files.txt 2012-09-06 12:51
ComboFix2.txt 2012-08-30 15:22
.
Pre-Run: 125,597,716,480 bytes free
Post-Run: 125,826,383,872 bytes free
.
- - End Of File - - FF12A5383D3BCFF21C79ED58058E7944

#5 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:08:09 AM

Posted 06 September 2012 - 09:38 AM

Hi,



Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    :dir
    c:\documents and settings\All Users\Application Data\036DFF864133951DAC161CED7B07D287 /s
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt


Regards,
Georgi

cXfZ4wS.png


#6 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 06 September 2012 - 10:01 AM

SystemLook 30.07.11 by jpshortstuff
Log created at 11:01 on 06/09/2012 by kenneth.edwards
Administrator - Elevation successful

========== dir ==========

c:\documents and settings\All Users\Application Data\036DFF864133951DAC161CED7B07D287 - Parameters: "/s"

---Files---
036DFF864133951DAC161CED7B07D287 --a---- 1872 bytes [16:17 30/08/2012] [16:17 30/08/2012]
036DFF864133951DAC161CED7B07D287.ico --a---- 4286 bytes [16:16 30/08/2012] [16:16 30/08/2012]

No folders found.

-= EOF =-

#7 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:08:09 AM

Posted 06 September 2012 - 10:11 AM

Hi,


Please follow the instructions below:


  • Please download OTL from the link below:
  • Save it to your desktop/
  • Double click on the Posted Image icon on your desktop.
  • OTL should now start. Change the following settings:
    - Click on Scan All Users checkbox given at the top.Posted Image
    - Under File Scans, change File age to 90
    - Change Standard Registry to All
    - Check the boxes beside LOP Check and Purity Check
  • Copy and Paste the following code into the Posted Image textbox.
  • Don't copy the word "quoted"

    netsvcs
    msconfig
    safebootminimal
    safebootnetwork
    activex
    drivers32
    %SYSTEMDRIVE%\*.*
    %USERPROFILE%\*.*
    %USERPROFILE%\Application Data\*.*
    %USERPROFILE%\Application Data\*.
    %USERPROFILE%\Local Settings\*.*
    %USERPROFILE%\Local Settings\temp\*.exe
    %USERPROFILE%\Local Settings\Temporary Internet Files\*.exe
    %USERPROFILE%\Local Settings\Application Data\*.*
    %AllUsersProfile%\*.*
    %AllUsersProfile%\Application Data\*.*
    %AllUsersProfile%\Application Data\*.
    %AllUsersProfile%\Application Data\Local Settings\*.*
    %AllUsersProfile%\Application Data\Local Settings\Temp\*.exe
    %ALLUSERSPROFILE%\Documents\My Music\*.exe
    %ALLUSERSPROFILE%\Documents\My Pictures\*.exe
    %ALLUSERSPROFILE%\Documents\My Videos\*.exe
    %ALLUSERSPROFILE%\Documents\*.exe
    %USERPROFILE%\My Documents\*.*
    %CommonProgramFiles%\*.*
    %CommonProgramFiles%\ComObjects*.*
    %PROGRAMFILES%\*.*
    %PROGRAMFILES%\*.
    %systemroot%\system32\config\systemprofile\*.*
    %systemroot%\system32\config\systemprofile\Application Data\*.*
    %systemroot%\system32\config\systemprofile\\Local Settings\*.*
    %systemroot%\system32\config\systemprofile\\Local Settings\Application Data\*.*
    %systemroot%\system32\config\systemprofile\\Local Settings\Temp\*.exe
    %systemroot%\system32\config\systemprofile\\Local Settings\Temporary Internet Files\*.exe
    C:\Documents and Settings\LocalService\Application Data\*.*
    C:\Documents and Settings\LocalService\Local Settings\Application Data\*.*
    C:\Documents and Settings\LocalService\Local Settings\temp\*.exe
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\*.exe
    C:\Documents and Settings\LocalService\Local Settings\*.*
    C:\Documents and Settings\LocalService\*.*
    C:\Documents and Settings\NetworkService\Application Data\*.*
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\*.*
    C:\Documents and Settings\NetworkService\Local Settings\temp\*.exe
    C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*.exe
    C:\Documents and Settings\NetworkService\Local Settings\*.*
    C:\Documents and Settings\NetworkService\*.*
    %windir%\temp\*.exe
    %windir%\*.
    %windir%\installer\*.
    %windir%\system32\*.
    %Temp%\smtmp\1\*.*
    %Temp%\smtmp\2\*.*
    %Temp%\smtmp\3\*.*
    %Temp%\smtmp\4\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    %systemroot%\*. /rp /s
    %systemroot%\assembly\tmp\*.* /S /MD5
    %systemroot%\assembly\temp\*.* /S /MD5
    %systemroot%\assembly\GAC\*.ini
    %systemroot%\assembly\GAC_32\*.ini
    %SystemRoot%\assembly\GAC_MSIL\*.ini
    HKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s
    HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
    HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s
    HKEY_CLASSES_ROOT\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s
    HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /s
    HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /s
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s
    HKEY_CURRENT_USER\Software\MSOLoad /s
    >C:\commands.txt echo list vol /raw /hide /c
    /wait
    >C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
    /wait
    type c:\diskreport.txt /c
    /wait
    erase c:\commands.txt /hide /c
    /wait
    erase c:\diskreport.txt /hide /c
    /md5start
    eventlog.dll
    scecli.dll
    netlogon.dll
    cngaudit.dll
    sceclt.dll
    ntelogon.dll
    logevent.dll
    consrv.dll
    services.exe
    svchost.exe
    explorer.exe
    userinit.exe
    winlogon.exe
    smss.exe
    lsass.exe
    atapi.sys
    iaStor.sys
    serial.sys
    disk.sys
    volsnap.sys
    redbook.sys
    i8042prt.sys
    afd.sys
    netbt.sys
    tcpip.sys
    ipsec.sys
    hlp.dat
    str.sys
    crexv.ocx
    /md5stop

  • Push the Posted Image button.
  • One report will open, copy and paste it in a reply here:
    • OTL.txt <-- Will be opened


Regards,
Georgi

cXfZ4wS.png


#8 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 06 September 2012 - 10:34 AM

Do you want me to copy OTL log to the external link above (www.pastebin.com) or in a reply? Thanks.

#9 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:08:09 AM

Posted 06 September 2012 - 10:38 AM

Hi,


Choose what is better for you.
There is no matter for me. :)



Regards,
Georgi

cXfZ4wS.png


#10 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 06 September 2012 - 10:41 AM

See attached. It was too big to paste.

Attached Files

  • Attached File  OTL.Txt   338.69KB   5 downloads


#11 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:08:09 AM

Posted 06 September 2012 - 03:26 PM

Hi,



You have a lot of junk out there...leftovers from Security programs, tools that you used in your previous topic, dangerous applications like LimeWire, uTorrent etc.
Please post the Extras.txt to see your installed programs.
The good news is that I don't see any active infection at this point.



Also,



STEP 1


  • Please download the newest version of Malwarebytes' Anti-Malware and install it.
  • Please start the application by double-click on it's icon.
  • Once the program has loaded go to the UPDATE tab and check for updates.
  • When the update is complete, select the Scanner tab
  • Select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad.
  • Please save it to a convenient location and post the results in your next reply.



STEP 2



Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


STEP 3



I'd like us to scan your machine with ESET OnlineScan


  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Run ESET Online Scanner button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


STEP 4



Download the adwCleaner
  • Run the Tool
    Windows Vista and Windows 7 users:
    Right click in the adwCleaner.exe and select the option
    Posted Image
  • Select the Delete button.
  • When the scan completes, it will open a notepad windows.
  • Please, copy the content of this file in your next reply.


STEP 5



Please download Farbar Service Scanner and run it on the computer with the issue.
  • Make sure that all options are checked.
  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


STEP 6



Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.



How are the things now? Still getting redirects?


Regards,
Georgi

cXfZ4wS.png


#12 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 07 September 2012 - 07:11 AM

OTL Extras logfile created on: 9/6/2012 11:24:30 AM - Run 1
OTL by OldTimer - Version 3.2.61.0 Folder = C:\Documents and Settings\kenneth.edwards\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 2.36 Gb Available Physical Memory | 78.69% Memory free
5.84 Gb Paging File | 5.19 Gb Available in Paging File | 88.87% Paging File free
Paging file location(s): C:\pagefile.sys 3072 6122 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 232.77 Gb Total Space | 117.20 Gb Free Space | 50.35% Space Free | Partition Type: NTFS
Drive E: | 244.63 Mb Total Space | 148.98 Mb Free Space | 60.90% Space Free | Partition Type: FAT
Drive U: | 1799.46 Gb Total Space | 1652.82 Gb Free Space | 91.85% Space Free | Partition Type: NTFS
Drive Y: | 928.30 Gb Total Space | 862.99 Gb Free Space | 92.96% Space Free | Partition Type: NTFS
Drive Z: | 1799.46 Gb Total Space | 1652.82 Gb Free Space | 91.85% Space Free | Partition Type: NTFS

Computer Name: WORKSTATION | User Name: kenneth.edwards | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 90 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l

[HKEY_USERS\S-1-5-21-1215647863-1857687135-2556028743-1149\SOFTWARE\Classes\<extension>]
.html [@ = htmlfile] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- C:\Program Files\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"UpdatesDisableNotify" = 0
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications]
"Enabled" = 1
"AllowUserPrefMerge" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance" = %windir%\system32\sessmgr.exe:*:Enabled:Remote Assistance -- (Microsoft Corporation)
"%windir%\PCHealth\HelpCtr\Binaries\Helpsvc.exe:*:Enabled::Offer Remote Assistance" = %windir%\PCHealth\HelpCtr\Binaries\Helpsvc.exe:*:Enabled:Offer Remote Assistance -- (Microsoft Corporation)
"%windir%\PCHealth\HelpCtr\Binaries\Helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice" = %windir%\PCHealth\HelpCtr\Binaries\Helpctr.exe:*:Enabled:Remote Assistance - Windows Messenger and Voice -- (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts]
"Enabled" = 1
"AllowUserPrefMerge" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\GloballyOpenPorts\List]
"135:TCP:*:Enabled:Offer Remote Assistance - Port" = 135:TCP:*:Enabled:Offer Remote Assistance - Port

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\RemoteAdminSettings]
"Enabled" = 1
"RemoteAddresses" = localsubnet

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\FileAndPrint]
"Enabled" = 1
"RemoteAddresses" = localsubnet

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile\Services\RemoteDesktop]
"Enabled" = 1
"RemoteAddresses" = localsubnet

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\AuthorizedApplications]
"AllowUserPrefMerge" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile\GloballyOpenPorts]
"AllowUserPrefMerge" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"1110:TCP" = 1110:TCP:*:Enabled:Akamai NetSession Interface
"5000:UDP" = 5000:UDP:*:Enabled:Akamai NetSession Interface

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002
"1647:TCP" = 1647:TCP:*:Enabled:MioNet Storage Device Configuration
"5432:UDP" = 5432:UDP:*:Enabled:MioNet Storage Device Discovery

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\WINDOWS\system32\usmt\migwiz.exe" = C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard -- (Microsoft Corporation)
"C:\Program Files\FrostWire\FrostWire.exe" = C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Microsoft Office\Office12\WINWORD.EXE" = C:\Program Files\Microsoft Office\Office12\WINWORD.EXE:*:Enabled:Microsoft Office Word -- (Microsoft Corporation)
"C:\Program Files\TeamViewer\Version6\TeamViewer.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\Unified Remote\RemoteServer.exe" = C:\Program Files\Unified Remote\RemoteServer.exe:*:Enabled:Unified Remote -- (Unified Remote)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\PhotoJoy\Bin\PjApp.exe" = C:\Program Files\PhotoJoy\Bin\PjApp.exe:*:Enabled:PhotoJoy
"C:\Program Files\PhotoJoy\Bin\PjImp.exe" = C:\Program Files\PhotoJoy\Bin\PjImp.exe:*:Enabled:PhotoJoy
"C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe" = C:\Program Files\PhotoJoy\Bin\PhotoJoy.exe:*:Enabled:PhotoJoy
"C:\Program Files\TeamViewer\Version7\TeamViewer.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Documents and Settings\kenneth.edwards\Local Settings\Application Data\Akamai\netsession_win.exe" = C:\Documents and Settings\kenneth.edwards\Local Settings\Application Data\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client
"C:\Program Files\Wyse\PocketCloud Windows Companion\WyseBrowser.exe" = C:\Program Files\Wyse\PocketCloud Windows Companion\WyseBrowser.exe:*:Enabled:WyseBrowser
"C:\Program Files\Wyse\PocketCloud Windows Companion\PocketCloudService.exe" = C:\Program Files\Wyse\PocketCloud Windows Companion\PocketCloudService.exe:*:Enabled:PocketCloudService
"C:\Program Files\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe" = C:\Program Files\Wyse\PocketCloud Windows Companion\PocketCloudInstallWizard.exe:*:Enabled:PocketCloudInstallWizard
"C:\Program Files\TightVNC\tvnserver.exe" = C:\Program Files\TightVNC\tvnserver.exe:*:Enabled:TightVNC Server for Windows -- (GlavSoft LLC.)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE" = C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook -- (Microsoft Corporation)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\uTorrent\uTorrent.exe" = C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.)
"C:\Program Files\SmartFTP Client\SmartFTP.exe" = C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 3.0 -- (SmartSoft Ltd.)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Computer, Inc.)
"C:\Program Files\Orb Networks\Orb\bin\Orb.exe" = C:\Program Files\Orb Networks\Orb\bin\Orb.exe:*:Enabled:Orb -- (Orb Networks, Inc.)
"C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe" = C:\Program Files\Orb Networks\Orb\bin\OrbTray.exe:*:Enabled:OrbTray -- (Orb Networks)
"C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe" = C:\Program Files\Orb Networks\Orb\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client -- (Orb Networks)
"C:\Program Files\VideoLAN\VLC\vlc.exe" = C:\Program Files\VideoLAN\VLC\vlc.exe:*:Enabled:VLC media player -- ()
"C:\WINDOWS\system32\fxsclnt.exe" = C:\WINDOWS\system32\fxsclnt.exe:*:Enabled:Microsoft Fax Console -- (Microsoft Corporation)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Program Files\Java\jre6\bin\java.exe" = C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java™ Platform SE binary -- (Sun Microsystems, Inc.)
"C:\Program Files\Google\Google Earth\plugin\geplugin.exe" = C:\Program Files\Google\Google Earth\plugin\geplugin.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Google\Google Earth\client\googleearth.exe" = C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth -- (Google)
"C:\Program Files\Real\RealPlayer\realplay.exe" = C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer -- (RealNetworks, Inc.)
"C:\Program Files\TightVNC\tvnserver.exe" = C:\Program Files\TightVNC\tvnserver.exe:*:Enabled:TightVNC Server -- (GlavSoft LLC.)
"C:\Program Files\TightVNC\vncviewer.exe" = C:\Program Files\TightVNC\vncviewer.exe:*:Enabled:TightVNC Viewer -- (TightVNC Group)


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00203668-8170-44A0-BE44-B632FA4D780F}" = Adobe AIR
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15CCBC5D-66A7-4131-8D36-E05F27B0E68F}" = Sibelius Scorch (ActiveX Only)
"{177D1318-3E4B-4A7C-A300-AC4E21BE090B}" = Broadcom Management Programs
"{17ED6C9B-117B-44F3-8FAE-F9DADB4D5AC6}" = BlackBerry Device Software v5.0.0 for the BlackBerry 9630 smartphone
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F7D5EE9-4DAE-4A54-B952-B44664063900}" = FileOpen Plug-in for Adobe Acrobat® and Acrobat Reader®
"{26A24AE4-039D-4CA4-87B4-2F83216032FF}" = Java™ 6 Update 32
"{26A7FC57-FC21-4CA9-85BD-4324B3294D8B}" = StuffIt 2010
"{281ECE39-F043-492B-8337-F2E546B5604A}" = PowerDVD
"{2C652E5B-7181-4533-952B-2A4AAE6A0A1F}" = Printer/Scanner Driver for MFX-2030/1430 F-560/520
"{2EFFFC71-1E66-454E-A6E6-CEEC800B96D2}" = Adobe Flash Video Encoder
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3248F0A8-6813-11D6-A77B-00B0D0160070}" = Java™ 6 Update 7
"{34F93E31-E1A0-421C-8E86-BCF7C4193A91}" = LogMeIn
"{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3C5EA394-1033-11D2-A2CB-00C04F72F31D}" = Microsoft PhotoDraw 2000 V2
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{424FA776-B5F8-4BC6-A638-9C4335FCC377}" = SprinkCAD Pro II for AutoCAD® 2004 - 2006
"{4286E640-B5FB-11DF-AC4B-005056C00008}" = Google Earth
"{44B51B4C-EB55-4DBC-8372-733514A4688B}" = SprinkSTUDIO
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{492F8345-095D-467F-926C-278870D93ECF}" = Windows Small Business Server 2008 ClientAgent
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D612FB2-1AE7-4E46-9377-35BB2F06A787}" = Roxio Media Manager
"{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}" = Photo Story 3 for Windows
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{5692A68D-1097-49A5-8F12-724E8AB68E13}" = Network Printer Driver for MFX-2030/1430 F-560/520
"{5783F2D7-0201-0409-0002-0060B0CE6BBA}" = AutoCAD 2004
"{5783F2D7-8001-0409-0002-0060B0CE6BBA}" = AutoCAD 2010 - English
"{5783F2D7-8001-0409-1002-0060B0CE6BBA}" = AutoCAD 2010 Language Pack - English
"{5783F2D7-B028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2013
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{60519E54-8BC3-430F-AB4D-825F385E3F8B}" = SprinkBASE Pro
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{62230596-37E5-4618-A329-0D21F529A86F}" = Browser Address Error Redirector
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{689E0AB3-50B2-4E5A-9DCE-6DA9F5BE1314}" = BlackBerry® Media Sync
"{6B52140A-F189-4945-BFFC-DB3F00B8C589}" = Adobe Flash CS3
"{6F23C1A3-9F62-470C-BD12-B83F04E67865}" = SmartFTP Client
"{6F99A160-EF05-4523-94EA-91853B9734FF}" = HP Designjet 500 - 800 series
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{721C664C-ADC2-4D86-8B82-2E2ECA7CA27C}" = sprinkCALC III
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7B18235F-31C3-495B-B1D4-78529FBFD006}" = HASS
"{81081AE0-83DA-4AFC-9EEF-CAF2E79ABAB5}" = Unified Remote
"{838257FC-952A-467B-86BF-21DB6B137A3F}" = Windows Small Business Server 2008 WMI Provider
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}" = Roxio Creator BDAV Plugin
"{88AF3640-C519-4751-B523-5F3093D29B44}" = SprinkCAD V3.5 (32 bit) for AutoCAD 2010
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B562F87-8385-4B95-A8C2-13C008872D6C}" = Microsoft SQL Server Management Objects Collection
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{90120000-0010-0409-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (English) 12
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_STANDARDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_STANDARDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_STANDARDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_STANDARDR_{4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARDR_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_STANDARDR_{430971B1-C31E-45DA-81E0-72C095BAB72C}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_STANDARDR_{F7A31780-33C4-4E39-951A-5EC9B91D7BF1}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_STANDARDR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_STANDARDR_{FAD8A83E-9BAC-4179-9268-A35948034D85}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90170409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office FrontPage 2003
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{903291F8-F193-4CBF-9C17-DB69F05C1D2F}" = HASS
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{91120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{92FD71D5-ED7E-40B2-8DF3-4B5E6F684367}" = Dell ETS Factory Installation
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{99341ACA-2A86-4235-A636-02A2A9820987}" = WD Discovery Software
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A066194B-DC8F-449A-8E0F-B57BDD3A2072}" = SyncToy 2.1 (x86)
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-1033-F400-7760-000000000001}" = Adobe Acrobat 6.0 Professional - English, Français, Deutsch
"{AC76BA86-7AD7-1033-7B44-A95000000001}" = Adobe Reader 9.5.1
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{AC76BA86-7AD7-5760-0000-900000000003}" = Japanese Fonts Support For Adobe Reader 9
"{AEB9948B-4FF2-47C9-990E-47014492A0FE}" = MSXML 6.0 Parser
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{BD68F46D-8A82-4664-8E68-F87C55BDEFD4}" = Microsoft SQL Server Native Client
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C78EAC6F-7A73-452E-8134-DBB2165C5A68}" = QuickTime
"{C7BCA819-E6CE-4E64-993A-B7BA0B9ED4D9}" = Borland Database Engine
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware Free Edition
"{CE26F10F-C80F-4377-908B-1B7882AE2CE3}" = Crystal Reports Basic Runtime for Visual Studio 2008
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE4A3D0F-D1B0-47D1-BF99-3E957C548D12}" = LogMeIn Hamachi
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1399216-81B2-457C-A0F7-73B9A2EF6902}" = PDFill PDF Editor with FREE Writer and FREE Tools
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D3A80508-CD83-4CA3-8671-914A1BC78B61}" = Microsoft Sync Framework 2.0 Provider Services (x86) ENU
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DEC1287F-A11D-4163-8FA1-56084BBC6AA0}" = AutoSPRINK® VR8 8.1.11
"{E205482B-9F9E-4791-8C3A-76EC07269390}" = SprinkCODE Plus
"{E56D5DC8-4C73-44B1-B650-AAD75C7A2701}" = Broadcom ASF Management Applications
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}" = Visual C++ 2008 x86 Runtime - (v9.0.30729)
"{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01" = Visual C++ 2008 x86 Runtime - v9.0.30729.01
"{F8722041-B63A-47FB-82A8-5F0977E1CF45}" = TWC Customer Controls
"{F8C04C5B-8876-424D-B428-23626373D2A0}" = BlackBerry Desktop Software 5.0
"{FF63121D-91C6-42CC-B341-F1AA729728E7}" = Microsoft Sync Framework 2.0 Core Components (x86) ENU
"{FFC1ADE3-944B-4231-894E-3903C37271D2}" = Adobe Setup
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"Adobe_c3c7fe8b09d497ab2b3fd91c9353390" = Adobe Flash CS3 Professional
"Advanced IP Scanner v1.5" = Advanced IP Scanner v1.5
"AFPL Ghostscript 8.53" = AFPL Ghostscript 8.53
"AFPL Ghostscript Fonts" = AFPL Ghostscript Fonts
"Aide PDF to DXF Converter_is1" = Aide PDF to DXF Converter 9.6
"A-PDF Restrictions Remover_is1" = A-PDF Restrictions Remover 1.5
"AutoCAD 2010 - English" = AutoCAD 2010 - English
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"Belarc Advisor" = Belarc Advisor 7.2
"BlackBerry_{F8C04C5B-8876-424D-B428-23626373D2A0}" = BlackBerry Desktop Software 5.0
"CCleaner" = CCleaner
"CdaC13Ba" = SafeCast Shared Components
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Defraggler" = Defraggler
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"DivX Setup.divx.com" = DivX Setup
"DVD Shrink_is1" = DVD Shrink 3.2
"DWG TrueView 2013" = DWG TrueView 2013
"DynDNSUpdater" = DynDNS Updater
"Easy DVD Creator_is1" = Easy DVD Creator 2.2.0
"ESET Online Scanner" = ESET Online Scanner v3
"Ferguson Pricing" = Ferguson Pricing
"GPL Ghostscript 9.04" = GPL Ghostscript
"HPGL2CAD 4.0" = HPGL2CAD 4.0
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"Img2CAD_is1" = Img2CAD 7.0
"ImgBurn" = ImgBurn
"InstallShield_{44B51B4C-EB55-4DBC-8372-733514A4688B}" = SprinkSTUDIO
"InstallShield_{60519E54-8BC3-430F-AB4D-825F385E3F8B}" = SprinkBASE Pro
"InstallShield_{721C664C-ADC2-4D86-8B82-2E2ECA7CA27C}" = sprinkCALC III
"InstallShield_{E205482B-9F9E-4791-8C3A-76EC07269390}" = SprinkCODE Plus
"IrfanView" = IrfanView (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.62.0.1300
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Mozilla Firefox 14.0.1 (x86 en-US)" = Mozilla Firefox 14.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"NVIDIA Drivers" = NVIDIA Drivers
"Orb" = Orb
"PowerISO" = PowerISO
"RealPlayer 6.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.92
"SmartFTP Client 3.0 Setup Files" = SmartFTP Client 3.0 Setup Files (remove only)
"ST6UNST #1" = Sigma Plumbing Calculator - Trial Version
"STANDARDR" = Microsoft Office Standard 2007
"TeamViewer 6" = TeamViewer 6
"TeamViewer 7" = TeamViewer 7
"TightVNC" = TightVNC 2.0.2
"TreeSize Personal_is1" = TreeSize Personal V5.4.4
"Tweak UI 2.10" = Tweak UI
"VLC media player" = VLC media player 0.9.6
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinRAR archiver" = WinRAR archiver
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"Yahoo! SiteBuilder" = Yahoo! SiteBuilder

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-1215647863-1857687135-2556028743-1149\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"f031ef6ac137efc5" = Dell Driver Download Manager
"Facebook Plug-In" = Facebook Plug-In
"Google Chrome" = Google Chrome
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 5/30/2012 1:17:20 PM | Computer Name = WORKSTATION | Source = Userenv | ID = 1053
Description = Windows cannot determine the user or computer name. (The RPC server
is unavailable. ). Group Policy processing aborted.

Error - 5/30/2012 2:15:58 PM | Computer Name = WORKSTATION | Source = Offline Files | ID = 5
Description = A portion of the Offline Files cache has become corrupted. Restart
the computer to clean up the cach

Error - 6/4/2012 8:37:56 AM | Computer Name = WORKSTATION | Source = Slacker Portable Service | ID = 0
Description =

Error - 6/5/2012 8:33:17 AM | Computer Name = WORKSTATION | Source = Slacker Portable Service | ID = 0
Description =

Error - 6/6/2012 11:20:49 AM | Computer Name = WORKSTATION | Source = Slacker Portable Service | ID = 0
Description =

Error - 6/7/2012 8:19:55 AM | Computer Name = WORKSTATION | Source = Slacker Portable Service | ID = 0
Description =

Error - 6/7/2012 8:20:01 AM | Computer Name = WORKSTATION | Source = Slacker Portable Service | ID = 0
Description =

Error - 6/8/2012 11:23:33 AM | Computer Name = WORKSTATION | Source = AutoEnrollment | ID = 15
Description = Automatic certificate enrollment for local system failed to contact
the active directory (0x8007054b). The specified domain either does not exist
or could not be contacted. Enrollment will not be performed.

Error - 6/12/2012 8:05:24 AM | Computer Name = WORKSTATION | Source = Slacker Portable Service | ID = 0
Description =

Error - 6/18/2012 8:23:48 AM | Computer Name = WORKSTATION | Source = Slacker Portable Service | ID = 0
Description =

[ OSession Events ]
Error - 4/14/2008 3:57:09 PM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 4362
seconds with 1500 seconds of active time. This session ended with a crash.

Error - 4/15/2008 3:34:18 PM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 426
seconds with 60 seconds of active time. This session ended with a crash.

Error - 4/15/2008 4:22:00 PM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 178
seconds with 0 seconds of active time. This session ended with a crash.

Error - 7/28/2008 12:09:47 PM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6308.5000, Microsoft Office Version: 12.0.4518.1014. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

Error - 12/30/2008 12:04:59 PM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 10612
seconds with 720 seconds of active time. This session ended with a crash.

Error - 2/3/2009 11:26:57 AM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 8436
seconds with 840 seconds of active time. This session ended with a crash.

Error - 2/25/2009 4:37:11 PM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6316.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 168748
seconds with 5940 seconds of active time. This session ended with a crash.

Error - 11/2/2010 9:18:20 AM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 97
seconds with 0 seconds of active time. This session ended with a crash.

Error - 2/3/2011 2:08:21 PM | Computer Name = WORKSTATION | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6215.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.

[ System Events ]
Error - 8/31/2012 8:32:16 AM | Computer Name = WORKSTATION | Source = Kerberos | ID = 7
Description = The kerberos subsystem encountered a PAC verification failure. This
indicates that the PAC from the client SBSMonAcct in realm FIRETECH.LOCAL had a
PAC which failed to verify or was modified. Contact your system administrator.

Error - 8/31/2012 10:52:04 AM | Computer Name = WORKSTATION | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd

Error - 8/31/2012 11:50:43 AM | Computer Name = WORKSTATION | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd

Error - 9/5/2012 9:37:17 AM | Computer Name = WORKSTATION | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain FIRETECH due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 9/5/2012 9:37:17 AM | Computer Name = WORKSTATION | Source = Kerberos | ID = 7
Description = The kerberos subsystem encountered a PAC verification failure. This
indicates that the PAC from the client DCSRV$ in realm FIRETECH.LOCAL had a PAC
which failed to verify or was modified. Contact your system administrator.

Error - 9/6/2012 8:40:38 AM | Computer Name = WORKSTATION | Source = NETLOGON | ID = 5719
Description = No Domain Controller is available for domain FIRETECH due to the following:
%%1311. Make sure that the computer is connected to the network and try again. If
the problem persists, please contact your domain administrator.

