Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Possible ransomware?


  • This topic is locked This topic is locked
8 replies to this topic

#1 Hadnjury

Hadnjury

  • Members
  • 144 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 26 November 2012 - 10:12 AM

Hello All,

Thanks in advance for any help. A friend of mine brought me an older system of his to see if I could help him with it. He said he stopped using it, because he couldn't connect to the internet anymore and it was infected with something. I boot into safe mode and first thing a notification comes up saying "You may be a victim of software counterfeiting. This copy of windows did not pass genuine windows validation". I immediately call and ask him about it, but he assures me it is genuine. I couldn't find any reliable documentation on this being some kind of ransomware. I ran malwarebytes antirootkit utility and it reported several problems. I also ran TDSSkiller and DDS. I have attached the logs.

Attached File  dds.txt   48.17KB   3 downloads

Attached File  attach.txt   10.28KB   0 downloads

Attached File  system-log.txt   29.95KB   1 downloads

The TDSS log was too large to upload and wouldn't allow zipped
Some people think technology has the answers - Kevin Mitnick

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:49 AM

Posted 26 November 2012 - 10:33 PM

Hello Hadnjury ,
  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Watch Topic.I suggest you click it and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

  • Finally, please reply using the ADD REPLY button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.


1.
Please download the latest version of TDSSKiller from here and save it to your Desktop.
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    Posted Image
  • Put a checkmark beside loaded modules.
    Posted Image
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
    Posted Image
  • Click the Start Scan button.
    Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Posted Image
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.


2.
Install Recovery Console and Run ComboFix

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

Download Combofix from any of the links below, and save it to your desktop.

Link 1
Link 2
  • Close/disable all anti-virus and anti-malware programs so they do not interfere with the running of ComboFix. Refer to this page if you are not sure how.
  • Close any open windows, including this one.
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • If you did not have it installed, you will see the prompt below. Choose YES.
  • Posted Image
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Note:The Windows Recovery Console will allow you to boot up into a special recovery (repair) mode. This allows us to more easily help you
should your computer have a problem after an attempted removal of malware. It is a simple procedure that will only take a few moments of your time.

  • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

    Posted Image
  • Click on Yes, to continue scanning for malware.
  • When finished, it will produce a report for you. Please post the contents of the log (C:\ComboFix.txt).
Leave your computer alone while ComboFix is running.
ComboFix will restart your computer if malware is found; allow it to do so.


Note: Please Do NOT mouseclick combofix's window while its running because it may cause it to stall.

Things to include in your next reply:;
TdssKiller log > Use multiple posts if you have to to get the entire log to me
Combofix.txt
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Hadnjury

Hadnjury
  • Topic Starter

  • Members
  • 144 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 27 November 2012 - 12:55 AM