Error - 9/6/2012 8:40:51 AM | Computer Name = WORKSTATION | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 9/6/2012 8:40:53 AM | Computer Name = WORKSTATION | Source = W32Time | ID = 39452701
Description = The time provider NtpClient is configured to acquire time from one
or more time sources, however none of the sources are currently accessible. No attempt
to contact a source will be made for 15 minutes. NtpClient has no source of accurate
time.

Error - 9/6/2012 8:41:03 AM | Computer Name = WORKSTATION | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
Lbd

Error - 9/6/2012 8:41:05 AM | Computer Name = WORKSTATION | Source = Kerberos | ID = 7
Description = The kerberos subsystem encountered a PAC verification failure. This
indicates that the PAC from the client WORKSTATION$ in realm FIRETECH.LOCAL had
a PAC which failed to verify or was modified. Contact your system administrator.


< End of report >

#13 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 07 September 2012 - 07:24 AM

Malwarebytes...
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Database version: v2012.09.07.08

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
kenneth.edwards :: WORKSTATION [administrator]

9/7/2012 8:13:20 AM
mbam-log-2012-09-07 (08-13-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 365125
Time elapsed: 6 minute(s), 13 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#14 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 07 September 2012 - 07:35 AM

TDSS Log...
08:30:22.0812 0852 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
08:30:23.0093 0852 ============================================================
08:30:23.0093 0852 Current date / time: 2012/09/07 08:30:23.0093
08:30:23.0093 0852 SystemInfo:
08:30:23.0093 0852
08:30:23.0093 0852 OS Version: 5.1.2600 ServicePack: 3.0
08:30:23.0093 0852 Product type: Workstation
08:30:23.0093 0852 ComputerName: WORKSTATION
08:30:23.0093 0852 UserName: kenneth.edwards
08:30:23.0093 0852 Windows directory: C:\WINDOWS
08:30:23.0093 0852 System windows directory: C:\WINDOWS
08:30:23.0093 0852 Processor architecture: Intel x86
08:30:23.0093 0852 Number of processors: 2
08:30:23.0093 0852 Page size: 0x1000
08:30:23.0093 0852 Boot type: Normal boot
08:30:23.0093 0852 ============================================================
08:30:24.0015 0852 BG loaded
08:30:25.0671 0852 Drive \Device\Harddisk0\DR0 - Size: 0x3A35294400 (232.83 Gb), SectorSize: 0x200, Cylinders: 0x76BA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
08:30:25.0687 0852 Drive \Device\Harddisk1\DR3 - Size: 0xF4FFE00 (0.24 Gb), SectorSize: 0x200, Cylinders: 0x1F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:30:25.0687 0852 ============================================================
08:30:25.0687 0852 \Device\Harddisk0\DR0:
08:30:25.0703 0852 MBR partitions:
08:30:25.0703 0852 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B747, BlocksNum 0x1D189832
08:30:25.0703 0852 \Device\Harddisk1\DR3:
08:30:25.0703 0852 MBR partitions:
08:30:25.0703 0852 \Device\Harddisk1\DR3\Partition1: MBR, Type 0x6, StartLBA 0x63, BlocksNum 0x7A59D
08:30:25.0703 0852 ============================================================
08:30:25.0859 0852 C: <-> \Device\Harddisk0\DR0\Partition1
08:30:26.0109 0852 ============================================================
08:30:26.0109 0852 Initialize success
08:30:26.0109 0852 ============================================================
08:31:48.0906 2164 ============================================================
08:31:48.0906 2164 Scan started
08:31:48.0906 2164 Mode: Manual; SigCheck; TDLFS;
08:31:48.0906 2164 ============================================================
08:31:49.0109 2164 ================ Scan system memory ========================
08:31:49.0109 2164 System memory - ok
08:31:49.0109 2164 ================ Scan services =============================
08:31:49.0312 2164 Abiosdsk - ok
08:31:49.0359 2164 [ 6ABB91494FE6C59089B9336452AB2EA3 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
08:31:50.0125 2164 abp480n5 - ok
08:31:50.0156 2164 [ 8FD99680A539792A30E97944FDAECF17 ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
08:31:50.0234 2164 ACPI - ok
08:31:50.0250 2164 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
08:31:50.0359 2164 ACPIEC - ok
08:31:50.0375 2164 [ DE25FC7DE3A464E455C0D0012757B0AC ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
08:31:50.0453 2164 ADIHdAudAddService - ok
08:31:50.0468 2164 [ 9A11864873DA202C996558B2106B0BBC ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
08:31:50.0578 2164 adpu160m - ok
08:31:50.0609 2164 [ 8BED39E3C35D6A489438B8141717A557 ] aec C:\WINDOWS\system32\drivers\aec.sys
08:31:50.0671 2164 aec - ok
08:31:50.0718 2164 [ 7E775010EF291DA96AD17CA4B17137D7 ] AFD C:\WINDOWS\System32\drivers\afd.sys
08:31:50.0781 2164 AFD - ok
08:31:50.0812 2164 [ 08FD04AA961BDC77FB983F328334E3D7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
08:31:50.0890 2164 agp440 - ok
08:31:50.0921 2164 [ 03A7E0922ACFE1B07D5DB2EEB0773063 ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
08:31:50.0984 2164 agpCPQ - ok
08:31:51.0015 2164 [ C23EA9B5F46C7F7910DB3EAB648FF013 ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
08:31:51.0062 2164 Aha154x - ok
08:31:51.0093 2164 [ 19DD0FB48B0C18892F70E2E7D61A1529 ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
08:31:51.0171 2164 aic78u2 - ok
08:31:51.0203 2164 [ B7FE594A7468AA0132DEB03FB8E34326 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
08:31:51.0265 2164 aic78xx - ok
08:31:51.0296 2164 [ A9A3DAA780CA6C9671A19D52456705B4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
08:31:51.0375 2164 Alerter - ok
08:31:51.0406 2164 [ 8C515081584A38AA007909CD02020B3D ] ALG C:\WINDOWS\System32\alg.exe
08:31:51.0437 2164 ALG - ok
08:31:51.0484 2164 [ 1140AB9938809700B46BB88E46D72A96 ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
08:31:51.0546 2164 AliIde - ok
08:31:51.0578 2164 [ CB08AED0DE2DD889A8A820CD8082D83C ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
08:31:51.0656 2164 alim1541 - ok
08:31:51.0671 2164 [ 95B4FB835E28AA1336CEEB07FD5B9398 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
08:31:51.0734 2164 amdagp - ok
08:31:51.0750 2164 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
08:31:51.0812 2164 amsint - ok
08:31:51.0906 2164 [ B4837FE56D76B2E9EA90E5365CF6A2BE ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
08:31:51.0921 2164 AntiVirSchedulerService - ok
08:31:51.0953 2164 [ DF5A3016052755C910A206058B4A1729 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
08:31:51.0953 2164 AntiVirService - ok
08:31:51.0984 2164 [ D8849F77C0B66226335A59D26CB4EDC6 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
08:31:52.0046 2164 AppMgmt - ok
08:31:52.0062 2164 [ 62D318E9A0C8FC9B780008E724283707 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
08:31:52.0140 2164 asc - ok
08:31:52.0156 2164 [ 69EB0CC7714B32896CCBFD5EDCBEA447 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
08:31:52.0203 2164 asc3350p - ok
08:31:52.0234 2164 [ 5D8DE112AA0254B907861E9E9C31D597 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
08:31:52.0312 2164 asc3550 - ok
08:31:52.0328 2164 [ 6295DD28D0ECBC4E6E450C279FEF5ED9 ] ASFIPmon C:\Program Files\Broadcom\ASFIPMon\AsfIpMon.exe
08:31:52.0343 2164 ASFIPmon - ok
08:31:52.0625 2164 [ 776ACEFA0CA9DF0FAA51A5FB2F435705 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
08:31:52.0671 2164 aspnet_state - ok
08:31:52.0703 2164 [ B153AFFAC761E7F5FCFA822B9C4E97BC ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
08:31:52.0781 2164 AsyncMac - ok
08:31:52.0796 2164 [ 9F3A2F5AA6875C72BF062C712CFA2674 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
08:31:52.0859 2164 atapi - ok
08:31:52.0875 2164 Atdisk - ok
08:31:52.0890 2164 [ 9916C1225104BA14794209CFA8012159 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
08:31:52.0968 2164 Atmarpc - ok
08:31:53.0000 2164 [ DEF7A7882BEC100FE0B2CE2549188F9D ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
08:31:53.0078 2164 AudioSrv - ok
08:31:53.0109 2164 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
08:31:53.0171 2164 audstub - ok
08:31:53.0203 2164 [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] avgio C:\Program Files\Avira\AntiVir Desktop\avgio.sys
08:31:53.0203 2164 avgio - ok
08:31:53.0234 2164 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys
08:31:53.0281 2164 avgntflt - ok
08:31:53.0312 2164 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys
08:31:53.0312 2164 avipbb - ok
08:31:53.0359 2164 [ D0692F7B8217E3B82D2BFAC535816117 ] b57w2k C:\WINDOWS\system32\DRIVERS\b57xp32.sys
08:31:53.0375 2164 b57w2k - ok
08:31:53.0421 2164 [ 5D7BE7B19E827125E016325334E58FF1 ] BANTExt C:\WINDOWS\System32\Drivers\BANTExt.sys
08:31:53.0437 2164 BANTExt ( UnsignedFile.Multi.Generic ) - warning
08:31:53.0437 2164 BANTExt - detected UnsignedFile.Multi.Generic (1)
08:31:53.0453 2164 [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A ] BASFND C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
08:31:53.0468 2164 BASFND ( UnsignedFile.Multi.Generic ) - warning
08:31:53.0468 2164 BASFND - detected UnsignedFile.Multi.Generic (1)
08:31:53.0500 2164 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:31:53.0578 2164 Beep - ok
08:31:53.0625 2164 [ 574738F61FCA2935F5265DC4E5691314 ] BITS C:\WINDOWS\system32\qmgr.dll
08:31:53.0812 2164 BITS - ok
08:31:53.0843 2164 [ 73686FE0B2E0469F89FD2075BE724704 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
08:31:53.0875 2164 Bonjour Service ( UnsignedFile.Multi.Generic ) - warning
08:31:53.0875 2164 Bonjour Service - detected UnsignedFile.Multi.Generic (1)
08:31:53.0906 2164 [ A06CE3399D16DB864F55FAEB1F1927A9 ] Browser C:\WINDOWS\System32\browser.dll
08:31:53.0968 2164 Browser - ok
08:31:54.0000 2164 [ 9BDBDA21D3BA8E374FD06A405BE10215 ] C-DillaCdaC11BA C:\WINDOWS\system32\drivers\CDAC11BA.EXE
08:31:54.0031 2164 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - warning
08:31:54.0031 2164 C-DillaCdaC11BA - detected UnsignedFile.Multi.Generic (1)
08:31:54.0031 2164 catchme - ok
08:31:54.0046 2164 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
08:31:54.0125 2164 cbidf - ok
08:31:54.0125 2164 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
08:31:54.0187 2164 cbidf2k - ok
08:31:54.0218 2164 [ E6DE3F6A87EAAFC3F5C3CC2618D8E5E6 ] CBUSB C:\WINDOWS\system32\drivers\CBUSB.sys
08:31:54.0250 2164 CBUSB - ok
08:31:54.0281 2164 [ F3EC03299634490E97BBCE94CD2954C7 ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
08:31:54.0312 2164 cd20xrnt - ok
08:31:54.0328 2164 [ F76CB7259AA575CC53F3996BC6B68C18 ] CdaC15BA C:\WINDOWS\system32\drivers\CDAC15BA.SYS
08:31:54.0359 2164 CdaC15BA ( UnsignedFile.Multi.Generic ) - warning
08:31:54.0359 2164 CdaC15BA - detected UnsignedFile.Multi.Generic (1)
08:31:54.0375 2164 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
08:31:54.0453 2164 Cdaudio - ok
08:31:54.0484 2164 [ C885B02847F5D2FD45A24E219ED93B32 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
08:31:54.0546 2164 Cdfs - ok
08:31:54.0578 2164 [ 1F4260CC5B42272D71F79E570A27A4FE ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
08:31:54.0656 2164 Cdrom - ok
08:31:54.0656 2164 Changer - ok
08:31:54.0687 2164 [ 1CFE720EB8D93A7158A4EBC3AB178BDE ] CiSvc C:\WINDOWS\system32\cisvc.exe
08:31:54.0765 2164 CiSvc - ok
08:31:54.0781 2164 [ 34CBE729F38138217F9C80212A2A0C82 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
08:31:54.0859 2164 ClipSrv - ok
08:31:54.0906 2164 [ D87ACAED61E417BBA546CED5E7E36D9C ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
08:31:54.0984 2164 clr_optimization_v2.0.50727_32 - ok
08:31:55.0015 2164 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:31:55.0140 2164 clr_optimization_v4.0.30319_32 - ok
08:31:55.0156 2164 [ E5DCB56C533014ECBC556A8357C929D5 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
08:31:55.0234 2164 CmdIde - ok
08:31:55.0234 2164 COMSysApp - ok
08:31:55.0265 2164 [ 3EE529119EED34CD212A215E8C40D4B6 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
08:31:55.0328 2164 Cpqarray - ok
08:31:55.0359 2164 [ 3D4E199942E29207970E04315D02AD3B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
08:31:55.0437 2164 CryptSvc - ok
08:31:55.0453 2164 [ E550E7418984B65A78299D248F0A7F36 ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
08:31:55.0546 2164 dac2w2k - ok
08:31:55.0562 2164 [ 683789CAA3864EB46125AE86FF677D34 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
08:31:55.0640 2164 dac960nt - ok
08:31:55.0671 2164 [ 6B27A5C03DFB94B4245739065431322C ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:31:55.0718 2164 DcomLaunch - ok
08:31:55.0750 2164 [ 5E38D7684A49CACFB752B046357E0589 ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
08:31:55.0828 2164 Dhcp - ok
08:31:55.0843 2164 [ 044452051F3E02E7963599FC8F4F3E25 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
08:31:55.0906 2164 Disk - ok
08:31:55.0953 2164 [ 0659E6E0A95564F958D9DF7313F7701E ] DLABMFSM C:\WINDOWS\system32\DLA\DLABMFSM.SYS
08:31:55.0953 2164 DLABMFSM - ok
08:31:55.0968 2164 [ 8691C78908F0BD66170669DB268369F2 ] DLABOIOM C:\WINDOWS\system32\DLA\DLABOIOM.SYS
08:31:55.0968 2164 DLABOIOM - ok
08:31:55.0984 2164 [ 76167B5EB2DFFC729EDC36386876B40B ] DLACDBHM C:\WINDOWS\system32\Drivers\DLACDBHM.SYS
08:31:55.0984 2164 DLACDBHM - ok
08:31:55.0984 2164 [ 5615744A1056933B90E6AC54FEB86F35 ] DLADResM C:\WINDOWS\system32\DLA\DLADResM.SYS
08:31:56.0000 2164 DLADResM - ok
08:31:56.0000 2164 [ 1AECA2AFA5005CE4A550CF8EB55A8C88 ] DLAIFS_M C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
08:31:56.0015 2164 DLAIFS_M - ok
08:31:56.0031 2164 [ 840E7F6ABB885C72B9FFDDB022EF5B6D ] DLAOPIOM C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
08:31:56.0031 2164 DLAOPIOM - ok
08:31:56.0031 2164 [ 0294D18731AC05DA80132CE88F8A876B ] DLAPoolM C:\WINDOWS\system32\DLA\DLAPoolM.SYS
08:31:56.0046 2164 DLAPoolM - ok
08:31:56.0078 2164 [ 91886FED52A3F9966207BCE46CFD794F ] DLARTL_M C:\WINDOWS\system32\Drivers\DLARTL_M.SYS
08:31:56.0078 2164 DLARTL_M - ok
08:31:56.0093 2164 [ CCA4E121D599D7D1706A30F603731E59 ] DLAUDFAM C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
08:31:56.0093 2164 DLAUDFAM - ok
08:31:56.0109 2164 [ 7DAB85C33135DF24419951DA4E7D38E5 ] DLAUDF_M C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
08:31:56.0109 2164 DLAUDF_M - ok
08:31:56.0125 2164 dmadmin - ok
08:31:56.0156 2164 [ D992FE1274BDE0F84AD826ACAE022A41 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
08:31:56.0250 2164 dmboot - ok
08:31:56.0281 2164 [ 7C824CF7BBDE77D95C08005717A95F6F ] dmio C:\WINDOWS\system32\drivers\dmio.sys
08:31:56.0359 2164 dmio - ok
08:31:56.0375 2164 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
08:31:56.0468 2164 dmload - ok
08:31:56.0500 2164 [ 57EDEC2E5F59F0335E92F35184BC8631 ] dmserver C:\WINDOWS\System32\dmserver.dll
08:31:56.0578 2164 dmserver - ok
08:31:56.0593 2164 [ 8A208DFCF89792A484E76C40E5F50B45 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
08:31:56.0671 2164 DMusic - ok
08:31:56.0703 2164 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:31:56.0765 2164 Dnscache - ok
08:31:56.0812 2164 [ 0F0F6E687E5E15579EF4DA8DD6945814 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
08:31:56.0890 2164 Dot3svc - ok
08:31:56.0906 2164 [ 40F3B93B4E5B0126F2F5C0A7A5E22660 ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
08:31:56.0968 2164 dpti2o - ok
08:31:57.0000 2164 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:31:57.0078 2164 drmkaud - ok
08:31:57.0109 2164 [ C00440385CF9F3D142917C63F989E244 ] DRVMCDB C:\WINDOWS\system32\Drivers\DRVMCDB.SYS
08:31:57.0125 2164 DRVMCDB - ok
08:31:57.0140 2164 [ 6E6AB29D3C06E64CE81FEACDA85394B5 ] DRVNDDM C:\WINDOWS\system32\Drivers\DRVNDDM.SYS
08:31:57.0156 2164 DRVNDDM - ok
08:31:57.0203 2164 [ 2EA0DF303216E711EFF4DC6B11E469E0 ] DynDNS Updater C:\Program Files\DynDNS Updater\DynUpSvc.exe
08:31:57.0218 2164 DynDNS Updater - ok
08:31:57.0234 2164 [ 3FCA03CBCA11269F973B70FA483C88EF ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
08:31:57.0312 2164 E100B - ok
08:31:57.0343 2164 [ 2187855A7703ADEF0CEF9EE4285182CC ] EapHost C:\WINDOWS\System32\eapsvc.dll
08:31:57.0421 2164 EapHost - ok
08:31:57.0468 2164 [ BC93B4A066477954555966D77FEC9ECB ] ERSvc C:\WINDOWS\System32\ersvc.dll
08:31:57.0546 2164 ERSvc - ok
08:31:57.0578 2164 [ 65DF52F5B8B6E9BBD183505225C37315 ] Eventlog C:\WINDOWS\system32\services.exe
08:31:57.0609 2164 Eventlog - ok
08:31:57.0656 2164 [ D4991D98F2DB73C60D042F1AEF79EFAE ] EventSystem C:\WINDOWS\system32\es.dll
08:31:57.0718 2164 EventSystem - ok
08:31:57.0734 2164 [ 38D332A6D56AF32635675F132548343E ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
08:31:57.0796 2164 Fastfat - ok
08:31:57.0828 2164 [ 1926899BF9FFE2602B63074971700412 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
08:31:57.0890 2164 FastUserSwitchingCompatibility - ok
08:31:57.0921 2164 [ E97D6A8684466DF94FF3BC24FB787A07 ] Fax C:\WINDOWS\system32\fxssvc.exe
08:31:58.0015 2164 Fax - ok
08:31:58.0031 2164 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
08:31:58.0109 2164 Fdc - ok
08:31:58.0140 2164 [ D45926117EB9FA946A6AF572FBE1CAA3 ] Fips C:\WINDOWS\system32\drivers\Fips.sys
08:31:58.0218 2164 Fips - ok
08:31:58.0296 2164 [ F76D04F7413B07DAA029F6520B64B4E8 ] FLEXnet Licensing Service C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
08:31:58.0312 2164 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - warning
08:31:58.0312 2164 FLEXnet Licensing Service - detected UnsignedFile.Multi.Generic (1)
08:31:58.0328 2164 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
08:31:58.0406 2164 Flpydisk - ok
08:31:58.0437 2164 [ B2CF4B0786F8212CB92ED2B50C6DB6B0 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
08:31:58.0531 2164 FltMgr - ok
08:31:58.0593 2164 [ 8BA7C024070F2B7FDD98ED8A4BA41789 ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
08:31:58.0593 2164 FontCache3.0.0.0 - ok
08:31:58.0609 2164 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:31:58.0687 2164 Fs_Rec - ok
08:31:58.0718 2164 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
08:31:58.0796 2164 Ftdisk - ok
08:31:58.0828 2164 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
08:31:58.0875 2164 Gpc - ok
08:31:58.0953 2164 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
08:31:58.0968 2164 gupdate - ok
08:31:58.0984 2164 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
08:31:58.0984 2164 gupdatem - ok
08:31:59.0031 2164 [ 833051C6C6C42117191935F734CFBD97 ] hamachi C:\WINDOWS\system32\DRIVERS\hamachi.sys
08:31:59.0046 2164 hamachi - ok
08:31:59.0109 2164 [ 2A4713AD248723D0820DCBB927E6C881 ] Hamachi2Svc C:\Program Files\LogMeIn Hamachi\hamachi-2.exe
08:31:59.0171 2164 Hamachi2Svc - ok
08:31:59.0250 2164 [ 573C7D0A32852B48F3058CFD8026F511 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
08:31:59.0328 2164 HDAudBus - ok
08:31:59.0359 2164 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
08:31:59.0437 2164 helpsvc - ok
08:31:59.0453 2164 HidServ - ok
08:31:59.0468 2164 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
08:31:59.0546 2164 HidUsb - ok
08:31:59.0578 2164 [ 47EECE68857817F39C8C6F33A7E5E76C ] hitmanpro36 C:\WINDOWS\system32\drivers\hitmanpro36.sys
08:31:59.0578 2164 hitmanpro36 - ok
08:31:59.0625 2164 [ 8878BD685E490239777BFE51320B88E9 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
08:31:59.0703 2164 hkmsvc - ok
08:31:59.0718 2164 [ B028377DEA0546A5FCFBA928A8AEFAE0 ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
08:31:59.0781 2164 hpn - ok
08:31:59.0812 2164 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
08:31:59.0890 2164 HTTP - ok
08:31:59.0921 2164 [ 6100A808600F44D999CEBDEF8841C7A3 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
08:32:00.0000 2164 HTTPFilter - ok
08:32:00.0031 2164 [ 9368670BD426EBEA5E8B18A62416EC28 ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
08:32:00.0109 2164 i2omgmt - ok
08:32:00.0125 2164 [ F10863BF1CCC290BABD1A09188AE49E0 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
08:32:00.0187 2164 i2omp - ok
08:32:00.0203 2164 [ 4A0B06AA8943C1E332520F7440C0AA30 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
08:32:00.0281 2164 i8042prt - ok
08:32:00.0328 2164 [ 6AC8AC8E3B413FA1EE8256E65FE0BA72 ] IAANTMON C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
08:32:00.0343 2164 IAANTMON - ok
08:32:00.0375 2164 [ BDC361489A7F22E568060FA6FB3C960E ] iaStor C:\WINDOWS\system32\drivers\iaStor.sys
08:32:00.0390 2164 iaStor - ok
08:32:00.0437 2164 [ 6F95324909B502E2651442C1548AB12F ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
08:32:00.0468 2164 IDriverT ( UnsignedFile.Multi.Generic ) - warning
08:32:00.0468 2164 IDriverT - detected UnsignedFile.Multi.Generic (1)
08:32:00.0546 2164 [ C01AC32DC5C03076CFB852CB5DA5229C ] idsvc c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
08:32:00.0593 2164 idsvc - ok
08:32:00.0625 2164 [ 083A052659F5310DD8B6A6CB05EDCF8E ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
08:32:00.0687 2164 Imapi - ok
08:32:00.0718 2164 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] ImapiService C:\WINDOWS\system32\imapi.exe
08:32:00.0796 2164 ImapiService - ok
08:32:00.0828 2164 [ 4A40E045FAEE58631FD8D91AFC620719 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
08:32:00.0890 2164 ini910u - ok
08:32:00.0921 2164 [ B5466A9250342A7AA0CD1FBA13420678 ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
08:32:00.0984 2164 IntelIde - ok
08:32:01.0015 2164 [ 8C953733D8F36EB2133F5BB58808B66B ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
08:32:01.0062 2164 intelppm - ok
08:32:01.0078 2164 [ 3BB22519A194418D5FEC05D800A19AD0 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
08:32:01.0156 2164 Ip6Fw - ok
08:32:01.0187 2164 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:32:01.0250 2164 IpFilterDriver - ok
08:32:01.0250 2164 [ B87AB476DCF76E72010632B5550955F5 ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
08:32:01.0312 2164 IpInIp - ok
08:32:01.0328 2164 [ CC748EA12C6EFFDE940EE98098BF96BB ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
08:32:01.0390 2164 IpNat - ok
08:32:01.0421 2164 [ 23C74D75E36E7158768DD63D92789A91 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
08:32:01.0500 2164 IPSec - ok
08:32:01.0531 2164 [ C93C9FF7B04D772627A3646D89F7BF89 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
08:32:01.0562 2164 IRENUM - ok
08:32:01.0578 2164 [ 05A299EC56E52649B1CF2FC52D20F2D7 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
08:32:01.0656 2164 isapnp - ok
08:32:01.0734 2164 [ A38441ED570F190CC041A7BE49488FA7 ] JavaQuickStarterService C:\Program Files\Java\jre6\bin\jqs.exe
08:32:01.0750 2164 JavaQuickStarterService - ok
08:32:01.0781 2164 [ 463C1EC80CD17420A542B7F36A36F128 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
08:32:01.0843 2164 Kbdclass - ok
08:32:01.0859 2164 [ 9EF487A186DEA361AA06913A75B3FA99 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
08:32:01.0921 2164 kbdhid - ok
08:32:01.0953 2164 [ 692BCF44383D056AED41B045A323D378 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
08:32:02.0031 2164 kmixer - ok
08:32:02.0062 2164 [ B467646C54CC746128904E1654C750C1 ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
08:32:02.0093 2164 KSecDD - ok
08:32:02.0125 2164 [ F385F4B02C535BFFE1D70CAB80838123 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
08:32:02.0203 2164 lanmanserver - ok
08:32:02.0234 2164 [ A8888A5327621856C0CEC4E385F69309 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
08:32:02.0265 2164 lanmanworkstation - ok
08:32:02.0265 2164 Lbd - ok
08:32:02.0265 2164 lbrtfdc - ok
08:32:02.0296 2164 [ A7DB739AE99A796D91580147E919CC59 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
08:32:02.0375 2164 LmHosts - ok
08:32:02.0484 2164 [ 63DAF163D1617DD611BD0AB8E41A43E8 ] LMIGuardianSvc C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
08:32:02.0484 2164 LMIGuardianSvc - ok
08:32:02.0531 2164 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] LMIInfo C:\Program Files\LogMeIn\x86\RaInfo.sys
08:32:02.0531 2164 LMIInfo - ok
08:32:02.0562 2164 [ 175F50F37EEAA1D4D744BCCCBB7CF68C ] LMIMaint C:\Program Files\LogMeIn\x86\RaMaint.exe
08:32:02.0578 2164 LMIMaint - ok
08:32:02.0593 2164 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] lmimirr C:\WINDOWS\system32\DRIVERS\lmimirr.sys
08:32:02.0593 2164 lmimirr - ok
08:32:02.0609 2164 LMIRfsClientNP - ok
08:32:02.0640 2164 [ 3FAA563DDF853320F90259D455A01D79 ] LMIRfsDriver C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
08:32:02.0656 2164 LMIRfsDriver - ok
08:32:02.0703 2164 [ 432618FA75B61059D2C57D6A7E55147A ] LogMeIn C:\Program Files\LogMeIn\x86\LogMeIn.exe
08:32:02.0718 2164 LogMeIn - ok
08:32:02.0765 2164 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
08:32:02.0781 2164 MDM - ok
08:32:02.0812 2164 [ 986B1FF5814366D71E0AC5755C88F2D3 ] Messenger C:\WINDOWS\System32\msgsvc.dll
08:32:02.0890 2164 Messenger - ok
08:32:02.0921 2164 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
08:32:02.0984 2164 mnmdd - ok
08:32:03.0015 2164 [ D18F1F0C101D06A1C1ADF26EED16FCDD ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
08:32:03.0093 2164 mnmsrvc - ok
08:32:03.0125 2164 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
08:32:03.0203 2164 Modem - ok