Hello Fireman4it,

Thanks for you time, here is the requested TDSSkiller Log and Combofix log

00:04:18.0421 0276 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
00:04:18.0875 0276 ============================================================
00:04:18.0875 0276 Current date / time: 2006/01/01 00:04:18.0875
00:04:18.0875 0276 SystemInfo:
00:04:18.0875 0276
00:04:18.0875 0276 OS Version: 5.1.2600 ServicePack: 2.0
00:04:18.0875 0276 Product type: Workstation
00:04:18.0875 0276 ComputerName: ATHLON64
00:04:18.0875 0276 UserName: Owner
00:04:18.0875 0276 Windows directory: C:\WINDOWS
00:04:18.0875 0276 System windows directory: C:\WINDOWS
00:04:18.0875 0276 Processor architecture: Intel x86
00:04:18.0875 0276 Number of processors: 1
00:04:18.0875 0276 Page size: 0x1000
00:04:18.0875 0276 Boot type: Normal boot
00:04:18.0875 0276 ============================================================
00:04:25.0921 0276 BG loaded
00:04:26.0453 0276 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054
00:04:26.0578 0276 ============================================================
00:04:26.0578 0276 \Device\Harddisk0\DR0:
00:04:26.0656 0276 MBR partitions:
00:04:26.0656 0276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x7530462
00:04:26.0734 0276 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x75304E0, BlocksNum 0xB4E4720
00:04:26.0734 0276 ============================================================
00:04:27.0375 0276 C: <-> \Device\Harddisk0\DR0\Partition1
00:04:27.0593 0276 D: <-> \Device\Harddisk0\DR0\Partition2
00:04:27.0593 0276 ============================================================
00:04:27.0593 0276 Initialize success
00:04:27.0593 0276 ============================================================
00:05:03.0125 2524 ============================================================
00:05:03.0125 2524 Scan started
00:05:03.0125 2524 Mode: Manual; SigCheck; TDLFS;
00:05:03.0125 2524 ============================================================
00:05:03.0453 2524 ================ Scan system memory ========================
00:05:03.0453 2524 System memory - ok
00:05:03.0468 2524 ================ Scan services =============================
00:05:03.0546 2524 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
00:05:04.0437 2524 !SASCORE ( UnsignedFile.Multi.Generic ) - warning
00:05:04.0437 2524 !SASCORE - detected UnsignedFile.Multi.Generic (1)
00:05:04.0562 2524 Abiosdsk - ok
00:05:04.0562 2524 abp480n5 - ok
00:05:04.0609 2524 [ A10C7534F7223F4A73A948967D00E69B ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:05:05.0703 2524 ACPI - ok
00:05:05.0734 2524 [ 9859C0F6936E723E4892D7141B1327D5 ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:05:05.0890 2524 ACPIEC - ok
00:05:05.0921 2524 [ D392183CC5379E302E50CEBA635248EB ] ADIHdAudAddService C:\WINDOWS\system32\drivers\ADIHdAud.sys
00:05:05.0984 2524 ADIHdAudAddService - ok
00:05:05.0984 2524 adpu160m - ok
00:05:06.0031 2524 [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] AEAudioService C:\WINDOWS\system32\drivers\AEAudio.sys
00:05:06.0078 2524 AEAudioService - ok
00:05:06.0109 2524 [ 1EE7B434BA961EF845DE136224C30FEC ] aec C:\WINDOWS\system32\drivers\aec.sys
00:05:06.0437 2524 aec - ok
00:05:06.0468 2524 [ 55E6E1C51B6D30E54335750955453702 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:05:06.0515 2524 AFD - ok
00:05:06.0515 2524 Aha154x - ok
00:05:06.0531 2524 aic78u2 - ok
00:05:06.0531 2524 aic78xx - ok
00:05:06.0562 2524 [ C7AE0FD3867DB0D42B03B73C18F3D671 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:05:06.0656 2524 Alerter - ok
00:05:06.0671 2524 [ F1958FBF86D5C004CF19A5951A9514B7 ] ALG C:\WINDOWS\System32\alg.exe
00:05:06.0781 2524 ALG - ok
00:05:06.0781 2524 AliIde - ok
00:05:06.0828 2524 [ 59301936898AE62245A6F09C0ABA9475 ] AmdK8 C:\WINDOWS\system32\DRIVERS\AmdK8.sys
00:05:06.0859 2524 AmdK8 - ok
00:05:06.0859 2524 amsint - ok
00:05:06.0953 2524 [ A8AA9D47F971570A5162B862B80F87E8 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
00:05:06.0968 2524 Apple Mobile Device - ok
00:05:07.0000 2524 [ 9C3C12975C97119412802B181FBEEFFE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:05:07.0093 2524 AppMgmt - ok
00:05:07.0140 2524 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:05:07.0250 2524 Arp1394 - ok
00:05:07.0265 2524 asc - ok
00:05:07.0281 2524 asc3350p - ok
00:05:07.0281 2524 asc3550 - ok
00:05:07.0328 2524 [ ED8CEE58C1E4C5893F5B2FD686A272BF ] Aspi32 C:\WINDOWS\system32\drivers\Aspi32.sys
00:05:07.0343 2524 Aspi32 ( UnsignedFile.Multi.Generic ) - warning
00:05:07.0343 2524 Aspi32 - detected UnsignedFile.Multi.Generic (1)
00:05:07.0421 2524 [ D33C507942299753868204CC7642FA27 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
00:05:07.0437 2524 aspnet_state - ok
00:05:07.0468 2524 [ 02000ABF34AF4C218C35D257024807D6 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:05:07.0562 2524 AsyncMac - ok
00:05:07.0593 2524 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:05:07.0687 2524 atapi - ok
00:05:07.0703 2524 Atdisk - ok
00:05:07.0718 2524 [ EC88DA854AB7D7752EC8BE11A741BB7F ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:05:07.0828 2524 Atmarpc - ok
00:05:07.0859 2524 [ DB66DB626E4882EBEF55F136F12C1829 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:05:07.0968 2524 AudioSrv - ok
00:05:08.0000 2524 [ D9F724AA26C010A217C97606B160ED68 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:05:08.0125 2524 audstub - ok
00:05:08.0187 2524 [ 7768CE75C5CBF0D8F441CE2BBD806B7F ] Automatic LiveUpdate Scheduler C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
00:05:08.0187 2524 Automatic LiveUpdate Scheduler - ok
00:05:08.0250 2524 [ 24B30C512A70DD81EE26A401F69CC8A9 ] AVP C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
00:05:08.0250 2524 AVP - ok
00:05:08.0281 2524 [ DA1F27D85E0D1525F6621372E7B685E9 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:05:08.0421 2524 Beep - ok
00:05:08.0453 2524 [ 2C69EC7E5A311334D10DD95F338FCCEA ] BITS C:\WINDOWS\System32\qmgr.dll
00:05:08.0593 2524 BITS - ok
00:05:08.0625 2524 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
00:05:08.0640 2524 Bonjour Service - ok
00:05:08.0671 2524 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] Browser C:\WINDOWS\System32\browser.dll
00:05:08.0796 2524 Browser - ok
00:05:08.0843 2524 [ 90A673FC8E12A79AFBED2576F6A7AAF9 ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:05:08.0968 2524 cbidf2k - ok
00:05:08.0984 2524 cd20xrnt - ok
00:05:09.0015 2524 [ C1B486A7658353D33A10CC15211A873B ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:05:09.0140 2524 Cdaudio - ok
00:05:09.0171 2524 [ CD7D5152DF32B47F4E36F710B35AAE02 ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:05:09.0265 2524 Cdfs - ok
00:05:09.0296 2524 [ 882B4257E5A5ADFB6B5C03E8A02D4BF1 ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:05:09.0328 2524 Cdrom - ok
00:05:09.0343 2524 Changer - ok
00:05:09.0375 2524 [ 3192BD04D032A9C4A85A3278C268A13A ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:05:09.0468 2524 CiSvc - ok
00:05:09.0484 2524 [ C8DEC22C4137D7A90F8BDF41CA4B82AE ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:05:09.0593 2524 ClipSrv - ok
00:05:09.0625 2524 [ 3C4D595E7F9B747325AEF28B4ADCAAE5 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
00:05:09.0671 2524 clr_optimization_v2.0.50727_32 - ok
00:05:09.0687 2524 CmdIde - ok
00:05:09.0687 2524 COMSysApp - ok
00:05:09.0703 2524 Cpqarray - ok
00:05:09.0750 2524 [ 10654F9DDCEA9C46CFB77554231BE73B ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:05:09.0859 2524 CryptSvc - ok
00:05:09.0859 2524 dac2w2k - ok
00:05:09.0859 2524 dac960nt - ok
00:05:09.0890 2524 [ 1B269ED3EB2D81EC11CD5B0544E89962 ] DcCam C:\WINDOWS\system32\DRIVERS\DcCam.sys
00:05:09.0921 2524 DcCam - ok
00:05:09.0937 2524 [ BD6CE20068159F9714EBE9E76DECAB2C ] DcFpoint C:\WINDOWS\system32\DRIVERS\DcFpoint.sys
00:05:09.0968 2524 DcFpoint - ok
00:05:09.0984 2524 [ 1315E0B5B6FC1FE930EE3498309700BD ] DCFS2K C:\WINDOWS\system32\drivers\dcfs2k.sys
00:05:09.0984 2524 DCFS2K - ok
00:05:10.0000 2524 [ 5F5055EFB3E0820F349924E7C5BD5AF4 ] DcLps C:\WINDOWS\system32\DRIVERS\DcLps.sys
00:05:10.0015 2524 DcLps - ok
00:05:10.0062 2524 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:05:10.0125 2524 DcomLaunch - ok
00:05:10.0140 2524 [ 31689427DA60A724B31A622B35ED21EC ] DcPTP C:\WINDOWS\system32\DRIVERS\DcPTP.sys
00:05:10.0171 2524 DcPTP - ok
00:05:10.0218 2524 [ EF545E1A4B043DA4C84E230DD471C55F ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:05:10.0625 2524 Dhcp - ok
00:05:10.0656 2524 [ 00CA44E4534865F8A3B64F7C0984BFF0 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:05:10.0765 2524 Disk - ok
00:05:10.0765 2524 dmadmin - ok
00:05:10.0812 2524 [ C0FBB516E06E243F0CF31F597E7EBF7D ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:05:10.0968 2524 dmboot - ok
00:05:10.0984 2524 [ F5E7B358A732D09F4BCF2824B88B9E28 ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:05:11.0093 2524 dmio - ok
00:05:11.0125 2524 [ E9317282A63CA4D188C0DF5E09C6AC5F ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:05:11.0250 2524 dmload - ok
00:05:11.0281 2524 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] dmserver C:\WINDOWS\System32\dmserver.dll
00:05:11.0390 2524 dmserver - ok
00:05:11.0406 2524 [ A6F881284AC1150E37D9AE47FF601267 ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:05:11.0515 2524 DMusic - ok
00:05:11.0546 2524 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:05:11.0968 2524 Dnscache - ok
00:05:11.0968 2524 dpti2o - ok
00:05:12.0000 2524 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:05:12.0109 2524 drmkaud - ok
00:05:12.0140 2524 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:05:12.0234 2524 ERSvc - ok
00:05:12.0281 2524 [ 37561F8D4160D62DA86D24AE41FAE8DE ] Eventlog C:\WINDOWS\system32\services.exe
00:05:12.0343 2524 Eventlog - ok
00:05:12.0375 2524 [ 60D1A6342238378BFB7545C81EE3606C ] EventSystem C:\WINDOWS\System32\es.dll
00:05:12.0406 2524 EventSystem - ok
00:05:12.0421 2524 [ F85FFDEAE43F9E9A7C3F4E3CC5EF09EB ] Exportit C:\WINDOWS\system32\DRIVERS\exportit.sys
00:05:12.0437 2524 Exportit - ok
00:05:12.0453 2524 [ 3117F595E9615E04F05A54FC15A03B20 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:05:12.0578 2524 Fastfat - ok
00:05:12.0609 2524 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:05:13.0062 2524 FastUserSwitchingCompatibility - ok
00:05:13.0093 2524 [ CED2E8396A8838E59D8FD529C680E02C ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
00:05:13.0187 2524 Fdc - ok
00:05:13.0218 2524 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:05:13.0343 2524 Fips - ok
00:05:13.0375 2524 [ 0DD1DE43115B93F4D85E889D7A86F548 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:05:13.0468 2524 Flpydisk - ok
00:05:13.0515 2524 [ 3D234FB6D6EE875EB009864A299BEA29 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:05:13.0968 2524 FltMgr - ok
00:05:13.0984 2524 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:05:14.0125 2524 Fs_Rec - ok
00:05:14.0140 2524 [ 6AC26732762483366C3969C9E4D2259D ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:05:14.0265 2524 Ftdisk - ok
00:05:14.0265 2524 [ 5F92FD09E5610A5995DA7D775EADCD12 ] gameenum C:\WINDOWS\system32\DRIVERS\gameenum.sys
00:05:14.0375 2524 gameenum - ok
00:05:14.0406 2524 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] GEARAspiWDM C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
00:05:14.0421 2524 GEARAspiWDM - ok
00:05:14.0453 2524 [ 25867E27FC02E99C2A34B8A7DD6F20D4 ] getPlus® Helper C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
00:05:14.0468 2524 getPlus® Helper - ok
00:05:14.0484 2524 [ C0F1D4A21DE5A415DF8170616703DEBF ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:05:14.0593 2524 Gpc - ok
00:05:14.0656 2524 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:05:14.0671 2524 gupdate - ok
00:05:14.0703 2524 [ F58D2900C66A1E773E3375098E0E9337 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
00:05:14.0734 2524 HdAudAddService - ok
00:05:14.0765 2524 [ CBC3DEF409549672B915FB9403D63F74 ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:05:14.0781 2524 HDAudBus - ok
00:05:14.0859 2524 [ 8827911A8C37E40C027CBFC88E69D967 ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:05:14.0968 2524 helpsvc - ok
00:05:15.0000 2524 [ 9376E6893E52B368ABC6255BF54F0B28 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:05:15.0109 2524 HidServ - ok
00:05:15.0140 2524 [ 1DE6783B918F540149AA69943BDFEBA8 ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:05:15.0265 2524 HidUsb - ok
00:05:15.0265 2524 hpn - ok
00:05:15.0437 2524 [ A30E97371E38EF45B0757561B2796733 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
00:05:15.0468 2524 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
00:05:15.0468 2524 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
00:05:15.0500 2524 [ D03D10F7DED688FECF50F8FBF1EA9B8A ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
00:05:15.0593 2524 HPZid412 - ok
00:05:15.0625 2524 [ 89F41658929393487B6B7D13C8528CE3 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
00:05:15.0656 2524 HPZipr12 - ok
00:05:15.0671 2524 [ ABCB05CCDBF03000354B9553820E39F8 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
00:05:15.0703 2524 HPZius12 - ok
00:05:15.0750 2524 [ CB77BB47E67E84DEB17BA29632501730 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:05:16.0187 2524 HTTP - ok
00:05:16.0234 2524 [ 064D8581ADF77C25133E7D751D917D83 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:05:16.0343 2524 HTTPFilter - ok
00:05:16.0343 2524 i2omgmt - ok
00:05:16.0359 2524 i2omp - ok
00:05:16.0390 2524 [ 5502B58EEF7486EE6F93F3F164DCB808 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:05:16.0484 2524 i8042prt - ok
00:05:16.0500 2524 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:05:16.0609 2524 Imapi - ok
00:05:16.0625 2524 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] ImapiService C:\WINDOWS\System32\imapi.exe
00:05:16.0734 2524 ImapiService - ok
00:05:16.0750 2524 ini910u - ok
00:05:16.0750 2524 IntelIde - ok
00:05:16.0828 2524 [ BFDF8AA33CD4DA45C34F6ECD644EECDF ] ioloFileInfoList C:\Program Files\iolo\common\lib\ioloServiceManager.exe
00:05:16.0859 2524 ioloFileInfoList - ok
00:05:16.0890 2524 [ BFDF8AA33CD4DA45C34F6ECD644EECDF ] ioloSystemService C:\Program Files\iolo\common\lib\ioloServiceManager.exe
00:05:16.0921 2524 ioloSystemService - ok
00:05:16.0953 2524 [ 4448006B6BC60E6C027932CFC38D6855 ] ip6fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:05:17.0062 2524 ip6fw - ok
00:05:17.0093 2524 [ 731F22BA402EE4B62748ADAF6363C182 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:05:17.0218 2524 IpFilterDriver - ok
00:05:17.0234 2524 [ E1EC7F5DA720B640CD8FB8424F1B14BB ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:05:17.0328 2524 IpInIp - ok
00:05:17.0359 2524 [ E2168CBC7098FFE963C6F23F472A3593 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:05:17.0796 2524 IpNat - ok
00:05:17.0828 2524 [ 62937A89470AF8FF172F0980CA8AEFC9 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
00:05:17.0843 2524 iPod Service - ok
00:05:17.0890 2524 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:05:18.0000 2524 IPSec - ok
00:05:18.0031 2524 [ 50708DAA1B1CBB7D6AC1CF8F56A24410 ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:05:18.0125 2524 IRENUM - ok
00:05:18.0140 2524 [ E504F706CCB699C2596E9A3DA1596E87 ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:05:18.0281 2524 isapnp - ok
00:05:18.0296 2524 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:05:18.0390 2524 Kbdclass - ok
00:05:18.0390 2524 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] kbdhid C:\WINDOWS\system32\DRIVERS\kbdhid.sys
00:05:18.0500 2524 kbdhid - ok
00:05:18.0531 2524 [ 6512F37E1B52531BFD8D65FA95B6EE63 ] kl1 C:\WINDOWS\system32\drivers\kl1.sys
00:05:18.0546 2524 kl1 - ok
00:05:18.0578 2524 [ 1B28FA1580438192A14E88B5834397CA ] klif C:\WINDOWS\system32\drivers\klif.sys
00:05:18.0593 2524 klif ( UnsignedFile.Multi.Generic ) - warning
00:05:18.0593 2524 klif - detected UnsignedFile.Multi.Generic (1)
00:05:18.0625 2524 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:05:19.0078 2524 kmixer - ok
00:05:19.0125 2524 [ B3F86266F372A97624F5D132DA6E97E6 ] KodakCCS C:\WINDOWS\system32\drivers\KodakCCS.exe
00:05:19.0171 2524 KodakCCS - ok
00:05:19.0203 2524 [ EB7FFE87FD367EA8FCA0506F74A87FBB ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:05:19.0328 2524 KSecDD - ok
00:05:19.0359 2524 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:05:19.0796 2524 lanmanserver - ok
00:05:19.0828 2524 [ 3CD291A2C4909088B3D1E98DED73D4B2 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:05:20.0296 2524 lanmanworkstation - ok
00:05:20.0296 2524 lbrtfdc - ok
00:05:20.0375 2524 [ FB466FAA799EACE5075FC1DE269F0066 ] LiveUpdate C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~2.EXE
00:05:20.0500 2524 LiveUpdate - ok
00:05:20.0531 2524 [ B3EFF6D938C572E90A07B3D87A3C7657 ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:05:20.0625 2524 LmHosts - ok
00:05:20.0687 2524 [ FB4125937B07247E236BDB49B91102BF ] McciCMService C:\Program Files\Common Files\Motive\McciCMService.exe
00:05:20.0703 2524 McciCMService ( UnsignedFile.Multi.Generic ) - warning
00:05:20.0703 2524 McciCMService - detected UnsignedFile.Multi.Generic (1)
00:05:20.0750 2524 [ 11F714F85530A2BD134074DC30E99FCA ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
00:05:20.0765 2524 MDM - ok
00:05:20.0796 2524 [ 95FD808E4AC22ABA025A7B3EAC0375D2 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:05:20.0906 2524 Messenger - ok
00:05:20.0937 2524 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:05:21.0078 2524 mnmdd - ok
00:05:21.0109 2524 [ F6415361201915B9FE3896B0E4E724FF ] mnmsrvc C:\WINDOWS\System32\mnmsrvc.exe
00:05:21.0218 2524 mnmsrvc - ok
00:05:21.0234 2524 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:05:21.0328 2524 Modem - ok
00:05:21.0359 2524 [ 34E1F0031153E491910E12551400192C ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:05:21.0468 2524 Mouclass - ok
00:05:21.0500 2524 [ B1C303E17FB9D46E87A98E4BA6769685 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:05:21.0625 2524 mouhid - ok
00:05:21.0656 2524 [ 65653F3B4477F3C63E68A9659F85EE2E ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:05:21.0750 2524 MountMgr - ok
00:05:21.0750 2524 mraid35x - ok
00:05:21.0796 2524 [ 9BD4DCB5412921864A7AACDEDFBD1923 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
00:05:21.0812 2524 MREMP50 ( UnsignedFile.Multi.Generic ) - warning
00:05:21.0812 2524 MREMP50 - detected UnsignedFile.Multi.Generic (1)
00:05:21.0828 2524 MREMP50a64 - ok
00:05:21.0843 2524 [ 07C02C892E8E1A72D6BF35004F0E9C5E ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
00:05:21.0859 2524 MRESP50 ( UnsignedFile.Multi.Generic ) - warning
00:05:21.0859 2524 MRESP50 - detected UnsignedFile.Multi.Generic (1)
00:05:21.0859 2524 MRESP50a64 - ok
00:05:21.0890 2524 [ 29414447EB5BDE2F8397DC965DBB3156 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:05:22.0343 2524 MRxDAV - ok
00:05:22.0390 2524 [ 6F2D483B97B395544E59749C47963C6A ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:05:22.0484 2524 MRxSmb - ok
00:05:22.0500 2524 [ C7C3D89EB0A6F3DBA622EA737FA335B1 ] MSDTC C:\WINDOWS\System32\msdtc.exe
00:05:22.0609 2524 MSDTC - ok
00:05:22.0640 2524 [ 561B3A4333CA2DBDBA28B5B956822519 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:05:22.0750 2524 Msfs - ok
00:05:22.0750 2524 MSIServer - ok
00:05:22.0765 2524 [ AE431A8DD3C1D0D0610CDBAC16057AD0 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:05:22.0875 2524 MSKSSRV - ok
00:05:22.0906 2524 [ 13E75FEF9DFEB08EEDED9D0246E1F448 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:05:23.0000 2524 MSPCLOCK - ok
00:05:23.0031 2524 [ 1988A33FF19242576C3D0EF9CE785DA7 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:05:23.0140 2524 MSPQM - ok
00:05:23.0156 2524 [ 469541F8BFD2B32659D5D463A6714BCE ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:05:23.0250 2524 mssmbios - ok
00:05:23.0250 2524 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] ms_mpu401 C:\WINDOWS\system32\drivers\msmpu401.sys
00:05:23.0375 2524 ms_mpu401 - ok
00:05:23.0390 2524 [ D48659BB24C48345D926ECB45C1EBDF5 ] MTsensor C:\WINDOWS\system32\DRIVERS\ASACPI.sys
00:05:23.0453 2524 MTsensor - ok
00:05:23.0453 2524 [ 82035E0F41C2DD05AE41D27FE6CF7DE1 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:05:23.0562 2524 Mup - ok
00:05:23.0578 2524 [ 558635D3AF1C7546D26067D5D9B6959E ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:05:23.0687 2524 NDIS - ok
00:05:23.0718 2524 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:05:23.0843 2524 NdisTapi - ok
00:05:23.0859 2524 [ 34D6CD56409DA9A7ED573E1C90A308BF ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:05:23.0968 2524 Ndisuio - ok
00:05:24.0000 2524 [ 0B90E255A9490166AB368CD55A529893 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:05:24.0093 2524 NdisWan - ok
00:05:24.0109 2524 [ 59FC3FB44D2669BC144FD87826BB571F ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:05:24.0234 2524 NDProxy - ok
00:05:24.0265 2524 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
00:05:24.0265 2524 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:05:24.0265 2524 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:05:24.0281 2524 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:05:24.0390 2524 NetBIOS - ok
00:05:24.0421 2524 [ 0C80E410CD2F47134407EE7DD19CC86B ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:05:24.0515 2524 NetBT - ok