08:32:03.0218 2164 [ 35C9E97194C8CFB8430125F8DBC34D04 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
08:32:03.0281 2164 Mouclass - ok
08:32:03.0312 2164 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
08:32:03.0375 2164 mouhid - ok
08:32:03.0390 2164 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
08:32:03.0453 2164 MountMgr - ok
08:32:03.0515 2164 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
08:32:03.0515 2164 MozillaMaintenance - ok
08:32:03.0546 2164 [ 3F4BB95E5A44F3BE34824E8E7CAF0737 ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
08:32:03.0625 2164 mraid35x - ok
08:32:03.0640 2164 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
08:32:03.0718 2164 MRxDAV - ok
08:32:03.0765 2164 [ 60AE98742484E7AB80C3C1450E708148 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:32:03.0812 2164 MRxSmb - ok
08:32:03.0828 2164 [ A137F1470499A205ABBB9AAFB3B6F2B1 ] MSDTC C:\WINDOWS\system32\msdtc.exe
08:32:03.0890 2164 MSDTC - ok
08:32:03.0906 2164 [ C941EA2454BA8350021D774DAF0F1027 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:32:03.0984 2164 Msfs - ok
08:32:03.0984 2164 MSIServer - ok
08:32:04.0015 2164 [ D1575E71568F4D9E14CA56B7B0453BF1 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:32:04.0078 2164 MSKSSRV - ok
08:32:04.0093 2164 [ 325BB26842FC7CCC1FCCE2C457317F3E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:32:04.0187 2164 MSPCLOCK - ok
08:32:04.0187 2164 [ BAD59648BA099DA4A17680B39730CB3D ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:32:04.0265 2164 MSPQM - ok
08:32:04.0296 2164 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
08:32:04.0359 2164 mssmbios - ok
08:32:04.0375 2164 [ 2F625D11385B1A94360BFC70AAEFDEE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
08:32:04.0437 2164 Mup - ok
08:32:04.0468 2164 [ 0102140028FAD045756796E1C685D695 ] napagent C:\WINDOWS\System32\qagentrt.dll
08:32:04.0562 2164 napagent - ok
08:32:04.0578 2164 [ 1DF7F42665C94B825322FAE71721130D ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
08:32:04.0656 2164 NDIS - ok
08:32:04.0687 2164 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:32:04.0750 2164 NdisTapi - ok
08:32:04.0781 2164 [ F927A4434C5028758A842943EF1A3849 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:32:04.0843 2164 Ndisuio - ok
08:32:04.0859 2164 [ EDC1531A49C80614B2CFDA43CA8659AB ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:32:04.0937 2164 NdisWan - ok
08:32:04.0968 2164 [ 6215023940CFD3702B46ABC304E1D45A ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
08:32:05.0046 2164 NDProxy - ok
08:32:05.0062 2164 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
08:32:05.0125 2164 NetBIOS - ok
08:32:05.0156 2164 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:32:05.0234 2164 NetBT - ok
08:32:05.0265 2164 [ B857BA82860D7FF85AE29B095645563B ] NetDDE C:\WINDOWS\system32\netdde.exe
08:32:05.0343 2164 NetDDE - ok
08:32:05.0359 2164 [ B857BA82860D7FF85AE29B095645563B ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
08:32:05.0421 2164 NetDDEdsdm - ok
08:32:05.0437 2164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] Netlogon C:\WINDOWS\system32\lsass.exe
08:32:05.0515 2164 Netlogon - ok
08:32:05.0531 2164 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] Netman C:\WINDOWS\System32\netman.dll
08:32:05.0609 2164 Netman - ok
08:32:05.0640 2164 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
08:32:05.0765 2164 NetTcpPortSharing - ok
08:32:05.0796 2164 [ 832E4DD8964AB7ACC880B2837CB1ED20 ] Nla C:\WINDOWS\System32\mswsock.dll
08:32:05.0843 2164 Nla - ok
08:32:05.0875 2164 [ 3182D64AE053D6FB034F44B6DEF8034A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:32:05.0937 2164 Npfs - ok
08:32:05.0953 2164 npggsvc - ok
08:32:05.0968 2164 [ 78A08DD6A8D65E697C18E1DB01C5CDCA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
08:32:06.0062 2164 Ntfs - ok
08:32:06.0078 2164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
08:32:06.0125 2164 NtLmSsp - ok
08:32:06.0171 2164 [ 156F64A3345BD23C600655FB4D10BC08 ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
08:32:06.0234 2164 NtmsSvc - ok
08:32:06.0250 2164 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
08:32:06.0312 2164 Null - ok
08:32:06.0437 2164 [ 5A6469D861970151E687FB76E10BBB3A ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
08:32:06.0609 2164 nv - ok
08:32:06.0625 2164 [ E170979EBDD54B80695D4C994797CB0F ] NVSvc C:\WINDOWS\system32\nvsvc32.exe
08:32:06.0656 2164 NVSvc - ok
08:32:06.0671 2164 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
08:32:06.0734 2164 NwlnkFlt - ok
08:32:06.0734 2164 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
08:32:06.0796 2164 NwlnkFwd - ok
08:32:06.0859 2164 [ E54AA592A65F317390EEE386A8821692 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
08:32:06.0890 2164 odserv - ok
08:32:06.0937 2164 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:32:06.0953 2164 ose - ok
08:32:06.0984 2164 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
08:32:07.0062 2164 Parport - ok
08:32:07.0078 2164 [ BEB3BA25197665D82EC7065B724171C6 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
08:32:07.0140 2164 PartMgr - ok
08:32:07.0171 2164 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
08:32:07.0250 2164 ParVdm - ok
08:32:07.0281 2164 [ A219903CCF74233761D92BEF471A07B1 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
08:32:07.0343 2164 PCI - ok
08:32:07.0343 2164 PCIDump - ok
08:32:07.0375 2164 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
08:32:07.0437 2164 PCIIde - ok
08:32:07.0484 2164 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
08:32:07.0546 2164 Pcmcia - ok
08:32:07.0562 2164 PDCOMP - ok
08:32:07.0578 2164 PDFRAME - ok
08:32:07.0578 2164 PDRELI - ok
08:32:07.0578 2164 PDRFRAME - ok
08:32:07.0609 2164 [ 6C14B9C19BA84F73D3A86DBA11133101 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
08:32:07.0687 2164 perc2 - ok
08:32:07.0718 2164 [ F50F7C27F131AFE7BEBA13E14A3B9416 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
08:32:07.0781 2164 perc2hib - ok
08:32:07.0812 2164 [ 65DF52F5B8B6E9BBD183505225C37315 ] PlugPlay C:\WINDOWS\system32\services.exe
08:32:07.0828 2164 PlugPlay - ok
08:32:08.0031 2164 [ 63694C307273062A2167AE4CE80730EF ] PMBDeviceInfoProvider C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
08:32:08.0140 2164 PMBDeviceInfoProvider - ok
08:32:08.0156 2164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
08:32:08.0218 2164 PolicyAgent - ok
08:32:08.0250 2164 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
08:32:08.0312 2164 PptpMiniport - ok
08:32:08.0328 2164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
08:32:08.0390 2164 ProtectedStorage - ok
08:32:08.0406 2164 [ 09298EC810B07E5D582CB3A3F9255424 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
08:32:08.0484 2164 PSched - ok
08:32:08.0515 2164 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
08:32:08.0562 2164 Ptilink - ok
08:32:08.0593 2164 [ D86B4A68565E444D76457F14172C875A ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
08:32:08.0593 2164 PxHelp20 - ok
08:32:08.0625 2164 [ 0A63FB54039EB5662433CABA3B26DBA7 ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
08:32:08.0703 2164 ql1080 - ok
08:32:08.0718 2164 [ 6503449E1D43A0FF0201AD5CB1B8C706 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
08:32:08.0796 2164 Ql10wnt - ok
08:32:08.0796 2164 [ 156ED0EF20C15114CA097A34A30D8A01 ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
08:32:08.0875 2164 ql12160 - ok
08:32:08.0906 2164 [ 70F016BEBDE6D29E864C1230A07CC5E6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
08:32:08.0968 2164 ql1240 - ok
08:32:08.0984 2164 [ 907F0AEEA6BC451011611E732BD31FCF ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
08:32:09.0046 2164 ql1280 - ok
08:32:09.0078 2164 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:32:09.0125 2164 RasAcd - ok
08:32:09.0156 2164 [ AD188BE7BDF94E8DF4CA0A55C00A5073 ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:32:09.0234 2164 RasAuto - ok
08:32:09.0250 2164 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
08:32:09.0328 2164 Rasl2tp - ok
08:32:09.0343 2164 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:32:09.0421 2164 RasMan - ok
08:32:09.0437 2164 [ 5BC962F2654137C9909C3D4603587DEE ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:32:09.0500 2164 RasPppoe - ok
08:32:09.0515 2164 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
08:32:09.0593 2164 Raspti - ok
08:32:09.0609 2164 [ 7AD224AD1A1437FE28D89CF22B17780A ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:32:09.0703 2164 Rdbss - ok
08:32:09.0718 2164 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
08:32:09.0796 2164 RDPCDD - ok
08:32:09.0828 2164 [ 15CABD0F7C00C47C70124907916AF3F1 ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
08:32:09.0890 2164 rdpdr - ok
08:32:09.0921 2164 [ 3C37BF86641BDA977C3BF8A840F3B7FA ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
08:32:09.0984 2164 RDSessMgr - ok
08:32:10.0015 2164 [ F828DD7E1419B6653894A8F97A0094C5 ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
08:32:10.0093 2164 redbook - ok
08:32:10.0109 2164 [ 7E699FF5F59B5D9DE5390E3C34C67CF5 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:32:10.0187 2164 RemoteAccess - ok
08:32:10.0203 2164 [ 5B19B557B0C188210A56A6B699D90B8F ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
08:32:10.0281 2164 RemoteRegistry - ok
08:32:10.0312 2164 [ F17713D108ACA124A139FDE877EEF68A ] RimUsb C:\WINDOWS\system32\Drivers\RimUsb.sys
08:32:10.0359 2164 RimUsb - ok
08:32:10.0375 2164 [ 2C4FB2E9F039287767C384E46EE91030 ] RimVSerPort C:\WINDOWS\system32\DRIVERS\RimSerial.sys
08:32:10.0437 2164 RimVSerPort - ok
08:32:10.0453 2164 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] ROOTMODEM C:\WINDOWS\system32\Drivers\RootMdm.sys
08:32:10.0515 2164 ROOTMODEM - ok
08:32:10.0562 2164 [ AFD61A7C48A3E15C86A6FADF0B69A2E4 ] Roxio UPnP Renderer 9 C:\Program Files\Roxio\Digital Home 9\RoxioUPnPRenderer9.exe
08:32:10.0578 2164 Roxio UPnP Renderer 9 - ok
08:32:10.0609 2164 [ EFBB36E2BB02169D26E9980778FC20D3 ] Roxio Upnp Server 9 C:\Program Files\Roxio\Digital Home 9\RoxioUpnpService9.exe
08:32:10.0625 2164 Roxio Upnp Server 9 - ok
08:32:10.0703 2164 [ E06224CF971D33A680E852DFA212A8AB ] RoxLiveShare9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe
08:32:10.0718 2164 RoxLiveShare9 - ok
08:32:10.0765 2164 [ FB68FD9505AB89416D70A0E8A5C49E45 ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
08:32:10.0812 2164 RoxMediaDB9 - ok
08:32:10.0843 2164 [ D6BDB50D2A28FF70CE60B4D995F0143A ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
08:32:10.0875 2164 RoxWatch9 - ok
08:32:10.0906 2164 [ AAED593F84AFA419BBAE8572AF87CF6A ] RpcLocator C:\WINDOWS\system32\locator.exe
08:32:11.0000 2164 RpcLocator - ok
08:32:11.0031 2164 [ 6B27A5C03DFB94B4245739065431322C ] RpcSs C:\WINDOWS\System32\rpcss.dll
08:32:11.0031 2164 RpcSs - ok
08:32:11.0062 2164 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\system32\rsvp.exe
08:32:11.0125 2164 RSVP - ok
08:32:11.0140 2164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] SamSs C:\WINDOWS\system32\lsass.exe
08:32:11.0203 2164 SamSs - ok
08:32:11.0265 2164 [ A3281AEC37E0720A2BC28034C2DF2A56 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
08:32:11.0265 2164 SASDIFSV - ok
08:32:11.0296 2164 [ 7CE61C25C159F50F9EAF6D77FC83FA35 ] SASENUM C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
08:32:11.0296 2164 SASENUM - ok
08:32:11.0328 2164 [ 67D2688756DD304AF655349BAAD82BFF ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:32:11.0328 2164 SASKUTIL - ok
08:32:11.0359 2164 [ 86D007E7A654B9A71D1D7D856B104353 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
08:32:11.0437 2164 SCardSvr - ok
08:32:11.0468 2164 [ E9BBD87AFD80DC1212ECD762858B45C7 ] SCDEmu C:\WINDOWS\system32\drivers\SCDEmu.sys
08:32:11.0484 2164 SCDEmu ( UnsignedFile.Multi.Generic ) - warning
08:32:11.0484 2164 SCDEmu - detected UnsignedFile.Multi.Generic (1)
08:32:11.0500 2164 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:32:11.0593 2164 Schedule - ok
08:32:11.0625 2164 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
08:32:11.0671 2164 Secdrv - ok
08:32:11.0718 2164 [ CBE612E2BB6A10E3563336191EDA1250 ] seclogon C:\WINDOWS\System32\seclogon.dll
08:32:11.0765 2164 seclogon - ok
08:32:11.0796 2164 [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
08:32:11.0843 2164 SenFiltService - ok
08:32:11.0859 2164 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] SENS C:\WINDOWS\system32\sens.dll
08:32:11.0937 2164 SENS - ok
08:32:11.0968 2164 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
08:32:12.0031 2164 serenum - ok
08:32:12.0062 2164 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
08:32:12.0125 2164 Serial - ok
08:32:12.0171 2164 [ 8E6B8C671615D126FDC553D1E2DE5562 ] Sfloppy C:\WINDOWS\system32\DRIVERS\sfloppy.sys
08:32:12.0250 2164 Sfloppy - ok
08:32:12.0281 2164 [ 83F41D0D89645D7235C051AB1D9523AC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:32:12.0359 2164 SharedAccess - ok
08:32:12.0375 2164 [ 1926899BF9FFE2602B63074971700412 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:32:12.0437 2164 ShellHWDetection - ok
08:32:12.0437 2164 Simbad - ok
08:32:12.0453 2164 [ 6B33D0EBD30DB32E27D1D78FE946A754 ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
08:32:12.0515 2164 sisagp - ok
08:32:12.0546 2164 [ 83C0F71F86D3BDAF915685F3D568B20E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
08:32:12.0578 2164 Sparrow - ok
08:32:12.0593 2164 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
08:32:12.0671 2164 splitter - ok
08:32:12.0703 2164 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] Spooler C:\WINDOWS\system32\spoolsv.exe
08:32:12.0750 2164 Spooler - ok
08:32:12.0781 2164 [ 76BB022C2FB6902FD5BDD4F78FC13A5D ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
08:32:12.0843 2164 sr - ok
08:32:12.0875 2164 [ 3805DF0AC4296A34BA4BF93B346CC378 ] srservice C:\WINDOWS\system32\srsvc.dll
08:32:12.0921 2164 srservice - ok
08:32:12.0953 2164 [ 3BB03F2BA89D2BE417206C373D2AF17C ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:32:13.0000 2164 Srv - ok
08:32:13.0031 2164 [ 0A5679B3714EDAB99E357057EE88FCA6 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:32:13.0062 2164 SSDPSRV - ok
08:32:13.0093 2164 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\WINDOWS\system32\DRIVERS\ssmdrv.sys
08:32:13.0093 2164 ssmdrv - ok
08:32:13.0125 2164 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] stisvc C:\WINDOWS\system32\wiaservc.dll
08:32:13.0218 2164 stisvc - ok
08:32:13.0250 2164 [ 51778FD315C9882F1CBD932743E62A72 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
08:32:13.0281 2164 stllssvr ( UnsignedFile.Multi.Generic ) - warning
08:32:13.0281 2164 stllssvr - detected UnsignedFile.Multi.Generic (1)
08:32:13.0359 2164 [ 1DB60CB3E53E2491D5D6C43C06676CA2 ] Stuffit Archive Name Service C:\Program Files\Smith Micro\StuffIt 2010\ArcNameService.exe
08:32:13.0406 2164 Stuffit Archive Name Service - ok
08:32:13.0468 2164 [ 2E5586392CDFBD1D73BADB20E9ED6386 ] SupportSoft RemoteAssist C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
08:32:13.0500 2164 SupportSoft RemoteAssist - ok
08:32:13.0531 2164 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
08:32:13.0609 2164 swenum - ok
08:32:13.0609 2164 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
08:32:13.0687 2164 swmidi - ok
08:32:13.0687 2164 SwPrv - ok
08:32:13.0718 2164 [ 1FF3217614018630D0A6758630FC698C ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
08:32:13.0781 2164 symc810 - ok
08:32:13.0812 2164 [ 070E001D95CF725186EF8B20335F933C ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
08:32:13.0875 2164 symc8xx - ok
08:32:13.0890 2164 [ 80AC1C4ABBE2DF3B738BF15517A51F2C ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
08:32:13.0953 2164 sym_hi - ok
08:32:13.0953 2164 [ BF4FAB949A382A8E105F46EBB4937058 ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
08:32:14.0031 2164 sym_u3 - ok
08:32:14.0062 2164 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
08:32:14.0140 2164 sysaudio - ok
08:32:14.0171 2164 [ C7ABBC59B43274B1109DF6B24D617051 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
08:32:14.0234 2164 SysmonLog - ok
08:32:14.0265 2164 [ 3CB78C17BB664637787C9A1C98F79C38 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:32:14.0312 2164 TapiSrv - ok
08:32:14.0343 2164 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:32:14.0375 2164 Tcpip - ok
08:32:14.0406 2164 [ 6471A66807F5E104E4885F5B67349397 ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
08:32:14.0500 2164 TDPIPE - ok
08:32:14.0531 2164 [ 88155247177638048422893737429D9E ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
08:32:14.0609 2164 TermDD - ok
08:32:14.0640 2164 [ FF3477C03BE7201C294C35F684B3479F ] TermService C:\WINDOWS\System32\termsrv.dll
08:32:14.0718 2164 TermService - ok
08:32:14.0718 2164 [ 1926899BF9FFE2602B63074971700412 ] Themes C:\WINDOWS\System32\shsvcs.dll
08:32:14.0781 2164 Themes - ok
08:32:14.0812 2164 [ DB7205804759FF62C34E3EFD8A4CC76A ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
08:32:14.0859 2164 TlntSvr - ok
08:32:14.0875 2164 [ F2790F6AF01321B172AA62F8E1E187D9 ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
08:32:14.0953 2164 TosIde - ok
08:32:14.0984 2164 [ 55BCA12F7F523D35CA3CB833C725F54E ] TrkWks C:\WINDOWS\system32\trkwks.dll
08:32:15.0031 2164 TrkWks - ok
08:32:15.0109 2164 [ 711561440FDC396CB6E4C69C13375A38 ] tvnserver C:\Program Files\TightVNC\tvnserver.exe
08:32:15.0125 2164 tvnserver - ok
08:32:15.0156 2164 [ 5787B80C2E3C5E2F56C2A233D91FA2C9 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
08:32:15.0234 2164 Udfs - ok
08:32:15.0250 2164 [ 1B698A51CD528D8DA4FFAED66DFC51B9 ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
08:32:15.0296 2164 ultra - ok
08:32:15.0343 2164 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
08:32:15.0421 2164 Update - ok
08:32:15.0453 2164 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91 ] upnphost C:\WINDOWS\System32\upnphost.dll
08:32:15.0515 2164 upnphost - ok
08:32:15.0531 2164 [ 05365FB38FCA1E98F7A566AAAF5D1815 ] UPS C:\WINDOWS\System32\ups.exe
08:32:15.0609 2164 UPS - ok
08:32:15.0625 2164 [ 173F317CE0DB8E21322E71B7E60A27E8 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
08:32:15.0703 2164 usbccgp - ok
08:32:15.0734 2164 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
08:32:15.0812 2164 usbehci - ok
08:32:15.0812 2164 [ 1AB3CDDE553B6E064D2E754EFE20285C ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
08:32:15.0890 2164 usbhub - ok
08:32:15.0921 2164 [ A717C8721046828520C9EDF31288FC00 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
08:32:16.0000 2164 usbprint - ok
08:32:16.0031 2164 [ A0B8CF9DEB1184FBDD20784A58FA75D4 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
08:32:16.0093 2164 usbscan - ok
08:32:16.0109 2164 [ A32426D9B14A089EAA1D922E0C5801A9 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
08:32:16.0187 2164 USBSTOR - ok
08:32:16.0218 2164 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
08:32:16.0281 2164 usbuhci - ok
08:32:16.0312 2164 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
08:32:16.0375 2164 VgaSave - ok
08:32:16.0421 2164 [ 754292CE5848B3738281B4F3607EAEF4 ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
08:32:16.0500 2164 viaagp - ok
08:32:16.0515 2164 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
08:32:16.0578 2164 ViaIde - ok
08:32:16.0609 2164 [ 4C8FCB5CC53AAB716D810740FE59D025 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
08:32:16.0687 2164 VolSnap - ok
08:32:16.0718 2164 [ 7A9DB3A67C333BF0BD42E42B8596854B ] VSS C:\WINDOWS\System32\vssvc.exe
08:32:16.0765 2164 VSS - ok
08:32:16.0781 2164 [ 54AF4B1D5459500EF0937F6D33B1914F ] w32time C:\WINDOWS\system32\w32time.dll
08:32:16.0843 2164 w32time - ok
08:32:16.0843 2164 [ E20B95BAEDB550F32DD489265C1DA1F6 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
08:32:16.0921 2164 Wanarp - ok
08:32:16.0921 2164 WDICA - ok
08:32:16.0953 2164 [ 6768ACF64B18196494413695F0C3A00F ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
08:32:17.0015 2164 wdmaud - ok
08:32:17.0046 2164 [ 77A354E28153AD2D5E120A5A8687BC06 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:32:17.0109 2164 WebClient - ok
08:32:17.0171 2164 [ 2D0E4ED081963804CCC196A0929275B5 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:32:17.0250 2164 winmgmt - ok
08:32:17.0281 2164 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
08:32:17.0343 2164 WmdmPmSN - ok
08:32:17.0375 2164 [ E76F8807070ED04E7408A86D6D3A6137 ] Wmi C:\WINDOWS\System32\advapi32.dll
08:32:17.0406 2164 Wmi - ok
08:32:17.0437 2164 [ E0673F1106E62A68D2257E376079F821 ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:32:17.0515 2164 WmiApSrv - ok
08:32:17.0578 2164 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
08:32:17.0640 2164 WMPNetworkSvc - ok
08:32:17.0671 2164 [ CF4DEF1BF66F06964DC0D91844239104 ] WpdUsb C:\WINDOWS\system32\DRIVERS\wpdusb.sys
08:32:17.0703 2164 WpdUsb - ok
08:32:17.0796 2164 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
08:32:17.0828 2164 WPFFontCache_v0400 - ok
08:32:17.0859 2164 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
08:32:17.0953 2164 WS2IFSL - ok
08:32:17.0984 2164 [ 7C278E6408D1DCE642230C0585A854D5 ] wscsvc C:\WINDOWS\system32\wscsvc.dll
08:32:18.0062 2164 wscsvc - ok
08:32:18.0093 2164 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] wuauserv C:\WINDOWS\system32\wuauserv.dll
08:32:18.0203 2164 wuauserv - ok
08:32:18.0218 2164 [ F15FEAFFFBB3644CCC80C5DA584E6311 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
08:32:18.0265 2164 WudfPf - ok
08:32:18.0281 2164 [ 28B524262BCE6DE1F7EF9F510BA3985B ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
08:32:18.0312 2164 WudfRd - ok
08:32:18.0328 2164 [ 05231C04253C5BC30B26CBAAE680ED89 ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
08:32:18.0328 2164 WudfSvc - ok
08:32:18.0390 2164 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
08:32:18.0468 2164 WZCSVC - ok
08:32:18.0484 2164 [ 295D21F14C335B53CB8154E5B1F892B9 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
08:32:18.0593 2164 xmlprov - ok
08:32:18.0593 2164 ================ Scan global ===============================
08:32:18.0625 2164 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
08:32:18.0640 2164 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
08:32:18.0656 2164 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
08:32:18.0671 2164 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
08:32:18.0671 2164 [Global] - ok
08:32:18.0671 2164 ================ Scan MBR ==================================
08:32:18.0671 2164 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
08:32:18.0890 2164 \Device\Harddisk0\DR0 - ok
08:32:18.0890 2164 [ E5FA06ACA0D60BA9C870D0EF3D9898C9 ] \Device\Harddisk1\DR3
08:32:18.0984 2164 \Device\Harddisk1\DR3 - ok
08:32:18.0984 2164 ================ Scan VBR ==================================
08:32:19.0000 2164 [ 7BC6218694F15C764205D4A2138F859C ] \Device\Harddisk0\DR0\Partition1
08:32:19.0000 2164 \Device\Harddisk0\DR0\Partition1 - ok
08:32:19.0000 2164 [ B8ACC5F45F61C5A8B1F7A8F50116F915 ] \Device\Harddisk1\DR3\Partition1
08:32:19.0000 2164 \Device\Harddisk1\DR3\Partition1 - ok
08:32:19.0000 2164 ================ Scan active images ========================
08:32:19.0000 2164 [ 8C953733D8F36EB2133F5BB58808B66B ] C:\WINDOWS\system32\drivers\intelppm.sys
08:32:19.0000 2164 C:\WINDOWS\system32\drivers\intelppm.sys - ok
08:32:19.0015 2164 [ 5A6469D861970151E687FB76E10BBB3A ] C:\WINDOWS\system32\drivers\nv4_mini.sys
08:32:19.0015 2164 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
08:32:19.0015 2164 [ E28726B72C46821A28830E077D39A55B ] C:\WINDOWS\system32\drivers\videoprt.sys
08:32:19.0015 2164 C:\WINDOWS\system32\drivers\videoprt.sys - ok
08:32:19.0031 2164 [ 791912E524CC2CC6F50B5F2B52D1EB71 ] C:\WINDOWS\system32\drivers\usbport.sys
08:32:19.0031 2164 C:\WINDOWS\system32\drivers\usbport.sys - ok
08:32:19.0031 2164 [ 26496F9DEE2D787FC3E61AD54821FFE6 ] C:\WINDOWS\system32\drivers\usbuhci.sys
08:32:19.0031 2164 C:\WINDOWS\system32\drivers\usbuhci.sys - ok
08:32:19.0031 2164 [ 65DCF09D0E37D4C6B11B5B0B76D470A7 ] C:\WINDOWS\system32\drivers\usbehci.sys
08:32:19.0031 2164 C:\WINDOWS\system32\drivers\usbehci.sys - ok
08:32:19.0046 2164 [ 573C7D0A32852B48F3058CFD8026F511 ] C:\WINDOWS\system32\drivers\hdaudbus.sys
08:32:19.0046 2164 C:\WINDOWS\system32\drivers\hdaudbus.sys - ok
08:32:19.0046 2164 [ D0692F7B8217E3B82D2BFAC535816117 ] C:\WINDOWS\system32\drivers\b57xp32.sys
08:32:19.0046 2164 C:\WINDOWS\system32\drivers\b57xp32.sys - ok
08:32:19.0062 2164 [ 5575FAF8F97CE5E713D108C2A58D7C7C ] C:\WINDOWS\system32\drivers\parport.sys
08:32:19.0062 2164 C:\WINDOWS\system32\drivers\parport.sys - ok
08:32:19.0062 2164 [ CCA207A8896D4C6A0C9CE29A4AE411A7 ] C:\WINDOWS\system32\drivers\serial.sys
08:32:19.0062 2164 C:\WINDOWS\system32\drivers\serial.sys - ok
08:32:19.0062 2164 [ 083A052659F5310DD8B6A6CB05EDCF8E ] C:\WINDOWS\system32\drivers\imapi.sys
08:32:19.0062 2164 C:\WINDOWS\system32\drivers\imapi.sys - ok
08:32:19.0078 2164 [ 0F29512CCD6BEAD730039FB4BD2C85CE ] C:\WINDOWS\system32\drivers\serenum.sys
08:32:19.0078 2164 C:\WINDOWS\system32\drivers\serenum.sys - ok