00:05:24.0546 2524 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDE C:\WINDOWS\system32\netdde.exe
00:05:24.0656 2524 NetDDE - ok
00:05:24.0671 2524 [ 05AFB5AD06462257BEA7495283C86D50 ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:05:24.0765 2524 NetDDEdsdm - ok
00:05:24.0796 2524 [ 84885F9B82F4D55C6146EBF6065D75D2 ] Netlogon C:\WINDOWS\System32\lsass.exe
00:05:24.0906 2524 Netlogon - ok
00:05:24.0953 2524 [ 36739B39267914BA69AD0610A0299732 ] Netman C:\WINDOWS\System32\netman.dll
00:05:25.0406 2524 Netman - ok
00:05:25.0421 2524 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:05:25.0546 2524 NIC1394 - ok
00:05:25.0578 2524 [ 097722F235A1FB698BF9234E01B52637 ] Nla C:\WINDOWS\System32\mswsock.dll
00:05:25.0640 2524 Nla - ok
00:05:25.0671 2524 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:05:25.0781 2524 Npfs - ok
00:05:25.0843 2524 [ 19A811EF5F1ED5C926A028CE107FF1AF ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:05:26.0296 2524 Ntfs - ok
00:05:26.0312 2524 [ 84885F9B82F4D55C6146EBF6065D75D2 ] NtLmSsp C:\WINDOWS\System32\lsass.exe
00:05:26.0406 2524 NtLmSsp - ok
00:05:26.0437 2524 [ B62F29C00AC55A761B2E45877D85EA0F ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:05:26.0578 2524 NtmsSvc - ok
00:05:26.0593 2524 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] Null C:\WINDOWS\system32\drivers\Null.sys
00:05:26.0718 2524 Null - ok
00:05:26.0828 2524 [ CE58F42B11BE20A47C3D8D2F38DA254E ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:05:27.0000 2524 nv - ok
00:05:27.0046 2524 [ 3AC5EEDD35B7437D53960F3998BFA462 ] nvata C:\WINDOWS\system32\DRIVERS\nvata.sys
00:05:27.0125 2524 nvata - ok
00:05:27.0125 2524 [ B9333604527E02CD2223F200C0BAE7E0 ] NVENETFD C:\WINDOWS\system32\DRIVERS\NVENETFD.sys
00:05:27.0171 2524 NVENETFD - ok
00:05:27.0187 2524 [ 5E9E55F7EE644C7C5FD78A206FBE37AB ] nvnetbus C:\WINDOWS\system32\DRIVERS\nvnetbus.sys
00:05:27.0250 2524 nvnetbus - ok
00:05:27.0281 2524 [ 95CAEC95D6777CE7D6B7091BC4D91CEB ] NVSvc C:\WINDOWS\System32\nvsvc32.exe
00:05:27.0312 2524 NVSvc - ok
00:05:27.0343 2524 [ B305F3FAD35083837EF46A0BBCE2FC57 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:05:27.0484 2524 NwlnkFlt - ok
00:05:27.0484 2524 [ C99B3415198D1AAB7227F2C88FD664B9 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:05:27.0625 2524 NwlnkFwd - ok
00:05:27.0640 2524 [ 0951DB8E5823EA366B0E408D71E1BA2A ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:05:27.0765 2524 ohci1394 - ok
00:05:27.0796 2524 [ 7A56CF3E3F12E8AF599963B16F50FB6A ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:05:27.0812 2524 ose - ok
00:05:27.0828 2524 [ 29744EB4CE659DFE3B4122DEB45BC478 ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:05:27.0921 2524 Parport - ok
00:05:27.0953 2524 [ 3334430C29DC338092F79C38EF7B4CD0 ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:05:28.0078 2524 PartMgr - ok
00:05:28.0109 2524 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:05:28.0234 2524 ParVdm - ok
00:05:28.0234 2524 [ 8086D9979234B603AD5BC2F5D890B234 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:05:28.0343 2524 PCI - ok
00:05:28.0343 2524 PCIDump - ok
00:05:28.0359 2524 [ CCF5F451BB1A5A2A522A76E670000FF0 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:05:28.0484 2524 PCIIde - ok
00:05:28.0515 2524 [ 82A087207DECEC8456FBE8537947D579 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:05:28.0625 2524 Pcmcia - ok
00:05:28.0656 2524 [ 0275215D01C3985E682A661B8826F371 ] Pctspk C:\WINDOWS\system32\pctspk.exe
00:05:28.0796 2524 Pctspk - ok
00:05:28.0796 2524 PDCOMP - ok
00:05:28.0812 2524 PDFRAME - ok
00:05:28.0828 2524 PDRELI - ok
00:05:28.0828 2524 PDRFRAME - ok
00:05:28.0843 2524 perc2 - ok
00:05:28.0843 2524 perc2hib - ok
00:05:28.0890 2524 [ 37561F8D4160D62DA86D24AE41FAE8DE ] PlugPlay C:\WINDOWS\system32\services.exe
00:05:28.0953 2524 PlugPlay - ok
00:05:28.0984 2524 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
00:05:29.0000 2524 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
00:05:29.0000 2524 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
00:05:29.0015 2524 [ 84885F9B82F4D55C6146EBF6065D75D2 ] PolicyAgent C:\WINDOWS\System32\lsass.exe
00:05:29.0109 2524 PolicyAgent - ok
00:05:29.0140 2524 [ 1C5CC65AAC0783C344F16353E60B72AC ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:05:29.0234 2524 PptpMiniport - ok
00:05:29.0250 2524 [ 0D97D88720A4087EC93AF7DBB303B30A ] Processor C:\WINDOWS\system32\DRIVERS\processr.sys
00:05:29.0359 2524 Processor - ok
00:05:29.0359 2524 [ 84885F9B82F4D55C6146EBF6065D75D2 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:05:29.0453 2524 ProtectedStorage - ok
00:05:29.0468 2524 [ 48671F327553DCF1D27F6197F622A668 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:05:29.0562 2524 PSched - ok
00:05:29.0593 2524 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:05:29.0718 2524 Ptilink - ok
00:05:29.0750 2524 [ ACE8FE0E920CB8FBA057C024EAD33F84 ] Ptserlp C:\WINDOWS\system32\DRIVERS\ptserlp.sys
00:05:29.0875 2524 Ptserlp - ok
00:05:29.0906 2524 [ DB3B30C3A4CDCF07E164C14584D9D0F2 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:05:29.0921 2524 PxHelp20 ( UnsignedFile.Multi.Generic ) - warning
00:05:29.0921 2524 PxHelp20 - detected UnsignedFile.Multi.Generic (1)
00:05:29.0921 2524 ql1080 - ok
00:05:29.0937 2524 Ql10wnt - ok
00:05:29.0953 2524 ql12160 - ok
00:05:29.0953 2524 ql1240 - ok
00:05:29.0968 2524 ql1280 - ok
00:05:29.0984 2524 [ FE0D99D6F31E4FAD8159F690D68DED9C ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:05:30.0093 2524 RasAcd - ok
00:05:30.0125 2524 [ 44DB7A9BDD2FB58747D123FBF1D35ADB ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:05:30.0234 2524 RasAuto - ok
00:05:30.0265 2524 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:05:30.0359 2524 Rasl2tp - ok
00:05:30.0390 2524 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] RasMan C:\WINDOWS\System32\rasmans.dll
00:05:30.0843 2524 RasMan - ok
00:05:30.0875 2524 [ 7306EEED8895454CBED4669BE9F79FAA ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:05:30.0968 2524 RasPppoe - ok
00:05:30.0984 2524 [ FDBB1D60066FCFBB7452FD8F9829B242 ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:05:31.0109 2524 Raspti - ok
00:05:31.0156 2524 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:05:31.0609 2524 Rdbss - ok
00:05:31.0625 2524 [ 4912D5B403614CE99C28420F75353332 ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:05:31.0734 2524 RDPCDD - ok
00:05:31.0781 2524 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:05:31.0906 2524 rdpdr - ok
00:05:31.0953 2524 [ B54CD38A9EBFBF2B3561426E3FE26F62 ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:05:32.0453 2524 RDPWD - ok
00:05:32.0531 2524 [ 729798E0933076B8FCFCD9934698F164 ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:05:32.0640 2524 RDSessMgr - ok
00:05:32.0656 2524 [ B31B4588E4086D8D84ADBF9845C2402B ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:05:32.0765 2524 redbook - ok
00:05:32.0796 2524 [ 3046DB917E3CFA040632799DD9B14865 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:05:32.0921 2524 RemoteAccess - ok
00:05:32.0953 2524 [ 3151427DB7D87107D1C5BE58FAC53960 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:05:33.0078 2524 RemoteRegistry - ok
00:05:33.0093 2524 [ 793F04A09B15E7C6C11DBDFFAF06C0AB ] RpcLocator C:\WINDOWS\System32\locator.exe
00:05:33.0203 2524 RpcLocator - ok
00:05:33.0218 2524 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] RpcSs C:\WINDOWS\system32\rpcss.dll
00:05:33.0312 2524 RpcSs - ok
00:05:33.0343 2524 [ 471B3F9741D762ABE75E9DEEA4787E47 ] RSVP C:\WINDOWS\System32\rsvp.exe
00:05:33.0468 2524 RSVP - ok
00:05:33.0500 2524 [ 7436BFD3A542CF6FF55097200031B293 ] RT73 C:\WINDOWS\system32\DRIVERS\rt73.sys
00:05:33.0562 2524 RT73 - ok
00:05:33.0578 2524 [ 84885F9B82F4D55C6146EBF6065D75D2 ] SamSs C:\WINDOWS\system32\lsass.exe
00:05:33.0687 2524 SamSs - ok
00:05:33.0718 2524 [ 39763504067962108505BFF25F024345 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
00:05:33.0718 2524 SASDIFSV - ok
00:05:33.0750 2524 [ 77B9FC20084B48408AD3E87570EB4A85 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:05:33.0765 2524 SASKUTIL - ok
00:05:33.0796 2524 [ 25D8DE134DF108E3DBC8D7D23B1AA58E ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:05:33.0906 2524 SCardSvr - ok
00:05:33.0937 2524 [ 92360854316611F6CC471612213C3D92 ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:05:34.0046 2524 Schedule - ok
00:05:34.0093 2524 [ 90A3935D05B494A5A39D37E71F09A677 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:05:34.0531 2524 Secdrv - ok
00:05:34.0531 2524 [ B1E0CE09895376871746F36DC5773B4F ] seclogon C:\WINDOWS\System32\seclogon.dll
00:05:34.0640 2524 seclogon - ok
00:05:34.0687 2524 [ ECA77BEEB2BE8D573CF1B265E44FBFBD ] SenFiltService C:\WINDOWS\system32\drivers\Senfilt.sys
00:05:34.0734 2524 SenFiltService - ok
00:05:34.0765 2524 [ DFD9870CF39C791D86C4C209DA9FA919 ] SENS C:\WINDOWS\system32\sens.dll
00:05:34.0859 2524 SENS - ok
00:05:34.0890 2524 [ A2D868AEEFF612E70E213C451A70CAFB ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:05:34.0984 2524 serenum - ok
00:05:35.0015 2524 [ CD9404D115A00D249F70A371B46D5A26 ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:05:35.0109 2524 Serial - ok
00:05:35.0125 2524 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:05:35.0234 2524 Sfloppy - ok
00:05:35.0281 2524 [ 36CC8C01B5E50163037BEF56CB96DEFF ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:05:35.0390 2524 SharedAccess - ok
00:05:35.0421 2524 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:05:35.0859 2524 ShellHWDetection - ok
00:05:35.0859 2524 Simbad - ok
00:05:35.0875 2524 Sparrow - ok
00:05:35.0906 2524 [ 0CE218578FFF5F4F7E4201539C45C78F ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:05:36.0359 2524 splitter - ok
00:05:36.0390 2524 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:05:36.0859 2524 Spooler - ok
00:05:36.0875 2524 [ E41B6D037D6CD08461470AF04500DC24 ] sr C:\WINDOWS\System32\DRIVERS\sr.sys
00:05:36.0984 2524 sr - ok
00:05:37.0203 2524 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] srservice C:\WINDOWS\System32\srsvc.dll
00:05:37.0296 2524 srservice - ok
00:05:37.0343 2524 [ AB9C79ED12D65E800AAAD3D72A04792F ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:05:37.0375 2524 Srv - ok
00:05:37.0406 2524 [ 4B8D61792F7175BED48859CC18CE4E38 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:05:37.0515 2524 SSDPSRV - ok
00:05:37.0546 2524 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:05:38.0015 2524 stisvc - ok
00:05:38.0046 2524 [ 03C1BAE4766E2450219D20B993D6E046 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:05:38.0156 2524 swenum - ok
00:05:38.0187 2524 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:05:38.0296 2524 swmidi - ok
00:05:38.0312 2524 SwPrv - ok
00:05:38.0312 2524 symc810 - ok
00:05:38.0328 2524 symc8xx - ok
00:05:38.0343 2524 sym_hi - ok
00:05:38.0343 2524 sym_u3 - ok
00:05:38.0359 2524 [ 650AD082D46BAC0E64C9C0E0928492FD ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:05:38.0453 2524 sysaudio - ok
00:05:38.0484 2524 [ 8B54AA346D1B1B113FFAA75501B8B1B2 ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:05:38.0609 2524 SysmonLog - ok
00:05:38.0640 2524 [ FB78839B36025AA286A51289ED28B73E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:05:39.0093 2524 TapiSrv - ok
00:05:39.0140 2524 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:05:39.0203 2524 Tcpip - ok
00:05:39.0234 2524 [ 38D437CF2D98965F239B0ABCD66DCB0F ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:05:39.0343 2524 TDPIPE - ok
00:05:39.0359 2524 [ ED0580AF02502D00AD8C4C066B156BE9 ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:05:39.0453 2524 TDTCP - ok
00:05:39.0468 2524 [ A540A99C281D933F3D69D55E48727F47 ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:05:39.0578 2524 TermDD - ok
00:05:39.0625 2524 [ B60C877D16D9C880B952FDA04ADF16E6 ] TermService C:\WINDOWS\System32\termsrv.dll
00:05:39.0734 2524 TermService - ok
00:05:39.0765 2524 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] Themes C:\WINDOWS\System32\shsvcs.dll
00:05:40.0218 2524 Themes - ok
00:05:40.0234 2524 [ 37DB0A7D097310E8B4DE803FC3119C78 ] TlntSvr C:\WINDOWS\System32\tlntsvr.exe
00:05:40.0343 2524 TlntSvr - ok
00:05:40.0359 2524 TosIde - ok
00:05:40.0375 2524 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:05:40.0468 2524 TrkWks - ok
00:05:40.0500 2524 [ 12F70256F140CD7D52C58C7048FDE657 ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:05:40.0609 2524 Udfs - ok
00:05:40.0625 2524 ultra - ok
00:05:40.0656 2524 [ AFF2E5045961BBC0A602BB6F95EB1345 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:05:40.0765 2524 Update - ok
00:05:40.0796 2524 [ ACA5D98663D879C6BAAFCEA7E2F1B710 ] upnphost C:\WINDOWS\System32\upnphost.dll
00:05:41.0265 2524 upnphost - ok
00:05:41.0296 2524 [ 3F5DF65B0758675F95A2D43918A740A3 ] UPS C:\WINDOWS\System32\ups.exe
00:05:41.0406 2524 UPS - ok
00:05:41.0437 2524 [ C1CA131F4E3ED63D6BC89A35FFAD4CDA ] USBAAPL C:\WINDOWS\system32\Drivers\usbaapl.sys
00:05:41.0468 2524 USBAAPL - ok
00:05:41.0500 2524 [ BFFD9F120CC63BCBAA3D840F3EEF9F79 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:05:41.0609 2524 usbccgp - ok
00:05:41.0640 2524 [ 15E993BA2F6946B2BFBBFCD30398621E ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:05:41.0750 2524 usbehci - ok
00:05:41.0781 2524 [ C72F40947F92CEA56A8FB532EDF025F1 ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:05:41.0875 2524 usbhub - ok
00:05:41.0890 2524 [ BDFE799A8531BAD8A5A985821FE78760 ] usbohci C:\WINDOWS\system32\DRIVERS\usbohci.sys
00:05:41.0984 2524 usbohci - ok
00:05:42.0015 2524 [ A42369B7CD8886CD7C70F33DA6FCBCF5 ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:05:42.0125 2524 usbprint - ok
00:05:42.0156 2524 [ A6BC71402F4F7DD5B77FD7F4A8DDBA85 ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:05:42.0265 2524 usbscan - ok
00:05:42.0296 2524 [ 6CD7B22193718F1D17A47A1CD6D37E75 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:05:42.0406 2524 USBSTOR - ok
00:05:42.0437 2524 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:05:42.0546 2524 VgaSave - ok
00:05:42.0546 2524 ViaIde - ok
00:05:42.0593 2524 [ B289D19DF6103352D3C4B13C0ED79331 ] Vmodem C:\WINDOWS\system32\DRIVERS\vmodem.sys
00:05:42.0796 2524 Vmodem - ok
00:05:42.0828 2524 [ EE4660083DEBA849FF6C485D944B379B ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:05:42.0937 2524 VolSnap - ok
00:05:42.0968 2524 [ 4A4448332075C5A909DF123C21616B2A ] Vpctcom C:\WINDOWS\system32\DRIVERS\vpctcom.sys
00:05:43.0093 2524 Vpctcom - ok
00:05:43.0140 2524 [ 3EE00364AE0FD8D604F46CBAF512838A ] VSS C:\WINDOWS\System32\vssvc.exe
00:05:43.0265 2524 VSS - ok
00:05:43.0265 2524 [ 120E61AAC05F00C867A32DE493DAB9B4 ] Vvoice C:\WINDOWS\system32\DRIVERS\vvoice.sys
00:05:43.0390 2524 Vvoice - ok
00:05:43.0406 2524 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] W32Time C:\WINDOWS\System32\w32time.dll
00:05:43.0515 2524 W32Time - ok
00:05:43.0546 2524 [ 984EF0B9788ABF89974CFED4BFBAACBC ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:05:43.0640 2524 Wanarp - ok
00:05:43.0703 2524 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] Wdf01000 C:\WINDOWS\system32\Drivers\wdf01000.sys
00:05:43.0718 2524 Wdf01000 - ok
00:05:43.0734 2524 WDICA - ok
00:05:43.0765 2524 [ EFD235CA22B57C81118C1AEB4798F1C1 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:05:44.0218 2524 wdmaud - ok
00:05:44.0250 2524 [ 265F534EF76832435AFBF771EC97176D ] WebClient C:\WINDOWS\System32\webclnt.dll
00:05:44.0703 2524 WebClient - ok
00:05:44.0765 2524 [ F399242A80C4066FD155EFA4CF96658E ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:05:44.0875 2524 winmgmt - ok
00:05:44.0921 2524 [ FD600B032E741EB6AAB509FC630F7C42 ] WinUSB C:\WINDOWS\system32\DRIVERS\WinUSB.sys
00:05:44.0921 2524 WinUSB - ok
00:05:44.0953 2524 [ C51B4A5C05A5475708E3C81C7765B71D ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:05:45.0015 2524 WmdmPmSN - ok
00:05:45.0062 2524 [ 1081C185AED0660B2B5F173C3E023B23 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:05:45.0140 2524 Wmi - ok
00:05:45.0171 2524 [ BA8CECC3E813E1F7C441B20393D4F86C ] WmiApSrv C:\WINDOWS\System32\wbem\wmiapsrv.exe
00:05:45.0296 2524 WmiApSrv - ok
00:05:45.0328 2524 [ 4D59DAA66C60858CDF4F67A900F42D4A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:05:45.0437 2524 wscsvc - ok
00:05:45.0437 2524 [ 13D72740963CBA12D9FF76A7F218BCD8 ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:05:45.0562 2524 wuauserv - ok
00:05:45.0593 2524 [ 6FF66513D372D479EF1810223C8D20CE ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:05:45.0640 2524 WudfPf - ok
00:05:45.0671 2524 [ AC13CB789D93412106B0FB6C7EB2BCB6 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:05:45.0687 2524 WudfRd - ok
00:05:45.0703 2524 [ 575A4190D989F64732119E4114045A4F ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:05:45.0718 2524 WudfSvc - ok
00:05:45.0781 2524 [ 5A91E6FEAB9F901302FA7FF768C0120F ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:05:45.0906 2524 WZCSVC - ok
00:05:45.0937 2524 [ EEF46DAB68229A14DA3D8E73C99E2959 ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:05:46.0046 2524 xmlprov - ok
00:05:46.0093 2524 [ 85281F709EA678382F370EE1052BBBAC ] zumbus C:\WINDOWS\system32\DRIVERS\zumbus.sys
00:05:46.0125 2524 zumbus - ok
00:05:46.0156 2524 [ D5281109BE06EA1D3C511B6C07F26134 ] ZuneBusEnum C:\WINDOWS\system32\ZuneBusEnum.exe
00:05:46.0187 2524 ZuneBusEnum - ok
00:05:46.0671 2524 [ 165641EEFD48ADA568CF33B20FAEBB22 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
00:05:47.0265 2524 ZuneNetworkSvc - ok
00:05:47.0296 2524 [ E30EDB6E4D67338C330D9E7E63203D61 ] ZuneWlanCfgSvc C:\WINDOWS\system32\ZuneWlanCfgSvc.exe
00:05:47.0312 2524 ZuneWlanCfgSvc - ok
00:05:47.0328 2524 ================ Scan global ===============================
00:05:47.0359 2524 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
00:05:47.0390 2524 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
00:05:47.0421 2524 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
00:05:47.0437 2524 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
00:05:47.0437 2524 [Global] - ok
00:05:47.0437 2524 ================ Scan MBR ==================================
00:05:47.0453 2524 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
00:05:47.0671 2524 \Device\Harddisk0\DR0 - ok
00:05:47.0671 2524 ================ Scan VBR ==================================
00:05:47.0671 2524 [ 597FE3718E1FD69E88C39A5393EBDDB2 ] \Device\Harddisk0\DR0\Partition1
00:05:47.0671 2524 \Device\Harddisk0\DR0\Partition1 - ok
00:05:47.0703 2524 [ E629BF51B0FA29653358794152897BA3 ] \Device\Harddisk0\DR0\Partition2
00:05:47.0703 2524 \Device\Harddisk0\DR0\Partition2 - ok
00:05:47.0703 2524 ================ Scan active images ========================
00:05:47.0718 2524 [ 59301936898AE62245A6F09C0ABA9475 ] C:\WINDOWS\system32\drivers\AmdK8.sys
00:05:47.0718 2524 C:\WINDOWS\system32\drivers\AmdK8.sys - ok
00:05:47.0718 2524 [ D5A9D123F5ED7C9965A481BD20CF66D8 ] C:\WINDOWS\system32\drivers\videoprt.sys
00:05:47.0718 2524 C:\WINDOWS\system32\drivers\videoprt.sys - ok
00:05:47.0734 2524 [ CE58F42B11BE20A47C3D8D2F38DA254E ] C:\WINDOWS\system32\drivers\nv4_mini.sys
00:05:47.0734 2524 C:\WINDOWS\system32\drivers\nv4_mini.sys - ok
00:05:47.0734 2524 [ 2034CA78F9C6E787B4B76D81AC888351 ] C:\WINDOWS\system32\drivers\usbport.sys
00:05:47.0734 2524 C:\WINDOWS\system32\drivers\usbport.sys - ok
00:05:47.0734 2524 [ F8AA320C6A0409C0380E5D8A99D76EC6 ] C:\WINDOWS\system32\drivers\imapi.sys
00:05:47.0734 2524 C:\WINDOWS\system32\drivers\imapi.sys - ok
00:05:47.0750 2524 [ 15E993BA2F6946B2BFBBFCD30398621E ] C:\WINDOWS\system32\drivers\usbehci.sys
00:05:47.0750 2524 C:\WINDOWS\system32\drivers\usbehci.sys - ok
00:05:47.0750 2524 [ BDFE799A8531BAD8A5A985821FE78760 ] C:\WINDOWS\system32\drivers\usbohci.sys
00:05:47.0750 2524 C:\WINDOWS\system32\drivers\usbohci.sys - ok
00:05:47.0765 2524 [ 882B4257E5A5ADFB6B5C03E8A02D4BF1 ] C:\WINDOWS\system32\drivers\cdrom.sys
00:05:47.0765 2524 C:\WINDOWS\system32\drivers\cdrom.sys - ok
00:05:47.0765 2524 [ B9540E258F952650DE8DEC68719A5C97 ] C:\WINDOWS\system32\drivers\ks.sys
00:05:47.0765 2524 C:\WINDOWS\system32\drivers\ks.sys - ok
00:05:47.0781 2524 [ AB8A6A87D9D7255C3884D5B9541A6E80 ] C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
00:05:47.0781 2524 C:\WINDOWS\system32\drivers\GEARAspiWDM.sys - ok
00:05:47.0781 2524 [ 5C5C53DB4FEF16CF87B9911C7E8C6FBC ] C:\WINDOWS\system32\drivers\nic1394.sys
00:05:47.0781 2524 C:\WINDOWS\system32\drivers\nic1394.sys - ok
00:05:47.0781 2524 [ B31B4588E4086D8D84ADBF9845C2402B ] C:\WINDOWS\system32\drivers\redbook.sys
00:05:47.0781 2524 C:\WINDOWS\system32\drivers\redbook.sys - ok
00:05:47.0796 2524 [ 6FC6F9D7ACC36DCA9B914565A3AEDA05 ] C:\WINDOWS\system32\drivers\modem.sys
00:05:47.0796 2524 C:\WINDOWS\system32\drivers\modem.sys - ok
00:05:47.0796 2524 [ ACE8FE0E920CB8FBA057C024EAD33F84 ] C:\WINDOWS\system32\drivers\ptserlp.sys
00:05:47.0796 2524 C:\WINDOWS\system32\drivers\ptserlp.sys - ok
00:05:47.0812 2524 [ CBC3DEF409549672B915FB9403D63F74 ] C:\WINDOWS\system32\drivers\Hdaudbus.sys
00:05:47.0812 2524 C:\WINDOWS\system32\drivers\Hdaudbus.sys - ok
00:05:47.0812 2524 [ ED1321CF9B80FF6250D34D32713C7A5C ] C:\WINDOWS\system32\drivers\nvnrm.sys
00:05:47.0812 2524 C:\WINDOWS\system32\drivers\nvnrm.sys - ok
00:05:47.0828 2524 [ EEA04A90432126944B3916239F43F411 ] C:\WINDOWS\system32\drivers\nvsnpu.sys
00:05:47.0828 2524 C:\WINDOWS\system32\drivers\nvsnpu.sys - ok
00:05:47.0828 2524 [ D48659BB24C48345D926ECB45C1EBDF5 ] C:\WINDOWS\system32\drivers\ASACPI.sys
00:05:47.0828 2524 C:\WINDOWS\system32\drivers\ASACPI.sys - ok
00:05:47.0828 2524 [ CED2E8396A8838E59D8FD529C680E02C ] C:\WINDOWS\system32\drivers\fdc.sys
00:05:47.0828 2524 C:\WINDOWS\system32\drivers\fdc.sys - ok
00:05:47.0843 2524 [ 5E9E55F7EE644C7C5FD78A206FBE37AB ] C:\WINDOWS\system32\drivers\nvnetbus.sys
00:05:47.0843 2524 C:\WINDOWS\system32\drivers\nvnetbus.sys - ok
00:05:47.0843 2524 [ A2D868AEEFF612E70E213C451A70CAFB ] C:\WINDOWS\system32\drivers\serenum.sys
00:05:47.0843 2524 C:\WINDOWS\system32\drivers\serenum.sys - ok
00:05:47.0859 2524 [ CD9404D115A00D249F70A371B46D5A26 ] C:\WINDOWS\system32\drivers\serial.sys
00:05:47.0859 2524 C:\WINDOWS\system32\drivers\serial.sys - ok
00:05:47.0859 2524 [ 5502B58EEF7486EE6F93F3F164DCB808 ] C:\WINDOWS\system32\drivers\i8042prt.sys
00:05:47.0859 2524 C:\WINDOWS\system32\drivers\i8042prt.sys - ok
00:05:47.0875 2524 [ 29744EB4CE659DFE3B4122DEB45BC478 ] C:\WINDOWS\system32\drivers\parport.sys
00:05:47.0875 2524 C:\WINDOWS\system32\drivers\parport.sys - ok
00:05:47.0875 2524 [ FF86422268DE771D571E123EB7092C6A ] C:\WINDOWS\system32\drivers\drmk.sys
00:05:47.0875 2524 C:\WINDOWS\system32\drivers\drmk.sys - ok
00:05:47.0875 2524 [ EBDEE8A2EE5393890A1ACEE971C4C246 ] C:\WINDOWS\system32\drivers\kbdclass.sys
00:05:47.0875 2524 C:\WINDOWS\system32\drivers\kbdclass.sys - ok
00:05:47.0890 2524 [ 34E1F0031153E491910E12551400192C ] C:\WINDOWS\system32\drivers\mouclass.sys
00:05:47.0890 2524 C:\WINDOWS\system32\drivers\mouclass.sys - ok
00:05:47.0890 2524 [ D9F724AA26C010A217C97606B160ED68 ] C:\WINDOWS\system32\drivers\audstub.sys
00:05:47.0890 2524 C:\WINDOWS\system32\drivers\audstub.sys - ok
00:05:47.0906 2524 [ 5F92FD09E5610A5995DA7D775EADCD12 ] C:\WINDOWS\system32\drivers\gameenum.sys
00:05:47.0906 2524 C:\WINDOWS\system32\drivers\gameenum.sys - ok
00:05:47.0906 2524 [ CA3E22598F411199ADC2DFEE76CD0AE0 ] C:\WINDOWS\system32\drivers\msmpu401.sys
00:05:47.0906 2524 C:\WINDOWS\system32\drivers\msmpu401.sys - ok
00:05:47.0921 2524 [ 5B0F00E43A7094C0B7E433CB42C79164 ] C:\WINDOWS\system32\drivers\portcls.sys
00:05:47.0921 2524 C:\WINDOWS\system32\drivers\portcls.sys - ok
00:05:47.0921 2524 [ 08D43BBDACDF23F34D79E44ED35C1B4C ] C:\WINDOWS\system32\drivers\ndistapi.sys
00:05:47.0921 2524 C:\WINDOWS\system32\drivers\ndistapi.sys - ok
00:05:47.0921 2524 [ 0B90E255A9490166AB368CD55A529893 ] C:\WINDOWS\system32\drivers\ndiswan.sys
00:05:47.0921 2524 C:\WINDOWS\system32\drivers\ndiswan.sys - ok
00:05:47.0937 2524 [ 98FAEB4A4DCF812BA1C6FCA4AA3E115C ] C:\WINDOWS\system32\drivers\rasl2tp.sys
00:05:47.0937 2524 C:\WINDOWS\system32\drivers\rasl2tp.sys - ok
00:05:47.0937 2524 [ 7306EEED8895454CBED4669BE9F79FAA ] C:\WINDOWS\system32\drivers\raspppoe.sys
00:05:47.0937 2524 C:\WINDOWS\system32\drivers\raspppoe.sys - ok
00:05:47.0953 2524 [ 48671F327553DCF1D27F6197F622A668 ] C:\WINDOWS\system32\drivers\psched.sys
00:05:47.0953 2524 C:\WINDOWS\system32\drivers\psched.sys - ok
00:05:47.0953 2524 [ 1C5CC65AAC0783C344F16353E60B72AC ] C:\WINDOWS\system32\drivers\raspptp.sys
00:05:47.0953 2524 C:\WINDOWS\system32\drivers\raspptp.sys - ok
00:05:47.0953 2524 [ C0F1D4A21DE5A415DF8170616703DEBF ] C:\WINDOWS\system32\drivers\msgpc.sys
00:05:47.0953 2524 C:\WINDOWS\system32\drivers\msgpc.sys - ok
00:05:47.0968 2524 [ 80D317BD1C3DBC5D4FE7B1678C60CADD ] C:\WINDOWS\system32\drivers\ptilink.sys
00:05:47.0968 2524 C:\WINDOWS\system32\drivers\ptilink.sys - ok
00:05:47.0968 2524 [ FDBB1D60066FCFBB7452FD8F9829B242 ] C:\WINDOWS\system32\drivers\raspti.sys
00:05:47.0968 2524 C:\WINDOWS\system32\drivers\raspti.sys - ok
00:05:47.0984 2524 [ A2CAE2C60BC37E0751EF9DDA7CEAF4AD ] C:\WINDOWS\system32\drivers\rdpdr.sys
00:05:47.0984 2524 C:\WINDOWS\system32\drivers\rdpdr.sys - ok
00:05:47.0984 2524 [ A540A99C281D933F3D69D55E48727F47 ] C:\WINDOWS\system32\drivers\termdd.sys
00:05:47.0984 2524 C:\WINDOWS\system32\drivers\termdd.sys - ok
00:05:48.0000 2524 [ 03C1BAE4766E2450219D20B993D6E046 ] C:\WINDOWS\system32\drivers\swenum.sys
00:05:48.0000 2524 C:\WINDOWS\system32\drivers\swenum.sys - ok
00:05:48.0000 2524 [ AFF2E5045961BBC0A602BB6F95EB1345 ] C:\WINDOWS\system32\drivers\update.sys
00:05:48.0000 2524 C:\WINDOWS\system32\drivers\update.sys - ok
00:05:48.0000 2524 [ 469541F8BFD2B32659D5D463A6714BCE ] C:\WINDOWS\system32\drivers\mssmbios.sys
00:05:48.0000 2524 C:\WINDOWS\system32\drivers\mssmbios.sys - ok
00:05:48.0015 2524 [ 6AA8BB224B30A20A5D07A2734568D6D7 ] C:\WINDOWS\system32\drivers\wdfldr.sys
00:05:48.0015 2524 C:\WINDOWS\system32\drivers\wdfldr.sys - ok
00:05:48.0015 2524 [ 85281F709EA678382F370EE1052BBBAC ] C:\WINDOWS\system32\drivers\zumbus.sys
00:05:48.0015 2524 C:\WINDOWS\system32\drivers\zumbus.sys - ok
00:05:48.0031 2524 [ BBCFEAB7E871CDDAC2D397EE7FA91FDC ] C:\WINDOWS\system32\drivers\wdf01000.sys
00:05:48.0031 2524 C:\WINDOWS\system32\drivers\wdf01000.sys - ok
00:05:48.0031 2524 [ 59FC3FB44D2669BC144FD87826BB571F ] C:\WINDOWS\system32\drivers\ndproxy.sys
00:05:48.0031 2524 C:\WINDOWS\system32\drivers\ndproxy.sys - ok
00:05:48.0031 2524 [ 596EB39B50D6EBD9B734DC4AE0544693 ] C:\WINDOWS\system32\drivers\usbd.sys
00:05:48.0031 2524 C:\WINDOWS\system32\drivers\usbd.sys - ok
00:05:48.0046 2524 [ C72F40947F92CEA56A8FB532EDF025F1 ] C:\WINDOWS\system32\drivers\usbhub.sys
00:05:48.0046 2524 C:\WINDOWS\system32\drivers\usbhub.sys - ok
00:05:48.0046 2524 [ D392183CC5379E302E50CEBA635248EB ] C:\WINDOWS\system32\drivers\ADIHdAud.sys
00:05:48.0046 2524 C:\WINDOWS\system32\drivers\ADIHdAud.sys - ok
00:05:48.0062 2524 [ 9F59AE2DE835641FBB0C6AFD80D8FA9B ] C:\WINDOWS\system32\drivers\aeaudio.sys
00:05:48.0062 2524 C:\WINDOWS\system32\drivers\aeaudio.sys - ok
00:05:48.0062 2524 [ ECA77BEEB2BE8D573CF1B265E44FBFBD ] C:\WINDOWS\system32\drivers\senfilt.sys
00:05:48.0062 2524 C:\WINDOWS\system32\drivers\senfilt.sys - ok
00:05:48.0078 2524 [ B9333604527E02CD2223F200C0BAE7E0 ] C:\WINDOWS\system32\drivers\NVENETFD.sys
00:05:48.0078 2524 C:\WINDOWS\system32\drivers\NVENETFD.sys - ok
00:05:48.0078 2524 [ 0DD1DE43115B93F4D85E889D7A86F548 ] C:\WINDOWS\system32\drivers\flpydisk.sys
00:05:48.0078 2524 C:\WINDOWS\system32\drivers\flpydisk.sys - ok
00:05:48.0078 2524 [ C1B486A7658353D33A10CC15211A873B ] C:\WINDOWS\system32\drivers\cdaudio.sys
00:05:48.0093 2524 C:\WINDOWS\system32\drivers\cdaudio.sys - ok
00:05:48.0093 2524 [ F85FFDEAE43F9E9A7C3F4E3CC5EF09EB ] C:\WINDOWS\system32\drivers\ExportIt.sys
00:05:48.0093 2524 C:\WINDOWS\system32\drivers\ExportIt.sys - ok
00:05:48.0093 2524 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A ] C:\WINDOWS\system32\drivers\fs_rec.sys
00:05:48.0093 2524 C:\WINDOWS\system32\drivers\fs_rec.sys - ok
00:05:48.0109 2524 [ 0D13B6DF6E9E101013A7AFB0CE629FE0 ] C:\WINDOWS\system32\drivers\sfloppy.sys
00:05:48.0109 2524 C:\WINDOWS\system32\drivers\sfloppy.sys - ok
00:05:48.0109 2524 [ 1B269ED3EB2D81EC11CD5B0544E89962 ] C:\WINDOWS\system32\drivers\DcCam.sys
00:05:48.0109 2524 C:\WINDOWS\system32\drivers\DcCam.sys - ok
00:05:48.0125 2524 [ 73C1E1F395918BC2C6DD67AF7591A3AD ] C:\WINDOWS\system32\drivers\null.sys
00:05:48.0125 2524 C:\WINDOWS\system32\drivers\null.sys - ok
00:05:48.0125 2524 [ DA1F27D85E0D1525F6621372E7B685E9 ] C:\WINDOWS\system32\drivers\beep.sys
00:05:48.0125 2524 C:\WINDOWS\system32\drivers\beep.sys - ok
00:05:48.0125 2524 [ 5FFF41CD5108E9051D255C37825AF697 ] C:\WINDOWS\system32\drivers\hidparse.sys
00:05:48.0125 2524 C:\WINDOWS\system32\drivers\hidparse.sys - ok
00:05:48.0140 2524 [ E182FA8E49E8EE41B4ADC53093F3C7E6 ] C:\WINDOWS\system32\drivers\kbdhid.sys
00:05:48.0140 2524 C:\WINDOWS\system32\drivers\kbdhid.sys - ok
00:05:48.0140 2524 [ 4AE068242760A1FB6E1A44BF4E16AFA6 ] C:\WINDOWS\system32\drivers\mnmdd.sys
00:05:48.0140 2524 C:\WINDOWS\system32\drivers\mnmdd.sys - ok
00:05:48.0156 2524 [ 8A60EDD72B4EA5AEA8202DAF0E427925 ] C:\WINDOWS\system32\drivers\vga.sys
00:05:48.0156 2524 C:\WINDOWS\system32\drivers\vga.sys - ok
00:05:48.0156 2524 [ 561B3A4333CA2DBDBA28B5B956822519 ] C:\WINDOWS\system32\drivers\msfs.sys
00:05:48.0156 2524 C:\WINDOWS\system32\drivers\msfs.sys - ok
00:05:48.0156 2524 [ 4F601BCB8F64EA3AC0994F98FED03F8E ] C:\WINDOWS\system32\drivers\npfs.sys
00:05:48.0156 2524 C:\WINDOWS\system32\drivers\npfs.sys - ok
00:05:48.0171 2524 [ FE0D99D6F31E4FAD8159F690D68DED9C ] C:\WINDOWS\system32\drivers\rasacd.sys
00:05:48.0171 2524 C:\WINDOWS\system32\drivers\rasacd.sys - ok
00:05:48.0171 2524 [ 4912D5B403614CE99C28420F75353332 ] C:\WINDOWS\system32\drivers\rdpcdd.sys
00:05:48.0171 2524 C:\WINDOWS\system32\drivers\rdpcdd.sys - ok
00:05:48.0187 2524 [ 64537AA5C003A6AFEEE1DF819062D0D1 ] C:\WINDOWS\system32\drivers\ipsec.sys
00:05:48.0187 2524 C:\WINDOWS\system32\drivers\ipsec.sys - ok
00:05:48.0187 2524 [ 2A5554FC5B1E04E131230E3CE035C3F9 ] C:\WINDOWS\system32\drivers\tcpip.sys
00:05:48.0187 2524 C:\WINDOWS\system32\drivers\tcpip.sys - ok
00:05:48.0203 2524 [ 0C80E410CD2F47134407EE7DD19CC86B ] C:\WINDOWS\system32\drivers\netbt.sys
00:05:48.0203 2524 C:\WINDOWS\system32\drivers\netbt.sys - ok
00:05:48.0203 2524 [ E2168CBC7098FFE963C6F23F472A3593 ] C:\WINDOWS\system32\drivers\ipnat.sys
00:05:48.0203 2524 C:\WINDOWS\system32\drivers\ipnat.sys - ok
00:05:48.0203 2524 [ 55E6E1C51B6D30E54335750955453702 ] C:\WINDOWS\system32\drivers\afd.sys
00:05:48.0203 2524 C:\WINDOWS\system32\drivers\afd.sys - ok
00:05:48.0218 2524 [ 984EF0B9788ABF89974CFED4BFBAACBC ] C:\WINDOWS\system32\drivers\wanarp.sys
00:05:48.0218 2524 C:\WINDOWS\system32\drivers\wanarp.sys - ok
00:05:48.0218 2524 [ F0D692B0BFFB46E30EB3CEA168BBC49F ] C:\WINDOWS\system32\drivers\arp1394.sys
00:05:48.0218 2524 C:\WINDOWS\system32\drivers\arp1394.sys - ok
00:05:48.0234 2524 [ 3A2ACA8FC1D7786902CA434998D7CEB4 ] C:\WINDOWS\system32\drivers\netbios.sys
00:05:48.0234 2524 C:\WINDOWS\system32\drivers\netbios.sys - ok
00:05:48.0234 2524 [ 0D97D88720A4087EC93AF7DBB303B30A ] C:\WINDOWS\system32\drivers\processr.sys
00:05:48.0234 2524 C:\WINDOWS\system32\drivers\processr.sys - ok
00:05:48.0234 2524 [ 77B9FC20084B48408AD3E87570EB4A85 ] C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS
00:05:48.0234 2524 C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS - ok
00:05:48.0250 2524 [ 39763504067962108505BFF25F024345 ] C:\Program Files\SUPERAntiSpyware\sasdifsv.sys
00:05:48.0250 2524 C:\Program Files\SUPERAntiSpyware\sasdifsv.sys - ok
00:05:48.0250 2524 [ 03B965B1CA47F6EF60EB5E51CB50E0AF ] C:\WINDOWS\system32\drivers\rdbss.sys
00:05:48.0250 2524 C:\WINDOWS\system32\drivers\rdbss.sys - ok
00:05:48.0265 2524 [ 6F2D483B97B395544E59749C47963C6A ] C:\WINDOWS\system32\drivers\mrxsmb.sys
00:05:48.0265 2524 C:\WINDOWS\system32\drivers\mrxsmb.sys - ok
00:05:48.0265 2524 [ 1B28FA1580438192A14E88B5834397CA ] C:\WINDOWS\system32\drivers\klif.sys
00:05:48.0265 2524 C:\WINDOWS\system32\drivers\klif.sys - ok
00:05:48.0265 2524 [ E153AB8A11DE5452BCF5AC7652DBF3ED ] C:\WINDOWS\system32\drivers\fips.sys
00:05:48.0265 2524 C:\WINDOWS\system32\drivers\fips.sys - ok
00:05:48.0281 2524 [ BD7FB0957C716F1A60333AEE04DE2178 ] C:\WINDOWS\system32\smss.exe
00:05:48.0281 2524 C:\WINDOWS\system32\smss.exe - ok
00:05:48.0281 2524 [ C06986B55981B355090DD34DE809E4BB ] C:\WINDOWS\system32\ntdll.dll
00:05:48.0281 2524 C:\WINDOWS\system32\ntdll.dll - ok
00:05:48.0296 2524 [ B3415B9D6026F65E43089ABED096C38C ] C:\WINDOWS\system32\autochk.exe
00:05:48.0296 2524 C:\WINDOWS\system32\autochk.exe - ok
00:05:48.0296 2524 [ 8B651129277FBAFC50056E7EB3F449F4 ] C:\WINDOWS\system32\smrgdf.exe
00:05:48.0296 2524 C:\WINDOWS\system32\smrgdf.exe - ok
00:05:48.0312 2524 [ 30A609E00BD1D4FFC49D6B5A432BE7F2 ] C:\WINDOWS\system32\sfcfiles.dll
00:05:48.0312 2524 C:\WINDOWS\system32\sfcfiles.dll - ok
00:05:48.0312 2524 [ CD7D5152DF32B47F4E36F710B35AAE02 ] C:\WINDOWS\system32\drivers\cdfs.sys
00:05:48.0312 2524 C:\WINDOWS\system32\drivers\cdfs.sys - ok
00:05:48.0312 2524 [ 2F31B7F954BED437F2C75026C65CAF7B ] C:\WINDOWS\system32\drivers\wmilib.sys
00:05:48.0312 2524 C:\WINDOWS\system32\drivers\wmilib.sys - ok
00:05:48.0328 2524 [ CDFE4411A69C224BD1D11B2DA92DAC51 ] C:\WINDOWS\system32\drivers\atapi.sys
00:05:48.0328 2524 C:\WINDOWS\system32\drivers\atapi.sys - ok
00:05:48.0328 2524 [ FE97D0343ACFDEBDD578FC67CC91FA87 ] C:\WINDOWS\system32\drivers\dxapi.sys
00:05:48.0328 2524 C:\WINDOWS\system32\drivers\dxapi.sys - ok
00:05:48.0343 2524 [ C9BF2F12C4E6C12F8A85FBA4B6BC6208 ] C:\WINDOWS\system32\watchdog.sys
00:05:48.0343 2524 C:\WINDOWS\system32\watchdog.sys - ok
00:05:48.0343 2524 [ 1400685812F812BF58C3B9F979155FEE ] C:\WINDOWS\system32\win32k.sys
00:05:48.0343 2524 C:\WINDOWS\system32\win32k.sys - ok
00:05:48.0359 2524 [ D06EAA8B23BC1F671B11D18CFEA65115 ] C:\WINDOWS\system32\csrsrv.dll
00:05:48.0359 2524 C:\WINDOWS\system32\csrsrv.dll - ok
00:05:48.0359 2524 [ F12B178B1678D778CFD3FF1FC38C71FB ] C:\WINDOWS\system32\csrss.exe
00:05:48.0359 2524 C:\WINDOWS\system32\csrss.exe - ok
00:05:48.0359 2524 [ 00EF9C3AF83EDBAF18CA7A2837750117 ] C:\WINDOWS\system32\basesrv.dll
00:05:48.0359 2524 C:\WINDOWS\system32\basesrv.dll - ok
00:05:48.0375 2524 [ 3D21B3BE0C5768E76FD9780E9CF9E07C ] C:\WINDOWS\system32\winsrv.dll
00:05:48.0375 2524 C:\WINDOWS\system32\winsrv.dll - ok
00:05:48.0375 2524 [ 0C07B16769E579F78C541773D0A2E7E0 ] C:\WINDOWS\system32\gdi32.dll
00:05:48.0375 2524 C:\WINDOWS\system32\gdi32.dll - ok
00:05:48.0390 2524 [ B6ACAED7588295129791E0E6A2B0FADE ] C:\WINDOWS\system32\kernel32.dll
00:05:48.0390 2524 C:\WINDOWS\system32\kernel32.dll - ok
00:05:48.0390 2524 [ B409909F6E2E8A7067076ED748ABF1E7 ] C:\WINDOWS\system32\user32.dll
00:05:48.0390 2524 C:\WINDOWS\system32\user32.dll - ok
00:05:48.0390 2524 [ D3DAC8432110AAD0B02A58B4459AB835 ] C:\WINDOWS\system32\drivers\dxg.sys
00:05:48.0390 2524 C:\WINDOWS\system32\drivers\dxg.sys - ok
00:05:48.0406 2524 [ A73F5D6705B1D820C19B18782E176EFD ] C:\WINDOWS\system32\drivers\dxgthk.sys
00:05:48.0406 2524 C:\WINDOWS\system32\drivers\dxgthk.sys - ok
00:05:48.0406 2524 [ 381EACE688037700B20A4AAACBD123C0 ] C:\WINDOWS\system32\nv4_disp.dll
00:05:48.0406 2524 C:\WINDOWS\system32\nv4_disp.dll - ok
00:05:48.0421 2524 [ ECB7591870F8BFB1A4C17B718AD5A4AA ] C:\WINDOWS\system32\vga.dll
00:05:48.0421 2524 C:\WINDOWS\system32\vga.dll - ok
00:05:48.0421 2524 [ 01C3346C241652F43AED8E2149881BFE ] C:\WINDOWS\system32\winlogon.exe
00:05:48.0421 2524 C:\WINDOWS\system32\winlogon.exe - ok
00:05:48.0421 2524 [ 1081C185AED0660B2B5F173C3E023B23 ] C:\WINDOWS\system32\advapi32.dll
00:05:48.0421 2524 C:\WINDOWS\system32\advapi32.dll - ok
00:05:48.0437 2524 [ 461B6E2F04112E659280314B7A414F30 ] C:\WINDOWS\system32\rpcrt4.dll
00:05:48.0437 2524 C:\WINDOWS\system32\rpcrt4.dll - ok
00:05:48.0437 2524 [ 5C3DF25926729EBEEF5CC7FF1933B360 ] C:\WINDOWS\system32\authz.dll
00:05:48.0437 2524 C:\WINDOWS\system32\authz.dll - ok
00:05:48.0453 2524 [ 30AA87F7A44E9D92F1F1941537C91F4C ] C:\WINDOWS\system32\secur32.dll
00:05:48.0453 2524 C:\WINDOWS\system32\secur32.dll - ok
00:05:48.0453 2524 [ B0FEFA816D61EC66AA765DDF534EAB5E ] C:\WINDOWS\system32\msvcrt.dll
00:05:48.0453 2524 C:\WINDOWS\system32\msvcrt.dll - ok
00:05:48.0468 2524 [ EFC958396A7A7EF7E6D4A52B97512E18 ] C:\WINDOWS\system32\crypt32.dll
00:05:48.0468 2524 C:\WINDOWS\system32\crypt32.dll - ok
00:05:48.0468 2524 [ 3CD1CE106CA2A9B4CC626D7DF03FBD6F ] C:\WINDOWS\system32\msasn1.dll
00:05:48.0468 2524 C:\WINDOWS\system32\msasn1.dll - ok
00:05:48.0468 2524 [ 458AB591E8CF240CC105A23671F2C3D6 ] C:\WINDOWS\system32\nddeapi.dll
00:05:48.0468 2524 C:\WINDOWS\system32\nddeapi.dll - ok
00:05:48.0484 2524 [ FE4F71711CF5C17ADE5E506348132D24 ] C:\WINDOWS\system32\profmap.dll
00:05:48.0484 2524 C:\WINDOWS\system32\profmap.dll - ok
00:05:48.0484 2524 [ 0A457307006530FD03A797F572A067FA ] C:\WINDOWS\system32\netapi32.dll
00:05:48.0484 2524 C:\WINDOWS\system32\netapi32.dll - ok
00:05:48.0500 2524 [ 2B9B56A89A8A42E917511972A6DB36E3 ] C:\WINDOWS\system32\userenv.dll
00:05:48.0500 2524 C:\WINDOWS\system32\userenv.dll - ok
00:05:48.0500 2524 [ 96E48C7EB9089D1DBF6F85CA11B264DF ] C:\WINDOWS\system32\psapi.dll
00:05:48.0500 2524 C:\WINDOWS\system32\psapi.dll - ok
00:05:48.0500 2524 [ 899ED710FDC37EB7D0115C2932C2B1EB ] C:\WINDOWS\system32\regapi.dll
00:05:48.0500 2524 C:\WINDOWS\system32\regapi.dll - ok
00:05:48.0515 2524 [ 7808313CBC634EE08346D5DDFEF1CC5F ] C:\WINDOWS\system32\setupapi.dll
00:05:48.0515 2524 C:\WINDOWS\system32\setupapi.dll - ok
00:05:48.0515 2524 [ D38408967BE738D0C1B47005BCE8CEEB ] C:\WINDOWS\system32\version.dll
00:05:48.0515 2524 C:\WINDOWS\system32\version.dll - ok
00:05:48.0531 2524 [ 5AFCE94E8286B2F57A04DA37F01BF21A ] C:\WINDOWS\system32\imagehlp.dll
00:05:48.0531 2524 C:\WINDOWS\system32\imagehlp.dll - ok
00:05:48.0531 2524 [ 7BC4BA4C33ADF3EF5CD370D99BC60B04 ] C:\WINDOWS\system32\winsta.dll
00:05:48.0531 2524 C:\WINDOWS\system32\winsta.dll - ok
00:05:48.0531 2524 [ B015A20C60D2A751777A9C8207A7BA82 ] C:\WINDOWS\system32\wintrust.dll
00:05:48.0531 2524 C:\WINDOWS\system32\wintrust.dll - ok
00:05:48.0546 2524 [ 9BEACB911CA61E5881102188AB7FB431 ] C:\WINDOWS\system32\ws2help.dll
00:05:48.0546 2524 C:\WINDOWS\system32\ws2help.dll - ok
00:05:48.0546 2524 [ 2ED0B7F12A60F90092081C50FA0EC2B2 ] C:\WINDOWS\system32\ws2_32.dll
00:05:48.0546 2524 C:\WINDOWS\system32\ws2_32.dll - ok
00:05:48.0562 2524 [ 56C5B179FE3308B655EB6208C3256FEC ] C:\WINDOWS\system32\kbdus.dll
00:05:48.0562 2524 C:\WINDOWS\system32\kbdus.dll - ok
00:05:48.0562 2524 [ A29AF639AA180CC68C59242A10E1D3B1 ] C:\WINDOWS\system32\msgina.dll
00:05:48.0562 2524 C:\WINDOWS\system32\msgina.dll - ok
00:05:48.0578 2524 [ 56B6333DDA2576803F99F0EA373D0A7B ] C:\WINDOWS\system32\shell32.dll
00:05:48.0578 2524 C:\WINDOWS\system32\shell32.dll - ok
00:05:48.0578 2524 [ 485AE9C825FBDDD9A6EB25DB821B5B92 ] C:\WINDOWS\system32\shlwapi.dll
00:05:48.0578 2524 C:\WINDOWS\system32\shlwapi.dll - ok
00:05:48.0593 2524 [ B0124CB21D28B1C9F678B566B6B57D92 ] C:\WINDOWS\system32\comctl32.dll
00:05:48.0593 2524 C:\WINDOWS\system32\comctl32.dll - ok
00:05:48.0593 2524 [ F79D7D98CD764499ECCBAAF3F800D349 ] C:\WINDOWS\system32\odbc32.dll
00:05:48.0593 2524 C:\WINDOWS\system32\odbc32.dll - ok
00:05:48.0593 2524 [ 1EDB1BB89D021955E6F7265911175B8D ] C:\WINDOWS\system32\comdlg32.dll
00:05:48.0593 2524 C:\WINDOWS\system32\comdlg32.dll - ok
00:05:48.0609 2524 [ 0FF9FA27706FBE9048990C108C0D62F0 ] C:\WINDOWS\system32\sxs.dll
00:05:48.0609 2524 C:\WINDOWS\system32\sxs.dll - ok
00:05:48.0609 2524 [ C4E80875C1CF1222FC5EFD0314AE5C01 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
00:05:48.0609 2524 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll - ok
00:05:48.0625 2524 [ C237FB08F52F27823C4E4E6705ECD196 ] C:\WINDOWS\system32\odbcint.dll
00:05:48.0625 2524 C:\WINDOWS\system32\odbcint.dll - ok
00:05:48.0625 2524 [ 6815DEF9B810AEFAC107EEAF72DA6F82 ] C:\WINDOWS\system32\shsvcs.dll
00:05:48.0625 2524 C:\WINDOWS\system32\shsvcs.dll - ok
00:05:48.0625 2524 [ E8A12A12EA9088B4327D49EDCA3ADD3E ] C:\WINDOWS\system32\sfc.dll
00:05:48.0625 2524 C:\WINDOWS\system32\sfc.dll - ok
00:05:48.0640 2524 [ 9858CC4D73A4CCF2F852FAE07C11A0B5 ] C:\WINDOWS\system32\sfc_os.dll
00:05:48.0640 2524 C:\WINDOWS\system32\sfc_os.dll - ok
00:05:48.0640 2524 [ AB8231D13692AC5088EB9C226B0C0576 ] C:\WINDOWS\system32\ole32.dll
00:05:48.0640 2524 C:\WINDOWS\system32\ole32.dll - ok
00:05:48.0656 2524 [ ECA24AB73FCFFA754D4070CDB03529E3 ] C:\WINDOWS\system32\apphelp.dll
00:05:48.0656 2524 C:\WINDOWS\system32\apphelp.dll - ok
00:05:48.0656 2524 [ 84885F9B82F4D55C6146EBF6065D75D2 ] C:\WINDOWS\system32\lsass.exe
00:05:48.0656 2524 C:\WINDOWS\system32\lsass.exe - ok
00:05:48.0656 2524 [ 37561F8D4160D62DA86D24AE41FAE8DE ] C:\WINDOWS\system32\services.exe
00:05:48.0656 2524 C:\WINDOWS\system32\services.exe - ok
00:05:48.0671 2524 [ C02D661C57E72969000B7480332DEA5C ] C:\WINDOWS\system32\lsasrv.dll
00:05:48.0671 2524 C:\WINDOWS\system32\lsasrv.dll - ok
00:05:48.0671 2524 [ DA201A0A309B96381FD674D0FAB5DA86 ] C:\WINDOWS\system32\ncobjapi.dll
00:05:48.0671 2524 C:\WINDOWS\system32\ncobjapi.dll - ok
00:05:48.0687 2524 [ 1F57EB5B92B2AC7F9D71A77D184D8C13 ] C:\WINDOWS\system32\msvcp60.dll
00:05:48.0687 2524 C:\WINDOWS\system32\msvcp60.dll - ok
00:05:48.0687 2524 [ 9A42C1F3154545A4D32E5043038B01FA ] C:\WINDOWS\system32\scesrv.dll
00:05:48.0687 2524 C:\WINDOWS\system32\scesrv.dll - ok
00:05:48.0703 2524 [ 2CFE80AA3428C09E6DE67FAC50DA65CF ] C:\WINDOWS\system32\mpr.dll
00:05:48.0703 2524 C:\WINDOWS\system32\mpr.dll - ok
00:05:48.0703 2524 [ 6201BACF384292A5FE94CE73364AE53A ] C:\WINDOWS\system32\ntdsapi.dll
00:05:48.0703 2524 C:\WINDOWS\system32\ntdsapi.dll - ok
00:05:48.0703 2524 [ 586211F4FF4BC49CC215C956919CD33B ] C:\WINDOWS\system32\umpnpmgr.dll
00:05:48.0703 2524 C:\WINDOWS\system32\umpnpmgr.dll - ok
00:05:48.0718 2524 [ 176497D0E7AE618860552A4B5635B206 ] C:\WINDOWS\system32\dnsapi.dll
00:05:48.0718 2524 C:\WINDOWS\system32\dnsapi.dll - ok
00:05:48.0718 2524 [ 43DA983415EA533F9E667FDB415F4655 ] C:\WINDOWS\system32\shimeng.dll
00:05:48.0718 2524 C:\WINDOWS\system32\shimeng.dll - ok
00:05:48.0734 2524 [ 10F36FA092D7A309A0647FCDC764AE6C ] C:\WINDOWS\system32\wldap32.dll
00:05:48.0734 2524 C:\WINDOWS\system32\wldap32.dll - ok
00:05:48.0734 2524 [ FB537F29A827D78F756154CF397A113F ] C:\WINDOWS\AppPatch\acgenral.dll
00:05:48.0734 2524 C:\WINDOWS\AppPatch\acgenral.dll - ok
00:05:48.0734 2524 [ EBE12F403FDE45E7312E7BF764BFB6C6 ] C:\WINDOWS\system32\samlib.dll
00:05:48.0734 2524 C:\WINDOWS\system32\samlib.dll - ok