08:32:19.0078 2164 [ 76167B5EB2DFFC729EDC36386876B40B ] C:\WINDOWS\system32\drivers\DLACDBHM.SYS
08:32:19.0078 2164 C:\WINDOWS\system32\drivers\DLACDBHM.SYS - ok
08:32:19.0093 2164 [ 1F4260CC5B42272D71F79E570A27A4FE ] C:\WINDOWS\system32\drivers\cdrom.sys
08:32:19.0093 2164 C:\WINDOWS\system32\drivers\cdrom.sys - ok
08:32:19.0093 2164 [ 0753515F78DF7F271A5E61C20BCD36A1 ] C:\WINDOWS\system32\drivers\ks.sys
08:32:19.0093 2164 C:\WINDOWS\system32\drivers\ks.sys - ok
08:32:19.0109 2164 [ F828DD7E1419B6653894A8F97A0094C5 ] C:\WINDOWS\system32\drivers\redbook.sys
08:32:19.0109 2164 C:\WINDOWS\system32\drivers\redbook.sys - ok
08:32:19.0109 2164 [ 4477689E2D8AE6B78BA34C9AF4CC1ED1 ] C:\WINDOWS\system32\drivers\lmimirr.sys
08:32:19.0109 2164 C:\WINDOWS\system32\drivers\lmimirr.sys - ok
08:32:19.0109 2164 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
08:32:19.0109 2164 C:\WINDOWS\system32\drivers\audstub.sys - ok
08:32:19.0125 2164 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1 ] C:\WINDOWS\system32\drivers\modem.sys
08:32:19.0125 2164 C:\WINDOWS\system32\drivers\modem.sys - ok
08:32:19.0125 2164 [ D8B0B4ADE32574B2D9C5CC34DC0DBBE7 ] C:\WINDOWS\system32\drivers\rootmdm.sys
08:32:19.0125 2164 C:\WINDOWS\system32\drivers\rootmdm.sys - ok
08:32:19.0140 2164 [ 1AB3D00C991AB086E69DB84B6C0ED78F ] C:\WINDOWS\system32\drivers\ndistapi.sys
08:32:19.0140 2164 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
08:32:19.0140 2164 [ EDC1531A49C80614B2CFDA43CA8659AB ] C:\WINDOWS\system32\drivers\ndiswan.sys
08:32:19.0140 2164 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
08:32:19.0140 2164 [ 11B4A627BC9614B885C4969BFA5FF8A6 ] C:\WINDOWS\system32\drivers\rasl2tp.sys
08:32:19.0140 2164 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
08:32:19.0140 2164 [ 5BC962F2654137C9909C3D4603587DEE ] C:\WINDOWS\system32\drivers\raspppoe.sys
08:32:19.0140 2164 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
08:32:19.0156 2164 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99 ] C:\WINDOWS\system32\drivers\raspptp.sys
08:32:19.0156 2164 C:\WINDOWS\system32\drivers\raspptp.sys - ok
08:32:19.0156 2164 [ 0539D5E53587F82D1B4FD74C5BE205CF ] C:\WINDOWS\system32\drivers\tdi.sys
08:32:19.0156 2164 C:\WINDOWS\system32\drivers\tdi.sys - ok
08:32:19.0156 2164 [ 0A02C63C8B144BD8C86B103DEE7C86A2 ] C:\WINDOWS\system32\drivers\msgpc.sys
08:32:19.0156 2164 C:\WINDOWS\system32\drivers\msgpc.sys - ok
08:32:19.0171 2164 [ 09298EC810B07E5D582CB3A3F9255424 ] C:\WINDOWS\system32\drivers\psched.sys
08:32:19.0171 2164 C:\WINDOWS\system32\drivers\psched.sys - ok
08:32:19.0171 2164 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
08:32:19.0171 2164 C:\WINDOWS\system32\drivers\ptilink.sys - ok
08:32:19.0187 2164 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
08:32:19.0187 2164 C:\WINDOWS\system32\drivers\raspti.sys - ok
08:32:19.0187 2164 [ 833051C6C6C42117191935F734CFBD97 ] C:\WINDOWS\system32\drivers\hamachi.sys
08:32:19.0187 2164 C:\WINDOWS\system32\drivers\hamachi.sys - ok
08:32:19.0203 2164 [ 2C4FB2E9F039287767C384E46EE91030 ] C:\WINDOWS\system32\drivers\RimSerial.sys
08:32:19.0203 2164 C:\WINDOWS\system32\drivers\RimSerial.sys - ok
08:32:19.0203 2164 [ 15CABD0F7C00C47C70124907916AF3F1 ] C:\WINDOWS\system32\drivers\rdpdr.sys
08:32:19.0203 2164 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
08:32:19.0218 2164 [ 88155247177638048422893737429D9E ] C:\WINDOWS\system32\drivers\termdd.sys
08:32:19.0218 2164 C:\WINDOWS\system32\drivers\termdd.sys - ok
08:32:19.0218 2164 [ 463C1EC80CD17420A542B7F36A36F128 ] C:\WINDOWS\system32\drivers\kbdclass.sys
08:32:19.0218 2164 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
08:32:19.0234 2164 [ 35C9E97194C8CFB8430125F8DBC34D04 ] C:\WINDOWS\system32\drivers\mouclass.sys
08:32:19.0234 2164 C:\WINDOWS\system32\drivers\mouclass.sys - ok
08:32:19.0234 2164 [ 3941D127AEF12E93ADDF6FE6EE027E0F ] C:\WINDOWS\system32\drivers\swenum.sys
08:32:19.0234 2164 C:\WINDOWS\system32\drivers\swenum.sys - ok
08:32:19.0234 2164 [ 402DDC88356B1BAC0EE3DD1580C76A31 ] C:\WINDOWS\system32\drivers\update.sys
08:32:19.0234 2164 C:\WINDOWS\system32\drivers\update.sys - ok
08:32:19.0250 2164 [ AF5F4F3F14A8EA2C26DE30F7A1E17136 ] C:\WINDOWS\system32\drivers\mssmbios.sys
08:32:19.0250 2164 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
08:32:19.0250 2164 [ 6215023940CFD3702B46ABC304E1D45A ] C:\WINDOWS\system32\drivers\ndproxy.sys
08:32:19.0250 2164 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
08:32:19.0265 2164 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
08:32:19.0265 2164 C:\WINDOWS\system32\drivers\usbd.sys - ok
08:32:19.0265 2164 [ 1AB3CDDE553B6E064D2E754EFE20285C ] C:\WINDOWS\system32\drivers\usbhub.sys
08:32:19.0265 2164 C:\WINDOWS\system32\drivers\usbhub.sys - ok
08:32:19.0281 2164 [ DE25FC7DE3A464E455C0D0012757B0AC ] C:\WINDOWS\system32\drivers\ADIHdAud.sys
08:32:19.0281 2164 C:\WINDOWS\system32\drivers\ADIHdAud.sys - ok
08:32:19.0281 2164 [ 6CB08593487F5701D2D2254E693EAFCE ] C:\WINDOWS\system32\drivers\drmk.sys
08:32:19.0281 2164 C:\WINDOWS\system32\drivers\drmk.sys - ok
08:32:19.0296 2164 [ E82A496C3961EFC6828B508C310CE98F ] C:\WINDOWS\system32\drivers\portcls.sys
08:32:19.0296 2164 C:\WINDOWS\system32\drivers\portcls.sys - ok
08:32:19.0296 2164 [ B6A6B409FDA9D9EBD3AADB838D3D7173 ] C:\WINDOWS\system32\drivers\senfilt.sys
08:32:19.0296 2164 C:\WINDOWS\system32\drivers\senfilt.sys - ok
08:32:19.0296 2164 [ 9368670BD426EBEA5E8B18A62416EC28 ] C:\WINDOWS\system32\drivers\i2omgmt.sys
08:32:19.0296 2164 C:\WINDOWS\system32\drivers\i2omgmt.sys - ok
08:32:19.0312 2164 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
08:32:19.0312 2164 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
08:32:19.0312 2164 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
08:32:19.0312 2164 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
08:32:19.0328 2164 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
08:32:19.0328 2164 C:\WINDOWS\system32\drivers\null.sys - ok
08:32:19.0328 2164 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
08:32:19.0328 2164 C:\WINDOWS\system32\drivers\beep.sys - ok
08:32:19.0343 2164 [ 91886FED52A3F9966207BCE46CFD794F ] C:\WINDOWS\system32\drivers\DLARTL_M.SYS
08:32:19.0343 2164 C:\WINDOWS\system32\drivers\DLARTL_M.SYS - ok
08:32:19.0343 2164 [ 4A0B06AA8943C1E332520F7440C0AA30 ] C:\WINDOWS\system32\drivers\i8042prt.sys
08:32:19.0343 2164 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
08:32:19.0359 2164 [ 96ECCF28FDBF1B2CC12725818A63628D ] C:\WINDOWS\system32\drivers\hidparse.sys
08:32:19.0359 2164 C:\WINDOWS\system32\drivers\hidparse.sys - ok
08:32:19.0359 2164 [ 9EF487A186DEA361AA06913A75B3FA99 ] C:\WINDOWS\system32\drivers\kbdhid.sys
08:32:19.0359 2164 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
08:32:19.0359 2164 [ 0D3A8FAFCEACD8B7625CD549757A7DF1 ] C:\WINDOWS\system32\drivers\vga.sys
08:32:19.0359 2164 C:\WINDOWS\system32\drivers\vga.sys - ok
08:32:19.0375 2164 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
08:32:19.0375 2164 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
08:32:19.0375 2164 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
08:32:19.0375 2164 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
08:32:19.0390 2164 [ C941EA2454BA8350021D774DAF0F1027 ] C:\WINDOWS\system32\drivers\msfs.sys
08:32:19.0390 2164 C:\WINDOWS\system32\drivers\msfs.sys - ok
08:32:19.0390 2164 [ 3182D64AE053D6FB034F44B6DEF8034A ] C:\WINDOWS\system32\drivers\npfs.sys
08:32:19.0390 2164 C:\WINDOWS\system32\drivers\npfs.sys - ok
08:32:19.0390 2164 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
08:32:19.0390 2164 C:\WINDOWS\system32\drivers\rasacd.sys - ok
08:32:19.0390 2164 [ 23C74D75E36E7158768DD63D92789A91 ] C:\WINDOWS\system32\drivers\ipsec.sys
08:32:19.0390 2164 C:\WINDOWS\system32\drivers\ipsec.sys - ok
08:32:19.0421 2164 [ 9AEFA14BD6B182D61E3119FA5F436D3D ] C:\WINDOWS\system32\drivers\tcpip.sys
08:32:19.0421 2164 C:\WINDOWS\system32\drivers\tcpip.sys - ok
08:32:19.0421 2164 [ CC748EA12C6EFFDE940EE98098BF96BB ] C:\WINDOWS\system32\drivers\ipnat.sys
08:32:19.0421 2164 C:\WINDOWS\system32\drivers\ipnat.sys - ok
08:32:19.0437 2164 [ 74B2B2F5BEA5E9A3DC021D685551BD3D ] C:\WINDOWS\system32\drivers\netbt.sys
08:32:19.0437 2164 C:\WINDOWS\system32\drivers\netbt.sys - ok
08:32:19.0437 2164 [ 6ABE6E225ADB5A751622A9CC3BC19CE8 ] C:\WINDOWS\system32\drivers\ws2ifsl.sys
08:32:19.0437 2164 C:\WINDOWS\system32\drivers\ws2ifsl.sys - ok
08:32:19.0437 2164 [ 7E775010EF291DA96AD17CA4B17137D7 ] C:\WINDOWS\system32\drivers\afd.sys
08:32:19.0437 2164 C:\WINDOWS\system32\drivers\afd.sys - ok
08:32:19.0437 2164 [ 5D81CF9A2F1A3A756B66CF684911CDF0 ] C:\WINDOWS\system32\drivers\netbios.sys
08:32:19.0437 2164 C:\WINDOWS\system32\drivers\netbios.sys - ok
08:32:19.0437 2164 [ A36EE93698802CD899F98BFD553D8185 ] C:\WINDOWS\system32\drivers\ssmdrv.sys
08:32:19.0437 2164 C:\WINDOWS\system32\drivers\ssmdrv.sys - ok
08:32:19.0437 2164 [ E9BBD87AFD80DC1212ECD762858B45C7 ] C:\WINDOWS\system32\drivers\scdemu.sys
08:32:19.0437 2164 C:\WINDOWS\system32\drivers\scdemu.sys - ok
08:32:19.0437 2164 [ 67D2688756DD304AF655349BAAD82BFF ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
08:32:19.0437 2164 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
08:32:19.0437 2164 [ A3281AEC37E0720A2BC28034C2DF2A56 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
08:32:19.0437 2164 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
08:32:19.0437 2164 [ 1AF592532532A402ED7C060F6954004F ] C:\WINDOWS\system32\drivers\hidclass.sys
08:32:19.0437 2164 C:\WINDOWS\system32\drivers\hidclass.sys - ok
08:32:19.0453 2164 [ CCF82C5EC8A7326C3066DE870C06DAF1 ] C:\WINDOWS\system32\drivers\hidusb.sys
08:32:19.0453 2164 C:\WINDOWS\system32\drivers\hidusb.sys - ok
08:32:19.0453 2164 [ 7AD224AD1A1437FE28D89CF22B17780A ] C:\WINDOWS\system32\drivers\rdbss.sys
08:32:19.0453 2164 C:\WINDOWS\system32\drivers\rdbss.sys - ok
08:32:19.0453 2164 [ 60AE98742484E7AB80C3C1450E708148 ] C:\WINDOWS\system32\drivers\mrxsmb.sys
08:32:19.0453 2164 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
08:32:19.0453 2164 [ D45926117EB9FA946A6AF572FBE1CAA3 ] C:\WINDOWS\system32\drivers\fips.sys
08:32:19.0453 2164 C:\WINDOWS\system32\drivers\fips.sys - ok
08:32:19.0453 2164 [ B1C303E17FB9D46E87A98E4BA6769685 ] C:\WINDOWS\system32\drivers\mouhid.sys
08:32:19.0453 2164 C:\WINDOWS\system32\drivers\mouhid.sys - ok
08:32:19.0453 2164 [ 5D7BE7B19E827125E016325334E58FF1 ] C:\WINDOWS\system32\drivers\BANTExt.sys
08:32:19.0453 2164 C:\WINDOWS\system32\drivers\BANTExt.sys - ok
08:32:19.0453 2164 [ 0F78D3DAE6DEDD99AE54C9491C62ADF2 ] C:\WINDOWS\system32\drivers\avipbb.sys
08:32:19.0453 2164 C:\WINDOWS\system32\drivers\avipbb.sys - ok
08:32:19.0453 2164 [ 0B497C79824F8E1BF22FA6AACD3DE3A0 ] C:\Program Files\Avira\AntiVir Desktop\avgio.sys
08:32:19.0453 2164 C:\Program Files\Avira\AntiVir Desktop\avgio.sys - ok
08:32:19.0453 2164 [ 911DDF2E16761643A47225F654D811E5 ] C:\WINDOWS\system32\ntdll.dll
08:32:19.0453 2164 C:\WINDOWS\system32\ntdll.dll - ok
08:32:19.0468 2164 [ 5F816C1F539266D2D4C78694239DA0B5 ] C:\WINDOWS\system32\smss.exe
08:32:19.0468 2164 C:\WINDOWS\system32\smss.exe - ok
08:32:19.0468 2164 [ 23043C91A0F9DFB4B9E9F87B680863B4 ] C:\WINDOWS\system32\autochk.exe
08:32:19.0468 2164 C:\WINDOWS\system32\autochk.exe - ok
08:32:19.0468 2164 [ 9DD07AF82244867CA36681EA2D29CE79 ] C:\WINDOWS\system32\sfcfiles.dll
08:32:19.0468 2164 C:\WINDOWS\system32\sfcfiles.dll - ok
08:32:19.0468 2164 [ E20B95BAEDB550F32DD489265C1DA1F6 ] C:\WINDOWS\system32\drivers\wanarp.sys
08:32:19.0468 2164 C:\WINDOWS\system32\drivers\wanarp.sys - ok
08:32:19.0468 2164 [ C885B02847F5D2FD45A24E219ED93B32 ] C:\WINDOWS\system32\drivers\cdfs.sys
08:32:19.0468 2164 C:\WINDOWS\system32\drivers\cdfs.sys - ok
08:32:19.0468 2164 [ A32426D9B14A089EAA1D922E0C5801A9 ] C:\WINDOWS\system32\drivers\usbstor.sys
08:32:19.0468 2164 C:\WINDOWS\system32\drivers\usbstor.sys - ok
08:32:19.0468 2164 [ BDC361489A7F22E568060FA6FB3C960E ] C:\WINDOWS\system32\drivers\iaStor.sys
08:32:19.0468 2164 C:\WINDOWS\system32\drivers\iaStor.sys - ok
08:32:19.0468 2164 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
08:32:19.0468 2164 C:\WINDOWS\system32\drivers\dxapi.sys - ok
08:32:19.0484 2164 [ 9A10AACBFDC4922715375FB4065EC930 ] C:\WINDOWS\system32\watchdog.sys
08:32:19.0484 2164 C:\WINDOWS\system32\watchdog.sys - ok
08:32:19.0484 2164 [ B707EA8E261F47B51CAC6FB7AF7770F6 ] C:\WINDOWS\system32\win32k.sys
08:32:19.0484 2164 C:\WINDOWS\system32\win32k.sys - ok
08:32:19.0484 2164 [ 44F275C64738EA2056E3D9580C23B60F ] C:\WINDOWS\system32\csrss.exe
08:32:19.0484 2164 C:\WINDOWS\system32\csrss.exe - ok
08:32:19.0484 2164 [ 05B100F8DD7073BFD7B3E46D0E36AD0C ] C:\WINDOWS\system32\csrsrv.dll
08:32:19.0484 2164 C:\WINDOWS\system32\csrsrv.dll - ok
08:32:19.0484 2164 [ 42F1F4C0AFB08410E5F02D4B13EBB623 ] C:\WINDOWS\system32\basesrv.dll
08:32:19.0484 2164 C:\WINDOWS\system32\basesrv.dll - ok
08:32:19.0484 2164 [ 8B1F3320AEBB536E021A5014409862DE ] C:\WINDOWS\system32\gdi32.dll
08:32:19.0484 2164 C:\WINDOWS\system32\gdi32.dll - ok
08:32:19.0484 2164 [ 1618F36D4F7F6CCCEB3EE44BA95BE85C ] C:\WINDOWS\system32\winsrv.dll
08:32:19.0484 2164 C:\WINDOWS\system32\winsrv.dll - ok
08:32:19.0484 2164 [ B921FB870C9AC0D509B2CCABBBBE95F3 ] C:\WINDOWS\system32\kernel32.dll
08:32:19.0484 2164 C:\WINDOWS\system32\kernel32.dll - ok
08:32:19.0484 2164 [ B26B135FF1B9F60C9388B4A7D16F600B ] C:\WINDOWS\system32\user32.dll
08:32:19.0484 2164 C:\WINDOWS\system32\user32.dll - ok
08:32:19.0500 2164 [ AC7280566A7BB85CB3291F04DDC1198E ] C:\WINDOWS\system32\drivers\dxg.sys
08:32:19.0500 2164 C:\WINDOWS\system32\drivers\dxg.sys - ok
08:32:19.0500 2164 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
08:32:19.0500 2164 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
08:32:19.0500 2164 [ 8488B38CD3A96BAF7B8E46832833B383 ] C:\WINDOWS\system32\nv4_disp.dll
08:32:19.0500 2164 C:\WINDOWS\system32\nv4_disp.dll - ok
08:32:19.0500 2164 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
08:32:19.0500 2164 C:\WINDOWS\system32\vga.dll - ok
08:32:19.0500 2164 [ ED0EF0A136DEC83DF69F04118870003E ] C:\WINDOWS\system32\winlogon.exe
08:32:19.0500 2164 C:\WINDOWS\system32\winlogon.exe - ok
08:32:19.0500 2164 [ E76F8807070ED04E7408A86D6D3A6137 ] C:\WINDOWS\system32\advapi32.dll
08:32:19.0500 2164 C:\WINDOWS\system32\advapi32.dll - ok
08:32:19.0500 2164 [ 2193C150DE9C29649B1503093F0C6569 ] C:\WINDOWS\system32\rpcrt4.dll
08:32:19.0500 2164 C:\WINDOWS\system32\rpcrt4.dll - ok
08:32:19.0500 2164 [ 5357826C8A8DD6A07F17C48BB45BE46E ] C:\WINDOWS\system32\secur32.dll
08:32:19.0500 2164 C:\WINDOWS\system32\secur32.dll - ok
08:32:19.0500 2164 [ 714705F29A917993536A6AB2DEDB0B7F ] C:\WINDOWS\system32\authz.dll
08:32:19.0500 2164 C:\WINDOWS\system32\authz.dll - ok
08:32:19.0515 2164 [ 355EDBB4D412B01F1740C17E3F50FA00 ] C:\WINDOWS\system32\msvcrt.dll
08:32:19.0515 2164 C:\WINDOWS\system32\msvcrt.dll - ok
08:32:19.0515 2164 [ BDAAF79DD63F194434D31A74B9BB8B77 ] C:\WINDOWS\system32\crypt32.dll
08:32:19.0515 2164 C:\WINDOWS\system32\crypt32.dll - ok
08:32:19.0515 2164 [ A11F1EA5346165347BF54C1F959C3FBC ] C:\WINDOWS\system32\msasn1.dll
08:32:19.0515 2164 C:\WINDOWS\system32\msasn1.dll - ok
08:32:19.0515 2164 [ 013C1148C1EC025596896E093F60F608 ] C:\WINDOWS\system32\nddeapi.dll
08:32:19.0515 2164 C:\WINDOWS\system32\nddeapi.dll - ok
08:32:19.0515 2164 [ FCFA1C55971CC229D353B3A15ACCD995 ] C:\WINDOWS\system32\profmap.dll
08:32:19.0515 2164 C:\WINDOWS\system32\profmap.dll - ok
08:32:19.0515 2164 [ 318230E845919255EF3C5D5E1E863631 ] C:\WINDOWS\system32\netapi32.dll
08:32:19.0515 2164 C:\WINDOWS\system32\netapi32.dll - ok
08:32:19.0515 2164 [ 43D13C80EBEC0135A3611E0F616F179B ] C:\WINDOWS\system32\userenv.dll
08:32:19.0515 2164 C:\WINDOWS\system32\userenv.dll - ok
08:32:19.0515 2164 [ 9CFCB3CA3D83B4EAA133F0644A2C6F31 ] C:\WINDOWS\system32\psapi.dll
08:32:19.0515 2164 C:\WINDOWS\system32\psapi.dll - ok
08:32:19.0531 2164 [ AF11C591F2F4AFF4A6CF699D376F618B ] C:\WINDOWS\system32\regapi.dll
08:32:19.0531 2164 C:\WINDOWS\system32\regapi.dll - ok
08:32:19.0531 2164 [ 24192246760E0E64435522E246B1D6C2 ] C:\WINDOWS\system32\setupapi.dll
08:32:19.0531 2164 C:\WINDOWS\system32\setupapi.dll - ok
08:32:19.0531 2164 [ C7CE131408739B0B3A318BE2D0032719 ] C:\WINDOWS\system32\version.dll
08:32:19.0531 2164 C:\WINDOWS\system32\version.dll - ok
08:32:19.0531 2164 [ 430CEB794F6E6EF8AC86958C242366D6 ] C:\WINDOWS\system32\winsta.dll
08:32:19.0531 2164 C:\WINDOWS\system32\winsta.dll - ok
08:32:19.0531 2164 [ CA648BD638245EB83F971FF71B031BEC ] C:\WINDOWS\system32\imagehlp.dll
08:32:19.0531 2164 C:\WINDOWS\system32\imagehlp.dll - ok
08:32:19.0531 2164 [ B25D14DCBBB6623C1A63CD07A97DF32B ] C:\WINDOWS\system32\wintrust.dll
08:32:19.0531 2164 C:\WINDOWS\system32\wintrust.dll - ok
08:32:19.0531 2164 [ 9789E95E1D88EEB4B922BF3EA7779C28 ] C:\WINDOWS\system32\ws2help.dll
08:32:19.0531 2164 C:\WINDOWS\system32\ws2help.dll - ok
08:32:19.0531 2164 [ 2CCC474EB85CEAA3E1FA1726580A3E5A ] C:\WINDOWS\system32\ws2_32.dll
08:32:19.0531 2164 C:\WINDOWS\system32\ws2_32.dll - ok
08:32:19.0531 2164 [ 0DA85218E92526972A821587E6A8BF8F ] C:\WINDOWS\system32\imm32.dll
08:32:19.0531 2164 C:\WINDOWS\system32\imm32.dll - ok
08:32:19.0546 2164 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
08:32:19.0546 2164 C:\WINDOWS\system32\kbdus.dll - ok
08:32:19.0546 2164 [ D7B7A57C0E57C836F18CF12A4C62A1CA ] C:\WINDOWS\system32\msgina.dll
08:32:19.0546 2164 C:\WINDOWS\system32\msgina.dll - ok
08:32:19.0546 2164 [ 06F247492BC786CE5C24A23E178C711A ] C:\WINDOWS\system32\comctl32.dll
08:32:19.0546 2164 C:\WINDOWS\system32\comctl32.dll - ok
08:32:19.0546 2164 [ 86987A5000DFA3EBE2275C0456BCF2FE ] C:\WINDOWS\system32\comdlg32.dll
08:32:19.0546 2164 C:\WINDOWS\system32\comdlg32.dll - ok
08:32:19.0546 2164 [ 52A5A388661FF3A889593185367B7226 ] C:\WINDOWS\system32\odbc32.dll
08:32:19.0546 2164 C:\WINDOWS\system32\odbc32.dll - ok
08:32:19.0546 2164 [ 08B99916C98E15F6C28D24D73E53B45A ] C:\WINDOWS\system32\shell32.dll
08:32:19.0546 2164 C:\WINDOWS\system32\shell32.dll - ok
08:32:19.0546 2164 [ 72EDAE61E761C14714BFD0CB4BA3C0DB ] C:\WINDOWS\system32\shlwapi.dll
08:32:19.0546 2164 C:\WINDOWS\system32\shlwapi.dll - ok
08:32:19.0546 2164 [ 694503348B586E99D56C0E30AB5B3EF8 ] C:\WINDOWS\system32\sxs.dll
08:32:19.0546 2164 C:\WINDOWS\system32\sxs.dll - ok
08:32:19.0546 2164 [ BD38D1EBE24A46BD3EDA059560AFBA12 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll
08:32:19.0546 2164 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.5512_x-ww_35d4ce83\comctl32.dll - ok
08:32:19.0562 2164 [ 6B7C6B32F8E84D56C6260D684019FEA2 ] C:\WINDOWS\system32\odbcint.dll
08:32:19.0562 2164 C:\WINDOWS\system32\odbcint.dll - ok
08:32:19.0562 2164 [ 1926899BF9FFE2602B63074971700412 ] C:\WINDOWS\system32\shsvcs.dll
08:32:19.0562 2164 C:\WINDOWS\system32\shsvcs.dll - ok
08:32:19.0562 2164 [ 96E1C926F22EE1BFBAE82901A35F6BF3 ] C:\WINDOWS\system32\sfc.dll
08:32:19.0562 2164 C:\WINDOWS\system32\sfc.dll - ok
08:32:19.0562 2164 [ 6B5DB6789177A4FD0DEBC248041D0739 ] C:\WINDOWS\system32\sfc_os.dll
08:32:19.0562 2164 C:\WINDOWS\system32\sfc_os.dll - ok
08:32:19.0562 2164 [ ECCE74BC6168375016450A86A164D976 ] C:\WINDOWS\system32\ole32.dll
08:32:19.0562 2164 C:\WINDOWS\system32\ole32.dll - ok
08:32:19.0562 2164 [ CF492D7E9AF1C628B3536D20EF6F5CC7 ] C:\WINDOWS\system32\apphelp.dll
08:32:19.0562 2164 C:\WINDOWS\system32\apphelp.dll - ok
08:32:19.0562 2164 [ 65DF52F5B8B6E9BBD183505225C37315 ] C:\WINDOWS\system32\services.exe
08:32:19.0562 2164 C:\WINDOWS\system32\services.exe - ok
08:32:19.0562 2164 [ EC29A79F1E76DC509E24D401F29D0678 ] C:\WINDOWS\system32\ncobjapi.dll
08:32:19.0562 2164 C:\WINDOWS\system32\ncobjapi.dll - ok
08:32:19.0562 2164 [ BF2466B3E18E970D8A976FB95FC1CA85 ] C:\WINDOWS\system32\lsass.exe
08:32:19.0562 2164 C:\WINDOWS\system32\lsass.exe - ok
08:32:19.0578 2164 [ F404830F3CD9BF8F2515E489C0CDA297 ] C:\WINDOWS\system32\msvcp60.dll
08:32:19.0578 2164 C:\WINDOWS\system32\msvcp60.dll - ok
08:32:19.0578 2164 [ 6A77C91890CFE08135301574BB29559F ] C:\WINDOWS\system32\lsasrv.dll
08:32:19.0578 2164 C:\WINDOWS\system32\lsasrv.dll - ok
08:32:19.0578 2164 [ B24A42A413E694AD73FDFB7FBD492C31 ] C:\WINDOWS\system32\scesrv.dll
08:32:19.0578 2164 C:\WINDOWS\system32\scesrv.dll - ok
08:32:19.0578 2164 [ DD7BD97FB8BD800963789158A5E4B41D ] C:\WINDOWS\system32\mpr.dll
08:32:19.0578 2164 C:\WINDOWS\system32\mpr.dll - ok
08:32:19.0578 2164 [ 2EDFC2A8893435723AD80481803C6D5C ] C:\WINDOWS\system32\umpnpmgr.dll
08:32:19.0578 2164 C:\WINDOWS\system32\umpnpmgr.dll - ok
08:32:19.0578 2164 [ EC4C0D9BFD9F7E33F8B395AD54E13063 ] C:\WINDOWS\system32\ntdsapi.dll
08:32:19.0578 2164 C:\WINDOWS\system32\ntdsapi.dll - ok
08:32:19.0578 2164 [ 5D3FDE8FB2801A2041D1B965372C4928 ] C:\WINDOWS\system32\dnsapi.dll
08:32:19.0578 2164 C:\WINDOWS\system32\dnsapi.dll - ok
08:32:19.0578 2164 [ 1F03103598BD817B1078DAB1326DDE11 ] C:\WINDOWS\system32\shimeng.dll
08:32:19.0578 2164 C:\WINDOWS\system32\shimeng.dll - ok
08:32:19.0593 2164 [ 0492CF5870F0E616B0C71695A433D162 ] C:\WINDOWS\system32\wldap32.dll
08:32:19.0593 2164 C:\WINDOWS\system32\wldap32.dll - ok
08:32:19.0593 2164 [ EA9EE60B408878E5F2012F9C783836DB ] C:\WINDOWS\AppPatch\acadproc.dll
08:32:19.0593 2164 C:\WINDOWS\AppPatch\acadproc.dll - ok
08:32:19.0593 2164 [ 8329A39D5A402A75A74301D6A62ECDA1 ] C:\WINDOWS\system32\samlib.dll
08:32:19.0593 2164 C:\WINDOWS\system32\samlib.dll - ok
08:32:19.0593 2164 [ F05B8CDB7FE0E55DCCFB1D946CE80064 ] C:\WINDOWS\system32\samsrv.dll
08:32:19.0593 2164 C:\WINDOWS\system32\samsrv.dll - ok
08:32:19.0593 2164 [ 17A1D675C12BBF80CAAC54A4855C41D0 ] C:\WINDOWS\system32\cryptdll.dll
08:32:19.0593 2164 C:\WINDOWS\system32\cryptdll.dll - ok
08:32:19.0593 2164 [ 310C15FD8358B2C4CD7A5B98A112883F ] C:\WINDOWS\AppPatch\acgenral.dll
08:32:19.0593 2164 C:\WINDOWS\AppPatch\acgenral.dll - ok
08:32:19.0593 2164 [ F1300D0B4C40754A01DF16F350F0EF60 ] C:\WINDOWS\system32\winmm.dll
08:32:19.0593 2164 C:\WINDOWS\system32\winmm.dll - ok
08:32:19.0593 2164 [ 387006CF9983000BAB76DD250D424045 ] C:\WINDOWS\system32\oleaut32.dll
08:32:19.0593 2164 C:\WINDOWS\system32\oleaut32.dll - ok
08:32:19.0593 2164 [ 2098AB52BD5316E59AA36F3437B13BE6 ] C:\WINDOWS\system32\msacm32.dll
08:32:19.0593 2164 C:\WINDOWS\system32\msacm32.dll - ok
08:32:19.0609 2164 [ 7A2CC3719B255E6B5D74396183B7715B ] C:\WINDOWS\system32\uxtheme.dll
08:32:19.0609 2164 C:\WINDOWS\system32\uxtheme.dll - ok
08:32:19.0609 2164 [ F24B12786D60A17008319E3F2AEE7799 ] C:\WINDOWS\system32\msapsspc.dll
08:32:19.0609 2164 C:\WINDOWS\system32\msapsspc.dll - ok
08:32:19.0609 2164 [ 7A660EDC0757849DF5F8706FB6E9F740 ] C:\WINDOWS\system32\msvcrt40.dll
08:32:19.0609 2164 C:\WINDOWS\system32\msvcrt40.dll - ok
08:32:19.0609 2164 [ BFDECE69E293E6DB4E25DEF862418428 ] C:\WINDOWS\system32\schannel.dll
08:32:19.0609 2164 C:\WINDOWS\system32\schannel.dll - ok
08:32:19.0609 2164 [ 3D76DD0CBC536E0F8C45D23ED230BEB2 ] C:\WINDOWS\system32\digest.dll
08:32:19.0609 2164 C:\WINDOWS\system32\digest.dll - ok
08:32:19.0609 2164 [ A4388DF80E52695AE92EE5F3F61F1619 ] C:\WINDOWS\system32\msnsspc.dll
08:32:19.0609 2164 C:\WINDOWS\system32\msnsspc.dll - ok
08:32:19.0609 2164 [ 5733177BCF16EE78B99543C9B0AB81EA ] C:\WINDOWS\system32\msctfime.ime
08:32:19.0609 2164 C:\WINDOWS\system32\msctfime.ime - ok
08:32:19.0609 2164 [ C6BB1D1500DB4A0E224CB65E6C7E8A80 ] C:\WINDOWS\system32\msprivs.dll
08:32:19.0609 2164 C:\WINDOWS\system32\msprivs.dll - ok
08:32:19.0609 2164 [ 99EA6AC9B3FEE42E0438A3A24720EE3F ] C:\WINDOWS\system32\kerberos.dll
08:32:19.0609 2164 C:\WINDOWS\system32\kerberos.dll - ok
08:32:19.0625 2164 [ D2DCC24ACC0350BC61F14ADDDF99AD38 ] C:\WINDOWS\system32\msv1_0.dll
08:32:19.0625 2164 C:\WINDOWS\system32\msv1_0.dll - ok
08:32:19.0625 2164 [ AF07DC9B7CC455629E732340C7B15F3A ] C:\WINDOWS\system32\iphlpapi.dll
08:32:19.0625 2164 C:\WINDOWS\system32\iphlpapi.dll - ok
08:32:19.0625 2164 [ 1B7F071C51B77C272875C3A23E1E4550 ] C:\WINDOWS\system32\netlogon.dll
08:32:19.0625 2164 C:\WINDOWS\system32\netlogon.dll - ok
08:32:19.0625 2164 [ 54AF4B1D5459500EF0937F6D33B1914F ] C:\WINDOWS\system32\w32time.dll
08:32:19.0625 2164 C:\WINDOWS\system32\w32time.dll - ok
08:32:19.0625 2164 [ 3AAF9B35939FF9E58CCD18D41655C2FC ] C:\WINDOWS\system32\wdigest.dll
08:32:19.0625 2164 C:\WINDOWS\system32\wdigest.dll - ok
08:32:19.0625 2164 [ 54DAE3EA34802B4ED9AE1C6B1209FA56 ] C:\WINDOWS\system32\rsaenh.dll
08:32:19.0625 2164 C:\WINDOWS\system32\rsaenh.dll - ok
08:32:19.0625 2164 [ 02988B904C386B500CD08639C4C20EEA ] C:\WINDOWS\system32\winscard.dll
08:32:19.0625 2164 C:\WINDOWS\system32\winscard.dll - ok
08:32:19.0625 2164 [ 0E2735281FBB9A764D5584C2A5DCBA59 ] C:\WINDOWS\system32\wtsapi32.dll
08:32:19.0625 2164 C:\WINDOWS\system32\wtsapi32.dll - ok
08:32:19.0640 2164 [ 1E4114685DE1FFA9675E09C6A1FB3F4B ] C:\WINDOWS\system32\drivers\avgntflt.sys
08:32:19.0640 2164 C:\WINDOWS\system32\drivers\avgntflt.sys - ok
08:32:19.0640 2164 [ A86BB5E61BF3E39B62AB4C7E7085A084 ] C:\WINDOWS\system32\scecli.dll
08:32:19.0640 2164 C:\WINDOWS\system32\scecli.dll - ok
08:32:19.0640 2164 [ 6E6AB29D3C06E64CE81FEACDA85394B5 ] C:\WINDOWS\system32\drivers\DRVNDDM.SYS
08:32:19.0640 2164 C:\WINDOWS\system32\drivers\DRVNDDM.SYS - ok
08:32:19.0640 2164 [ 34EF4739A4D9D09A96069198F42B8D99 ] C:\WINDOWS\system32\atmfd.dll