00:05:48.0750 2524 [ E15154E7FDA8A580A8F74C7CC16B1FFE ] C:\WINDOWS\system32\samsrv.dll
00:05:48.0750 2524 C:\WINDOWS\system32\samsrv.dll - ok
00:05:48.0750 2524 [ EF5B64A9CD71ED27E837165C08DA4CC1 ] C:\WINDOWS\system32\cryptdll.dll
00:05:48.0750 2524 C:\WINDOWS\system32\cryptdll.dll - ok
00:05:48.0765 2524 [ 0144ABC4C4A624B583D432EE478A711C ] C:\WINDOWS\system32\oleaut32.dll
00:05:48.0765 2524 C:\WINDOWS\system32\oleaut32.dll - ok
00:05:48.0765 2524 [ 90FDAA22F38D9E911F91FA3B8A1F7E5D ] C:\WINDOWS\system32\winmm.dll
00:05:48.0765 2524 C:\WINDOWS\system32\winmm.dll - ok
00:05:48.0781 2524 [ 975D12353B1D525C0F3444C447FB3B9A ] C:\WINDOWS\system32\msacm32.dll
00:05:48.0781 2524 C:\WINDOWS\system32\msacm32.dll - ok
00:05:48.0781 2524 [ 2CDE496666A975A2CE8F969F3042C8DB ] C:\WINDOWS\system32\uxtheme.dll
00:05:48.0781 2524 C:\WINDOWS\system32\uxtheme.dll - ok
00:05:48.0781 2524 [ E484F006380A89A52CCC7828ECE5DCA0 ] C:\WINDOWS\system32\msapsspc.dll
00:05:48.0781 2524 C:\WINDOWS\system32\msapsspc.dll - ok
00:05:48.0796 2524 [ 146D198E3AD9D4B69C9EB0AEA6EF333B ] C:\WINDOWS\system32\msvcrt40.dll
00:05:48.0796 2524 C:\WINDOWS\system32\msvcrt40.dll - ok
00:05:48.0796 2524 [ 2B9156E888C2BEE2A8C3820268D935DF ] C:\WINDOWS\system32\schannel.dll
00:05:48.0796 2524 C:\WINDOWS\system32\schannel.dll - ok
00:05:48.0812 2524 [ 7F2310210256C0AC04A82285DEBC0F51 ] C:\WINDOWS\system32\digest.dll
00:05:48.0812 2524 C:\WINDOWS\system32\digest.dll - ok
00:05:48.0812 2524 [ BB1367FECA810F06B1AEA06D610B1E4F ] C:\WINDOWS\system32\msnsspc.dll
00:05:48.0812 2524 C:\WINDOWS\system32\msnsspc.dll - ok
00:05:48.0828 2524 [ 6BEC17053284E847CF1FBB8C9A181E1E ] C:\WINDOWS\system32\msprivs.dll
00:05:48.0828 2524 C:\WINDOWS\system32\msprivs.dll - ok
00:05:48.0828 2524 [ FC3BCBEF084377FB3AB43E0E2FF812CB ] C:\WINDOWS\system32\kerberos.dll
00:05:48.0828 2524 C:\WINDOWS\system32\kerberos.dll - ok
00:05:48.0828 2524 [ 77C41F9146450C89534704A75836CE56 ] C:\WINDOWS\system32\msv1_0.dll
00:05:48.0828 2524 C:\WINDOWS\system32\msv1_0.dll - ok
00:05:48.0843 2524 [ 011EACF9153EF90E6CBCE2987ACAE411 ] C:\WINDOWS\system32\iphlpapi.dll
00:05:48.0843 2524 C:\WINDOWS\system32\iphlpapi.dll - ok
00:05:48.0843 2524 [ 96353FCECBA774BB8DA74A1C6507015A ] C:\WINDOWS\system32\netlogon.dll
00:05:48.0843 2524 C:\WINDOWS\system32\netlogon.dll - ok
00:05:48.0859 2524 [ 2B281958F5D0CF99ED626E3EF39D5C8D ] C:\WINDOWS\system32\w32time.dll
00:05:48.0859 2524 C:\WINDOWS\system32\w32time.dll - ok
00:05:48.0859 2524 [ 26ACBD865F8CFF730F1791C4D0854352 ] C:\WINDOWS\system32\rsaenh.dll
00:05:48.0859 2524 C:\WINDOWS\system32\rsaenh.dll - ok
00:05:48.0859 2524 [ A8B82C5D30B7AB937E164AB349478FBA ] C:\WINDOWS\system32\wdigest.dll
00:05:48.0859 2524 C:\WINDOWS\system32\wdigest.dll - ok
00:05:48.0875 2524 [ 7BCB23FA39CE266AF4347A6BEAB60F8C ] C:\WINDOWS\system32\winscard.dll
00:05:48.0875 2524 C:\WINDOWS\system32\winscard.dll - ok
00:05:48.0875 2524 [ 67F2D109AB373FECEB819F420DB11F03 ] C:\WINDOWS\system32\wtsapi32.dll
00:05:48.0875 2524 C:\WINDOWS\system32\wtsapi32.dll - ok
00:05:48.0890 2524 [ 1315E0B5B6FC1FE930EE3498309700BD ] C:\WINDOWS\system32\drivers\DCFS2k.sys
00:05:48.0890 2524 C:\WINDOWS\system32\drivers\DCFS2k.sys - ok
00:05:48.0890 2524 [ 8F078AE4ED187AAABC0A305146DE6716 ] C:\WINDOWS\system32\svchost.exe
00:05:48.0890 2524 C:\WINDOWS\system32\svchost.exe - ok
00:05:48.0890 2524 [ DAA91B358E685FC6CCA9ACA72BE6FE85 ] C:\WINDOWS\system32\ntmarta.dll
00:05:48.0890 2524 C:\WINDOWS\system32\ntmarta.dll - ok
00:05:48.0906 2524 [ 01095FEBF33BEEA00C2A0730B9B3EC28 ] C:\WINDOWS\system32\rpcss.dll
00:05:48.0906 2524 C:\WINDOWS\system32\rpcss.dll - ok
00:05:48.0906 2524 [ 1320AEA7057A26A671D9548CC7BEBDA5 ] C:\WINDOWS\system32\xpsp2res.dll
00:05:48.0906 2524 C:\WINDOWS\system32\xpsp2res.dll - ok
00:05:48.0921 2524 [ 097722F235A1FB698BF9234E01B52637 ] C:\WINDOWS\system32\mswsock.dll
00:05:48.0921 2524 C:\WINDOWS\system32\mswsock.dll - ok
00:05:48.0921 2524 [ 765B30C776A1780B46B479FE614F707C ] C:\WINDOWS\system32\hnetcfg.dll
00:05:48.0921 2524 C:\WINDOWS\system32\hnetcfg.dll - ok
00:05:48.0937 2524 [ A7F95A53EE055115DF03588997A47D4D ] C:\WINDOWS\system32\wshtcpip.dll
00:05:48.0937 2524 C:\WINDOWS\system32\wshtcpip.dll - ok
00:05:48.0937 2524 [ 2C8FDB176F22629EA5342DB474FAC391 ] C:\WINDOWS\system32\winrnr.dll
00:05:48.0937 2524 C:\WINDOWS\system32\winrnr.dll - ok
00:05:48.0937 2524 [ 0E3E56064E162EE9CC48698355098301 ] C:\Program Files\Bonjour\mdnsNSP.dll
00:05:48.0937 2524 C:\Program Files\Bonjour\mdnsNSP.dll - ok
00:05:48.0953 2524 [ 5F098BD2AE6B03044B085DECFFDF91EC ] C:\WINDOWS\system32\rasadhlp.dll
00:05:48.0953 2524 C:\WINDOWS\system32\rasadhlp.dll - ok
00:05:48.0953 2524 [ 575A4190D989F64732119E4114045A4F ] C:\WINDOWS\system32\WudfSvc.dll
00:05:48.0953 2524 C:\WINDOWS\system32\WudfSvc.dll - ok
00:05:48.0968 2524 [ EED1B6C2B6DD5C2FC1F6709102DC3191 ] C:\WINDOWS\system32\WudfPlatform.dll
00:05:48.0968 2524 C:\WINDOWS\system32\WudfPlatform.dll - ok
00:05:48.0968 2524 [ 7DB59FFF2AF32C27EB2276424FA5EDDB ] C:\WINDOWS\system32\logonui.exe
00:05:48.0968 2524 C:\WINDOWS\system32\logonui.exe - ok
00:05:48.0968 2524 [ 587729679B4FE04CE06A5C61D6C56DCD ] C:\WINDOWS\system32\cscdll.dll
00:05:48.0968 2524 C:\WINDOWS\system32\cscdll.dll - ok
00:05:48.0984 2524 [ A4AB1988A6D0B2D2056170BB38E2F9E7 ] C:\WINDOWS\system32\klogon.dll
00:05:48.0984 2524 C:\WINDOWS\system32\klogon.dll - ok
00:05:48.0984 2524 [ A599E5E366C1408E48AA5D37882D4E3E ] C:\WINDOWS\system32\wlnotify.dll
00:05:48.0984 2524 C:\WINDOWS\system32\wlnotify.dll - ok
00:05:49.0000 2524 [ ED7E847905DD2797565B4B695E92F42B ] C:\WINDOWS\system32\duser.dll
00:05:49.0000 2524 C:\WINDOWS\system32\duser.dll - ok
00:05:49.0000 2524 [ 777EB29D0135D81AD9828A2B05443496 ] C:\WINDOWS\system32\winspool.drv
00:05:49.0000 2524 C:\WINDOWS\system32\winspool.drv - ok
00:05:49.0015 2524 [ 34D6CD56409DA9A7ED573E1C90A308BF ] C:\WINDOWS\system32\drivers\ndisuio.sys
00:05:49.0015 2524 C:\WINDOWS\system32\drivers\ndisuio.sys - ok
00:05:49.0015 2524 [ B5331F2B6F37C66C29C847F3B94FF900 ] C:\WINDOWS\system32\msimg32.dll
00:05:49.0015 2524 C:\WINDOWS\system32\msimg32.dll - ok
00:05:49.0015 2524 [ EF545E1A4B043DA4C84E230DD471C55F ] C:\WINDOWS\system32\dhcpcsvc.dll
00:05:49.0015 2524 C:\WINDOWS\system32\dhcpcsvc.dll - ok
00:05:49.0031 2524 [ 5F2DBE3CB563741C8084657BF956CE64 ] C:\WINDOWS\system32\oleacc.dll
00:05:49.0031 2524 C:\WINDOWS\system32\oleacc.dll - ok
00:05:49.0031 2524 [ AAC8FFBFD61E784FA3BAC851D4A0BD5F ] C:\WINDOWS\system32\dnsrslvr.dll
00:05:49.0031 2524 C:\WINDOWS\system32\dnsrslvr.dll - ok
00:05:49.0046 2524 [ B3EFF6D938C572E90A07B3D87A3C7657 ] C:\WINDOWS\system32\lmhsvc.dll
00:05:49.0046 2524 C:\WINDOWS\system32\lmhsvc.dll - ok
00:05:49.0046 2524 [ 5A91E6FEAB9F901302FA7FF768C0120F ] C:\WINDOWS\system32\wzcsvc.dll
00:05:49.0046 2524 C:\WINDOWS\system32\wzcsvc.dll - ok
00:05:49.0062 2524 [ 2030FA027E7C3E0A145649C03171457B ] C:\WINDOWS\system32\rtutils.dll
00:05:49.0062 2524 C:\WINDOWS\system32\rtutils.dll - ok
00:05:49.0062 2524 [ E682696D7F982494A8CFC80C5B59D422 ] C:\WINDOWS\system32\wmi.dll
00:05:49.0062 2524 C:\WINDOWS\system32\wmi.dll - ok
00:05:49.0078 2524 [ 50DE118DA580208B914B40DD47C90D52 ] C:\WINDOWS\system32\esent.dll
00:05:49.0078 2524 C:\WINDOWS\system32\esent.dll - ok
00:05:49.0078 2524 [ EC8A848FC4F17F3B3D9DA4A0C43FB930 ] C:\WINDOWS\system32\clbcatq.dll
00:05:49.0078 2524 C:\WINDOWS\system32\clbcatq.dll - ok
00:05:49.0078 2524 [ 2D40EDB9BF811590DAD7406DEC67B926 ] C:\WINDOWS\system32\atl.dll
00:05:49.0078 2524 C:\WINDOWS\system32\atl.dll - ok
00:05:49.0093 2524 [ 6728270CB7DBB776ED086F5AC4C82310 ] C:\WINDOWS\system32\comres.dll
00:05:49.0093 2524 C:\WINDOWS\system32\comres.dll - ok
00:05:49.0093 2524 [ 1D3A8A40F8045100A3E35C5F9BC6C5DE ] C:\WINDOWS\system32\shgina.dll
00:05:49.0093 2524 C:\WINDOWS\system32\shgina.dll - ok
00:05:49.0109 2524 [ 92360854316611F6CC471612213C3D92 ] C:\WINDOWS\system32\schedsvc.dll
00:05:49.0109 2524 C:\WINDOWS\system32\schedsvc.dll - ok
00:05:49.0109 2524 [ DA81EC57ACD4CDC3D4C51CF3D409AF9F ] C:\WINDOWS\system32\spoolsv.exe
00:05:49.0109 2524 C:\WINDOWS\system32\spoolsv.exe - ok
00:05:49.0125 2524 [ DB66DB626E4882EBEF55F136F12C1829 ] C:\WINDOWS\system32\audiosrv.dll
00:05:49.0125 2524 C:\WINDOWS\system32\audiosrv.dll - ok
00:05:49.0125 2524 [ 3CD291A2C4909088B3D1E98DED73D4B2 ] C:\WINDOWS\system32\wkssvc.dll
00:05:49.0125 2524 C:\WINDOWS\system32\wkssvc.dll - ok
00:05:49.0125 2524 [ 29414447EB5BDE2F8397DC965DBB3156 ] C:\WINDOWS\system32\drivers\mrxdav.sys
00:05:49.0125 2524 C:\WINDOWS\system32\drivers\mrxdav.sys - ok
00:05:49.0140 2524 [ 265F534EF76832435AFBF771EC97176D ] C:\WINDOWS\system32\webclnt.dll
00:05:49.0140 2524 C:\WINDOWS\system32\webclnt.dll - ok
00:05:49.0140 2524 [ ED97493090DA8871F4EB76E1FF3F6A78 ] C:\WINDOWS\system32\wininet.dll
00:05:49.0140 2524 C:\WINDOWS\system32\wininet.dll - ok
00:05:49.0156 2524 [ 53AF9F2B2CE4B6EFF41C70417359D010 ] C:\WINDOWS\system32\wsock32.dll
00:05:49.0156 2524 C:\WINDOWS\system32\wsock32.dll - ok
00:05:49.0156 2524 [ 70E98B3FD8E963A6A46A2E6247E0BEA1 ] C:\WINDOWS\system32\drivers\parvdm.sys
00:05:49.0156 2524 C:\WINDOWS\system32\drivers\parvdm.sys - ok
00:05:49.0156 2524 [ 01E81C84AD1D0ACC61CF3CFD06632210 ] C:\Program Files\SUPERAntiSpyware\SASCore.exe
00:05:49.0156 2524 C:\Program Files\SUPERAntiSpyware\SASCore.exe - ok
00:05:49.0171 2524 [ A8AA9D47F971570A5162B862B80F87E8 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
00:05:49.0171 2524 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe - ok
00:05:49.0171 2524 [ ED8CEE58C1E4C5893F5B2FD686A272BF ] C:\WINDOWS\system32\drivers\ASPI32.SYS
00:05:49.0171 2524 C:\WINDOWS\system32\drivers\ASPI32.SYS - ok
00:05:49.0187 2524 [ 7768CE75C5CBF0D8F441CE2BBD806B7F ] C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
00:05:49.0187 2524 C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe - ok
00:05:49.0187 2524 [ 561FA2ABB31DFA8FAB762145F81667C2 ] C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL
00:05:49.0187 2524 C:\Program Files\Symantec\LiveUpdate\MSVCP71.DLL - ok
00:05:49.0187 2524 [ 86F1895AE8C5E8B17D99ECE768A70732 ] C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL
00:05:49.0187 2524 C:\Program Files\Symantec\LiveUpdate\MSVCR71.DLL - ok
00:05:49.0203 2524 [ 7C8F371C924DAA376217E553378275BA ] C:\WINDOWS\system32\shfolder.dll
00:05:49.0203 2524 C:\WINDOWS\system32\shfolder.dll - ok
00:05:49.0203 2524 [ 24B30C512A70DD81EE26A401F69CC8A9 ] C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe
00:05:49.0203 2524 C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avz.exe - ok
00:05:49.0218 2524 [ 20BE3997FE3F091A3B0D634FB9D62259 ] C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\prremote.dll
00:05:49.0218 2524 C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\prremote.dll - ok
00:05:49.0218 2524 [ 4C8A880EABC0B4D462CC4B2472116EA1 ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
00:05:49.0218 2524 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll - ok
00:05:49.0234 2524 [ E4FECE18310E23B1D8FEE993E35E7A6F ] C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
00:05:49.0234 2524 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll - ok
00:05:49.0234 2524 [ 98C11731B405B57425E9EFE44F1BDFC4 ] C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\fssync.dll
00:05:49.0234 2524 C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\fssync.dll - ok
00:05:49.0234 2524 [ 2C69EC7E5A311334D10DD95F338FCCEA ] C:\WINDOWS\system32\qmgr.dll
00:05:49.0234 2524 C:\WINDOWS\system32\qmgr.dll - ok
00:05:49.0250 2524 [ 9EFE4236F8670846B6E7C5B0EFF6E715 ] C:\Program Files\Bonjour\mDNSResponder.exe
00:05:49.0250 2524 C:\Program Files\Bonjour\mDNSResponder.exe - ok
00:05:49.0250 2524 [ E5326C384CE33D47B8EFA715E8AC4284 ] C:\WINDOWS\system32\winhttp.dll
00:05:49.0250 2524 C:\WINDOWS\system32\winhttp.dll - ok
00:05:49.0265 2524 [ F02A533F517EB38333CB12A9E8963773 ] C:\Program Files\Google\Update\GoogleUpdate.exe
00:05:49.0265 2524 C:\Program Files\Google\Update\GoogleUpdate.exe - ok
00:05:49.0265 2524 [ 9F78F329B1858E845087B923B4DBA0F3 ] C:\WINDOWS\system32\mprapi.dll
00:05:49.0265 2524 C:\WINDOWS\system32\mprapi.dll - ok
00:05:49.0265 2524 [ 60D1A6342238378BFB7545C81EE3606C ] C:\WINDOWS\system32\es.dll
00:05:49.0265 2524 C:\WINDOWS\system32\es.dll - ok
00:05:49.0281 2524 [ 875D770F477E0AE0088BE1810D537B23 ] C:\WINDOWS\system32\activeds.dll
00:05:49.0281 2524 C:\WINDOWS\system32\activeds.dll - ok
00:05:49.0281 2524 [ 12A581CA44E53B09D24C5B94F252C78D ] C:\WINDOWS\system32\adsldpc.dll
00:05:49.0281 2524 C:\WINDOWS\system32\adsldpc.dll - ok
00:05:49.0296 2524 [ 9B6C56F8FF459347D1270A91947E47BE ] C:\Program Files\Google\Update\1.2.183.29\goopdate.dll
00:05:49.0296 2524 C:\Program Files\Google\Update\1.2.183.29\goopdate.dll - ok
00:05:49.0296 2524 [ 67DFF7BBBD0E80AAB7B3CF061448DB8A ] C:\WINDOWS\system32\ersvc.dll
00:05:49.0296 2524 C:\WINDOWS\system32\ersvc.dll - ok
00:05:49.0296 2524 [ 1639D9964C9E1B2ECCA95C8217D3E70D ] C:\WINDOWS\system32\dmserver.dll
00:05:49.0296 2524 C:\WINDOWS\system32\dmserver.dll - ok
00:05:49.0312 2524 [ 10654F9DDCEA9C46CFB77554231BE73B ] C:\WINDOWS\system32\cryptsvc.dll
00:05:49.0312 2524 C:\WINDOWS\system32\cryptsvc.dll - ok
00:05:49.0312 2524 [ AD44C5BC21213F394F6AFCB55CC39293 ] C:\WINDOWS\system32\certcli.dll
00:05:49.0312 2524 C:\WINDOWS\system32\certcli.dll - ok
00:05:49.0312 2524 [ 4AC302BF714DC163E685D0A187A36D0F ] C:\WINDOWS\system32\cryptui.dll
00:05:49.0312 2524 C:\WINDOWS\system32\cryptui.dll - ok
00:05:49.0328 2524 [ 6479A184873F7CA797FF0375D711E9A6 ] C:\WINDOWS\system32\dbghelp.dll
00:05:49.0328 2524 C:\WINDOWS\system32\dbghelp.dll - ok
00:05:49.0328 2524 [ B78F5E78D50216A1302F50C12ABEE801 ] C:\WINDOWS\system32\riched20.dll
00:05:49.0328 2524 C:\WINDOWS\system32\riched20.dll - ok
00:05:49.0343 2524 [ BFDF8AA33CD4DA45C34F6ECD644EECDF ] C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
00:05:49.0343 2524 C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe - ok
00:05:49.0343 2524 [ 8827911A8C37E40C027CBFC88E69D967 ] C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:05:49.0343 2524 C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll - ok
00:05:49.0343 2524 [ 9376E6893E52B368ABC6255BF54F0B28 ] C:\WINDOWS\system32\hidserv.dll
00:05:49.0343 2524 C:\WINDOWS\system32\hidserv.dll - ok
00:05:49.0359 2524 [ 18AFEE0EDE045B6255408D634372DC29 ] C:\WINDOWS\system32\hid.dll
00:05:49.0359 2524 C:\WINDOWS\system32\hid.dll - ok
00:05:49.0359 2524 [ 2975C66459C426C20BC22D639DF6B611 ] C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
00:05:49.0359 2524 C:\Program Files\SUPERAntiSpyware\SASSEH.DLL - ok
00:05:49.0375 2524 [ 5D9C470085DDFEF1CAE10755E03CA7C3 ] C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe
00:05:49.0375 2524 C:\Program Files\Google\Update\1.2.183.29\GoogleCrashHandler.exe - ok
00:05:49.0375 2524 [ 037438A305F1EFF51AF788C32EFF4360 ] C:\WINDOWS\system32\qmgrprxy.dll
00:05:49.0375 2524 C:\WINDOWS\system32\qmgrprxy.dll - ok
00:05:49.0375 2524 [ 8D22721EB56E7592C0C8CC707F11DB5F ] C:\WINDOWS\system32\msxml3.dll
00:05:49.0375 2524 C:\WINDOWS\system32\msxml3.dll - ok
00:05:49.0390 2524 [ B48D3193DD1474DCBCC32BF4779AC698 ] C:\WINDOWS\system32\olepro32.dll
00:05:49.0390 2524 C:\WINDOWS\system32\olepro32.dll - ok
00:05:49.0390 2524 [ 7ED462F353B3D915A418A689FA881F96 ] C:\WINDOWS\system32\ddraw.dll
00:05:49.0390 2524 C:\WINDOWS\system32\ddraw.dll - ok
00:05:49.0406 2524 [ D0933C7B9763098B16E6BB0B823AE844 ] C:\WINDOWS\system32\dciman32.dll
00:05:49.0406 2524 C:\WINDOWS\system32\dciman32.dll - ok
00:05:49.0406 2524 [ 0CB3AF149A0BAC0836022CA307C7A0F8 ] C:\WINDOWS\system32\srvsvc.dll
00:05:49.0406 2524 C:\WINDOWS\system32\srvsvc.dll - ok
00:05:49.0406 2524 [ FB4125937B07247E236BDB49B91102BF ] C:\Program Files\Common Files\Motive\McciCMService.exe
00:05:49.0406 2524 C:\Program Files\Common Files\Motive\McciCMService.exe - ok
00:05:49.0421 2524 [ 6FCD74011AFD5843456F3ED9B4C4D909 ] C:\Program Files\iolo\Common\Lib\fbembed.dll
00:05:49.0421 2524 C:\Program Files\iolo\Common\Lib\fbembed.dll - ok
00:05:49.0421 2524 [ 20FD44370267CCD0A64A1B31861C21D2 ] C:\WINDOWS\system32\netmsg.dll
00:05:49.0421 2524 C:\WINDOWS\system32\netmsg.dll - ok
00:05:49.0437 2524 [ AB9C79ED12D65E800AAAD3D72A04792F ] C:\WINDOWS\system32\drivers\srv.sys
00:05:49.0437 2524 C:\WINDOWS\system32\drivers\srv.sys - ok
00:05:49.0437 2524 [ 11F714F85530A2BD134074DC30E99FCA ] C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
00:05:49.0437 2524 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE - ok
00:05:49.0437 2524 [ 95CAEC95D6777CE7D6B7091BC4D91CEB ] C:\WINDOWS\system32\nvsvc32.exe
00:05:49.0437 2524 C:\WINDOWS\system32\nvsvc32.exe - ok
00:05:49.0453 2524 [ 51C6D8BFBD4EA5B62A1BA7F4469250D3 ] C:\WINDOWS\system32\HPZinw12.dll
00:05:49.0453 2524 C:\WINDOWS\system32\HPZinw12.dll - ok
00:05:49.0453 2524 [ 36739B39267914BA69AD0610A0299732 ] C:\WINDOWS\system32\netman.dll
00:05:49.0453 2524 C:\WINDOWS\system32\netman.dll - ok
00:05:49.0468 2524 [ A6B8503687A268BFD620A12271816E36 ] C:\WINDOWS\system32\msxml4.dll
00:05:49.0468 2524 C:\WINDOWS\system32\msxml4.dll - ok
00:05:49.0468 2524 [ BF52A4D4EB4CFB3109667E429B93E21A ] C:\WINDOWS\system32\netshell.dll
00:05:49.0468 2524 C:\WINDOWS\system32\netshell.dll - ok
00:05:49.0468 2524 [ 1B5F6923ABB450692E9FE0672C897AED ] C:\WINDOWS\system32\powrprof.dll
00:05:49.0468 2524 C:\WINDOWS\system32\powrprof.dll - ok
00:05:49.0484 2524 [ DF5133EA0D6D7C34E44551F87044EE59 ] C:\WINDOWS\system32\nvcpl.dll
00:05:49.0484 2524 C:\WINDOWS\system32\nvcpl.dll - ok
00:05:49.0484 2524 [ 0275215D01C3985E682A661B8826F371 ] C:\WINDOWS\system32\pctspk.exe
00:05:49.0484 2524 C:\WINDOWS\system32\pctspk.exe - ok
00:05:49.0500 2524 [ 920FCB1152B2D6490EE2B93E797D7C57 ] C:\WINDOWS\system32\avifil32.dll
00:05:49.0500 2524 C:\WINDOWS\system32\avifil32.dll - ok
00:05:49.0500 2524 [ 9CAB732C554BC1191E68D1EFB102DA45 ] C:\WINDOWS\system32\msvfw32.dll
00:05:49.0500 2524 C:\WINDOWS\system32\msvfw32.dll - ok
00:05:49.0500 2524 [ D1E299962B5956005113EC4AB1E0D9B7 ] C:\WINDOWS\system32\ipsecsvc.dll
00:05:49.0500 2524 C:\WINDOWS\system32\ipsecsvc.dll - ok
00:05:49.0515 2524 [ 79834AA2FBF9FE81EEBB229024F6F7FC ] C:\WINDOWS\system32\HPZipm12.dll
00:05:49.0515 2524 C:\WINDOWS\system32\HPZipm12.dll - ok
00:05:49.0515 2524 [ 1ECB753D7CEEC8F5A94C9781CA64EC44 ] C:\WINDOWS\system32\credui.dll
00:05:49.0515 2524 C:\WINDOWS\system32\credui.dll - ok
00:05:49.0531 2524 [ A76128BE63EEA6A3AF521A0576D3EBF7 ] C:\WINDOWS\system32\oakley.dll
00:05:49.0531 2524 C:\WINDOWS\system32\oakley.dll - ok
00:05:49.0531 2524 [ CD1F7ED9842138BEADF9ECBF37818BEF ] C:\WINDOWS\system32\rasapi32.dll
00:05:49.0531 2524 C:\WINDOWS\system32\rasapi32.dll - ok
00:05:49.0531 2524 [ 90A3935D05B494A5A39D37E71F09A677 ] C:\WINDOWS\system32\drivers\secdrv.sys
00:05:49.0531 2524 C:\WINDOWS\system32\drivers\secdrv.sys - ok
00:05:49.0546 2524 [ 306B30A036DB25FCB76B507FEDE07D58 ] C:\WINDOWS\system32\pstorsvc.dll
00:05:49.0546 2524 C:\WINDOWS\system32\pstorsvc.dll - ok
00:05:49.0546 2524 [ 2B2F31E3F2CE3723C1B0F3700C8BE28B ] C:\WINDOWS\system32\winipsec.dll
00:05:49.0546 2524 C:\WINDOWS\system32\winipsec.dll - ok
00:05:49.0562 2524 [ 4D3CCDF22D2B4BAE229BA73B81D13E26 ] C:\WINDOWS\system32\psbase.dll
00:05:49.0562 2524 C:\WINDOWS\system32\psbase.dll - ok
00:05:49.0562 2524 [ 30E244A707E6CE0A4B099CD6384EC6CA ] C:\WINDOWS\system32\rasman.dll
00:05:49.0562 2524 C:\WINDOWS\system32\rasman.dll - ok
00:05:49.0562 2524 [ B6763F8534AC547CF1AF98AFDFF2EDC8 ] C:\WINDOWS\system32\wiaservc.dll
00:05:49.0562 2524 C:\WINDOWS\system32\wiaservc.dll - ok
00:05:49.0578 2524 [ D5281109BE06EA1D3C511B6C07F26134 ] C:\WINDOWS\system32\ZuneBusEnum.exe
00:05:49.0578 2524 C:\WINDOWS\system32\ZuneBusEnum.exe - ok
00:05:49.0578 2524 [ 6307A1B82F6CA87D7E0CDF49E6E7BC00 ] C:\WINDOWS\system32\tapi32.dll
00:05:49.0578 2524 C:\WINDOWS\system32\tapi32.dll - ok
00:05:49.0578 2524 [ C115304824B76B4810CF0102EFFE6897 ] C:\WINDOWS\system32\xmllite.dll
00:05:49.0578 2524 C:\WINDOWS\system32\xmllite.dll - ok
00:05:49.0593 2524 [ 0FCB11B39AF688035E1CDE754684EE5C ] C:\WINDOWS\system32\cfgmgr32.dll
00:05:49.0593 2524 C:\WINDOWS\system32\cfgmgr32.dll - ok
00:05:49.0593 2524 [ CACD2C63A79268D131EA37E85524CC44 ] C:\WINDOWS\system32\dssenh.dll
00:05:49.0593 2524 C:\WINDOWS\system32\dssenh.dll - ok
00:05:49.0609 2524 [ 9A9BBC71D0EBCD400A33ABCD5F0AB39C ] C:\WINDOWS\system32\wzcsapi.dll
00:05:49.0609 2524 C:\WINDOWS\system32\wzcsapi.dll - ok
00:05:49.0609 2524 [ 4ED87C9C1F9EA9FC68C2E22C3A2DB286 ] C:\WINDOWS\system32\mscms.dll
00:05:49.0609 2524 C:\WINDOWS\system32\mscms.dll - ok
00:05:49.0609 2524 [ A730EB3BB31C6A51BEAAF53587108747 ] C:\PROGRA~1\DEFEND~1\DEFEND~1.0\adialhk.dll
00:05:49.0609 2524 C:\PROGRA~1\DEFEND~1\DEFEND~1.0\adialhk.dll - ok
00:05:49.0625 2524 [ E3CFCCDDA4EDD1D0DC9168B2E18F27B8 ] C:\WINDOWS\system32\browser.dll
00:05:49.0625 2524 C:\WINDOWS\system32\browser.dll - ok
00:05:49.0625 2524 [ 6D9AC544B30F96C57F8206566C1FB6A1 ] C:\WINDOWS\system32\trkwks.dll
00:05:49.0625 2524 C:\WINDOWS\system32\trkwks.dll - ok
00:05:49.0640 2524 [ 92BDF74F12D6CBEC43C94D4B7F804838 ] C:\WINDOWS\system32\srsvc.dll
00:05:49.0640 2524 C:\WINDOWS\system32\srsvc.dll - ok
00:05:49.0640 2524 [ 13510490BEA0997DB625DAA0178CBFCA ] C:\WINDOWS\system32\actxprxy.dll
00:05:49.0640 2524 C:\WINDOWS\system32\actxprxy.dll - ok
00:05:49.0640 2524 [ DFD9870CF39C791D86C4C209DA9FA919 ] C:\WINDOWS\system32\sens.dll
00:05:49.0640 2524 C:\WINDOWS\system32\sens.dll - ok
00:05:49.0656 2524 [ B1E0CE09895376871746F36DC5773B4F ] C:\WINDOWS\system32\seclogon.dll
00:05:49.0656 2524 C:\WINDOWS\system32\seclogon.dll - ok
00:05:49.0656 2524 [ 851547797C2A7F8A04841644C471A567 ] C:\WINDOWS\system32\wbem\wbemprox.dll
00:05:49.0656 2524 C:\WINDOWS\system32\wbem\wbemprox.dll - ok
00:05:49.0671 2524 [ 4E39C36213E95FB971A61A247BDE2F61 ] C:\WINDOWS\system32\wbem\wbemcomn.dll
00:05:49.0671 2524 C:\WINDOWS\system32\wbem\wbemcomn.dll - ok
00:05:49.0671 2524 [ 2C59F86917723CEE4C1366BB86082C9B ] C:\WINDOWS\system32\urlmon.dll
00:05:49.0671 2524 C:\WINDOWS\system32\urlmon.dll - ok
00:05:49.0687 2524 [ 8C91E1252DCAE14E28443D3D8A7402B1 ] C:\WINDOWS\system32\bitsprx2.dll
00:05:49.0687 2524 C:\WINDOWS\system32\bitsprx2.dll - ok
00:05:49.0687 2524 [ 51230212AE7F8159A90F06A7EA30DD8A ] C:\WINDOWS\system32\cscui.dll
00:05:49.0687 2524 C:\WINDOWS\system32\cscui.dll - ok
00:05:49.0687 2524 [ B60C877D16D9C880B952FDA04ADF16E6 ] C:\WINDOWS\system32\termsrv.dll
00:05:49.0687 2524 C:\WINDOWS\system32\termsrv.dll - ok
00:05:49.0703 2524 [ F7FC12EDD4F0C19490D37AF9570C50F8 ] C:\WINDOWS\system32\dpcdll.dll
00:05:49.0703 2524 C:\WINDOWS\system32\dpcdll.dll - ok
00:05:49.0703 2524 [ 37E7DB460A5315E4609B212C6C014527 ] C:\WINDOWS\system32\icaapi.dll
00:05:49.0703 2524 C:\WINDOWS\system32\icaapi.dll - ok
00:05:49.0718 2524 [ F5EE7CACD1784241F138A5E55B715897 ] C:\WINDOWS\system32\mstlsapi.dll
00:05:49.0718 2524 C:\WINDOWS\system32\mstlsapi.dll - ok
00:05:49.0718 2524 [ D6A8DC8C374EEA24744F2D4E87CA0E7E ] C:\WINDOWS\system32\wdmaud.drv
00:05:49.0718 2524 C:\WINDOWS\system32\wdmaud.drv - ok
00:05:49.0718 2524 [ EFD235CA22B57C81118C1AEB4798F1C1 ] C:\WINDOWS\system32\drivers\wdmaud.sys
00:05:49.0718 2524 C:\WINDOWS\system32\drivers\wdmaud.sys - ok
00:05:49.0734 2524 [ 650AD082D46BAC0E64C9C0E0928492FD ] C:\WINDOWS\system32\drivers\sysaudio.sys
00:05:49.0734 2524 C:\WINDOWS\system32\drivers\sysaudio.sys - ok
00:05:49.0734 2524 [ 1EE7B434BA961EF845DE136224C30FEC ] C:\WINDOWS\system32\drivers\aec.sys
00:05:49.0734 2524 C:\WINDOWS\system32\drivers\aec.sys - ok
00:05:49.0750 2524 [ 0CE218578FFF5F4F7E4201539C45C78F ] C:\WINDOWS\system32\drivers\splitter.sys
00:05:49.0750 2524 C:\WINDOWS\system32\drivers\splitter.sys - ok
00:05:49.0750 2524 [ 39B1FFB03C2296323832ACBAE50D2AFF ] C:\WINDOWS\system32\userinit.exe
00:05:49.0750 2524 C:\WINDOWS\system32\userinit.exe - ok
00:05:49.0750 2524 [ 94ABC808FC4B6D7D2BBF42B85E25BB4D ] C:\WINDOWS\system32\drivers\swmidi.sys
00:05:49.0750 2524 C:\WINDOWS\system32\drivers\swmidi.sys - ok
00:05:49.0765 2524 [ A6F881284AC1150E37D9AE47FF601267 ] C:\WINDOWS\system32\drivers\dmusic.sys
00:05:49.0765 2524 C:\WINDOWS\system32\drivers\dmusic.sys - ok
00:05:49.0765 2524 [ BA5DEDA4D934E6288C2F66CAF58D2562 ] C:\WINDOWS\system32\drivers\kmixer.sys
00:05:49.0765 2524 C:\WINDOWS\system32\drivers\kmixer.sys - ok
00:05:49.0765 2524 [ 1ED4DBBAE9F5D558DBBA4CC450E3EB2E ] C:\WINDOWS\system32\drivers\drmkaud.sys
00:05:49.0781 2524 C:\WINDOWS\system32\drivers\drmkaud.sys - ok
00:05:49.0781 2524 [ 97BD6515465659FF8F3B7BE375B2EA87 ] C:\WINDOWS\explorer.exe
00:05:49.0781 2524 C:\WINDOWS\explorer.exe - ok
00:05:49.0781 2524 [ 9A3BD5F55AADFF859539142F6328A66E ] C:\WINDOWS\system32\msacm32.drv
00:05:49.0781 2524 C:\WINDOWS\system32\msacm32.drv - ok
00:05:49.0796 2524 [ 3B4702155BB2AE9DC00C06A68834BDFA ] C:\WINDOWS\system32\midimap.dll
00:05:49.0796 2524 C:\WINDOWS\system32\midimap.dll - ok
00:05:49.0796 2524 [ 73DD70102973A3CFAFDCE4C5891DAA3D ] C:\WINDOWS\system32\browseui.dll
00:05:49.0796 2524 C:\WINDOWS\system32\browseui.dll - ok
00:05:49.0796 2524 [ DA285490BBD8A1D0CE6623577D5BA1FF ] C:\WINDOWS\system32\rundll32.exe
00:05:49.0796 2524 C:\WINDOWS\system32\rundll32.exe - ok
00:05:49.0812 2524 [ 8D33297D9DA20AB01F1258AFA5A10C91 ] C:\WINDOWS\system32\shdocvw.dll
00:05:49.0812 2524 C:\WINDOWS\system32\shdocvw.dll - ok
00:05:49.0812 2524 [ E931B4DD87DFACE46468FD506FDCD262 ] C:\WINDOWS\system32\desk.cpl
00:05:49.0812 2524 C:\WINDOWS\system32\desk.cpl - ok
00:05:49.0812 2524 [ E6796D51CED309E46D29C0B787735615 ] C:\WINDOWS\system32\themeui.dll
00:05:49.0812 2524 C:\WINDOWS\system32\themeui.dll - ok
00:05:49.0828 2524 [ 632A777961E99CB61B28599555A2F7A7 ] C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\scrchpg.dll
00:05:49.0828 2524 C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\scrchpg.dll - ok
00:05:49.0828 2524 [ EEB024F2C81F0D55936FB825D21A91D6 ] C:\WINDOWS\system32\cmd.exe
00:05:49.0828 2524 C:\WINDOWS\system32\cmd.exe - ok
00:05:49.0843 2524 [ EBC984F0CE40E0DAF0454D806EC2A7EC ] C:\DOCUME~1\Owner\LOCALS~1\Temp\0AF7E191-4689-4611-90AD-BD878B534F08.exe
00:05:49.0843 2524 C:\DOCUME~1\Owner\LOCALS~1\Temp\0AF7E191-4689-4611-90AD-BD878B534F08.exe - ok
00:05:49.0843 2524 [ AE0A7905C97BA30211C700C3E12DFD83 ] C:\WINDOWS\system32\nwiz.exe
00:05:49.0843 2524 C:\WINDOWS\system32\nwiz.exe - ok
00:05:49.0859 2524 [ 21C8A24455FDAFC9D6D8BCD38D62B10B ] C:\WINDOWS\system32\HdAShCut.exe
00:05:49.0859 2524 C:\WINDOWS\system32\HdAShCut.exe - ok
00:05:49.0859 2524 [ 115332A83AC2726FA974D30DB4BFD8DE ] C:\Program Files\Analog Devices\Core\smax4pnp.exe
00:05:49.0859 2524 C:\Program Files\Analog Devices\Core\smax4pnp.exe - ok
00:05:49.0859 2524 [ A1A688EE56CF3BBD24EDEB815D48E9BA ] C:\WINDOWS\system32\linkinfo.dll
00:05:49.0859 2524 C:\WINDOWS\system32\linkinfo.dll - ok
00:05:49.0875 2524 [ 892C31A22CE40F076BD87318A879DA79 ] C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe
00:05:49.0875 2524 C:\Program Files\BellSouth\Alert Manager\BellSouthAlertManager.exe - ok
00:05:49.0875 2524 [ 96FD5C0623BBC0988EFC431AD3E35EB4 ] C:\WINDOWS\system32\HdAudRes.dll
00:05:49.0875 2524 C:\WINDOWS\system32\HdAudRes.dll - ok
00:05:49.0875 2524 [ 385E9AEC6E100DBEBEE5BD1F27A55E1D ] C:\WINDOWS\system32\ntshrui.dll
00:05:49.0890 2524 C:\WINDOWS\system32\ntshrui.dll - ok
00:05:49.0890 2524 [ B0683CAAAED1FFCE824614B64AFB44F5 ] C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe
00:05:49.0890 2524 C:\Program Files\Defender Pro\Defender Pro Internet Security 6.0\avp.exe - ok
00:05:49.0890 2524 [ 896F9A5AA7C004A2ACB20A05289DABE0 ] C:\Program Files\DefenderPro\TSAntiSpy.exe
00:05:49.0890 2524 C:\Program Files\DefenderPro\TSAntiSpy.exe - ok
00:05:49.0906 2524 [ 2FF690ACE1B49D891B79E645B6DB95FF ] C:\Program Files\Zune\ZuneLauncher.exe
00:05:49.0906 2524 C:\Program Files\Zune\ZuneLauncher.exe - ok
00:05:49.0906 2524 [ 0AB3C83FCB8EF6F56E4FB22089F0D3B9 ] C:\Program Files\QuickTime\QTTask.exe
00:05:49.0906 2524 C:\Program Files\QuickTime\QTTask.exe - ok
00:05:49.0906 2524 [ E6A4E341E4304B34AA280D3E73818C90 ] C:\Program Files\iTunes\iTunesHelper.exe
00:05:49.0921 2524 C:\Program Files\iTunes\iTunesHelper.exe - ok
00:05:49.0921 2524 [ EAF269DBA2D72368B1BBF030FB0EC488 ] C:\Program Files\Zune\ZuneCfg.dll
00:05:49.0921 2524 C:\Program Files\Zune\ZuneCfg.dll - ok
00:05:49.0921 2524 [ 74E6E96C6F0E2ECA4EDBB7F7A468F259 ] C:\Program Files\Messenger\msmsgs.exe
00:05:49.0921 2524 C:\Program Files\Messenger\msmsgs.exe - ok
00:05:49.0937 2524 [ 0AF32313F692E894F8E1B5B98956BA24 ] C:\Program Files\Analog Devices\Core\smwdmif.dll
00:05:49.0937 2524 C:\Program Files\Analog Devices\Core\smwdmif.dll - ok
00:05:49.0937 2524 [ 24232996A38C0B0CF151C2140AE29FC8 ] C:\WINDOWS\system32\ctfmon.exe
00:05:49.0937 2524 C:\WINDOWS\system32\ctfmon.exe - ok
00:05:49.0937 2524 [ 2B6D3630EB32B562E6763370CE35D730 ] C:\WINDOWS\system32\msctf.dll
00:05:49.0953 2524 C:\WINDOWS\system32\msctf.dll - ok
00:05:49.0953 2524 [ D6ABF4FA70DE5AF5B386E5B365030E74 ] C:\Program Files\Zune\ZuneShellExt.dll
00:05:49.0953 2524 C:\Program Files\Zune\ZuneShellExt.dll - ok
00:05:49.0953 2524 [ 751184DF487A1B3C95CB29B0D0069C28 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
00:05:49.0953 2524 C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
00:05:49.0968 2524 [ 4602907535FD682195DFFF9117365826 ] C:\WINDOWS\system32\mfc42.dll
00:05:49.0968 2524 C:\WINDOWS\system32\mfc42.dll - ok
00:05:49.0968 2524 [ 9EEA0CA999A33C9D2EABE82E4C624CC3 ] C:\WINDOWS\system32\msutb.dll
00:05:49.0968 2524 C:\WINDOWS\system32\msutb.dll - ok
00:05:49.0968 2524 [ 2DE7BC987EC12C2E7DAF76466CDC296D ] C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
00:05:49.0984 2524 C:\Program Files\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
00:05:49.0984 2524 [ A37D7208C3D5DBA0A603953A5B232AF7 ] C:\WINDOWS\system32\oledlg.dll
00:05:49.0984 2524 C:\WINDOWS\system32\oledlg.dll - ok
00:05:49.0984 2524 [ 980D1E904E059139F075711ECE5BDCB8 ] C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll
00:05:49.0984 2524 C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
00:05:50.0000 2524 [ 6ECB0526E0BF909BFA7B606323352652 ] C:\WINDOWS\system32\nview.dll
00:05:50.0000 2524 C:\WINDOWS\system32\nview.dll - ok
00:05:50.0000 2524 [ 4038EE8AC13C15A067536D292A93D697 ] C:\WINDOWS\ime\sptip.dll
00:05:50.0000 2524 C:\WINDOWS\ime\sptip.dll - ok
00:05:50.0015 2524 [ 378BA951BC92648CCC08CC2FCE1CE7C8 ] C:\Program Files\DefenderPro\mfc42.dll
00:05:50.0015 2524 C:\Program Files\DefenderPro\mfc42.dll - ok
00:05:50.0015 2524 [ 6501DB5182D5A8C0F1F1707286161D66 ] C:\WINDOWS\system32\webcheck.dll
00:05:50.0015 2524 C:\WINDOWS\system32\webcheck.dll - ok
00:05:50.0015 2524 [ FA788520BCAC0F5D9D5CDE5615C0D931 ] C:\WINDOWS\system32\imapi.exe
00:05:50.0015 2524 C:\WINDOWS\system32\imapi.exe - ok
00:05:50.0031 2524 [ FD021E0DB908ECBD76C5EA69F7EECC59 ] C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
00:05:50.0031 2524 C:\WINDOWS\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll - ok
00:05:50.0031 2524 [ 297101A925ECFFDCDF7F6341FFBB6C1A ] C:\WINDOWS\system32\stobject.dll
00:05:50.0031 2524 C:\WINDOWS\system32\stobject.dll - ok
00:05:50.0046 2524 [ 1F95F072D1384B6C0F9245318D35B6A5 ] C:\Program Files\QuickTime\QTSystem\QuickTime.qts
00:05:50.0046 2524 C:\Program Files\QuickTime\QTSystem\QuickTime.qts - ok
00:05:50.0046 2524 [ 4E6EEEA8EB9302D604603D4758C05E75 ] C:\WINDOWS\system32\batmeter.dll
00:05:50.0046 2524 C:\WINDOWS\system32\batmeter.dll - ok
00:05:50.0046 2524 [ 045E228F71C31901084B64BE59093499 ] C:\WINDOWS\system32\WPDShServiceObj.dll
00:05:50.0046 2524 C:\WINDOWS\system32\WPDShServiceObj.dll - ok
00:05:50.0062 2524 [ AA6741C359E11F101056A609D022E92A ] C:\WINDOWS\system32\mslbui.dll
00:05:50.0062 2524 C:\WINDOWS\system32\mslbui.dll - ok
00:05:50.0062 2524 [ DD6D5ABAD9B8C13CEDA4752370BA982C ] C:\WINDOWS\system32\mydocs.dll
00:05:50.0062 2524 C:\WINDOWS\system32\mydocs.dll - ok
00:05:50.0062 2524 [ 54DF9B5FA02358B249CADEF9A0F262F6 ] C:\WINDOWS\system32\nvwddi.dll
00:05:50.0062 2524 C:\WINDOWS\system32\nvwddi.dll - ok
00:05:50.0078 2524 [ 22358578CB321F3325496A3723029409 ] C:\WINDOWS\system32\PortableDeviceTypes.dll
00:05:50.0078 2524 C:\WINDOWS\system32\PortableDeviceTypes.dll - ok
00:05:50.0078 2524 [ 9D45B2201D0ECF9F42136C7B99DEB8B2 ] C:\WINDOWS\system32\PortableDeviceApi.dll
00:05:50.0078 2524 C:\WINDOWS\system32\PortableDeviceApi.dll - ok
00:05:50.0093 2524 [ 55E148C01296696588EAFA425782C3E8 ] C:\WINDOWS\system32\dsound.dll
00:05:50.0093 2524 C:\WINDOWS\system32\dsound.dll - ok
00:05:50.0093 2524 [ AF3CD935D984382C74491E459A8DF76E ] C:\PROGRA~1\DEFEND~2\ANTISP~1.OCX
00:05:50.0093 2524 C:\PROGRA~1\DEFEND~2\ANTISP~1.OCX - ok
00:05:50.0093 2524 [ 892F4BC54D486FEB4DF03E4E2ECB14E0 ] C:\WINDOWS\system32\msi.dll
00:05:50.0093 2524 C:\WINDOWS\system32\msi.dll - ok
00:05:50.0109 2524 [ 339089D6C3FC3BC5CED8D9049C4D2101 ] C:\WINDOWS\system32\upnp.dll
00:05:50.0109 2524 C:\WINDOWS\system32\upnp.dll - ok
00:05:50.0109 2524 [ 2A8681AEA24003040CA7D677BE9F1702 ] C:\WINDOWS\system32\drivers\58771124.sys
00:05:50.0109 2524 C:\WINDOWS\system32\drivers\58771124.sys - ok
00:05:50.0125 2524 [ 5B8DFA748FA4845BC04445A30126F2E9 ] C:\WINDOWS\system32\ssdpapi.dll
00:05:50.0125 2524 C:\WINDOWS\system32\ssdpapi.dll - ok
00:05:50.0125 2524 [ EDD916D97C229ED9F3EA037DE9352635 ] C:\WINDOWS\system32\xpob2res.dll
00:05:50.0125 2524 C:\WINDOWS\system32\xpob2res.dll - ok
00:05:50.0125 2524 [ D4931277DF5393E84A48B27DF40914E3 ] C:\WINDOWS\system32\riched32.dll
00:05:50.0125 2524 C:\WINDOWS\system32\riched32.dll - ok
00:05:50.0140 2524 [ CBCD254547689BFF80C9F547B20911E9 ] C:\WINDOWS\system32\ksuser.dll
00:05:50.0140 2524 C:\WINDOWS\system32\ksuser.dll - ok
00:05:50.0140 2524 [ E3AE8DC04643850D2DFD431443558B28 ] C:\WINDOWS\system32\netcfgx.dll
00:05:50.0140 2524 C:\WINDOWS\system32\netcfgx.dll - ok
00:05:50.0156 2524 [ 98C1FF6676E02D43DA208802286A6EE7 ] C:\WINDOWS\system32\clusapi.dll
00:05:50.0156 2524 C:\WINDOWS\system32\clusapi.dll - ok
00:05:50.0156 2524 [ B18BD2852F34FF7FCAA004ABDA09384F ] C:\Program Files\DefenderPro\bszip.dll
00:05:50.0156 2524 C:\Program Files\DefenderPro\bszip.dll - ok
00:05:50.0171 2524 [ 6B01137148425B9735ACB191AA92C64A ] C:\Program Files\DefenderPro\XceedCry.dll
00:05:50.0171 2524 C:\Program Files\DefenderPro\XceedCry.dll - ok
00:05:50.0171 2524 [ 75DEB92422D955373825A11F9F74EC6A ] C:\WINDOWS\system32\comsvcs.dll
00:05:50.0171 2524 C:\WINDOWS\system32\comsvcs.dll - ok
00:05:50.0171 2524 [ 01A04FB59E76697C9171B6327274D371 ] C:\WINDOWS\system32\colbact.dll
00:05:50.0171 2524 C:\WINDOWS\system32\colbact.dll - ok
00:05:50.0187 2524 [ DAD1CEF1B77539B4EF734A1041CF95ED ] C:\WINDOWS\system32\mstask.dll
00:05:50.0187 2524 C:\WINDOWS\system32\mstask.dll - ok
00:05:50.0187 2524 [ 99F43B9B76C88ACEAD42FE84744F8C87 ] C:\WINDOWS\system32\mtxclu.dll
00:05:50.0187 2524 C:\WINDOWS\system32\mtxclu.dll - ok
00:05:50.0203 2524 [ 2738C8A33FF07DD3C99C7C8F0A85DA72 ] C:\WINDOWS\system32\resutils.dll
00:05:50.0203 2524 C:\WINDOWS\system32\resutils.dll - ok
00:05:50.0203 2524 [ 477E08FE0114AFEA114FC954C983D4DB ] C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
00:05:50.0203 2524 C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL - ok
00:05:50.0203 2524 [ 9709EAD856A690333138AC40804F914E ] C:\WINDOWS\system32\regsvr32.exe
00:05:50.0203 2524 C:\WINDOWS\system32\regsvr32.exe - ok
00:05:50.0218 2524 [ 49B5EED5FB89D39456A2F616CCD8BA5D ] C:\WINDOWS\system32\rasmans.dll
00:05:50.0218 2524 C:\WINDOWS\system32\rasmans.dll - ok
00:05:50.0218 2524 [ 6B447F5802D67E20220BE91917F76033 ] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
00:05:50.0218 2524 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL - ok
00:05:50.0234 2524 [ FB78839B36025AA286A51289ED28B73E ] C:\WINDOWS\system32\tapisrv.dll
00:05:50.0234 2524 C:\WINDOWS\system32\tapisrv.dll - ok
00:05:50.0234 2524 [ 0BC326CD99125724987CEEC7405496B6 ] C:\WINDOWS\system32\asycfilt.dll
00:05:50.0234 2524 C:\WINDOWS\system32\asycfilt.dll - ok
00:05:50.0234 2524 [ 1D536BEBC30DD8D0D3B6FF3B0CD2D32B ] C:\WINDOWS\system32\rastapi.dll
00:05:50.0234 2524 C:\WINDOWS\system32\rastapi.dll - ok
00:05:50.0250 2524 [ 1DFD6E8DA0FE2D14A5FA12CFCFB162C1 ] C:\WINDOWS\system32\unimdm.tsp
00:05:50.0250 2524 C:\WINDOWS\system32\unimdm.tsp - ok
00:05:50.0250 2524 [ 2CED9BA7BD7401736125A1313169FBC0 ] C:\WINDOWS\system32\hhctrl.ocx
00:05:50.0250 2524 C:\WINDOWS\system32\hhctrl.ocx - ok
00:05:50.0265 2524 [ 3AB4213BF48F9062E087B909832AA8E6 ] C:\WINDOWS\system32\uniplat.dll
00:05:50.0265 2524 C:\WINDOWS\system32\uniplat.dll - ok
00:05:50.0265 2524 [ 2DBFBD419C332E4361E35528E611B0A0 ] C:\WINDOWS\system32\unimdmat.dll
00:05:50.0265 2524 C:\WINDOWS\system32\unimdmat.dll - ok
00:05:50.0265 2524 [ 5EB4B3A7F2F736DF61206982A8A1F694 ] C:\WINDOWS\system32\modemui.dll
00:05:50.0265 2524 C:\WINDOWS\system32\modemui.dll - ok
00:05:50.0281 2524 [ 7735385C0FA821961F9A1EBA94F2AC98 ] C:\WINDOWS\system32\kmddsp.tsp
00:05:50.0281 2524 C:\WINDOWS\system32\kmddsp.tsp - ok
00:05:50.0281 2524 [ 37D7005A87F6405DEA87F50098CE03F7 ] C:\WINDOWS\system32\ndptsp.tsp
00:05:50.0281 2524 C:\WINDOWS\system32\ndptsp.tsp - ok
00:05:50.0296 2524 [ E59CC8213ABFE1B6C30CCC051A7CF058 ] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll
00:05:50.0296 2524 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\iTunesMobileDevice.dll - ok
00:05:50.0296 2524 [ A4C40AF21BF9F90E08A3C1DD0DC79E0B ] C:\WINDOWS\system32\ipconf.tsp
00:05:50.0296 2524 C:\WINDOWS\system32\ipconf.tsp - ok
00:05:50.0296 2524 [ 49361F295DF887AC32CD660CA94ACAA5 ] C:\WINDOWS\system32\h323.tsp
00:05:50.0296 2524 C:\WINDOWS\system32\h323.tsp - ok
00:05:50.0312 2524 [ 83168270F2E73A20E981B0F38A34958F ] C:\WINDOWS\system32\hidphone.tsp
00:05:50.0312 2524 C:\WINDOWS\system32\hidphone.tsp - ok
00:05:50.0312 2524 [ 04ECEC0447F79419AD25227205B8277D ] C:\WINDOWS\system32\rasppp.dll
00:05:50.0312 2524 C:\WINDOWS\system32\rasppp.dll - ok
00:05:50.0312 2524 [ C5EF2A4F6CB968B3119B43F43C64A1A6 ] C:\WINDOWS\system32\ntlsapi.dll
00:05:50.0312 2524 C:\WINDOWS\system32\ntlsapi.dll - ok
00:05:50.0328 2524 [ 1B0F0FC350C77B62A4B927810E53B2BF ] C:\WINDOWS\system32\raschap.dll
00:05:50.0328 2524 C:\WINDOWS\system32\raschap.dll - ok
00:05:50.0328 2524 [ ADEAC063A3757E8FBC242BB4414D632B ] C:\WINDOWS\system32\rastls.dll
00:05:50.0328 2524 C:\WINDOWS\system32\rastls.dll - ok
00:05:50.0343 2524 [ AC8CED8291E14657668A64104D303260 ] C:\Program Files\DefenderPro\Updates\ASUpd.exe
00:05:50.0343 2524 C:\Program Files\DefenderPro\Updates\ASUpd.exe - ok
00:05:50.0343 2524 [ 87B85BC1E1F6E0228876204A20A9C24C ] C:\WINDOWS\system32\spoolss.dll
00:05:50.0343 2524 C:\WINDOWS\system32\spoolss.dll - ok
00:05:50.0343 2524 [ 0346DA24DE3C85909717D5997510A31F ] C:\WINDOWS\system32\mlang.dll
00:05:50.0343 2524 C:\WINDOWS\system32\mlang.dll - ok
00:05:50.0359 2524 [ 2E632F071817AD3758C386571CBD9858 ] C:\WINDOWS\system32\localspl.dll
00:05:50.0359 2524 C:\WINDOWS\system32\localspl.dll - ok
00:05:50.0359 2524 [ 62937A89470AF8FF172F0980CA8AEFC9 ] C:\Program Files\iPod\bin\iPodService.exe
00:05:50.0359 2524 C:\Program Files\iPod\bin\iPodService.exe - ok
00:05:50.0375 2524 [ 7105749E78925FDFFD078DD54A8C2B70 ] C:\WINDOWS\system32\cnbjmon.dll
00:05:50.0375 2524 C:\WINDOWS\system32\cnbjmon.dll - ok
00:05:50.0375 2524 [ 6E205319848B8AF2A0DA52B8D63DB91E ] C:\WINDOWS\system32\sensapi.dll
00:05:50.0375 2524 C:\WINDOWS\system32\sensapi.dll - ok
00:05:50.0375 2524 [ CF0376023360AADD55C89BA50564AFDC ] C:\WINDOWS\system32\mdimon.dll
00:05:50.0375 2524 C:\WINDOWS\system32\mdimon.dll - ok
00:05:50.0390 2524 [ 9558DAA1DB859250A677CCE97B048151 ] C:\WINDOWS\system32\hpz3l5ha.dll
00:05:50.0390 2524 C:\WINDOWS\system32\hpz3l5ha.dll - ok
00:05:50.0390 2524 [ C44BC10BA73575C91FF50CDAF4D8E370 ] C:\WINDOWS\system32\pjlmon.dll
00:05:50.0390 2524 C:\WINDOWS\system32\pjlmon.dll - ok
00:05:50.0406 2524 [ BA5D5FD3CCA6F64A429E2E0E1A1A0917 ] C:\WINDOWS\system32\rasdlg.dll
00:05:50.0406 2524 C:\WINDOWS\system32\rasdlg.dll - ok
00:05:50.0406 2524 [ C1D0038CE7906313E21A2AFCDC85B346 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
00:05:50.0406 2524 C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
00:05:50.0406 2524 [ A3F853629F7F2537157EA6EA9857EA56 ] C:\WINDOWS\system32\tcpmon.dll
00:05:50.0406 2524 C:\WINDOWS\system32\tcpmon.dll - ok
00:05:50.0421 2524 [ E1CFEB57BB7135DC24D24CFE660E66DA ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
00:05:50.0421 2524 C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
00:05:50.0421 2524 [ 242D07D7FC72AD897944BFF932D57C3C ] C:\WINDOWS\system32\usbmon.dll
00:05:50.0421 2524 C:\WINDOWS\system32\usbmon.dll - ok
00:05:50.0437 2524 [ D0E39177C896D2F8191A9C96636276DF ] C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll
00:05:50.0437 2524 C:\WINDOWS\system32\spool\prtprocs\w32x86\hpzpp5ha.dll - ok
00:05:50.0437 2524 [ 58E13A2292839321D3CDC918D5A4F5AE ] C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
00:05:50.0437 2524 C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll - ok
00:05:50.0437 2524 [ A1C10F87248529173F39F4B4734DF14B ] C:\WINDOWS\system32\win32spl.dll
00:05:50.0437 2524 C:\WINDOWS\system32\win32spl.dll - ok
00:05:50.0453 2524 [ 84A5644AE4731202A4A02E6342D29BA6 ] C:\WINDOWS\system32\netrap.dll
00:05:50.0453 2524 C:\WINDOWS\system32\netrap.dll - ok
00:05:50.0453 2524 [ F14A6BD840E4D7CD4C0535CB3CEF2887 ] C:\WINDOWS\system32\inetpp.dll
00:05:50.0453 2524 C:\WINDOWS\system32\inetpp.dll - ok
00:05:50.0468 2524 [ 165AE7A443F2139DD2C078AD87699F91 ] C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL
00:05:50.0468 2524 C:\Program Files\Microsoft Office\OFFICE11\MSOHEV.DLL - ok
00:05:50.0468 2524 [ C6958AD2091238B71237D73358CEC2AB ] C:\Program Files\SUPERAntiSpyware\SSUpdate.exe
00:05:50.0468 2524 C:\Program Files\SUPERAntiSpyware\SSUpdate.exe - ok
00:05:50.0468 2524 ============================================================
00:05:50.0468 2524 Scan finished
00:05:50.0468 2524 ============================================================
00:05:50.0578 2516 Detected object count: 10
00:05:50.0578 2516 Actual detected object count: 10
00:06:26.0890 2516 !SASCORE ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 !SASCORE ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 Aspi32 ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 Aspi32 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 klif ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 klif ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 McciCMService ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 McciCMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 MREMP50 ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 MREMP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 MRESP50 ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 MRESP50 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:26.0890 2516 PxHelp20 ( UnsignedFile.Multi.Generic ) - skipped by user
00:06:26.0890 2516 PxHelp20 ( UnsignedFile.Multi.Generic ) - User select action: Skip
00:06:49.0531 0172 Deinitialize success