08:32:19.0640 2164 C:\WINDOWS\system32\atmfd.dll - ok
08:32:19.0640 2164 [ 5615744A1056933B90E6AC54FEB86F35 ] C:\WINDOWS\system32\DLA\DLADResM.SYS
08:32:19.0640 2164 C:\WINDOWS\system32\DLA\DLADResM.SYS - ok
08:32:19.0640 2164 [ 1AECA2AFA5005CE4A550CF8EB55A8C88 ] C:\WINDOWS\system32\DLA\DLAIFS_M.SYS
08:32:19.0640 2164 C:\WINDOWS\system32\DLA\DLAIFS_M.SYS - ok
08:32:19.0640 2164 [ 840E7F6ABB885C72B9FFDDB022EF5B6D ] C:\WINDOWS\system32\DLA\DLAOPIOM.SYS
08:32:19.0640 2164 C:\WINDOWS\system32\DLA\DLAOPIOM.SYS - ok
08:32:19.0640 2164 [ 0659E6E0A95564F958D9DF7313F7701E ] C:\WINDOWS\system32\DLA\DLABMFSM.SYS
08:32:19.0640 2164 C:\WINDOWS\system32\DLA\DLABMFSM.SYS - ok
08:32:19.0640 2164 [ 8691C78908F0BD66170669DB268369F2 ] C:\WINDOWS\system32\DLA\DLABOIOM.SYS
08:32:19.0640 2164 C:\WINDOWS\system32\DLA\DLABOIOM.SYS - ok
08:32:19.0656 2164 [ 0294D18731AC05DA80132CE88F8A876B ] C:\WINDOWS\system32\DLA\DLAPoolM.SYS
08:32:19.0656 2164 C:\WINDOWS\system32\DLA\DLAPoolM.SYS - ok
08:32:19.0656 2164 [ CCA4E121D599D7D1706A30F603731E59 ] C:\WINDOWS\system32\DLA\DLAUDFAM.SYS
08:32:19.0656 2164 C:\WINDOWS\system32\DLA\DLAUDFAM.SYS - ok
08:32:19.0656 2164 [ 7DAB85C33135DF24419951DA4E7D38E5 ] C:\WINDOWS\system32\DLA\DLAUDF_M.SYS
08:32:19.0656 2164 C:\WINDOWS\system32\DLA\DLAUDF_M.SYS - ok
08:32:19.0656 2164 [ 27C6D03BCDB8CFEB96B716F3D8BE3E18 ] C:\WINDOWS\system32\svchost.exe
08:32:19.0656 2164 C:\WINDOWS\system32\svchost.exe - ok
08:32:19.0656 2164 [ 549290DBC280C887681D7652978DBBE0 ] C:\WINDOWS\system32\ntmarta.dll
08:32:19.0656 2164 C:\WINDOWS\system32\ntmarta.dll - ok
08:32:19.0656 2164 [ 6B27A5C03DFB94B4245739065431322C ] C:\WINDOWS\system32\rpcss.dll
08:32:19.0656 2164 C:\WINDOWS\system32\rpcss.dll - ok
08:32:19.0656 2164 [ 16403217AB6FC5C30C14C6B12098AD4B ] C:\WINDOWS\system32\xpsp2res.dll
08:32:19.0656 2164 C:\WINDOWS\system32\xpsp2res.dll - ok
08:32:19.0656 2164 [ 6D4FEB43EE538FC5428CC7F0565AA656 ] C:\WINDOWS\system32\eventlog.dll
08:32:19.0656 2164 C:\WINDOWS\system32\eventlog.dll - ok
08:32:19.0656 2164 [ 832E4DD8964AB7ACC880B2837CB1ED20 ] C:\WINDOWS\system32\mswsock.dll
08:32:19.0656 2164 C:\WINDOWS\system32\mswsock.dll - ok
08:32:19.0671 2164 [ 3CB32D3B8CBE79899D63280BB7A83CD9 ] C:\WINDOWS\system32\hnetcfg.dll
08:32:19.0671 2164 C:\WINDOWS\system32\hnetcfg.dll - ok
08:32:19.0671 2164 [ 4E3D06D6E68EEDB52565080F55B460D3 ] C:\WINDOWS\system32\wshtcpip.dll
08:32:19.0671 2164 C:\WINDOWS\system32\wshtcpip.dll - ok
08:32:19.0671 2164 [ D72B9EC3337B247A666F098F3D6B43DE ] C:\WINDOWS\system32\winrnr.dll
08:32:19.0671 2164 C:\WINDOWS\system32\winrnr.dll - ok
08:32:19.0671 2164 [ 1F5A570AD942DFCFE4500326ABDD72B2 ] C:\Program Files\Bonjour\mdnsNSP.dll
08:32:19.0671 2164 C:\Program Files\Bonjour\mdnsNSP.dll - ok
08:32:19.0671 2164 [ 6F9BEF24C578D5D6740E080BEDD6A448 ] C:\WINDOWS\system32\rasadhlp.dll
08:32:19.0671 2164 C:\WINDOWS\system32\rasadhlp.dll - ok
08:32:19.0671 2164 [ 482E8F6FD557D5A0DF7363F72DF145FE ] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
08:32:19.0671 2164 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - ok
08:32:19.0671 2164 [ 05231C04253C5BC30B26CBAAE680ED89 ] C:\WINDOWS\system32\WudfSvc.dll
08:32:19.0671 2164 C:\WINDOWS\system32\WudfSvc.dll - ok
08:32:19.0671 2164 [ 5CAF91E865FE0C85048A233E594544D2 ] C:\WINDOWS\system32\WudfPlatform.dll
08:32:19.0671 2164 C:\WINDOWS\system32\WudfPlatform.dll - ok
08:32:19.0671 2164 [ 7E8A47A2E6561274B83E257CE74803FD ] C:\WINDOWS\system32\wininet.dll
08:32:19.0671 2164 C:\WINDOWS\system32\wininet.dll - ok
08:32:19.0687 2164 [ 5E38D7684A49CACFB752B046357E0589 ] C:\WINDOWS\system32\dhcpcsvc.dll
08:32:19.0687 2164 C:\WINDOWS\system32\dhcpcsvc.dll - ok
08:32:19.0687 2164 [ 10753A3ADC3E39A3B10CC3F08E98E6B4 ] C:\WINDOWS\system32\normaliz.dll
08:32:19.0687 2164 C:\WINDOWS\system32\normaliz.dll - ok
08:32:19.0687 2164 [ 2FABFC08EA56B0EC4388A68C314C03A2 ] C:\WINDOWS\system32\urlmon.dll
08:32:19.0687 2164 C:\WINDOWS\system32\urlmon.dll - ok
08:32:19.0687 2164 [ 474B4DC3983173E4B4C9740B0DAC98A6 ] C:\WINDOWS\system32\dnsrslvr.dll
08:32:19.0687 2164 C:\WINDOWS\system32\dnsrslvr.dll - ok
08:32:19.0687 2164 [ 803A6176020D97E68704B211BFE7D255 ] C:\WINDOWS\system32\iertutil.dll
08:32:19.0687 2164 C:\WINDOWS\system32\iertutil.dll - ok
08:32:19.0687 2164 [ 515A7FAE2070C2B0242B2353443E2F11 ] C:\WINDOWS\system32\cscdll.dll
08:32:19.0687 2164 C:\WINDOWS\system32\cscdll.dll - ok
08:32:19.0687 2164 [ E2092F0A1D7ABC243F9C2362483D150D ] C:\WINDOWS\system32\dimsntfy.dll
08:32:19.0687 2164 C:\WINDOWS\system32\dimsntfy.dll - ok
08:32:19.0687 2164 [ 90F216A3C7DB40FB817AA0163172445E ] C:\WINDOWS\system32\LMIinit.dll
08:32:19.0687 2164 C:\WINDOWS\system32\LMIinit.dll - ok
08:32:19.0703 2164 [ A7DB739AE99A796D91580147E919CC59 ] C:\WINDOWS\system32\lmhsvc.dll
08:32:19.0703 2164 C:\WINDOWS\system32\lmhsvc.dll - ok
08:32:19.0703 2164 [ 2CC34E8BB667EEF78899546E12649196 ] C:\WINDOWS\system32\wlnotify.dll
08:32:19.0703 2164 C:\WINDOWS\system32\wlnotify.dll - ok
08:32:19.0703 2164 [ F137A0CA70003DB20448D540651FA003 ] C:\WINDOWS\system32\clbcatq.dll
08:32:19.0703 2164 C:\WINDOWS\system32\clbcatq.dll - ok
08:32:19.0703 2164 [ BD83ABA61E8ACCC8D9FFB869F29418CE ] C:\WINDOWS\system32\winspool.drv
08:32:19.0703 2164 C:\WINDOWS\system32\winspool.drv - ok
08:32:19.0703 2164 [ 02CF580510234E519736559A7F19EA20 ] C:\WINDOWS\system32\WgaLogon.dll
08:32:19.0703 2164 C:\WINDOWS\system32\WgaLogon.dll - ok
08:32:19.0703 2164 [ 1280A158C722FA95A80FB7AEBE78FA7D ] C:\WINDOWS\system32\comres.dll
08:32:19.0703 2164 C:\WINDOWS\system32\comres.dll - ok
08:32:19.0703 2164 [ 9FC3049701123BB618976F01F5702B00 ] C:\WINDOWS\system32\msxml3.dll
08:32:19.0703 2164 C:\WINDOWS\system32\msxml3.dll - ok
08:32:19.0703 2164 [ 38D332A6D56AF32635675F132548343E ] C:\WINDOWS\system32\drivers\fastfat.sys
08:32:19.0703 2164 C:\WINDOWS\system32\drivers\fastfat.sys - ok
08:32:19.0703 2164 [ D8E14A61ACC1D4A6CD0D38AEBAC7FA3B ] C:\WINDOWS\system32\spoolsv.exe
08:32:19.0703 2164 C:\WINDOWS\system32\spoolsv.exe - ok
08:32:19.0718 2164 [ DEF7A7882BEC100FE0B2CE2549188F9D ] C:\WINDOWS\system32\audiosrv.dll
08:32:19.0718 2164 C:\WINDOWS\system32\audiosrv.dll - ok
08:32:19.0718 2164 [ B4837FE56D76B2E9EA90E5365CF6A2BE ] C:\Program Files\Avira\AntiVir Desktop\sched.exe
08:32:19.0718 2164 C:\Program Files\Avira\AntiVir Desktop\sched.exe - ok
08:32:19.0718 2164 [ B2EEE3DEE31F50E082E9C720A6D7757D ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll
08:32:19.0718 2164 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcp90.dll - ok
08:32:19.0718 2164 [ 7538050656FE5D63CB4B80349DD1CFE3 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll
08:32:19.0718 2164 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.CRT_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_d495ac4e\msvcr90.dll - ok
08:32:19.0718 2164 [ A8888A5327621856C0CEC4E385F69309 ] C:\WINDOWS\system32\wkssvc.dll
08:32:19.0718 2164 C:\WINDOWS\system32\wkssvc.dll - ok
08:32:19.0718 2164 [ 13A86FF71B5E57DA8C9A6E2316CE1EAA ] C:\Program Files\Avira\AntiVir Desktop\schedr.dll
08:32:19.0718 2164 C:\Program Files\Avira\AntiVir Desktop\schedr.dll - ok
08:32:19.0718 2164 [ 92C4F48B62B0B876194584C3FF09CCB6 ] C:\WINDOWS\system32\rasapi32.dll
08:32:19.0718 2164 C:\WINDOWS\system32\rasapi32.dll - ok
08:32:19.0718 2164 [ 4DEF926F6A0545AE486A03C84F2EE482 ] C:\WINDOWS\system32\rasman.dll
08:32:19.0718 2164 C:\WINDOWS\system32\rasman.dll - ok
08:32:19.0718 2164 [ 00AABF131B4823785818DB99A075A313 ] C:\WINDOWS\system32\tapi32.dll
08:32:19.0718 2164 C:\WINDOWS\system32\tapi32.dll - ok
08:32:19.0734 2164 [ 876CCF164E08D6B903CD14398E056DD2 ] C:\WINDOWS\system32\rtutils.dll
08:32:19.0734 2164 C:\WINDOWS\system32\rtutils.dll - ok
08:32:19.0734 2164 [ 4C3EED40C3F2A9FC9956B0511D431304 ] C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll
08:32:19.0734 2164 C:\Program Files\Avira\AntiVir Desktop\avevtlog.dll - ok
08:32:19.0734 2164 [ 01936B92434B6AB994D9BB2139729CFB ] C:\Program Files\Avira\AntiVir Desktop\cfglib.dll
08:32:19.0734 2164 C:\Program Files\Avira\AntiVir Desktop\cfglib.dll - ok
08:32:19.0734 2164 [ 0815AFF09E50A3CF1349396F5B2EBC6A ] C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
08:32:19.0734 2164 C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll - ok
08:32:19.0734 2164 [ 11D42BB6206F33FBB3BA0288D3EF81BD ] C:\WINDOWS\system32\drivers\mrxdav.sys
08:32:19.0734 2164 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
08:32:19.0734 2164 [ 77A354E28153AD2D5E120A5A8687BC06 ] C:\WINDOWS\system32\webclnt.dll
08:32:19.0734 2164 C:\WINDOWS\system32\webclnt.dll - ok
08:32:19.0734 2164 [ A7E06854EA2A20AEE8EC32BD8C754298 ] C:\WINDOWS\system32\mpnotify.exe
08:32:19.0734 2164 C:\WINDOWS\system32\mpnotify.exe - ok
08:32:19.0734 2164 [ DD4952E744611DD061201C2B081ED875 ] C:\WINDOWS\system32\LMIRfsClientNP.dll
08:32:19.0734 2164 C:\WINDOWS\system32\LMIRfsClientNP.dll - ok
08:32:19.0734 2164 [ 085ED2E391A871C7BAE87E0228B546BA ] C:\WINDOWS\system32\cscui.dll
08:32:19.0750 2164 C:\WINDOWS\system32\cscui.dll - ok
08:32:19.0750 2164 [ 50A166237A0FA771261275A405646CC0 ] C:\WINDOWS\system32\powrprof.dll
08:32:19.0750 2164 C:\WINDOWS\system32\powrprof.dll - ok
08:32:19.0750 2164 [ 6C26DCF01E2A92F183B97D434017268A ] C:\WINDOWS\system32\dpcdll.dll
08:32:19.0750 2164 C:\WINDOWS\system32\dpcdll.dll - ok
08:32:19.0750 2164 [ 680B56A8B62D1BCF4A0B2AAAD03D88E4 ] C:\WINDOWS\system32\wdmaud.drv
08:32:19.0750 2164 C:\WINDOWS\system32\wdmaud.drv - ok
08:32:19.0750 2164 [ 6768ACF64B18196494413695F0C3A00F ] C:\WINDOWS\system32\drivers\wdmaud.sys
08:32:19.0750 2164 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
08:32:19.0750 2164 [ 8B83F3ED0F1688B4958F77CD6D2BF290 ] C:\WINDOWS\system32\drivers\sysaudio.sys
08:32:19.0750 2164 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
08:32:19.0750 2164 [ 2DE1190196EE9555DB548A57622022EB ] C:\WINDOWS\system32\drprov.dll
08:32:19.0750 2164 C:\WINDOWS\system32\drprov.dll - ok
08:32:19.0750 2164 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F ] C:\WINDOWS\system32\drivers\splitter.sys
08:32:19.0750 2164 C:\WINDOWS\system32\drivers\splitter.sys - ok
08:32:19.0750 2164 [ 36468087E22C57A83DF758B3F90DF73F ] C:\WINDOWS\system32\ntlanman.dll
08:32:19.0750 2164 C:\WINDOWS\system32\ntlanman.dll - ok
08:32:19.0765 2164 [ 8BED39E3C35D6A489438B8141717A557 ] C:\WINDOWS\system32\drivers\aec.sys
08:32:19.0765 2164 C:\WINDOWS\system32\drivers\aec.sys - ok
08:32:19.0765 2164 [ AC5DF42FE314C1446B1DAD237BFCFFE0 ] C:\WINDOWS\system32\netui0.dll
08:32:19.0765 2164 C:\WINDOWS\system32\netui0.dll - ok
08:32:19.0765 2164 [ ED5A816D8E11E03F1937AC3C56826EE4 ] C:\WINDOWS\system32\netui1.dll
08:32:19.0765 2164 C:\WINDOWS\system32\netui1.dll - ok
08:32:19.0765 2164 [ 8CE882BCC6CF8A62F2B2323D95CB3D01 ] C:\WINDOWS\system32\drivers\swmidi.sys
08:32:19.0765 2164 C:\WINDOWS\system32\drivers\swmidi.sys - ok
08:32:19.0765 2164 [ 8A208DFCF89792A484E76C40E5F50B45 ] C:\WINDOWS\system32\drivers\dmusic.sys
08:32:19.0765 2164 C:\WINDOWS\system32\drivers\dmusic.sys - ok
08:32:19.0765 2164 [ 692BCF44383D056AED41B045A323D378 ] C:\WINDOWS\system32\drivers\kmixer.sys
08:32:19.0765 2164 C:\WINDOWS\system32\drivers\kmixer.sys - ok
08:32:19.0765 2164 [ B41D53899E37CC43DA85DA19998BEE81 ] C:\WINDOWS\system32\netrap.dll
08:32:19.0765 2164 C:\WINDOWS\system32\netrap.dll - ok
08:32:19.0765 2164 [ 8F5FCFF8E8848AFAC920905FBD9D33C8 ] C:\WINDOWS\system32\drivers\drmkaud.sys
08:32:19.0765 2164 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
08:32:19.0765 2164 [ FB8F8EEC8D9C2157789472DD61CDC78B ] C:\WINDOWS\system32\davclnt.dll
08:32:19.0765 2164 C:\WINDOWS\system32\davclnt.dll - ok
08:32:19.0781 2164 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
08:32:19.0781 2164 C:\WINDOWS\system32\msacm32.drv - ok
08:32:19.0781 2164 [ 5C12660A97822F6E61576943B49AAAD6 ] C:\WINDOWS\system32\midimap.dll
08:32:19.0781 2164 C:\WINDOWS\system32\midimap.dll - ok
08:32:19.0781 2164 [ DF5A3016052755C910A206058B4A1729 ] C:\Program Files\Avira\AntiVir Desktop\avguard.exe
08:32:19.0781 2164 C:\Program Files\Avira\AntiVir Desktop\avguard.exe - ok
08:32:19.0781 2164 [ 020E9A91B8DA0927E8A60868D90F515A ] C:\Program Files\Avira\AntiVir Desktop\libdb44.dll
08:32:19.0781 2164 C:\Program Files\Avira\AntiVir Desktop\libdb44.dll - ok
08:32:19.0781 2164 [ 5C68AC6F3E5B3E6D6A78E97D05E42C3A ] C:\Program Files\Broadcom\ASFIPMon\BASFND.sys
08:32:19.0781 2164 C:\Program Files\Broadcom\ASFIPMon\BASFND.sys - ok
08:32:19.0781 2164 [ 574738F61FCA2935F5265DC4E5691314 ] C:\WINDOWS\system32\qmgr.dll
08:32:19.0781 2164 C:\WINDOWS\system32\qmgr.dll - ok
08:32:19.0781 2164 [ 73686FE0B2E0469F89FD2075BE724704 ] C:\Program Files\Bonjour\mDNSResponder.exe
08:32:19.0781 2164 C:\Program Files\Bonjour\mDNSResponder.exe - ok
08:32:19.0781 2164 [ 67156D5A9AC356DC99D7BCCB388E3316 ] C:\WINDOWS\system32\wsock32.dll
08:32:19.0781 2164 C:\WINDOWS\system32\wsock32.dll - ok
08:32:19.0781 2164 [ 92D9EB35797530FEDC07B1D75533F68E ] C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll
08:32:19.0781 2164 C:\Program Files\Avira\AntiVir Desktop\guardmsg.dll - ok
08:32:19.0796 2164 [ 4EA92135C436D18975C2EBEC242B71DA ] C:\WINDOWS\system32\icmp.dll
08:32:19.0796 2164 C:\WINDOWS\system32\icmp.dll - ok
08:32:19.0796 2164 [ F76CB7259AA575CC53F3996BC6B68C18 ] C:\WINDOWS\system32\drivers\CDAC15BA.SYS
08:32:19.0796 2164 C:\WINDOWS\system32\drivers\CDAC15BA.SYS - ok
08:32:19.0796 2164 [ EA5B8BECA3F279C757578CD7F1E95855 ] C:\WINDOWS\system32\mprapi.dll
08:32:19.0796 2164 C:\WINDOWS\system32\mprapi.dll - ok
08:32:19.0796 2164 [ C14AA05881A35B6D6BB8D55B117EE22D ] C:\WINDOWS\system32\shfolder.dll
08:32:19.0796 2164 C:\WINDOWS\system32\shfolder.dll - ok
08:32:19.0796 2164 [ 2CDAE321B8E878A278BA2D2FA013060B ] C:\WINDOWS\system32\activeds.dll
08:32:19.0796 2164 C:\WINDOWS\system32\activeds.dll - ok
08:32:19.0796 2164 [ 5252BB49A0B35E1127D3771E21C7AF6D ] C:\Program Files\Avira\AntiVir Desktop\avpref.dll
08:32:19.0796 2164 C:\Program Files\Avira\AntiVir Desktop\avpref.dll - ok
08:32:19.0796 2164 [ F2BA72BA07CA78F4AA4AFDDD9C3AB792 ] C:\WINDOWS\system32\winhttp.dll
08:32:19.0796 2164 C:\WINDOWS\system32\winhttp.dll - ok
08:32:19.0796 2164 [ C5A75EB48E2344ABDC162BDA79E16841 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
08:32:19.0796 2164 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
08:32:19.0812 2164 [ 0D84657DBF93DB98673DEFDF2B29E25A ] C:\WINDOWS\system32\adsldpc.dll
08:32:19.0812 2164 C:\WINDOWS\system32\adsldpc.dll - ok
08:32:19.0812 2164 [ DFCA644502DFA491384A53F87AE03FB6 ] C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll
08:32:19.0812 2164 C:\Program Files\Avira\AntiVir Desktop\avsmtp.dll - ok
08:32:19.0812 2164 [ E5F7C30EDF0892667933BE879F067D67 ] C:\WINDOWS\system32\msvcr100_clr0400.dll
08:32:19.0812 2164 C:\WINDOWS\system32\msvcr100_clr0400.dll - ok
08:32:19.0812 2164 [ 224FB925C641DA16CEB6D60F40CA4C75 ] C:\WINDOWS\system32\atl.dll
08:32:19.0812 2164 C:\WINDOWS\system32\atl.dll - ok
08:32:19.0812 2164 [ 8C91BD35AE9AA8B628EEC5E637BB1D0F ] C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
08:32:19.0812 2164 C:\Program Files\Avira\AntiVir Desktop\avshadow.exe - ok
08:32:19.0812 2164 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE ] C:\WINDOWS\system32\netman.dll
08:32:19.0812 2164 C:\WINDOWS\system32\netman.dll - ok
08:32:19.0812 2164 [ B04DB1F0B2652FCBCCC5FD0C46579F0F ] C:\WINDOWS\system32\mscoree.dll
08:32:19.0812 2164 C:\WINDOWS\system32\mscoree.dll - ok
08:32:19.0812 2164 [ 062F837C1FBDB6A0A75F82EFC2EE8E74 ] C:\WINDOWS\system32\netshell.dll
08:32:19.0812 2164 C:\WINDOWS\system32\netshell.dll - ok
08:32:19.0812 2164 [ ACACB8B14E66109B8ACD6644B5574B9A ] C:\WINDOWS\system32\vssapi.dll
08:32:19.0812 2164 C:\WINDOWS\system32\vssapi.dll - ok
08:32:19.0828 2164 [ 06990855177B4AB5366864738C43D459 ] C:\Program Files\Avira\AntiVir Desktop\avipc.dll
08:32:19.0828 2164 C:\Program Files\Avira\AntiVir Desktop\avipc.dll - ok
08:32:19.0828 2164 [ 235892E493845D64D890163CFEF90E97 ] C:\WINDOWS\system32\credui.dll
08:32:19.0828 2164 C:\WINDOWS\system32\credui.dll - ok
08:32:19.0828 2164 [ 6AC8AC8E3B413FA1EE8256E65FE0BA72 ] C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
08:32:19.0828 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe - ok
08:32:19.0828 2164 [ 8E2CC37BA87D8F681066E0E9C8A19F73 ] C:\WINDOWS\system32\dot3api.dll
08:32:19.0828 2164 C:\WINDOWS\system32\dot3api.dll - ok
08:32:19.0828 2164 [ 4E8F3230BAC8C1CAADF01A8C728E1C5C ] C:\WINDOWS\system32\dot3dlg.dll
08:32:19.0828 2164 C:\WINDOWS\system32\dot3dlg.dll - ok
08:32:19.0828 2164 [ CA04959077AFE36369D37B3504740C87 ] C:\WINDOWS\system32\onex.dll
08:32:19.0828 2164 C:\WINDOWS\system32\onex.dll - ok
08:32:19.0828 2164 [ F16C7C9D6E99EC684EA75AAB14F23E68 ] C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll
08:32:19.0828 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\ISDI.dll - ok
08:32:19.0828 2164 [ 5DB625E7D095604010CF84DE2D8ACFA6 ] C:\WINDOWS\system32\eappcfg.dll
08:32:19.0828 2164 C:\WINDOWS\system32\eappcfg.dll - ok
08:32:19.0828 2164 [ 5EE5C132D47BA6F331099BFF1D1DB539 ] C:\Program Files\Avira\AntiVir Desktop\avgio.dll
08:32:19.0828 2164 C:\Program Files\Avira\AntiVir Desktop\avgio.dll - ok
08:32:19.0843 2164 [ ABC4206543450C0666D152F4B65833B8 ] C:\WINDOWS\system32\eappprxy.dll
08:32:19.0843 2164 C:\WINDOWS\system32\eappprxy.dll - ok
08:32:19.0843 2164 [ 767FF54A552732CE772C2302025FA82F ] C:\WINDOWS\system32\wzcsapi.dll
08:32:19.0843 2164 C:\WINDOWS\system32\wzcsapi.dll - ok
08:32:19.0843 2164 [ 5D43C9A33F18C707BA169AFDA88BDF30 ] C:\WINDOWS\system32\fltlib.dll
08:32:19.0843 2164 C:\WINDOWS\system32\fltlib.dll - ok
08:32:19.0843 2164 [ 81DC3F549F44B1C1FFF022DEC9ECF30B ] C:\WINDOWS\system32\wzcsvc.dll
08:32:19.0843 2164 C:\WINDOWS\system32\wzcsvc.dll - ok
08:32:19.0843 2164 [ 0798951AE42D1161CF1E6CF4280CC8EB ] C:\Program Files\Avira\AntiVir Desktop\aecore.dll
08:32:19.0843 2164 C:\Program Files\Avira\AntiVir Desktop\aecore.dll - ok
08:32:19.0843 2164 [ 9842BE1F80A0C8C785409F04090DA52D ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll
08:32:19.0843 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID_ENU.dll - ok
08:32:19.0843 2164 [ A38441ED570F190CC041A7BE49488FA7 ] C:\Program Files\Java\jre6\bin\jqs.exe
08:32:19.0843 2164 C:\Program Files\Java\jre6\bin\jqs.exe - ok
08:32:19.0843 2164 [ 7B0770526801F05D58C51A3DFB87B4BD ] C:\WINDOWS\system32\wmi.dll
08:32:19.0843 2164 C:\WINDOWS\system32\wmi.dll - ok
08:32:19.0859 2164 [ 205ADD80FF8099B1A8101EB490B933D1 ] C:\WINDOWS\system32\wbem\wbemprox.dll
08:32:19.0859 2164 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
08:32:19.0859 2164 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Java\jre6\bin\msvcr71.dll
08:32:19.0859 2164 C:\Program Files\Java\jre6\bin\msvcr71.dll - ok
08:32:19.0859 2164 [ E6EF7BC927D9F8F9BA1584BFC39E0C6F ] C:\WINDOWS\system32\eapolqec.dll
08:32:19.0859 2164 C:\WINDOWS\system32\eapolqec.dll - ok
08:32:19.0859 2164 [ D95C71052E5EF63B55997FB31483D02F ] C:\WINDOWS\system32\wbem\wbemcomn.dll
08:32:19.0859 2164 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
08:32:19.0859 2164 [ E75A782A8C218D03A0AF54325132BC70 ] C:\Program Files\Avira\AntiVir Desktop\aevdf.dll
08:32:19.0859 2164 C:\Program Files\Avira\AntiVir Desktop\aevdf.dll - ok
08:32:19.0859 2164 [ 8AE93AACC648921BAACB8602991AC4B3 ] C:\WINDOWS\system32\qutil.dll
08:32:19.0859 2164 C:\WINDOWS\system32\qutil.dll - ok
08:32:19.0859 2164 [ F5B754CDEA20BBB3A31E16A776EDE6D6 ] C:\WINDOWS\system32\esent.dll
08:32:19.0859 2164 C:\WINDOWS\system32\esent.dll - ok
08:32:19.0859 2164 [ C9DC2871783F4630F59E3B5FACD53765 ] C:\Program Files\Avira\AntiVir Desktop\aescript.dll
08:32:19.0859 2164 C:\Program Files\Avira\AntiVir Desktop\aescript.dll - ok
08:32:19.0859 2164 [ 011C74CF75EA6E0B5AB816E2D94F8257 ] C:\Program Files\Avira\AntiVir Desktop\aescn.dll
08:32:19.0859 2164 C:\Program Files\Avira\AntiVir Desktop\aescn.dll - ok
08:32:19.0875 2164 [ 62CF83A6989312A0DD39BBFFB3D1C166 ] C:\WINDOWS\system32\pdh.dll
08:32:19.0875 2164 C:\WINDOWS\system32\pdh.dll - ok
08:32:19.0875 2164 [ 369F7B1A4F358B976176556A1A331F36 ] C:\WINDOWS\system32\odbcbcp.dll
08:32:19.0875 2164 C:\WINDOWS\system32\odbcbcp.dll - ok
08:32:19.0875 2164 [ 64605B72B605DEDE66D38E3D7094E73B ] C:\Program Files\Avira\AntiVir Desktop\aesbx.dll
08:32:19.0875 2164 C:\Program Files\Avira\AntiVir Desktop\aesbx.dll - ok
08:32:19.0875 2164 [ 63DAF163D1617DD611BD0AB8E41A43E8 ] C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
08:32:19.0875 2164 C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe - ok
08:32:19.0875 2164 [ 3D4E199942E29207970E04315D02AD3B ] C:\WINDOWS\system32\cryptsvc.dll
08:32:19.0875 2164 C:\WINDOWS\system32\cryptsvc.dll - ok
08:32:19.0875 2164 [ 00709952D444EAE14DBBD30D36FBAE0F ] C:\WINDOWS\system32\certcli.dll
08:32:19.0875 2164 C:\WINDOWS\system32\certcli.dll - ok
08:32:19.0875 2164 [ 94A0ED766A374A960982BEDAB874C7AE ] C:\Program Files\LogMeIn\x86\LMIGuardianDll.dll
08:32:19.0875 2164 C:\Program Files\LogMeIn\x86\LMIGuardianDll.dll - ok
08:32:19.0875 2164 [ CF28139A8AECBF3BEC26CA1A16FD69CF ] C:\Program Files\Avira\AntiVir Desktop\aerdl.dll
08:32:19.0875 2164 C:\Program Files\Avira\AntiVir Desktop\aerdl.dll - ok
08:32:19.0875 2164 [ 6E4BE11D50F8A8DE2BAD644C9C9DE8D3 ] C:\WINDOWS\system32\cryptui.dll
08:32:19.0875 2164 C:\WINDOWS\system32\cryptui.dll - ok
08:32:19.0890 2164 [ 349C17B1EB3E88AE18C10309ABA446B5 ] C:\WINDOWS\system32\netfxperf.dll
08:32:19.0890 2164 C:\WINDOWS\system32\netfxperf.dll - ok
08:32:19.0890 2164 [ 83BA5E873164A3711B44052F58C8FE9F ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
08:32:19.0890 2164 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
08:32:19.0890 2164 [ C1FAEA15E41F62D7BFA7FBC395C24BA6 ] C:\WINDOWS\system32\riched20.dll
08:32:19.0890 2164 C:\WINDOWS\system32\riched20.dll - ok
08:32:19.0890 2164 [ C7850E3660B419B328BB9443ECBD82A5 ] C:\Program Files\Avira\AntiVir Desktop\aepack.dll
08:32:19.0890 2164 C:\Program Files\Avira\AntiVir Desktop\aepack.dll - ok
08:32:19.0890 2164 [ D4991D98F2DB73C60D042F1AEF79EFAE ] C:\WINDOWS\system32\es.dll
08:32:19.0890 2164 C:\WINDOWS\system32\es.dll - ok
08:32:19.0890 2164 [ 4F69FAAABB7DB0D43E327C0B6AAB40FC ] C:\Program Files\LogMeIn\x86\rainfo.sys
08:32:19.0890 2164 C:\Program Files\LogMeIn\x86\rainfo.sys - ok
08:32:19.0890 2164 [ 257147843B66B67CB72AE8197DD479CD ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
08:32:19.0890 2164 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok
08:32:19.0890 2164 [ DCEED5ABB513F50F58F3E5AC412B60B6 ] C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll
08:32:19.0890 2164 C:\Program Files\Avira\AntiVir Desktop\aeoffice.dll - ok
08:32:19.0890 2164 [ 175F50F37EEAA1D4D744BCCCBB7CF68C ] C:\Program Files\LogMeIn\x86\ramaint.exe
08:32:19.0890 2164 C:\Program Files\LogMeIn\x86\ramaint.exe - ok
08:32:19.0906 2164 [ 57EDEC2E5F59F0335E92F35184BC8631 ] C:\WINDOWS\system32\dmserver.dll
08:32:19.0906 2164 C:\WINDOWS\system32\dmserver.dll - ok
08:32:19.0906 2164 [ 4FCCA060DFE0C51A09DD5C3843888BCD ] C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll
08:32:19.0906 2164 C:\WINDOWS\pchealth\helpctr\binaries\pchsvc.dll - ok
08:32:19.0906 2164 [ F385F4B02C535BFFE1D70CAB80838123 ] C:\WINDOWS\system32\srvsvc.dll
08:32:19.0906 2164 C:\WINDOWS\system32\srvsvc.dll - ok
08:32:19.0906 2164 [ 5C1F0537E61F87B435F56E00B4F20EE8 ] C:\WINDOWS\system32\snmpapi.dll
08:32:19.0906 2164 C:\WINDOWS\system32\snmpapi.dll - ok
08:32:19.0906 2164 [ DC3078BA1B58562416C843582A42284C ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
08:32:19.0906 2164 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
08:32:19.0906 2164 [ BC93B4A066477954555966D77FEC9ECB ] C:\WINDOWS\system32\ersvc.dll
08:32:19.0906 2164 C:\WINDOWS\system32\ersvc.dll - ok
08:32:19.0906 2164 [ 63E8D944AFBEEBB243F25C4ED07E74C5 ] C:\WINDOWS\system32\inetmib1.dll
08:32:19.0906 2164 C:\WINDOWS\system32\inetmib1.dll - ok
08:32:19.0906 2164 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
08:32:19.0906 2164 C:\WINDOWS\system32\netmsg.dll - ok
08:32:19.0921 2164 [ B8AE25C09B8C26FF72820430294E4EF6 ] C:\WINDOWS\system32\rassapi.dll
08:32:19.0921 2164 C:\WINDOWS\system32\rassapi.dll - ok
08:32:19.0921 2164 [ ADD7A08E7016694FE1C73DD7498DEAD6 ] C:\WINDOWS\system32\aspnet_counters.dll
08:32:19.0921 2164 C:\WINDOWS\system32\aspnet_counters.dll - ok
08:32:19.0921 2164 [ F4E9693F449600A30088A0B16079F3CD ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
08:32:19.0921 2164 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll - ok
08:32:19.0921 2164 [ 3FAA563DDF853320F90259D455A01D79 ] C:\WINDOWS\system32\drivers\LMIRfsDriver.sys
08:32:19.0921 2164 C:\WINDOWS\system32\drivers\LMIRfsDriver.sys - ok
08:32:19.0921 2164 [ A54235D77F14C5DBA7931BE1EBFD1763 ] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll
08:32:19.0921 2164 C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_isapi.dll - ok
08:32:19.0921 2164 [ 432618FA75B61059D2C57D6A7E55147A ] C:\Program Files\LogMeIn\x86\LogMeIn.exe
08:32:19.0921 2164 C:\Program Files\LogMeIn\x86\LogMeIn.exe - ok
08:32:19.0921 2164 [ 3BB03F2BA89D2BE417206C373D2AF17C ] C:\WINDOWS\system32\drivers\srv.sys
08:32:19.0921 2164 C:\WINDOWS\system32\drivers\srv.sys - ok
08:32:19.0921 2164 [ 36D58DB4AD9C00247AD07C6CFD1B8692 ] C:\Program Files\LogMeIn\x86\LogMeIn.dll
08:32:19.0921 2164 C:\Program Files\LogMeIn\x86\LogMeIn.dll - ok