ComboFix 12-11-26.02 - Owner 11/26/2012 11:12:13.1.1 - x86
Running from: c:\documents and settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\Application Data\TEMP
c:\documents and settings\Owner\Application Data\.#
c:\documents and settings\Owner\Application Data\.#\MBX@164@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@164@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@164@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@170@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@170@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@170@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@50C@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@50C@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@50C@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@8A0@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@8A0@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@8A0@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@99C@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@99C@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@99C@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@A7C@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@A7C@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@A7C@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@BB0@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@BB0@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@BB0@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@DA0@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@DA0@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@DA0@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@DC0@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@DC0@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@DC0@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@F1C@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@F1C@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@F1C@B14278.###
c:\documents and settings\Owner\Application Data\.#\MBX@FE8@B14218.###
c:\documents and settings\Owner\Application Data\.#\MBX@FE8@B14248.###
c:\documents and settings\Owner\Application Data\.#\MBX@FE8@B14278.###
c:\documents and settings\Owner\System
c:\documents and settings\Owner\System\win_qs8.jqx
c:\documents and settings\Owner\WINDOWS
c:\program files\AskSearch\bin\DeFAultsearch.dll
c:\windows\system32\geyekrqodjgavy.dat
c:\windows\system32\geyekrwbutewqv.dat
c:\windows\system32\msdart.dll.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_6TO4
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226ED}
-------\Legacy_{79007602-0CDB-4405-9DBF-1257BB3226EE}
-------\Service_6to4
.
.
((((((((((((((((((((((((( Files Created from 2012-10-26 to 2012-11-26 )))))))))))))))))))))))))))))))
.
.
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-09-30 01:54 . 2006-01-01 11:16 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2008-04-14 . 6D4FEB43EE538FC5428CC7F0565AA656 . 56320 . . [5.1.2600.5512] . . c:\windows\SoftwareDistribution\Download\dd9ab5193501484cf5e6884fa1d22f9e\eventlog.dll
[7] 2004-08-04 . 82B24CB70E5944E6E34662205A2A5B78 . 55808 . . [5.1.2600.2180] . . c:\windows\ServicePackFiles\i386\eventlog.dll
[-] 2002-08-29 . BF3C8CF53C77B48206B39910B6D6CBCC . 49152 . . [5.1.2600.1106] . . c:\windows\$NtServicePackUninstall$\eventlog.dll
.
c:\windows\System32\eventlog.dll ... is missing !!
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-11-01 4763008]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\System32\NvCpl.dll" [2006-01-24 7311360]
"nwiz"="nwiz.exe" [2006-01-24 1519616]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2004-10-27 61952]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-20 925696]
"LaunchAntiSpy"="c:\program files\DefenderPro\TSAntiSpy.exe" [2007-09-05 1630208]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2008-12-12 157312]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="c:\program files\MySpace\IM\MySpaceIM.exe" [2007-05-30 5419008]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"RunNarrator"="Narrator.exe" [2004-08-04 53760]
.
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSetActiveDesktop"= 1 (0x1)
"NoActiveDesktopChanges"= 1 (0x1)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0smrgdf c:\documents and settings\Owner\Application Data\iolo"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\StubInstaller.exe"=
"c:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"c:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"c:\\Program Files\\EA Games\\Command & Conquer Generals Zero Hour\\game.dat"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\All Users\\Application Data\\Spadester\\spades.exe"=
"c:\\Program Files\\Defender Pro\\Defender Pro Internet Security 6.0\\avp.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\ATT-HSI\\McciBrowser.exe"=
"c:\\WINDOWS\\system32\\taskmgr.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [7/22/2011 10:27 AM 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [7/12/2011 3:55 PM 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [7/11/2012 12:54 PM 116608]
R2 ioloFileInfoList;iolo FileInfoList Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [6/27/2008 5:48 AM 592232]
R2 ioloSystemService;iolo System Service;c:\program files\iolo\Common\Lib\ioloServiceManager.exe [6/27/2008 5:48 AM 592232]
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08
.
Contents of the 'Scheduled Tasks' folder
.
2009-07-27 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]
.
2006-01-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2006-01-01 18:36]
.
2009-11-11 c:\windows\Tasks\SDMsgUpdate (TE).job
- c:\progra~1\SMARTD~1\Messages\SDNotify.exe [2008-10-31 12:29]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com
mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr8/*http://www.yahoo.com/ext/search/search.html
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://toolbar.ask.com/toolbarv/askRedirect?o=20008&gct=&gc=1&q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{5E72AD5A-20DF-4ca4-9B7B-D9717FFDE0C5} - c:\documents and settings\Owner\Start Menu\Programs\Absolute Poker Basic\Absolute Poker Basic.lnk
DPF: DirectAnimation Java Classes - file://c:\windows\Java\classes\dajava.cab
DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab
.
.
------- File Associations -------
.
JSEFile=NOTEPAD.EXE %1
.
- - - - ORPHANS REMOVED - - - -
.
HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe
SafeBoot-41631514.sys
SafeBoot-63747890.sys
AddRemove-TorrentMan Toolbar - c:\progra~1\TORREN~1\UNWISE.EXE
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-11-26 11:24
Windows 5.1.2600 Service Pack 2 NTFS
.
scanning hidden processes ...
.
scanning hidden autostart entries ...
.
scanning hidden files ...
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'winlogon.exe'(720)
c:\windows\system32\klogon.dll
.
- - - - - - - > 'explorer.exe'(2336)
c:\program files\Defender Pro\Defender Pro Internet Security 6.0\scrchpg.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\System32\nvsvc32.exe
c:\windows\system32\pctspk.exe
c:\windows\system32\ZuneBusEnum.exe
c:\windows\system32\rundll32.exe
c:\program files\iPod\bin\iPodService.exe
c:\program files\iolo\System Mechanic\SMTrayNotify.exe
c:\windows\SoftwareDistribution\Download\4f16665ac0e64727d0b09512c7b6d40c\update\update.exe
.
**************************************************************************
.
Completion time: 2012-11-26 11:29:38 - machine was rebooted
ComboFix-quarantined-files.txt 2012-11-26 17:29
.
Pre-Run: 40,851,763,200 bytes free
Post-Run: 42,843,414,528 bytes free
.
- - End Of File - - B1CFE3DB6EA2BAFC7FCE2034F99EE705
Some people think technology has the answers - Kevin Mitnick

#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:49 AM

Posted 27 November 2012 - 06:49 PM

How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 Hadnjury

Hadnjury
  • Topic Starter

  • Members
  • 144 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 27 November 2012 - 06:56 PM

It is running real good now thank you
Some people think technology has the answers - Kevin Mitnick

#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:49 AM

Posted 28 November 2012 - 10:29 PM

Hello,

Glad to hear things are better. Let's run a couple of other scanners to make sure we have no leftover files on the machine.

1.
Please download Malwarebytes Anti-Malware and save it to your desktop.
  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
    For instructions with screenshots, please refer to this Guide.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.

2.
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Things to include in your next reply::
MBAM log
Eset log
How is your machine running now?

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:49 AM

Posted 02 December 2012 - 12:07 PM

Hello.

Are you still there?

If you are please follow the instructions in my previous post.

If you still need help, follow the instructions I have given in my response. If you have since had your problem solved, we would appreciate you letting us know so we can close the topic.

Please reply back telling us so. If you don't reply within 2-3 days the topic will need to be closed.

Thanks for understanding :)

With Regards,
fireman4it

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#8 Hadnjury

Hadnjury
  • Topic Starter

  • Members
  • 144 posts
  • OFFLINE
  •  
  • Local time:01:49 AM

Posted 02 December 2012 - 01:24 PM

Sorry for my lack of response. You can close this thread. My friend decided to purchase win 7 and go with a fresh wipe and install. Thanks for all your help, it was greatly appreciated! :thumbsup:
Some people think technology has the answers - Kevin Mitnick

#9 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:02:49 AM

Posted 03 December 2012 - 04:35 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users