08:32:19.0921 2164 [ F1430F5D20F4BB71A003209C3DB3ADDF ] C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll
08:32:19.0921 2164 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Aspnet_perf.dll - ok
08:32:19.0937 2164 [ DC3FE3E532B4780B77BB646AAD95B550 ] C:\Program Files\Avira\AntiVir Desktop\aeheur.dll
08:32:19.0937 2164 C:\Program Files\Avira\AntiVir Desktop\aeheur.dll - ok
08:32:19.0937 2164 [ 1169436EE42F860C7DB37A4692B38F0E ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll
08:32:19.0937 2164 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcr80.dll - ok
08:32:19.0937 2164 [ 91574DB0C747A69195D7E56A5C87426E ] C:\WINDOWS\system32\query.dll
08:32:19.0937 2164 C:\WINDOWS\system32\query.dll - ok
08:32:19.0937 2164 [ 8E091559EE14792D81B47BA26501FF42 ] C:\WINDOWS\system32\fxsperf.dll
08:32:19.0937 2164 C:\WINDOWS\system32\fxsperf.dll - ok
08:32:19.0937 2164 [ 9005E962661DB1F9380434A40D33ACE2 ] C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL
08:32:19.0937 2164 C:\PROGRA~1\MICROS~2\Office12\OLMAPI32.DLL - ok
08:32:19.0937 2164 [ 0109C5101DD4520719F912A32DED5946 ] C:\Program Files\Avira\AntiVir Desktop\aehelp.dll
08:32:19.0937 2164 C:\Program Files\Avira\AntiVir Desktop\aehelp.dll - ok
08:32:19.0937 2164 [ 4418D5E1AEF2DE478F2DFA84E1854E4F ] C:\Program Files\Avira\AntiVir Desktop\aegen.dll
08:32:19.0937 2164 C:\Program Files\Avira\AntiVir Desktop\aegen.dll - ok
08:32:19.0937 2164 [ 1B739592B09FECCD1A202D307E91959D ] C:\Program Files\Avira\AntiVir Desktop\aeexp.dll
08:32:19.0937 2164 C:\Program Files\Avira\AntiVir Desktop\aeexp.dll - ok
08:32:19.0937 2164 [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files\Avira\AntiVir Desktop\aeemu.dll
08:32:19.0937 2164 C:\Program Files\Avira\AntiVir Desktop\aeemu.dll - ok
08:32:19.0953 2164 [ 31A7E818BDC7106D71E74E5D1AF1351E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL
08:32:19.0953 2164 C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSO.DLL - ok
08:32:19.0953 2164 [ 7E3D9E781E7D2E099BD424B188FBC9AA ] C:\Program Files\Avira\AntiVir Desktop\aebb.dll
08:32:19.0953 2164 C:\Program Files\Avira\AntiVir Desktop\aebb.dll - ok
08:32:19.0953 2164 [ A93AEE1928A9D7CE3E16D24EC7380F89 ] C:\WINDOWS\system32\userinit.exe
08:32:19.0953 2164 C:\WINDOWS\system32\userinit.exe - ok
08:32:19.0953 2164 [ B1296D52B0D2096EC4759EEEB806D759 ] C:\WINDOWS\system32\WgaTray.exe
08:32:19.0953 2164 C:\WINDOWS\system32\WgaTray.exe - ok
08:32:19.0953 2164 [ 12896823FB95BFB3DC9B46BCAEDC9923 ] C:\WINDOWS\explorer.exe
08:32:19.0953 2164 C:\WINDOWS\explorer.exe - ok
08:32:19.0953 2164 [ 317C54DCAB9EE29CD4B9F55D197A90D1 ] C:\WINDOWS\system32\msisip.dll
08:32:19.0953 2164 C:\WINDOWS\system32\msisip.dll - ok
08:32:19.0953 2164 [ E392E172687BE172F8600C5F41AB03D9 ] C:\WINDOWS\system32\browseui.dll
08:32:19.0953 2164 C:\WINDOWS\system32\browseui.dll - ok
08:32:19.0953 2164 [ 3A6D465F379E5C815F4AD565391E654C ] C:\WINDOWS\system32\wshext.dll
08:32:19.0953 2164 C:\WINDOWS\system32\wshext.dll - ok
08:32:19.0953 2164 [ 40FA2F035ED88108850757CA51DAD942 ] C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL
08:32:19.0953 2164 C:\PROGRA~1\MICROS~2\OFFICE11\MCPS.DLL - ok
08:32:19.0968 2164 [ ADCFBA92C21CCC3F3D0AB7AFE576A3B1 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
08:32:19.0968 2164 C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
08:32:19.0968 2164 [ 26CB10FA893F940AB09713FF46DCDADE ] C:\WINDOWS\system32\shdocvw.dll
08:32:19.0968 2164 C:\WINDOWS\system32\shdocvw.dll - ok
08:32:19.0968 2164 [ 6D778E0F95447E6546553EEEA709D03C ] C:\WINDOWS\system32\cmd.exe
08:32:19.0968 2164 C:\WINDOWS\system32\cmd.exe - ok
08:32:19.0968 2164 [ FD3DA8425624B98903407DF608CF2C11 ] C:\WINDOWS\system32\net.exe
08:32:19.0968 2164 C:\WINDOWS\system32\net.exe - ok
08:32:19.0968 2164 [ 8C22083ED515DC94D575438662F0BE6A ] C:\WINDOWS\system32\msi.dll
08:32:19.0968 2164 C:\WINDOWS\system32\msi.dll - ok
08:32:19.0968 2164 [ 3307A07B81206F354F0D4BEFEE922437 ] C:\WINDOWS\system32\LegitCheckControl.DLL
08:32:19.0968 2164 C:\WINDOWS\system32\LegitCheckControl.DLL - ok
08:32:19.0968 2164 [ 9245C4D6536E5EC652760A28D5270E03 ] C:\WINDOWS\system32\AcSignIcon.dll
08:32:19.0968 2164 C:\WINDOWS\system32\AcSignIcon.dll - ok
08:32:19.0968 2164 [ 964FE5ABAD6D9A1E38797219514DB5B2 ] C:\WINDOWS\system32\ieframe.dll
08:32:19.0968 2164 C:\WINDOWS\system32\ieframe.dll - ok
08:32:19.0984 2164 [ F32077DF74EFD435A1DCDF415E189DF1 ] C:\WINDOWS\system32\mfc100u.dll
08:32:19.0984 2164 C:\WINDOWS\system32\mfc100u.dll - ok
08:32:19.0984 2164 [ ABFB673B24A9B3287761D497529FB5B9 ] C:\WINDOWS\system32\perfdisk.dll
08:32:19.0984 2164 C:\WINDOWS\system32\perfdisk.dll - ok
08:32:19.0984 2164 [ 913AF88B0291D7D3A0FDC92F5E1CC7D7 ] C:\WINDOWS\system32\perfnet.dll
08:32:19.0984 2164 C:\WINDOWS\system32\perfnet.dll - ok
08:32:19.0984 2164 [ ACDAFCD14EC0ECE89198503746A5C147 ] C:\WINDOWS\system32\perfos.dll
08:32:19.0984 2164 C:\WINDOWS\system32\perfos.dll - ok
08:32:19.0984 2164 [ 1793CC660605F63B14FB96C7707F75BA ] C:\WINDOWS\system32\perfproc.dll
08:32:19.0984 2164 C:\WINDOWS\system32\perfproc.dll - ok
08:32:19.0984 2164 [ B4459D13473D07FCB43365C02732DE16 ] C:\WINDOWS\system32\pschdprf.dll
08:32:19.0984 2164 C:\WINDOWS\system32\pschdprf.dll - ok
08:32:19.0984 2164 [ 1F3A82333046F4B97B2BB148ABF38D54 ] C:\WINDOWS\system32\traffic.dll
08:32:19.0984 2164 C:\WINDOWS\system32\traffic.dll - ok
08:32:19.0984 2164 [ B0B0D7905AC71BC278F17F455E182611 ] C:\WINDOWS\system32\rasctrs.dll
08:32:19.0984 2164 C:\WINDOWS\system32\rasctrs.dll - ok
08:32:19.0984 2164 [ F9DD799E07ED5028DB2F1FFEA72C9357 ] C:\WINDOWS\system32\rsvpperf.dll
08:32:19.0984 2164 C:\WINDOWS\system32\rsvpperf.dll - ok
08:32:20.0000 2164 [ 79E3A8C328E7E569C32B0998377D9742 ] C:\WINDOWS\system32\spoolss.dll
08:32:20.0000 2164 C:\WINDOWS\system32\spoolss.dll - ok
08:32:20.0000 2164 [ AA897735D5AB916297A6823A9B2D61B1 ] C:\WINDOWS\system32\localspl.dll
08:32:20.0000 2164 C:\WINDOWS\system32\localspl.dll - ok
08:32:20.0000 2164 [ 381915766C2A5E47A7DB95423CE09A16 ] C:\WINDOWS\system32\AdobePDF.dll
08:32:20.0000 2164 C:\WINDOWS\system32\AdobePDF.dll - ok
08:32:20.0000 2164 [ F41A8F6E80DB4853CFC8613F72B53E12 ] C:\Program Files\Adobe\Acrobat 6.0\Distillr\adistres.dll
08:32:20.0000 2164 C:\Program Files\Adobe\Acrobat 6.0\Distillr\adistres.dll - ok
08:32:20.0000 2164 [ 5D3D1AB0EF4EA55B731863050482C111 ] C:\WINDOWS\system32\cnbjmon.dll
08:32:20.0000 2164 C:\WINDOWS\system32\cnbjmon.dll - ok
08:32:20.0000 2164 [ 58C8D45C571AA9235FB296B383B89887 ] C:\WINDOWS\system32\cpwmon2k.dll
08:32:20.0000 2164 C:\WINDOWS\system32\cpwmon2k.dll - ok
08:32:20.0000 2164 [ 14481DE77D75EE88B8174267FF388EF7 ] C:\WINDOWS\system32\HPLTLM5.DLL
08:32:20.0000 2164 C:\WINDOWS\system32\HPLTLM5.DLL - ok
08:32:20.0000 2164 [ 7B27637E896DBA10895ECFDECDB1F1FA ] C:\WINDOWS\system32\LMIport.dll
08:32:20.0000 2164 C:\WINDOWS\system32\LMIport.dll - ok
08:32:20.0000 2164 [ 3B142FDC97C448534506919DED7C6C18 ] C:\WINDOWS\system32\mmlgA2lm.dll
08:32:20.0000 2164 C:\WINDOWS\system32\mmlgA2lm.dll - ok
08:32:20.0015 2164 [ BF38660A9125935658CFA3E53FDC7D65 ] C:\WINDOWS\system32\msvcr100.dll
08:32:20.0015 2164 C:\WINDOWS\system32\msvcr100.dll - ok
08:32:20.0015 2164 [ A650FE9CE8941394BF746506DCA1AEAB ] C:\WINDOWS\system32\mmltoenc.dll
08:32:20.0015 2164 C:\WINDOWS\system32\mmltoenc.dll - ok
08:32:20.0015 2164 [ 27C38AF213D74FA0FBA259383CB24FB7 ] C:\WINDOWS\system32\mmlupxml.dll
08:32:20.0015 2164 C:\WINDOWS\system32\mmlupxml.dll - ok
08:32:20.0015 2164 [ AFFC87E2501FCE8F09D4C10BA6421CCF ] C:\WINDOWS\system32\msimg32.dll
08:32:20.0015 2164 C:\WINDOWS\system32\msimg32.dll - ok
08:32:20.0015 2164 [ 0BA7BDC885645C332061513D3C8058A9 ] C:\WINDOWS\system32\mmllnm20.dll
08:32:20.0015 2164 C:\WINDOWS\system32\mmllnm20.dll - ok
08:32:20.0015 2164 [ B4117B5134E2AD0726E68D8CA0593099 ] C:\WINDOWS\system32\mmlhm20p.dll
08:32:20.0015 2164 C:\WINDOWS\system32\mmlhm20p.dll - ok
08:32:20.0015 2164 [ 09C73E42F8EE040D273A69483C64C86C ] C:\WINDOWS\system32\mmlnpxml.dll
08:32:20.0015 2164 C:\WINDOWS\system32\mmlnpxml.dll - ok
08:32:20.0015 2164 [ 6D64131C22EDD8B39702725B4F4EDAE8 ] C:\Program Files\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll
08:32:20.0015 2164 C:\Program Files\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll - ok
08:32:20.0031 2164 [ 222DE7F5EDB9DDBE628384A1A8BE59CE ] C:\WINDOWS\system32\pjlmon.dll
08:32:20.0031 2164 C:\WINDOWS\system32\pjlmon.dll - ok
08:32:20.0031 2164 [ F908FE45F8FE9E0D4CBE65F9FF5DF6DA ] C:\WINDOWS\system32\mfc100enu.dll
08:32:20.0031 2164 C:\WINDOWS\system32\mfc100enu.dll - ok
08:32:20.0031 2164 [ AE0382AD9C73D343D85E1A50C80B7C20 ] C:\WINDOWS\system32\tcpmon.dll
08:32:20.0031 2164 C:\WINDOWS\system32\tcpmon.dll - ok
08:32:20.0031 2164 [ 984D1CC635A3D4EF9B35DDAF92FDE395 ] C:\WINDOWS\system32\MssShellExt.dll
08:32:20.0031 2164 C:\WINDOWS\system32\MssShellExt.dll - ok
08:32:20.0031 2164 [ E748D0B8F4060F4F7A7ABB705E289890 ] C:\WINDOWS\system32\mfc42u.dll
08:32:20.0031 2164 C:\WINDOWS\system32\mfc42u.dll - ok
08:32:20.0031 2164 [ 8357809E111E09393633039769D96281 ] C:\WINDOWS\system32\tcpmib.dll
08:32:20.0031 2164 C:\WINDOWS\system32\tcpmib.dll - ok
08:32:20.0031 2164 [ 1E744353BD534405187A404667DA3DC3 ] C:\WINDOWS\system32\mgmtapi.dll
08:32:20.0031 2164 C:\WINDOWS\system32\mgmtapi.dll - ok
08:32:20.0031 2164 [ 277F3E3333F1D10CA428568197FCCE70 ] C:\WINDOWS\system32\wsnmp32.dll
08:32:20.0031 2164 C:\WINDOWS\system32\wsnmp32.dll - ok
08:32:20.0031 2164 [ F26385E8BA4549B5186B774EC0E45D86 ] C:\WINDOWS\system32\usbmon.dll
08:32:20.0031 2164 C:\WINDOWS\system32\usbmon.dll - ok
08:32:20.0046 2164 [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
08:32:20.0046 2164 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
08:32:20.0046 2164 [ D94E0BC61DC5DD928D91FD5B9F016197 ] C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll
08:32:20.0046 2164 C:\WINDOWS\system32\spool\prtprocs\w32x86\LMIproc.dll - ok
08:32:20.0046 2164 [ EEE7F12D9FF46F68FBC0DA059A359E9E ] C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll
08:32:20.0046 2164 C:\WINDOWS\system32\spool\prtprocs\w32x86\filterpipelineprintproc.dll - ok
08:32:20.0046 2164 [ 22DD6D7D4BFE2B8CE705CC950C8AEA4C ] C:\WINDOWS\system32\win32spl.dll
08:32:20.0046 2164 C:\WINDOWS\system32\win32spl.dll - ok
08:32:20.0046 2164 [ AADCA7D2B09C1BDCA33449E0820255D7 ] C:\Program Files\SmartFTP Client\sfShellTools.dll
08:32:20.0046 2164 C:\Program Files\SmartFTP Client\sfShellTools.dll - ok
08:32:20.0046 2164 [ EE4C651A217B01D636B5364AC77DA892 ] C:\WINDOWS\system32\inetpp.dll
08:32:20.0046 2164 C:\WINDOWS\system32\inetpp.dll - ok
08:32:20.0046 2164 [ 6951B89B4F591AA694048A6CD0E5224A ] C:\WINDOWS\system32\tapiperf.dll
08:32:20.0046 2164 C:\WINDOWS\system32\tapiperf.dll - ok
08:32:20.0046 2164 [ DBE2B62353660ECCA0D75EA307A717E9 ] C:\WINDOWS\system32\perfctrs.dll
08:32:20.0046 2164 C:\WINDOWS\system32\perfctrs.dll - ok
08:32:20.0046 2164 [ 63694C307273062A2167AE4CE80730EF ] C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
08:32:20.0046 2164 C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe - ok
08:32:20.0062 2164 [ 7EFD2114EAD1AC72342610D7192BFB32 ] C:\WINDOWS\system32\perfts.dll
08:32:20.0062 2164 C:\WINDOWS\system32\perfts.dll - ok
08:32:20.0062 2164 [ 9D39D9E07C180127252E176EC2B41487 ] C:\WINDOWS\system32\utildll.dll
08:32:20.0062 2164 C:\WINDOWS\system32\utildll.dll - ok
08:32:20.0062 2164 [ B4ED498E3BFEE64E952BC44FC6057DB8 ] C:\WINDOWS\system32\desk.cpl
08:32:20.0062 2164 C:\WINDOWS\system32\desk.cpl - ok
08:32:20.0062 2164 [ 78B62E4C13378F737603136975A07E1A ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll
08:32:20.0062 2164 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.ATL_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_353599c2\atl90.dll - ok
08:32:20.0062 2164 [ 75EE1625AD8B52C5FAA1CCB1B82FB750 ] C:\WINDOWS\system32\wbem\wmiaprpl.dll
08:32:20.0062 2164 C:\WINDOWS\system32\wbem\wmiaprpl.dll - ok
08:32:20.0062 2164 [ A314EEA2A503A8E04085201E436384A5 ] C:\WINDOWS\system32\themeui.dll
08:32:20.0062 2164 C:\WINDOWS\system32\themeui.dll - ok
08:32:20.0062 2164 [ 6358C181BF021970A897C1FAB0ECF5D2 ] C:\WINDOWS\system32\loadperf.dll
08:32:20.0062 2164 C:\WINDOWS\system32\loadperf.dll - ok
08:32:20.0062 2164 [ 8BCD11D38FCE43A519246A91CC40DE6A ] C:\WINDOWS\system32\security.dll
08:32:20.0062 2164 C:\WINDOWS\system32\security.dll - ok
08:32:20.0078 2164 [ 332760FBA1655FCFD35BD6F4FD871300 ] C:\WINDOWS\system32\ipsecsvc.dll
08:32:20.0078 2164 C:\WINDOWS\system32\ipsecsvc.dll - ok
08:32:20.0078 2164 [ CBE612E2BB6A10E3563336191EDA1250 ] C:\WINDOWS\system32\seclogon.dll
08:32:20.0078 2164 C:\WINDOWS\system32\seclogon.dll - ok
08:32:20.0078 2164 [ 8BAD69CBAC032D4BBACFCE0306174C30 ] C:\WINDOWS\system32\wiaservc.dll
08:32:20.0078 2164 C:\WINDOWS\system32\wiaservc.dll - ok
08:32:20.0078 2164 [ 912B67BB8249925A5C972FC5839EAE09 ] C:\WINDOWS\system32\actxprxy.dll
08:32:20.0078 2164 C:\WINDOWS\system32\actxprxy.dll - ok
08:32:20.0078 2164 [ 1DB60CB3E53E2491D5D6C43C06676CA2 ] C:\Program Files\Smith Micro\StuffIt 2010\ArcNameService.exe
08:32:20.0078 2164 C:\Program Files\Smith Micro\StuffIt 2010\ArcNameService.exe - ok
08:32:20.0078 2164 [ 33CEB89B62589E8B12AEE9E2D523DADE ] C:\WINDOWS\system32\oakley.dll
08:32:20.0078 2164 C:\WINDOWS\system32\oakley.dll - ok
08:32:20.0078 2164 [ 3805DF0AC4296A34BA4BF93B346CC378 ] C:\WINDOWS\system32\srsvc.dll
08:32:20.0078 2164 C:\WINDOWS\system32\srsvc.dll - ok
08:32:20.0078 2164 [ 5F0CE62E0831CF972EC6949FD3E37DA7 ] C:\WINDOWS\system32\cfgmgr32.dll
08:32:20.0078 2164 C:\WINDOWS\system32\cfgmgr32.dll - ok
08:32:20.0078 2164 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0 ] C:\WINDOWS\system32\sens.dll
08:32:20.0078 2164 C:\WINDOWS\system32\sens.dll - ok
08:32:20.0093 2164 [ 248712EA6BA17B9FF0C542A3828375DD ] C:\WINDOWS\system32\winipsec.dll
08:32:20.0093 2164 C:\WINDOWS\system32\winipsec.dll - ok
08:32:20.0093 2164 [ 4AC2FA4A6F0DF2511BAC13393C06EFF1 ] C:\WINDOWS\system32\mscms.dll
08:32:20.0093 2164 C:\WINDOWS\system32\mscms.dll - ok
08:32:20.0093 2164 [ 853D0D0C6F02D7BFDF1CF99DD7553732 ] C:\WINDOWS\system32\pstorsvc.dll
08:32:20.0093 2164 C:\WINDOWS\system32\pstorsvc.dll - ok
08:32:20.0093 2164 [ 22D89D84E8E081CDA529DBF8C0255A38 ] C:\WINDOWS\system32\psbase.dll
08:32:20.0093 2164 C:\WINDOWS\system32\psbase.dll - ok
08:32:20.0093 2164 [ FEDE68BF80052BAD393AFD5C2E60DCB0 ] C:\WINDOWS\system32\dssenh.dll
08:32:20.0093 2164 C:\WINDOWS\system32\dssenh.dll - ok
08:32:20.0093 2164 [ 009758CC06B7F55B4A4D16A66E243C24 ] C:\WINDOWS\system32\wuapi.dll
08:32:20.0093 2164 C:\WINDOWS\system32\wuapi.dll - ok
08:32:20.0093 2164 [ 3CB78C17BB664637787C9A1C98F79C38 ] C:\WINDOWS\system32\tapisrv.dll
08:32:20.0093 2164 C:\WINDOWS\system32\tapisrv.dll - ok
08:32:20.0093 2164 [ FF3477C03BE7201C294C35F684B3479F ] C:\WINDOWS\system32\termsrv.dll
08:32:20.0093 2164 C:\WINDOWS\system32\termsrv.dll - ok
08:32:20.0093 2164 [ 55BCA12F7F523D35CA3CB833C725F54E ] C:\WINDOWS\system32\trkwks.dll
08:32:20.0093 2164 C:\WINDOWS\system32\trkwks.dll - ok
08:32:20.0109 2164 [ DF6551E4C4C46655A0C76194F1FCEA5D ] C:\WINDOWS\system32\icaapi.dll
08:32:20.0109 2164 C:\WINDOWS\system32\icaapi.dll - ok
08:32:20.0109 2164 [ 2D65D56C2F8B6CC5EBFF8E7200C30304 ] C:\WINDOWS\system32\mstlsapi.dll
08:32:20.0109 2164 C:\WINDOWS\system32\mstlsapi.dll - ok
08:32:20.0109 2164 [ 2D0E4ED081963804CCC196A0929275B5 ] C:\WINDOWS\system32\wbem\wmisvc.dll
08:32:20.0109 2164 C:\WINDOWS\system32\wbem\wmisvc.dll - ok
08:32:20.0109 2164 [ F9D3C78CFE15271D80790677C893CE45 ] C:\WINDOWS\system32\cabinet.dll
08:32:20.0109 2164 C:\WINDOWS\system32\cabinet.dll - ok
08:32:20.0109 2164 [ C14350FC0D47D806699C4F907FC6785B ] C:\WINDOWS\system32\cryptnet.dll
08:32:20.0109 2164 C:\WINDOWS\system32\cryptnet.dll - ok
08:32:20.0109 2164 [ 35321FB577CDC98CE3EB3A3EB9E4610A ] C:\WINDOWS\system32\wuauserv.dll
08:32:20.0109 2164 C:\WINDOWS\system32\wuauserv.dll - ok
08:32:20.0109 2164 [ 3CBA2210FA39C6ED7895634842E930DD ] C:\WINDOWS\system32\sensapi.dll
08:32:20.0109 2164 C:\WINDOWS\system32\sensapi.dll - ok
08:32:20.0109 2164 [ E97D6A8684466DF94FF3BC24FB787A07 ] C:\WINDOWS\system32\fxssvc.exe
08:32:20.0109 2164 C:\WINDOWS\system32\fxssvc.exe - ok
08:32:20.0125 2164 [ 6298277B73C77FA99106B271A7525163 ] C:\WINDOWS\system32\wuaueng.dll
08:32:20.0125 2164 C:\WINDOWS\system32\wuaueng.dll - ok
08:32:20.0125 2164 [ 9A941BAF38F85B6E3FBEA96AB6E5ADBE ] C:\WINDOWS\system32\wups.dll
08:32:20.0125 2164 C:\WINDOWS\system32\wups.dll - ok
08:32:20.0125 2164 [ BDB83C844EDEC9BD01A94750D2C38DDF ] C:\WINDOWS\system32\fxsevent.dll
08:32:20.0125 2164 C:\WINDOWS\system32\fxsevent.dll - ok
08:32:20.0125 2164 [ C7C84DF7233F4834CD190F3DCCAF50CA ] C:\WINDOWS\system32\rdpwsx.dll
08:32:20.0125 2164 C:\WINDOWS\system32\rdpwsx.dll - ok
08:32:20.0125 2164 [ 1144EF6B4BB72E33B41912AE1AE4F97A ] C:\WINDOWS\system32\fxstiff.dll
08:32:20.0125 2164 C:\WINDOWS\system32\fxstiff.dll - ok
08:32:20.0125 2164 [ 234051C0D242A6F4A79AE5212C1323D4 ] C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
08:32:20.0125 2164 C:\Program Files\LogMeIn\x86\LogMeInSystray.exe - ok
08:32:20.0125 2164 [ 0329D0A4F230094B669A87BB3B85606E ] C:\WINDOWS\system32\fxsapi.dll
08:32:20.0125 2164 C:\WINDOWS\system32\fxsapi.dll - ok
08:32:20.0125 2164 [ 697281830297B87B6544EF9F4F67AD71 ] C:\Program Files\LogMeIn\x86\LogMeInSystray.dll
08:32:20.0125 2164 C:\Program Files\LogMeIn\x86\LogMeInSystray.dll - ok
08:32:20.0125 2164 [ B85E95679B5ADC12311BCD3F5385D623 ] C:\WINDOWS\system32\mspatcha.dll
08:32:20.0125 2164 C:\WINDOWS\system32\mspatcha.dll - ok
08:32:20.0140 2164 [ 4D83ED8BDDEC431FC8AD907B47CFB6E3 ] C:\WINDOWS\system32\dsound.dll
08:32:20.0140 2164 C:\WINDOWS\system32\dsound.dll - ok
08:32:20.0140 2164 [ A06CE3399D16DB864F55FAEB1F1927A9 ] C:\WINDOWS\system32\browser.dll
08:32:20.0140 2164 C:\WINDOWS\system32\browser.dll - ok
08:32:20.0140 2164 [ 7C278E6408D1DCE642230C0585A854D5 ] C:\WINDOWS\system32\wscsvc.dll
08:32:20.0140 2164 C:\WINDOWS\system32\wscsvc.dll - ok
08:32:20.0140 2164 [ 83F41D0D89645D7235C051AB1D9523AC ] C:\WINDOWS\system32\ipnathlp.dll
08:32:20.0140 2164 C:\WINDOWS\system32\ipnathlp.dll - ok
08:32:20.0140 2164 [ 0CE5F8AE9C371A965D17E3F2ED134809 ] C:\WINDOWS\system32\fxst30.dll
08:32:20.0140 2164 C:\WINDOWS\system32\fxst30.dll - ok
08:32:20.0140 2164 [ 60BC67FAC9DFF89B17F5792844DE1B7D ] C:\Program Files\LogMeIn\x86\rntfywnd.dll
08:32:20.0140 2164 C:\Program Files\LogMeIn\x86\rntfywnd.dll - ok
08:32:20.0140 2164 [ 9B9F1C38D559047B8AC0DBA2D5FEBDE9 ] C:\WINDOWS\system32\ksuser.dll
08:32:20.0140 2164 C:\WINDOWS\system32\ksuser.dll - ok
08:32:20.0140 2164 [ ED0C0DF222209E43AD9AFBF3FE87DDE0 ] C:\WINDOWS\system32\comsvcs.dll
08:32:20.0140 2164 C:\WINDOWS\system32\comsvcs.dll - ok
08:32:20.0140 2164 [ 2D583E2844FDD592D1629EB6B10E5702 ] C:\WINDOWS\system32\fxsroute.dll
08:32:20.0140 2164 C:\WINDOWS\system32\fxsroute.dll - ok
08:32:20.0156 2164 [ 690D97864735E8ECD87F55777E266690 ] C:\WINDOWS\system32\colbact.dll
08:32:20.0156 2164 C:\WINDOWS\system32\colbact.dll - ok
08:32:20.0156 2164 [ 36795A645EAA47FE31D2A8F136A2C69B ] C:\WINDOWS\system32\mtxclu.dll
08:32:20.0156 2164 C:\WINDOWS\system32\mtxclu.dll - ok
08:32:20.0156 2164 [ DF82E222578DBE59FCBBD69A02E4C806 ] C:\WINDOWS\system32\clusapi.dll
08:32:20.0156 2164 C:\WINDOWS\system32\clusapi.dll - ok
08:32:20.0156 2164 [ F51EBB6FC536A6B2D588FD668D3A8249 ] C:\WINDOWS\system32\resutils.dll
08:32:20.0156 2164 C:\WINDOWS\system32\resutils.dll - ok
08:32:20.0156 2164 [ F0BF811622F2DD6C8E26EE4600D83731 ] C:\WINDOWS\system32\wbem\wbemcore.dll
08:32:20.0156 2164 C:\WINDOWS\system32\wbem\wbemcore.dll - ok
08:32:20.0156 2164 [ E4616430709F440CF1809D88DC2366EA ] C:\WINDOWS\system32\wbem\esscli.dll
08:32:20.0156 2164 C:\WINDOWS\system32\wbem\esscli.dll - ok
08:32:20.0156 2164 [ 378A0AEFB11D8B0DC8C27B9F7604B88D ] C:\WINDOWS\system32\wbem\fastprox.dll
08:32:20.0156 2164 C:\WINDOWS\system32\wbem\fastprox.dll - ok
08:32:20.0156 2164 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
08:32:20.0156 2164 C:\WINDOWS\system32\riched32.dll - ok
08:32:20.0156 2164 [ AACE07FE34FADDDF973CE068A6424957 ] C:\WINDOWS\system32\unimdm.tsp
08:32:20.0156 2164 C:\WINDOWS\system32\unimdm.tsp - ok
08:32:20.0171 2164 [ 995252FCC4692B5B97EE17D596C9386E ] C:\WINDOWS\system32\uniplat.dll
08:32:20.0171 2164 C:\WINDOWS\system32\uniplat.dll - ok
08:32:20.0171 2164 [ 010472D0AE758227C6F6E6933549C219 ] C:\WINDOWS\system32\wbem\wbemsvc.dll
08:32:20.0171 2164 C:\WINDOWS\system32\wbem\wbemsvc.dll - ok
08:32:20.0171 2164 [ 19AE6CBA05B9005698A6DEDCC88F202E ] C:\WINDOWS\system32\unimdmat.dll
08:32:20.0171 2164 C:\WINDOWS\system32\unimdmat.dll - ok
08:32:20.0171 2164 [ FE4A73CDBC882A19D070F1C01586E81A ] C:\WINDOWS\system32\modemui.dll
08:32:20.0171 2164 C:\WINDOWS\system32\modemui.dll - ok
08:32:20.0171 2164 [ 76EC97C5068D3D9FAA7774B0F659D31A ] C:\WINDOWS\system32\kmddsp.tsp
08:32:20.0171 2164 C:\WINDOWS\system32\kmddsp.tsp - ok
08:32:20.0171 2164 [ 95786E866A54C7782E60855D2BAE5410 ] C:\WINDOWS\system32\mobsync.exe
08:32:20.0171 2164 C:\WINDOWS\system32\mobsync.exe - ok
08:32:20.0171 2164 [ 039133C02D61C3CE6C952092054B1148 ] C:\WINDOWS\system32\wups2.dll
08:32:20.0171 2164 C:\WINDOWS\system32\wups2.dll - ok
08:32:20.0171 2164 [ 3273D1565BF30225C115B480A3BB2C9D ] C:\WINDOWS\system32\wbem\wmiutils.dll
08:32:20.0171 2164 C:\WINDOWS\system32\wbem\wmiutils.dll - ok
08:32:20.0171 2164 [ D17918709F510B4EF2E98D89EBD1F74D ] C:\WINDOWS\system32\mobsync.dll
08:32:20.0171 2164 C:\WINDOWS\system32\mobsync.dll - ok
08:32:20.0187 2164 [ 4589963D84F2984FA5949A72162BA4F4 ] C:\WINDOWS\system32\ndptsp.tsp
08:32:20.0187 2164 C:\WINDOWS\system32\ndptsp.tsp - ok
08:32:20.0187 2164 [ 942A17D2901A31EA68627CBFFCD268CC ] C:\WINDOWS\system32\wbem\repdrvfs.dll
08:32:20.0187 2164 C:\WINDOWS\system32\wbem\repdrvfs.dll - ok
08:32:20.0187 2164 [ 8B8A45DF7CEF36D93C7BD3E4C84003B8 ] C:\WINDOWS\system32\ipconf.tsp
08:32:20.0187 2164 C:\WINDOWS\system32\ipconf.tsp - ok
08:32:20.0187 2164 [ 8BC2B02DC11C98D14CEE43B8E8393FF3 ] C:\WINDOWS\system32\h323.tsp
08:32:20.0187 2164 C:\WINDOWS\system32\h323.tsp - ok
08:32:20.0187 2164 [ 6B552ED3BEE5AA3C4560478FF779BA98 ] C:\WINDOWS\system32\hidphone.tsp
08:32:20.0187 2164 C:\WINDOWS\system32\hidphone.tsp - ok
08:32:20.0187 2164 [ 8973122796E3B5D6B5900FC186E55FEA ] C:\WINDOWS\system32\hid.dll
08:32:20.0187 2164 C:\WINDOWS\system32\hid.dll - ok
08:32:20.0187 2164 [ 071143F687B4F887E21461CA6CC7EB29 ] C:\WINDOWS\system32\wbem\wmiprvsd.dll
08:32:20.0187 2164 C:\WINDOWS\system32\wbem\wmiprvsd.dll - ok
08:32:20.0187 2164 [ 26D881D27CBE51D3614E68D7313EA026 ] C:\WINDOWS\system32\wbem\wbemess.dll
08:32:20.0187 2164 C:\WINDOWS\system32\wbem\wbemess.dll - ok
08:32:20.0203 2164 [ 62BB79160F86CD962F312C68C6239BFD ] C:\WINDOWS\system32\wuauclt.exe
08:32:20.0203 2164 C:\WINDOWS\system32\wuauclt.exe - ok
08:32:20.0203 2164 [ F92E1076C42FCD6DB3D72D8CFE9816D5 ] C:\WINDOWS\system32\wscntfy.exe
08:32:20.0203 2164 C:\WINDOWS\system32\wscntfy.exe - ok
08:32:20.0203 2164 [ 798A9E6828997EEF4517ADA8A2259831 ] C:\WINDOWS\system32\wbem\wmiprvse.exe
08:32:20.0203 2164 C:\WINDOWS\system32\wbem\wmiprvse.exe - ok
08:32:20.0203 2164 [ E837FDBB92E9873E538395B623F45462 ] C:\WINDOWS\system32\wbem\cimwin32.dll
08:32:20.0203 2164 C:\WINDOWS\system32\wbem\cimwin32.dll - ok
08:32:20.0203 2164 [ D26451B540720A7313A9BCBE794DAF62 ] C:\WINDOWS\system32\wbem\ncprov.dll
08:32:20.0203 2164 C:\WINDOWS\system32\wbem\ncprov.dll - ok
08:32:20.0203 2164 [ 4306FA2F1099D7C606139255FDB62B19 ] C:\WINDOWS\system32\wbem\framedyn.dll
08:32:20.0203 2164 C:\WINDOWS\system32\wbem\framedyn.dll - ok
08:32:20.0203 2164 [ 6404807ABC7AF52FA3792697AE638B50 ] C:\WINDOWS\system32\wbem\wbemcons.dll
08:32:20.0203 2164 C:\WINDOWS\system32\wbem\wbemcons.dll - ok
08:32:20.0203 2164 [ 93C088C2AEB2F23E720BDA7E32BD5117 ] C:\WINDOWS\system32\upnp.dll
08:32:20.0203 2164 C:\WINDOWS\system32\upnp.dll - ok
08:32:20.0203 2164 [ 3D075865DCC26931972F6476AD0497BE ] C:\WINDOWS\system32\ssdpapi.dll
08:32:20.0203 2164 C:\WINDOWS\system32\ssdpapi.dll - ok
08:32:20.0218 2164 [ 37A62C6092AADD2EFDE0468DD8818E99 ] C:\WINDOWS\system32\netcfgx.dll
08:32:20.0218 2164 C:\WINDOWS\system32\netcfgx.dll - ok
08:32:20.0218 2164 [ 76A9A3CBEADD68CC57CDA5E1D7448235 ] C:\WINDOWS\system32\rasmans.dll
08:32:20.0218 2164 C:\WINDOWS\system32\rasmans.dll - ok
08:32:20.0218 2164 [ 05D568D158B2AAA4FF1549B157D0E994 ] C:\Program Files\Avira\AntiVir Desktop\avwinll.dll
08:32:20.0218 2164 C:\Program Files\Avira\AntiVir Desktop\avwinll.dll - ok
08:32:20.0218 2164 [ E0673F1106E62A68D2257E376079F821 ] C:\WINDOWS\system32\wbem\wmiapsrv.exe
08:32:20.0218 2164 C:\WINDOWS\system32\wbem\wmiapsrv.exe - ok
08:32:20.0218 2164 [ E21D3548D377151B82FD70E43039CF52 ] C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin
08:32:20.0218 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\PlugInRAID.pin - ok
08:32:20.0218 2164 [ 6895427873D6C37A6D6DA7C3DB37DA14 ] C:\WINDOWS\system32\licwmi.dll
08:32:20.0218 2164 C:\WINDOWS\system32\licwmi.dll - ok
08:32:20.0218 2164 [ EB7494ECFE01B70B83E781EEB8F88C8A ] C:\WINDOWS\system32\wbem\wmiapres.dll
08:32:20.0218 2164 C:\WINDOWS\system32\wbem\wmiapres.dll - ok
08:32:20.0218 2164 [ E34D075ACC022C117C215DFB4995F41D ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll
08:32:20.0218 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizM.dll - ok
08:32:20.0218 2164 [ A693A49A67673F2C8D76797EA9A628D0 ] C:\WINDOWS\system32\licdll.dll
08:32:20.0218 2164 C:\WINDOWS\system32\licdll.dll - ok
08:32:20.0234 2164 [ F6AACF5BCE2893E0C1754AFEB672E5C9 ] C:\WINDOWS\system32\drivers\http.sys
08:32:20.0234 2164 C:\WINDOWS\system32\drivers\http.sys - ok
08:32:20.0234 2164 [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
08:32:20.0234 2164 C:\WINDOWS\system32\oleacc.dll - ok
08:32:20.0234 2164 [ 0A5679B3714EDAB99E357057EE88FCA6 ] C:\WINDOWS\system32\ssdpsrv.dll
08:32:20.0234 2164 C:\WINDOWS\system32\ssdpsrv.dll - ok
08:32:20.0234 2164 [ 1CAD39337202BA05BA929A44CA585A6A ] C:\WINDOWS\system32\pautoenr.dll
08:32:20.0234 2164 C:\WINDOWS\system32\pautoenr.dll - ok
08:32:20.0234 2164 [ 5F7692CEC90E2E9AA32CD58321E234B8 ] C:\WINDOWS\system32\rastapi.dll
08:32:20.0234 2164 C:\WINDOWS\system32\rastapi.dll - ok
08:32:20.0234 2164 [ BBEF24630F702413D54AE0D8F0039760 ] C:\WINDOWS\system32\wbem\policman.dll
08:32:20.0234 2164 C:\WINDOWS\system32\wbem\policman.dll - ok
08:32:20.0234 2164 [ CF39C5CAFF192033C82DF6D493F7C522 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll
08:32:20.0234 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizD.dll - ok
08:32:20.0234 2164 [ A7F361875622AA5829AA39BA248F68E9 ] C:\WINDOWS\system32\adsldp.dll
08:32:20.0234 2164 C:\WINDOWS\system32\adsldp.dll - ok
08:32:20.0250 2164 [ 8BB3E105E8881AD8467F71D5E22AAE43 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll
08:32:20.0250 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizR.dll - ok
08:32:20.0250 2164 [ 170159D6F26E4945A7234E1767A5D922 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll
08:32:20.0250 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\RaidWizCnG.dll - ok
08:32:20.0250 2164 [ 8C515081584A38AA007909CD02020B3D ] C:\WINDOWS\system32\alg.exe
08:32:20.0250 2164 C:\WINDOWS\system32\alg.exe - ok
08:32:20.0250 2164 [ F878AB9978615A3C8F29C18B9BC6E5FD ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll
08:32:20.0250 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizC.dll - ok
08:32:20.0250 2164 [ D0545A010ED2259A740C8414899A938F ] C:\WINDOWS\system32\rasppp.dll
08:32:20.0250 2164 C:\WINDOWS\system32\rasppp.dll - ok
08:32:20.0250 2164 [ EB91D67D8F0F4A262B133F118E840912 ] C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll
08:32:20.0250 2164 C:\Program Files\Intel\Intel Matrix Storage Manager\RAIDWizCFE.dll - ok
08:32:20.0250 2164 [ B464BD425D5D09ABE4192234D1577B22 ] C:\WINDOWS\system32\ntlsapi.dll
08:32:20.0250 2164 C:\WINDOWS\system32\ntlsapi.dll - ok
08:32:20.0250 2164 [ A655C88AA555BB8EF8957BD29408827F ] C:\WINDOWS\system32\rasqec.dll
08:32:20.0250 2164 C:\WINDOWS\system32\rasqec.dll - ok
08:32:20.0250 2164 [ E4A5301E7683F4B012CC7BF84E15BB48 ] C:\WINDOWS\system32\msxml6.dll
08:32:20.0250 2164 C:\WINDOWS\system32\msxml6.dll - ok
08:32:20.0265 2164 [ ED43F00CD77E72483A8625AC4F32D8D8 ] C:\WINDOWS\system32\raschap.dll
08:32:20.0265 2164 C:\WINDOWS\system32\raschap.dll - ok
08:32:20.0265 2164 [ 036D3962F2086BF2A98E2873CE153828 ] C:\WINDOWS\system32\rastls.dll
08:32:20.0265 2164 C:\WINDOWS\system32\rastls.dll - ok
08:32:20.0265 2164 [ 5E12974F81FAE8F695E2B4EA05418AF3 ] C:\WINDOWS\system32\fdeploy.dll
08:32:20.0265 2164 C:\WINDOWS\system32\fdeploy.dll - ok
08:32:20.0265 2164 [ 96A81FB6A7E1CFF2396177D52814DD52 ] C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll
08:32:20.0265 2164 C:\Program Files\Windows Small Business Server\Bin\SBSCSE.dll - ok
08:32:20.0265 2164 [ 960F6D3CD9A1BA6435D7AADD102B297F ] C:\WINDOWS\system32\wbem\wmiprov.dll
08:32:20.0265 2164 C:\WINDOWS\system32\wbem\wmiprov.dll - ok
08:32:20.0265 2164 [ 1F4AD4BC5747F7F150F6D53CC52482F2 ] C:\Program Files\Avira\AntiVir Desktop\avwsc.exe
08:32:20.0265 2164 C:\Program Files\Avira\AntiVir Desktop\avwsc.exe - ok
08:32:20.0265 2164 [ 423069307FB726E51E2A66F1C3F738FE ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll
08:32:20.0265 2164 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_a57c1f53\mfc90u.dll - ok
08:32:20.0265 2164 [ 2A632A95433E9719F37AE06BA00543AC ] C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll
08:32:20.0265 2164 C:\WINDOWS\WinSxS\x86_Microsoft.VC90.MFCLOC_1fc8b3b9a1e18e3b_9.0.30729.4148_x-ww_15fc9313\mfc90enu.dll - ok
08:32:20.0265 2164 [ 4B3A4639DD281B709162A2120B3DAEFC ] C:\Program Files\Avira\AntiVir Desktop\ccguard.dll
08:32:20.0265 2164 C:\Program Files\Avira\AntiVir Desktop\ccguard.dll - ok
08:32:20.0281 2164 [ A08EF2FC9B3E688128E89D9C193F7652 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll
08:32:20.0281 2164 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.5581_x-ww_dfbc4fc4\GdiPlus.dll - ok
08:32:20.0281 2164 [ 47766F6B79A25AF04ED3F6F2B02AA4CB ] C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll
08:32:20.0281 2164 C:\Program Files\Avira\AntiVir Desktop\ccwkrlib.dll - ok
08:32:20.0281 2164 [ 298B49E02025ADD1D12AAF27937A3549 ] C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll
08:32:20.0281 2164 C:\Program Files\Avira\AntiVir Desktop\ccgrdrc.dll - ok
08:32:20.0281 2164 [ 41303E032613D2C4E29BE8B8EB5F027B ] C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll
08:32:20.0281 2164 C:\Program Files\Avira\AntiVir Desktop\ccgrdw.dll - ok
08:32:20.0281 2164 [ 3E4CF92B57AAE06A9022B78280E22519 ] C:\Program Files\Java\jre6\bin\awt.dll
08:32:20.0281 2164 C:\Program Files\Java\jre6\bin\awt.dll - ok
08:32:20.0281 2164 [ 0C175BDFF64F764286C06E68040E1675 ] C:\Program Files\Java\jre6\bin\client\jvm.dll
08:32:20.0281 2164 C:\Program Files\Java\jre6\bin\client\jvm.dll - ok
08:32:20.0281 2164 [ 8C25C4613BC521B70E73AC100DD59CE2 ] C:\Program Files\Java\jre6\bin\dcpr.dll
08:32:20.0281 2164 C:\Program Files\Java\jre6\bin\dcpr.dll - ok
08:32:20.0281 2164 [ 2371D54B21BF59D48D8A7612C2C9D39F ] C:\Program Files\Java\jre6\bin\deploy.dll
08:32:20.0281 2164 C:\Program Files\Java\jre6\bin\deploy.dll - ok
08:32:20.0296 2164 [ 9A1F187C30A909DBC3D4204C95B5E2A7 ] C:\Program Files\Java\jre6\bin\fontmanager.dll
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\fontmanager.dll - ok
08:32:20.0296 2164 [ 7026C371600D6B68D6CAB6D247EC97C8 ] C:\Program Files\Java\jre6\bin\hpi.dll
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\hpi.dll - ok
08:32:20.0296 2164 [ EC3F49E973B04F2FDE1C0CDFB6BEF652 ] C:\Program Files\Java\jre6\bin\java.dll
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\java.dll - ok
08:32:20.0296 2164 [ 388B6ED67630421AA3B125402B3D43F2 ] C:\Program Files\Java\jre6\bin\javaw.exe
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\javaw.exe - ok
08:32:20.0296 2164 [ 5D9A29B0BC09D911377B2DFA94C4483C ] C:\Program Files\Java\jre6\bin\jp2native.dll
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\jp2native.dll - ok
08:32:20.0296 2164 [ BD441C350C2400D93EE2349AA01A4BE6 ] C:\Program Files\Java\jre6\bin\jpeg.dll
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\jpeg.dll - ok
08:32:20.0296 2164 [ BAF2270D88AF0DC7134066C2246445A0 ] C:\Program Files\Java\jre6\bin\net.dll
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\net.dll - ok
08:32:20.0296 2164 [ 0C80FBF6C04E3C14460376740A59A65F ] C:\Program Files\Java\jre6\bin\nio.dll
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\nio.dll - ok
08:32:20.0296 2164 [ 6BE8577FF16E3ADF09058C05FF6CBEF8 ] C:\Program Files\Java\jre6\bin\regutils.dll
08:32:20.0296 2164 C:\Program Files\Java\jre6\bin\regutils.dll - ok
08:32:20.0312 2164 [ D031A5C9BAC5D0250A1E2DE9228CC5AE ] C:\Program Files\Java\jre6\bin\verify.dll
08:32:20.0312 2164 C:\Program Files\Java\jre6\bin\verify.dll - ok
08:32:20.0312 2164 [ 3780199F2CB0508DC90129A701AADF7D ] C:\Program Files\Java\jre6\bin\zip.dll
08:32:20.0312 2164 C:\Program Files\Java\jre6\bin\zip.dll - ok
08:32:20.0312 2164 [ AD6B1A69B0CCCF27A792F4C00740D24D ] C:\DOCUME~1\KENNET~1.ED~\LOCALS~1\temp\8A3B389D-39D8-46C4-B80D-2FDA81BBFDF1.exe
08:32:20.0312 2164 C:\DOCUME~1\KENNET~1.ED~\LOCALS~1\temp\8A3B389D-39D8-46C4-B80D-2FDA81BBFDF1.exe - ok
08:32:20.0312 2164 [ 2DC5A8019E2387987905F77C664E4BE2 ] C:\WINDOWS\system32\linkinfo.dll
08:32:20.0312 2164 C:\WINDOWS\system32\linkinfo.dll - ok
08:32:20.0312 2164 [ A70A2D85AD143D6BB823C246CEB699A5 ] C:\WINDOWS\system32\ntshrui.dll
08:32:20.0312 2164 C:\WINDOWS\system32\ntshrui.dll - ok
08:32:20.0312 2164 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\98828029.sys
08:32:20.0312 2164 C:\WINDOWS\system32\drivers\98828029.sys - ok
08:32:20.0312 2164 [ 079743D98028DBD026344C2E1D40DA20 ] C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll
08:32:20.0312 2164 C:\Program Files\Common Files\Autodesk Shared\AcSignCore16.dll - ok
08:32:20.0312 2164 [ E3C817F7FE44CC870ECDBCBC3EA36132 ] C:\WINDOWS\system32\msvcp100.dll
08:32:20.0312 2164 C:\WINDOWS\system32\msvcp100.dll - ok
08:32:20.0312 2164 [ CC8915DB4E33E8FB29CA0D2DBF75306E ] C:\WINDOWS\system32\webcheck.dll
08:32:20.0312 2164 C:\WINDOWS\system32\webcheck.dll - ok
08:32:20.0328 2164 [ 30DEAF54A9755BB8546168CFE8A6B5E1 ] C:\WINDOWS\system32\imapi.exe
08:32:20.0328 2164 C:\WINDOWS\system32\imapi.exe - ok
08:32:20.0328 2164 [ B714735C12A70171DE28657948FD91F1 ] C:\WINDOWS\system32\mlang.dll
08:32:20.0328 2164 C:\WINDOWS\system32\mlang.dll - ok
08:32:20.0328 2164 [ 50512FC9B7878E3C2C147BC17326A7DB ] C:\WINDOWS\system32\stobject.dll
08:32:20.0328 2164 C:\WINDOWS\system32\stobject.dll - ok
08:32:20.0328 2164 [ 231A0B0E3BA7ABFE469A8262FAA1FD71 ] C:\WINDOWS\system32\batmeter.dll
08:32:20.0328 2164 C:\WINDOWS\system32\batmeter.dll - ok
08:32:20.0328 2164 [ 5C4ADB808B54126C1ED2FBA0EAE06C63 ] C:\WINDOWS\system32\upnpui.dll
08:32:20.0328 2164 C:\WINDOWS\system32\upnpui.dll - ok
08:32:20.0328 2164 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
08:32:20.0328 2164 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
08:32:20.0328 2164 [ 538A270F35A713C360B7ED4168BB7521 ] C:\WINDOWS\system32\mydocs.dll
08:32:20.0328 2164 C:\WINDOWS\system32\mydocs.dll - ok
08:32:20.0328 2164 [ AB3F5DB82B0634E6D59C31D84D25D65D ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\UPnPUI.dll
08:32:20.0328 2164 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\UPnPUI.dll - ok
08:32:20.0343 2164 [ CE4D5C88B18B07C32E703D8C422F7198 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\FakeAvRenderer.dll
08:32:20.0343 2164 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\FakeAvRenderer.dll - ok
08:32:20.0343 2164 [ F8645BF3110D4849DD35BFC0262BEF2C ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll
08:32:20.0343 2164 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok
08:32:20.0343 2164 [ 415E8B6274CBF1AF3373C321595359D1 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
08:32:20.0343 2164 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok
08:32:20.0343 2164 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\WINDOWS\system32\msvcr71.dll
08:32:20.0343 2164 C:\WINDOWS\system32\msvcr71.dll - ok
08:32:20.0343 2164 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\WINDOWS\system32\msvcp71.dll
08:32:20.0343 2164 C:\WINDOWS\system32\msvcp71.dll - ok
08:32:20.0343 2164 [ B8B7B7BF75E3CCA3C0FC5D54C4031E4D ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
08:32:20.0343 2164 C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll - ok
08:32:20.0343 2164 [ 3080FDE0A83B388B87DA94E10E6764BA ] C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll
08:32:20.0343 2164 C:\Program Files\Roxio\Drag-to-Disc\Shellex.dll - ok
08:32:20.0343 2164 [ 378894E833489C07AAE541BE974CB59B ] C:\WINDOWS\system32\DLAAPI_W.DLL
08:32:20.0343 2164 C:\WINDOWS\system32\DLAAPI_W.DLL - ok
08:32:20.0343 2164 [ B56975676F75258A19B56F07C021A310 ] C:\WINDOWS\system32\cdrtc.dll
08:32:20.0343 2164 C:\WINDOWS\system32\cdrtc.dll - ok
08:32:20.0359 2164 [ 9A7B2AB99D908CAFAFFD128C27C08ADB ] C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL
08:32:20.0359 2164 C:\Program Files\Roxio\Drag-to-Disc\ShellRes.DLL - ok
08:32:20.0359 2164 [ 1A71FD82EA1F61BC56EEFF650F8D5D14 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll
08:32:20.0359 2164 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok
08:32:20.0359 2164 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
08:32:20.0359 2164 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
08:32:20.0359 2164 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
08:32:20.0359 2164 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
08:32:20.0359 2164 [ 401A8C0BE0BAA7D7A470F0942244152D ] C:\WINDOWS\system32\rasdlg.dll
08:32:20.0359 2164 C:\WINDOWS\system32\rasdlg.dll - ok
08:32:20.0359 2164 [ FA4B5940B31853ADE67A73026884C8C9 ] C:\WINDOWS\system32\dfshim.dll
08:32:20.0359 2164 C:\WINDOWS\system32\dfshim.dll - ok
08:32:20.0359 2164 [ AB6D0A4EBA0B43A83A21F698F3E1BCC8 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfdll.dll
08:32:20.0359 2164 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\dfdll.dll - ok
08:32:20.0359 2164 [ 0CF587A7716DCF9DFBC54C6F3C9C7840 ] C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll
08:32:20.0359 2164 C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
08:32:20.0359 2164 [ 63368D3E65AACE7D26F69D8B29384243 ] C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL
08:32:20.0359 2164 C:\Program Files\Microsoft Office\Office12\MSOHEVI.DLL - ok
08:32:20.0375 2164 [ B60DDDD2D63CE41CB8C487FCFBB6419E ] C:\Program Files\Internet Explorer\iexplore.exe
08:32:20.0375 2164 C:\Program Files\Internet Explorer\iexplore.exe - ok
08:32:20.0375 2164 [ 64C5C0F1A40C26FE6362825C044578C5 ] C:\Program Files\Internet Explorer\xpshims.dll
08:32:20.0375 2164 C:\Program Files\Internet Explorer\xpshims.dll - ok
08:32:20.0375 2164 [ 5EB87BA0B93CA7E894FC8002E3CE4C2A ] C:\Program Files\Internet Explorer\sqmapi.dll
08:32:20.0375 2164 C:\Program Files\Internet Explorer\sqmapi.dll - ok
08:32:20.0375 2164 [ 11734790410900D2CD6B7839020E4DD9 ] C:\WINDOWS\system32\ieui.dll
08:32:20.0375 2164 C:\WINDOWS\system32\ieui.dll - ok
08:32:20.0375 2164 [ E11457C66FDD966EE415FBBC6D9BE643 ] C:\WINDOWS\system32\msimtf.dll
08:32:20.0375 2164 C:\WINDOWS\system32\msimtf.dll - ok
08:32:20.0375 2164 [ E40FCF943127DDC8FD60554B722D762B ] C:\WINDOWS\system32\msctf.dll
08:32:20.0375 2164 C:\WINDOWS\system32\msctf.dll - ok
08:32:20.0375 2164 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3 ] C:\WINDOWS\system32\ctfmon.exe
08:32:20.0375 2164 C:\WINDOWS\system32\ctfmon.exe - ok
08:32:20.0375 2164 [ 98E53CA00D3C0A2E9FAA4E59C101AEBA ] C:\WINDOWS\system32\mslbui.dll
08:32:20.0375 2164 C:\WINDOWS\system32\mslbui.dll - ok
08:32:20.0390 2164 [ 17AA58A54C00F1746B8654C050491F43 ] C:\WINDOWS\system32\msutb.dll
08:32:20.0390 2164 C:\WINDOWS\system32\msutb.dll - ok
08:32:20.0390 2164 [ F6FAEC07446A78A9C5AF4558FF5BD118 ] C:\WINDOWS\ime\sptip.dll
08:32:20.0390 2164 C:\WINDOWS\ime\sptip.dll - ok
08:32:20.0390 2164 [ D1E18F4AE94FFEC7270BE0A10C0B295E ] C:\WINDOWS\system32\xmllite.dll
08:32:20.0390 2164 C:\WINDOWS\system32\xmllite.dll - ok
08:32:20.0390 2164 [ D43637F8E835DDF2FE95FBE6242494B0 ] C:\WINDOWS\ime\spgrmr.dll
08:32:20.0390 2164 C:\WINDOWS\ime\spgrmr.dll - ok
08:32:20.0390 2164 [ 1424612F4EED15FEF3C216DB72D18E3E ] C:\Program Files\Internet Explorer\ieproxy.dll
08:32:20.0390 2164 C:\Program Files\Internet Explorer\ieproxy.dll - ok
08:32:20.0390 2164 [ 885BA7AE8F650E7D7BCB5B966E00DDCE ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
08:32:20.0390 2164 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll - ok
08:32:20.0390 2164 [ 8C53CCD787C381CD535D8DCCA12584D8 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll
08:32:20.0390 2164 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\msvcp80.dll - ok
08:32:20.0390 2164 [ C47F17AA10348D7F8CF2F8B8F04FF0B8 ] C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
08:32:20.0390 2164 C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - ok
08:32:20.0390 2164 [ 44BCFF08947790E74BD7CC7532D2B793 ] C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
08:32:20.0390 2164 C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll - ok
08:32:20.0390 2164 [ 0917C10B217A56EC7D1B061EFF355B95 ] C:\Program Files\Java\jre6\bin\ssv.dll
08:32:20.0390 2164 C:\Program Files\Java\jre6\bin\ssv.dll - ok
08:32:20.0406 2164 [ D16903B9431F799877AD6DF13D16BDA0 ] C:\Program Files\Adobe\Acrobat 6.0\Acrobat\atl.dll
08:32:20.0406 2164 C:\Program Files\Adobe\Acrobat 6.0\Acrobat\atl.dll - ok
08:32:20.0406 2164 [ AF5F0020BB469450FA68DD3FEDD63BBA ] C:\Program Files\Java\jre6\bin\jp2ssv.dll
08:32:20.0406 2164 C:\Program Files\Java\jre6\bin\jp2ssv.dll - ok
08:32:20.0406 2164 [ AC70B2B4AF521205DA2710BE6B7143A3 ] C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
08:32:20.0406 2164 C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll - ok
08:32:20.0406 2164 [ 5A32B43A48D6DCA339BF24105D9A028F ] C:\WINDOWS\system32\mshtml.dll
08:32:20.0406 2164 C:\WINDOWS\system32\mshtml.dll - ok
08:32:20.0406 2164 [ 2ACCD352451EC0F99AF2AD9DB6DB4439 ] C:\WINDOWS\system32\msls31.dll
08:32:20.0406 2164 C:\WINDOWS\system32\msls31.dll - ok
08:32:20.0406 2164 [ C730F70351D950DDA7388C9A9763CF54 ] C:\WINDOWS\system32\wbem\wmipcima.dll
08:32:20.0406 2164 C:\WINDOWS\system32\wbem\wmipcima.dll - ok
08:32:20.0406 2164 [ E8179401795F1DFFA6E50795BDD2090A ] C:\WINDOWS\system32\jscript.dll
08:32:20.0406 2164 C:\WINDOWS\system32\jscript.dll - ok
08:32:20.0406 2164 [ 7D7D8501F3CB45D0408CDEFA08CDAEFF ] C:\WINDOWS\system32\usp10.dll
08:32:20.0406 2164 C:\WINDOWS\system32\usp10.dll - ok
08:32:20.0421 2164 [ FB78707284CD34B5C33380A9E993B27F ] C:\WINDOWS\system32\iepeers.dll
08:32:20.0421 2164 C:\WINDOWS\system32\iepeers.dll - ok
08:32:20.0421 2164 [ 5E1A0476E009A1930A524DFF4CA13982 ] C:\WINDOWS\system32\dxtrans.dll
08:32:20.0421 2164 C:\WINDOWS\system32\dxtrans.dll - ok
08:32:20.0421 2164 [ A47F6A13202AA54541CA46D6CED79F5F ] C:\WINDOWS\system32\ddrawex.dll
08:32:20.0421 2164 C:\WINDOWS\system32\ddrawex.dll - ok
08:32:20.0421 2164 [ A340CD71EB535A3DD751B5F28723E50C ] C:\WINDOWS\system32\ddraw.dll
08:32:20.0421 2164 C:\WINDOWS\system32\ddraw.dll - ok
08:32:20.0421 2164 [ D8B91D94ECB123862B390FDE3250D3BB ] C:\WINDOWS\system32\dciman32.dll
08:32:20.0421 2164 C:\WINDOWS\system32\dciman32.dll - ok
08:32:20.0421 2164 [ 057D53F1490598D41D9D4DEE9A92B0B1 ] C:\WINDOWS\system32\dxtmsft.dll
08:32:20.0421 2164 C:\WINDOWS\system32\dxtmsft.dll - ok
08:32:20.0421 2164 [ 42B928FC8518D793BF7A5EAFC57B1D8B ] C:\WINDOWS\system32\imgutil.dll
08:32:20.0421 2164 C:\WINDOWS\system32\imgutil.dll - ok
08:32:20.0421 2164 [ E5FA1B044DAC5F6F600A1742D73F6936 ] C:\WINDOWS\system32\pngfilt.dll
08:32:20.0421 2164 C:\WINDOWS\system32\pngfilt.dll - ok
08:32:20.0421 2164 [ C983E62B6FB74457D173BA93F66F6068 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
08:32:20.0421 2164 C:\Program Files\Avira\AntiVir Desktop\avgnt.exe - ok
08:32:20.0437 2164 [ 20FA028CB6506591A99C51432A3C0174 ] C:\WINDOWS\system32\langwrbk.dll
08:32:20.0437 2164 C:\WINDOWS\system32\langwrbk.dll - ok
08:32:20.0437 2164 [ 15DFB3CAF377FC93440BA5756637D37F ] C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll
08:32:20.0437 2164 C:\Program Files\Avira\AntiVir Desktop\scewxmlw.dll - ok
08:32:20.0437 2164 [ F7263B4E58E0346178CAD70EAC7F35E6 ] C:\Program Files\Avira\AntiVir Desktop\ccgen.dll
08:32:20.0437 2164 C:\Program Files\Avira\AntiVir Desktop\ccgen.dll - ok
08:32:20.0437 2164 [ F05A5753C308425749B37ACD39A5F760 ] C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll
08:32:20.0437 2164 C:\Program Files\Avira\AntiVir Desktop\ccgenrc.dll - ok
08:32:20.0437 2164 [ ACFEC9B963B04268856823051D08251C ] C:\Program Files\Avira\AntiVir Desktop\ccprofil.dll
08:32:20.0437 2164 C:\Program Files\Avira\AntiVir Desktop\ccprofil.dll - ok
08:32:20.0437 2164 [ AD676891B172562C0B19EDD0BE701940 ] C:\Program Files\Avira\AntiVir Desktop\ccscanrc.dll
08:32:20.0437 2164 C:\Program Files\Avira\AntiVir Desktop\ccscanrc.dll - ok
08:32:20.0437 2164 [ 84F045A39B6DCFA6018F7D8F68E1F80C ] C:\Program Files\Avira\AntiVir Desktop\ccquamgr.dll
08:32:20.0437 2164 C:\Program Files\Avira\AntiVir Desktop\ccquamgr.dll - ok
08:32:20.0437 2164 [ 90A9B542C9300E540864D9FE1C42A130 ] C:\WINDOWS\system32\fxsst.dll
08:32:20.0437 2164 C:\WINDOWS\system32\fxsst.dll - ok
08:32:20.0437 2164 [ 48620181236476EC845CB96D453EDF54 ] C:\Program Files\Avira\AntiVir Desktop\ccquarc.dll
08:32:20.0437 2164 C:\Program Files\Avira\AntiVir Desktop\ccquarc.dll - ok
08:32:20.0453 2164 [ EEBB9A28B06BFFF6B801A7B3B0263194 ] C:\Program Files\Avira\AntiVir Desktop\ccsched.dll
08:32:20.0453 2164 C:\Program Files\Avira\AntiVir Desktop\ccsched.dll - ok
08:32:20.0453 2164 [ 0CA0530BDA80A75A63EF95D7DDFD6B4C ] C:\Program Files\Avira\AntiVir Desktop\ccscherc.dll
08:32:20.0453 2164 C:\Program Files\Avira\AntiVir Desktop\ccscherc.dll - ok
08:32:20.0453 2164 [ C2C9BE593D6FF85C236667A754248210 ] C:\Program Files\Avira\AntiVir Desktop\ccreport.dll
08:32:20.0453 2164 C:\Program Files\Avira\AntiVir Desktop\ccreport.dll - ok
08:32:20.0453 2164 [ 5757FD95F10D5307292BF2F874F06CE9 ] C:\Program Files\Avira\AntiVir Desktop\ccreporc.dll
08:32:20.0453 2164 C:\Program Files\Avira\AntiVir Desktop\ccreporc.dll - ok
08:32:20.0453 2164 [ 18C6ABB238E53B513391E9B22EC015F7 ] C:\Program Files\Avira\AntiVir Desktop\ccev.dll
08:32:20.0453 2164 C:\Program Files\Avira\AntiVir Desktop\ccev.dll - ok
08:32:20.0453 2164 [ 1C8244C24F208591D7BDECFFE5856D44 ] C:\Program Files\Avira\AntiVir Desktop\ccevrc.dll
08:32:20.0453 2164 C:\Program Files\Avira\AntiVir Desktop\ccevrc.dll - ok
08:32:20.0453 2164 [ BD655A8ECAF694C48684B89C745F52FA ] C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll
08:32:20.0453 2164 C:\Program Files\Avira\AntiVir Desktop\ccupdate.dll - ok
08:32:20.0453 2164 [ A93A23D1D8922FE1E625D9884C275FF5 ] C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll
08:32:20.0453 2164 C:\Program Files\Avira\AntiVir Desktop\ccupdrc.dll - ok
08:32:20.0468 2164 [ C0245ED1F48397D41632CAB0AFA842CE ] C:\Program Files\Avira\AntiVir Desktop\cclic.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\cclic.dll - ok
08:32:20.0468 2164 [ 939286B2D5177E88D1FA804413AC8862 ] C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\cclicrc.dll - ok
08:32:20.0468 2164 [ 98D551A16398529F181570A001843231 ] C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\ccmsg.dll - ok
08:32:20.0468 2164 [ 76D19B395001F884EEED44D582FD5658 ] C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\ccmsgrc.dll - ok
08:32:20.0468 2164 [ A285373EAB723D7F3FCFDB70ACCB60A1 ] C:\Program Files\Avira\AntiVir Desktop\rcimage.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\rcimage.dll - ok
08:32:20.0468 2164 [ 0014339814C89ABF148F49976146941C ] C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\ccwgrd.dll - ok
08:32:20.0468 2164 [ E679BFACA916613BDFBF0844DE248EF0 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
08:32:20.0468 2164 [ D41A02871F992A2C47B84A95C2A78B40 ] C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\ccwgrdw.dll - ok
08:32:20.0468 2164 [ FB29E986F789B6A104022525589B3866 ] C:\Program Files\Avira\AntiVir Desktop\ccavscanex.dll
08:32:20.0468 2164 C:\Program Files\Avira\AntiVir Desktop\ccavscanex.dll - ok
08:32:20.0484 2164 [ 6F6E35D1EBAF6A2F7F1F6AB6B1CA42B8 ] C:\Program Files\Avira\AntiVir Desktop\ccavscanexrc.dll
08:32:20.0484 2164 C:\Program Files\Avira\AntiVir Desktop\ccavscanexrc.dll - ok
08:32:20.0484 2164 [ A76E052FBDD0D8C8B7F6750CB685A7FD ] C:\WINDOWS\system32\Macromed\Flash\Flash32_11_3_300_257.ocx
08:32:20.0484 2164 C:\WINDOWS\system32\Macromed\Flash\Flash32_11_3_300_257.ocx - ok
08:32:20.0484 2164 [ DCD62C40142DF3B41F64AC837FEB5716 ] C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll
08:32:20.0484 2164 C:\Program Files\Avira\AntiVir Desktop\ccmainrc.dll - ok
08:32:20.0484 2164 [ 56ADB11F7D4D0816C0BE1E701C1B5E52 ] C:\WINDOWS\system32\d3dim700.dll
08:32:20.0484 2164 C:\WINDOWS\system32\d3dim700.dll - ok
08:32:20.0484 2164 [ 2D9E95CCEECD474BF14FF45F8BC5A3A7 ] C:\Program Files\Avira\AntiVir Desktop\msgclient.dll
08:32:20.0484 2164 C:\Program Files\Avira\AntiVir Desktop\msgclient.dll - ok
08:32:20.0484 2164 ============================================================
08:32:20.0484 2164 Scan finished
08:32:20.0484 2164 ============================================================
08:32:20.0593 2244 Detected object count: 9
08:32:20.0593 2244 Actual detected object count: 9
08:32:39.0859 2244 BANTExt ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 BANTExt ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:32:39.0859 2244 BASFND ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 BASFND ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:32:39.0859 2244 Bonjour Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 Bonjour Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:32:39.0859 2244 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 C-DillaCdaC11BA ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:32:39.0859 2244 CdaC15BA ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 CdaC15BA ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:32:39.0859 2244 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 FLEXnet Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:32:39.0859 2244 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:32:39.0859 2244 SCDEmu ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 SCDEmu ( UnsignedFile.Multi.Generic ) - User select action: Skip
08:32:39.0859 2244 stllssvr ( UnsignedFile.Multi.Generic ) - skipped by user
08:32:39.0859 2244 stllssvr ( UnsignedFile.Multi.Generic ) - User select action: Skip

#15 KPE

KPE
  • Topic Starter

  • Members
  • 52 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 07 September 2012 - 08:57 AM

ESET Scan Log....
C:\Documents and Settings\kenneth.edwards\Desktop\RK_Quarantine\hquqxgy.dll.vir a variant of Win32/Kryptik.ALJQ trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\Documents and Settings\kenneth.edwards\Local Settings\Application Data\Autodesk\Adobe\hlqsvlsun.dll.vir Win32/BHO.OEI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_15.31.55\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_15.31.55\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_15.31.55\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_15.31.55\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_15.31.55\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_15.31.55\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_15.31.55\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_15.31.55\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.07.21\mbr0000\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.07.21\mbr0000\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.07.21\mbr0000\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.07.21\mbr0000\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.07.21\mbr0000\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.07.21\mbr0000\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.07.21\mbr0000\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.07.21\mbr0000\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.29.51\tdlfs0000\tsk0001.dta Win32/Olmarik.AYI trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.29.51\tdlfs0000\tsk0002.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.29.51\tdlfs0000\tsk0003.dta Win32/Olmarik.AYH trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.29.51\tdlfs0000\tsk0004.dta Win64/Olmarik.AL trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.29.51\tdlfs0000\tsk0005.dta a variant of Win32/Rootkit.Kryptik.NP trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.29.51\tdlfs0000\tsk0006.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.29.51\tdlfs0000\tsk0010.dta Win32/Olmarik.AFK trojan cleaned by deleting - quarantined
C:\TDSSKiller_Quarantine\06.08.2012_16.29.51\tdlfs0000\tsk0011.dta Win64/Olmarik.AK trojan cleaned by deleting - quarantined




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users